FreeBSD Version: % freebsd-version -ku 13.1-RELEASE-p2 13.1-RELEASE-p2 Steps to reproduce: I do not know why this is happens. This happened multiple times and logs before panic are not familiar. But the panic message is always the same with exception of the tun* number. panic message: kernel: panic: make_dev_sv: bad si_name (error=17, si_name=tun2) kernel: cpuid = 0 kernel: time = 1665591262 kernel: KDB: stack backtrace: kernel: #0 0xffffffff80c694a5 at kdb_backtrace+0x65 kernel: #1 0xffffffff80c1bb5f at vpanic+0x17f kernel: #2 0xffffffff80c1b9d3 at panic+0x43 kernel: #3 0xffffffff80bb07dd at make_dev_sv+0x3fd kernel: #4 0xffffffff80bb03cb at make_dev_s+0x3b kernel: #5 0xffffffff80d3e69b at tun_create_device+0xdb kernel: #6 0xffffffff80d3fecc at tunclone+0x25c kernel: #7 0xffffffff80ab27d0 at devfs_lookup+0x600 kernel: #8 0xffffffff80ce9bfc at lookup+0x45c kernel: #9 0xffffffff80ce8e29 at namei+0x259 kernel: #10 0xffffffff80d0e2f3 at vn_open_cred+0x533 kernel: #11 0xffffffff80d04663 at kern_openat+0x283 kernel: #12 0xffffffff810b0d55 at amd64_syscall+0x775 kernel: #13 0xffffffff81087e8b at fast_syscall_common+0xf8 kernel: Uptime: 8m18s kernel: Dumping 337 out of 4054 MB:..5%..15%..24%..34%..43%..53%..62%..72%..81%..91% kernel: Dump complete kernel: Automatic reboot in 15 seconds - press a key on the console to abort kernel: Rebooting... kernel: ---<<BOOT>>--- kernel: Copyright (c) 1992-2021 The FreeBSD Project. kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 kernel: The Regents of the University of California. All rights reserved. kernel: FreeBSD is a registered trademark of The FreeBSD Foundation. kernel: FreeBSD 13.1-RELEASE-p2 GENERIC amd64 kernel: FreeBSD clang version 13.0.0 (git@github.com:llvm/llvm-project.git llvmorg-13.0.0-0-gd7b669b3a303) kernel: VT(vga): text 80x25 kernel: CPU: QEMU Virtual CPU version 2.5+ (1995.51-MHz K8-class CPU) Detailed: % cat /var/crash/core.txt.3 | grep -A 60 curth __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 55 /usr/src/sys/amd64/include/pcpu_aux.h: No such file or directory. (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 #1 doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:399 #2 0xffffffff80c1b75c in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:487 #3 0xffffffff80c1bbce in vpanic ( fmt=0xffffffff811f51ab "make_dev_sv: bad si_name (error=%d, si_name=%s)", ap=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:920 #4 0xffffffff80c1b9d3 in panic (fmt=<unavailable>) at /usr/src/sys/kern/kern_shutdown.c:844 #5 0xffffffff80bb07dd in make_dev_sv (args1=<optimized out>, dres=0xfffffe00a8557880, fmt=<optimized out>, ap=<optimized out>) at /usr/src/sys/kern/kern_conf.c:808 #6 0xffffffff80bb03cb in make_dev_s (args=<unavailable>, args@entry=0xfffffe00a8557620, dres=<unavailable>, dres@entry=0xfffffe00a8557880, fmt=<unavailable>) at /usr/src/sys/kern/kern_conf.c:853 #7 0xffffffff80d3e69b in tun_create_device ( drv=drv@entry=0xffffffff819287e0 <tuntap_drivers>, unit=4, cr=cr@entry=0xfffff80128d22e00, dev=dev@entry=0xfffffe00a8557880, name=name@entry=0xfffffe00a85576d0 "tun4") at /usr/src/sys/net/if_tuntap.c:819 #8 0xffffffff80d3fecc in tunclone (arg=<optimized out>, arg@entry=0x0, cred=cred@entry=0xfffff80128d22e00, name=0xfffffe00a85576d0 "tun4", name@entry=0xfffffe00a855799c "tun", namelen=4, dev=dev@entry=0xfffffe00a8557880) at /usr/src/sys/net/if_tuntap.c:608 #9 0xffffffff80ab27d0 in devfs_lookupx (ap=<optimized out>, dm_unlock=<optimized out>) at /usr/src/sys/fs/devfs/devfs_vnops.c:1115 #10 devfs_lookup (ap=<unavailable>, ap@entry=<error reading variable: value is not available>) at /usr/src/sys/fs/devfs/devfs_vnops.c:1192 #11 0xffffffff80ce9bfc in VOP_LOOKUP (dvp=0xfffff80128c245b8, vpp=0xfffffe00a8557d10, cnp=0xfffffe00a8557d38) at ./vnode_if.h:65 #12 lookup (ndp=ndp@entry=0xfffffe00a8557cb8) at /usr/src/sys/kern/vfs_lookup.c:1086 #13 0xffffffff80ce8e29 in namei (ndp=ndp@entry=0xfffffe00a8557cb8) at /usr/src/sys/kern/vfs_lookup.c:616 #14 0xffffffff80d0e2f3 in vn_open_cred (ndp=ndp@entry=0xfffffe00a8557cb8, flagp=flagp@entry=0xfffffe00a8557dd4, cmode=cmode@entry=0, vn_open_flags=<optimized