FreeBSD Mail Archives

Date:      Tue, 12 Feb 2019 09:03:30 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 235684] security/ipsec-tools kernel panic
Message-ID:  <bug-235684-7788@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D235684

            Bug ID: 235684
           Summary: security/ipsec-tools kernel panic
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: admin@5034.ru

Hi All,

I see kernel panic during racoon restart.

# uname -rv
12.0-STABLE FreeBSD 12.0-STABLE r343904 SERVER

# pkg info | grep ipsec-tools
ipsec-tools-0.8.2_7            KAME racoon IKE daemon, ipsec-tools version

Port config options:
[ ] ADMINPORT  Enable Admin port=20
[x] DEBUG      Build with debugging support=20
[x] DOCS       Build and/or install documentation=20
[x] DPD        Dead Peer Detection=20
[ ] EXAMPLES   Build and/or install examples=20
[x] FRAG       IKE fragmentation payload support=20
[ ] GSSAPI     GSSAPI Security API support=20
[x] HYBRID     Hybrid, Xauth and Mode-cfg support=20
[x] IDEA       IDEA encryption (patented)=20
[x] IPV6       IPv6 protocol support=20
[ ] LDAP       LDAP authentication (Xauth server)=20
[x] NATT       NAT-Traversal (kernel-patch required before 11.1)=20
[ ] NATTF      require NAT-Traversal (fail without kernel-patch)=20
[ ] PAM        PAM authentication (Xauth server)=20
[ ] RADIUS     Radius authentication (Xauth server)=20
[x] RC5        RC5 encryption (patented)=20
[x] SAUNSPEC   Unspecified SA mode=20
[x] STATS      Statistics logging function=20
[x] WCPSKEY    Allow wildcard matching for pre-shared keys=20


(pts/2)[root@server:/usr/obj/usr/src/amd64.amd64/sys/SERVER]# kgdb kernel
/var/crash/vmcore.0
GNU gdb (GDB) 8.2.1 [GDB v8.2.1 for FreeBSD]
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.htm=
l>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd12.0".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from kernel...Reading symbols from
/usr/obj/usr/src/amd64.amd64/sys/SERVER/kernel.debug...done.
done.

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid =3D 2; apic id =3D 02
fault virtual address   =3D 0x28
fault code              =3D supervisor read data, page not present
instruction pointer     =3D 0x20:0xffffffff80ecd31d
stack pointer           =3D 0x28:0xfffffe003fca7a40
frame pointer           =3D 0x28:0xfffffe003fca7a60
code segment            =3D base 0x0, limit 0xfffff, type 0x1b
                        =3D DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        =3D interrupt enabled, resume, IOPL =3D 0
current process         =3D 0 (softirq_2)
trap number             =3D 12
panic: page fault
cpuid =3D 2
time =3D 1549912176
KDB: stack backtrace:
#0 0xffffffff80c531c7 at kdb_backtrace+0x67
#1 0xffffffff80c07143 at vpanic+0x1a3
#2 0xffffffff80c06f93 at panic+0x43
#3 0xffffffff8118d9ff at trap_fatal+0x35f
#4 0xffffffff8118da59 at trap_pfault+0x49
#5 0xffffffff8118d07e at trap+0x29e
#6 0xffffffff81168ac5 at calltrap+0x8
#7 0xffffffff80eca240 at ipsec_delete_pcbpolicy+0x20
#8 0xffffffff80dbaeec at in_pcbfree_deferred+0x6c
#9 0xffffffff80c4db1a at epoch_call_task+0x1ca
#10 0xffffffff80c51a54 at gtaskqueue_run_locked+0x144
#11 0xffffffff80c516b8 at gtaskqueue_thread_loop+0x98
#12 0xffffffff80bc6f23 at fork_exit+0x83
#13 0xffffffff81169abe at fork_trampoline+0xe
Uptime: 1h17m12s
Dumping 1147 out of 8077 MB:..2%..12%..21%..31%..41%..51%..62%..72%..81%..9=
1%

__curthread () at ./machine/pcpu.h:230
230             __asm("movq %%gs:%P1,%0" : "=3Dr" (td) : "n"
(OFFSETOF_CURTHREAD));
(kgdb) bt
#0  __curthread () at ./machine/pcpu.h:230
#1  doadump (textdump=3D<optimized out>) at /usr/src/sys/kern/kern_shutdown=
.c:366
#2  0xffffffff80c06d2b in kern_reboot (howto=3D260) at
/usr/src/sys/kern/kern_shutdown.c:446
#3  0xffffffff80c071a3 in vpanic (fmt=3D<optimized out>, ap=3D0xfffffe003fc=
a7790)
at /usr/src/sys/kern/kern_shutdown.c:872
#4  0xffffffff80c06f93 in panic (fmt=3D<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:799
#5  0xffffffff8118d9ff in trap_fatal (frame=3D0xfffffe003fca7980, eva=3D40)=
 at
/usr/src/sys/amd64/amd64/trap.c:929
#6  0xffffffff8118da59 in trap_pfault (frame=3D0xfffffe003fca7980, usermode=
=3D0) at
/usr/src/sys/amd64/amd64/trap.c:765
#7  0xffffffff8118d07e in trap (frame=3D0xfffffe003fca7980) at
/usr/src/sys/amd64/amd64/trap.c:441
#8  <signal handler called>
#9  0xffffffff80ecd31d in key_freesp (spp=3D0xfffff80267101100) at
/usr/src/sys/netipsec/key.c:1199
#10 0xffffffff80eca240 in ipsec_delete_pcbpolicy (inp=3D0xfffff80017ff63d0)=
 at
/usr/src/sys/netipsec/ipsec_pcb.c:176
#11 0xffffffff80dbaeec in in_pcbfree_deferred (ctx=3D0xfffff80017ff65a8) at
/usr/src/sys/netinet/in_pcb.c:1576
#12 0xffffffff80c4db1a in epoch_call_task (arg=3D<optimized out>) at
/usr/src/sys/kern/subr_epoch.c:507
#13 0xffffffff80c51a54 in gtaskqueue_run_locked (queue=3D0xfffff80003363c00=
) at
/usr/src/sys/kern/subr_gtaskqueue.c:376
#14 0xffffffff80c516b8 in gtaskqueue_thread_loop (arg=3D<optimized out>) at
/usr/src/sys/kern/subr_gtaskqueue.c:557
#15 0xffffffff80bc6f23 in fork_exit (callout=3D0xffffffff80c51620
<gtaskqueue_thread_loop>, arg=3D0xfffffe00025f5038, frame=3D0xfffffe003fca7=
c00)
    at /usr/src/sys/kern/kern_fork.c:1059
#16 <signal handler called>
(kgdb) frame 9
#9  0xffffffff80ecd31d in key_freesp (spp=3D0xfffff80267101100) at
/usr/src/sys/netipsec/key.c:1199
1199            KEYDBG(IPSEC_STAMP,
(kgdb)

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-235684-7788>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation