Kernel Panic/Page Fault On All 22.7 versions when Suricata is turned on

Started by hahaheho, December 08, 2022, 12:31:58 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 08, 2022, 12:31:58 PM
I recently performed a few upgrades to 22.7.9 from 21.x. Then the computer immediately crashed.
The crash happens either immediately or after a few minutes the system has booted.
Reverting kernel or suricata to any older versions (within 22.7) did not work.
Basically opnsense becomes unusable when suricata is running.

Can somebody please help or share some insights?

Here is some crash msg and stack trace:
Code Select
db:0:kdb.enter.default>  bt
Tracing pid 0 tid 100171 td 0xfffffe00d58a41e0
kdb_enter() at kdb_enter+0x37/frame 0xfffffe00c15a8a50
vpanic() at vpanic+0x1b0/frame 0xfffffe00c15a8aa0
panic() at panic+0x43/frame 0xfffffe00c15a8b00
trap_fatal() at trap_fatal+0x385/frame 0xfffffe00c15a8b60
trap_pfault() at trap_pfault+0x4f/frame 0xfffffe00c15a8bc0
calltrap() at calltrap+0x8/frame 0xfffffe00c15a8bc0
--- trap 0xc, rip = 0xffffffff80dca4ac, rsp = 0xfffffe00c15a8c90, rbp = 0xfffffe00c15a8ce0 ---
ether_nh_input() at ether_nh_input+0x1c/frame 0xfffffe00c15a8ce0
netisr_dispatch_src() at netisr_dispatch_src+0xb9/frame 0xfffffe00c15a8d30
ether_input() at ether_input+0x69/frame 0xfffffe00c15a8d90
re_rxeof() at re_rxeof+0x2ad/frame 0xfffffe00c15a8e00
re_int_task_8125() at re_int_task_8125+0xba/frame 0xfffffe00c15a8e40
taskqueue_run_locked() at taskqueue_run_locked+0x181/frame 0xfffffe00c15a8ec0
taskqueue_thread_loop() at taskqueue_thread_loop+0xc2/frame 0xfffffe00c15a8ef0
fork_exit() at fork_exit+0x7e/frame 0xfffffe00c15a8f30
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00c15a8f30
--- trap 0x8038b000, rip = 0xffffffff80c313af, rsp = 0, rbp = 0xfffff80001b68100 ---
mi_startup() at mi_startup+0xdf/frame 0xfffff80001b68100
??() at 0/frame 0xfffff80001b5d000
null_method() at null_method/frame 0xffffffff81b03fb0
bus_generic_new_pass() at bus_generic_new_pass/frame 0xffffffff81b03fa8
bus_new_pass_desc() at bus_new_pass_desc
db:0:kdb.enter.default>  ps
  pid  ppid  pgrp   uid  state   wmesg   wchan               cmd
53335  5493  5493     0  S       nanslp  0xffffffff81ec02ee  sleep
5493     1  5493     0  Ss      wait    0xfffff80005787548  sh
4258     1  4258    59  Ss      (threaded)                  unbound
100379                   S       kqread  0xfffff800059c7300  unbound
100434                   S       kqread  0xfffff80005a30600  unbound
100435                   S       kqread  0xfffff80005fb9900  unbound
100436                   S       kqread  0xfffff80031658900  unbound
100437                   S       kqread  0xfffff8003172d200  unbound
100438                   S       kqread  0xfffff80031731d00  unbound
100439                   S       kqread  0xfffff80005ff9800  unbound
100440                   S       kqread  0xfffff800028aee00  unbound
100441                   S       kqread  0xfffff800052dab00  unbound
100442                   S       kqread  0xfffff800b17c5e00  unbound
100443                   S       kqread  0xfffff80005001600  unbound
100444                   S       kqread  0xfffff80003fff900  unbound
100445                   S       kqread  0xfffff800b18e0100  unbound
100446                   S       kqread  0xfffff80031868200  unbound
100447                   S       kqread  0xfffff80031868300  unbound
100448                   S       kqread  0xfffff80005000400  unbound
  741     1   741     0  Ss      (threaded)                  ntpd
100427                   S       select  0xfffff800059ee0c0  ntpd
99922     1 99922     0  Ss+     ttyin   0xfffff80005206cb0  getty
99820     1 99820     0  Ss+     ttyin   0xfffff800052044b0  getty
99709     1 99709     0  Ss+     ttyin   0xfffff80005204cb0  getty
99650     1 99650     0  Ss+     ttyin   0xfffff800052034b0  getty
99565     1 99565     0  Ss+     ttyin   0xfffff80005203cb0  getty
99452     1 99452     0  Ss+     ttyin   0xfffff800052024b0  getty
99448     1 99448     0  Ss+     ttyin   0xfffff80005202cb0  getty
99393     1 99393     0  Ss+     ttyin   0xfffff800050b34b0  getty
95987     1 95987     0  Ss      bpf     0xfffff80001eeac00  filterlog
88549  5283 88549     0  S       select  0xfffff80002009bc0  python3.9
88369  5283 88369     0  S       select  0xfffff80005fbebc0  python3.9
87237     1 87237     0  Ss      nanslp  0xffffffff81ec02ef  cron
69136     1 69136     0  Ss      (threaded)                  suricata
100349                   S       nanslp  0xffffffff81ec02e2  suricata

December 08, 2022, 01:17:58 PM #1
Did you install Realtek plugin? I'm guessing you mean Suricata IPS mode being the issue?


Cheers,
Franco
December 09, 2022, 01:10:31 PM #2
Hi Franco,

You are correct. Yes I use Realtek plugin and IPS mode on Suricata.
Print
Go Up Pages1
User actions