IPv6 prefix modifcation crashing OPNsense 26.1

Started by jaykumar2005, Today at 06:42:04 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 06:42:04 AM

Looks like the issue reported here https://forum.opnsense.org/index.php?topic=49131.msg249523#msg249523 is back in 26.1.4 . I have a working IPv6 setup with /64 prefix delegation from ISP (PPPoe), but any attempt to change "Prefix delegation size" with "Send prefix hint" crashes the firewall. I am able to consistently reproduce this, every time I attempt to change these values, router crashes and reboots.

Code Select
Versions
OPNsense 26.1.4-amd64
FreeBSD 14.3-RELEASE-p9
OpenSSL 3.0.19

Code Select
[969470]
[969470]
[969470] Fatal trap 12: page fault while in kernel mode
[969470] cpuid = 4; apic id = 08
[969470] fault virtual address = 0x10
[969470] fault code = supervisor read data, page not present
[969470] instruction pointer = 0x20:0xffffffff80e0d175
[969470] stack pointer         = 0x28:0xfffffe0149887a80
[969470] frame pointer         = 0x28:0xfffffe0149887ab0
[969470] code segment = base 0x0, limit 0xfffff, type 0x1b
[969470] = DPL 0, pres 1, long 1, def32 0, gran 1
[969470] processor eflags = interrupt enabled, resume, IOPL = 0
[969470] current process = 10545 (tailscaled)
[969470] rdi: fffff8000244f000 rsi: 000000000000001c rdx: fffff806f7d2f078
[969470] rcx: fffff8000244f000  r8: 00000000ffffffbd  r9: 0000000000000000
[969470] rax: 0000000000000000 rbx: 0000000000000000 rbp: fffffe0149887ab0
[969470] r10: fffffe0149887a30 r11: 0000000000000008 r12: fffff80398e23298
[969470] r13: 0000000000000000 r14: fffffe0149887a8c r15: 0000000000010200
[969470] trap number = 12
[969470] panic: page fault
[969470] cpuid = 4
[969470] time = 1773944620
[969470] KDB: stack backtrace:
[969470] db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe01498877d0
[969470] vpanic() at vpanic+0x161/frame 0xfffffe0149887900
[969470] panic() at panic+0x43/frame 0xfffffe0149887960
[969470] trap_pfault() at trap_pfault+0x3da/frame 0xfffffe01498879b0
[969470] calltrap() at calltrap+0x8/frame 0xfffffe01498879b0
[969470] --- trap 0xc, rip = 0xffffffff80e0d175, rsp = 0xfffffe0149887a80, rbp = 0xfffffe0149887ab0 ---
[969470] in6_selecthlim() at in6_selecthlim+0x95/frame 0xfffffe0149887ab0
[969470] tcp_default_output() at tcp_default_output+0x1ca4/frame 0xfffffe0149887c70
[969470] tcp_usr_disconnect() at tcp_usr_disconnect+0x77/frame 0xfffffe0149887cb0
[969470] soclose() at soclose+0x75/frame 0xfffffe0149887d10
[969470] _fdrop() at _fdrop+0x11/frame 0xfffffe0149887d30
[969470] closef() at closef+0x24a/frame 0xfffffe0149887dc0
[969470] closefp_impl() at closefp_impl+0x58/frame 0xfffffe0149887e00
[969470] amd64_syscall() at amd64_syscall+0x117/frame 0xfffffe0149887f30
[969470] fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0149887f30
[969470] --- syscall (6, FreeBSD ELF64, close), rip = 0x49c1bf, rsp = 0x86d1814f8, rbp = 0x86d1814f8 ---
[969470] KDB: enter: panic
panic.txt0600001215157037454  7144 ustarrootwheelpage faultversion.txt0600007515157037454  7550 ustarrootwheelFreeBSD 14.3-RELEASE-p9 stable/26.1-n272033-b4ddb3e0f150 SMP
Hardware: Lenovo ThinkStation P330 Tiny (Intel Core i5-8500 @ 3.00GHz, 1xI219-LM, 4xI350)
BUFFERBLOAT GRADE A+
Today at 12:21:46 PM #1
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279653
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291003

Apparently there's a patch here we could try?

https://cgit.freebsd.org/src/commit/?id=f3de667137e90679cd20fa5c1dcd93a4c51ad848

We'd auto-ship such patches if upstream would push them to their own stable branches.


Cheers,
Franco
Print
Go Up Pages1
User actions