kern/53036: 'block user' in pf's ruleset panics 8.0_BETA

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/53036: 'block user' in pf's ruleset panics 8.0_BETA
From: alnsn%NetBSD.org@localhost
Date: Sun, 18 Feb 2018 10:20:00 +0000 (UTC)

>Number:         53036
>Category:       kern
>Synopsis:       'block user' in pf's ruleset panics 8.0_BETA
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Feb 18 10:20:00 +0000 2018
>Originator:     Alexander Nasonov
>Release:        NetBSD 8.0_BETA
>Organization:
	XMM Swap Ltd
>Environment:
NetBSD nebo 8.0_BETA NetBSD 8.0_BETA (TRIMMED) #0: Thu Feb 15 21:02:31 GMT 2018  alnsn@nebeda:/home/alnsn/netbsd-8/src/sys/arch/amd64/compile/obj/TRIMMED amd64
System: NetBSD nebo 8.0_BETA NetBSD 8.0_BETA (TRIMMED) #0: Thu Feb 15 21:02:31 GMT 2018  alnsn@nebeda:/home/alnsn/netbsd-8/src/sys/arch/amd64/compile/obj/TRIMMED amd64
Architecture: x86_64
Machine: amd64
>Description:
Starting pf with the following rules:

	local_users="{ dnsmasq, privoxy, _tcpdump, _pflogd }"
	block log user $local_users
	pass on lo0 all

panics the system instanly when a tor relay process is running. When it's
not running, the box seems to work fine (for a couple of minutes) but it
panics when I start the relay.

The relay process doesn't use pf features but there is another tor process
on the box which has the following in the torrc file:

	VirtualAddrNetworkIPv4 127.192.0.0/16
	AutomapHostsOnResolve  1
	AutomapHostsSuffixes   .onion

ddb:

fatal breakpoint trap in supervisor mode
trap type 1 code 8 rip 0xff..80224d95 cs 0x8 rflags 0x246 cr2 0x7dc2c46f9600 ilevel 0x4 rsp 0xff..e8139920a0
curlwp 0xff..e88710a8420 pid 0.3 (system) at netbsd:breakpoint+0x5: leave
breakpoint() at netbsd:breakpoint+0x5
vpanic() at netbsd:vpanic+0x140
curlwp_bindx() at netbsd:curlwp_bindx+0x8da05
kauth_cred_geteuid() at netbsd:kauth_cred_geteuid+0x50
pf_socket_lookup() at netbsd:pf_socket_lookup+0x179
pf_test_rule() at netbsd:pf_test_rule+0x10d8
pf_test() at netbsd:pf_test+0xe43
pfil4_wrapper() at netbsd:pfil4_wrapper+0x4a
pfil_run_hooks() at netbsd:pfil-run_hooks+0x114
ipintr() at netbsd:ipintr+0x5b3
softint_dispatch() at netbsd:softint_dispatch+0xd3
DDB lost frame for netbsd:Xsoftintr+0x4f, trying 0xff..e8139920ff0
--- interrupt ---
0:
db{0}>
>How-To-Repeat:
	Run tor relay and pf with the above mentioned rules.
>Fix:
	Not known.

Follow-Ups:
- Re: kern/53036: 'block user' in pf's ruleset panics 8.0_BETA
  - From: Alexander Nasonov

Prev by Date: Re: kern/53005: apache httpd can hang the system
Next by Date: Re: kern/46697 (netbsd-6 crash with IPF and ipv6)
Previous by Thread: Re: install/53018 (missing /etc/rc.d/dhcpd6 file after upgrade)
Next by Thread: Re: kern/53036: 'block user' in pf's ruleset panics 8.0_BETA
Indexes:

Home | Main Index | Thread Index | Old Index