out>, vn_open_flags@entry=16, cred=0xfffff80128d22e00, fp=0xfffff80128edf6e0) at /usr/src/sys/kern/vfs_vnops.c:327 #15 0xffffffff80d04663 in kern_openat (td=0xfffffe00a8eb1720, fd=-100, path=0x20b9d6 <error: Cannot access memory at address 0x20b9d6>, pathseg=UIO_USERSPACE, flags=3, mode=<optimized out>) at /usr/src/sys/kern/vfs_syscalls.c:1159 #16 0xffffffff810b0d55 in syscallenter (td=0xfffffe00a8eb1720) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:161 #17 amd64_syscall (td=0xfffffe00a8eb1720, traced=0) at /usr/src/sys/amd64/amd64/trap.c:1185 #18 <signal handler called> #19 0x0000000827f895fa in ?? () Backtrace stopped: Cannot access memory at address 0x8203f8e68 (kgdb) What I configured (it works for at least two weeks): I have multiple FIBs with vnet enabled jails + PF. OpenVPN Clients on different FIBs. loaded netgraph ng_{netflow, ksocket, ether}
Request feedback from Kyle, who's played in the dev/tun area of the tree in the not distant past and has tinkers with race conditions (with make_dev_s, in src 6869d530c791)
(In reply to Seyed Pouria Mousavizadeh Tehrani from comment #0) error == 17, EEXIST Across the entire system, can you describe how you create and use tun interfaces? Are you just letting openvpn create them in their own vnets, or do you do any manual tun creation + moving them into a jail? Do you do any tun interface renaming?
I have two net/ocserv applications in separate jails and give them unhide access to the "/dev/tun*" with devfs. The ocserv will use the /dev/tun special control device file to create tun interfaces and then rename it to the one listed in ocserv.conf ("device = vpns" by default). The default with "vpns" was not working, so I changed the configuration to the "device = tun" and it worked. I also need openvpn-client on my host in another FIB, and to make things more predictable (actually for PF), I used two cloned tun interfaces (tun257, tun258) in "rc.conf". Finally, I allocated them via my openvpn-client configurations. Note 1: I used same devfs rule for both jails. I want it to be separate for a clean configuration, but when I separate the devfs rules, the jail that uses a lower number in my rules will not see the "/dev/tun" special control note. https://forums.freebsd.org/threads/ocserv-in-jail-cannot-open-dev-tun.86627/ Note 2: openvpn-client is not in jail, but last night due to multiple crashes of the entire system, I created an openvpn-server in another jail concurrent to the ocserv jails, which is doing tun allocation dynamically in their VNET.
So, to be clear: - openvpn-client is using tun257 and tun258, it is in its own vnet. - The two ocserv jails also each have their own vnets, and use whatever tun interfaces they get from opening /dev/tun Correct?
- openvpn-client is using tun257 and tun258, it is in its own vnet: No. openvpn-clients are in *host* and not in *jail* so their are not using vnet. host rc.conf: """ openvpn_client_enable="YES" openvpn_client_fib="1" openvpn_client_configfile="/usr/local/etc/openvpn/client.conf" openvpn_client2_enable="YES" openvpn_client2_fib="2" openvpn_client2_configfile="/usr/local/etc/openvpn/client2.conf" """ Here is the client configurations: % grep dev /usr/local/etc/openvpn/client.conf dev tun257 % grep dev /usr/local/etc/openvpn/client2.conf dev tun258 - The two ocserv jails also each have their own vnets, and use whatever tun interfaces they get from opening /dev/tun: Exactly. one of my ocserv jail configurations: """ ... export jail_overlay_vnet_enable="YES" export jail_overlay_vnet_interface="epair0b epair1b" export jail_overlay_exec_prestart0="service netif cloneup epair0 epair1 || echo interfaces are already exists" export jail_overlay_exec_prestart1="service routing static inet || echo static routes are already exists" export jail_overlay_exec_prestart2="service openvpn_client restart" export jail_overlay_exec_poststop0="/sbin/route del -net *.*.*.0/24 -gateway *.*.*7.2" export jail_overlay_exec_poststop1="/sbin/route del -net *.*.*.0/24 -gateway *.*.*8.2 -fib 1" export jail_overlay_exec_poststop2="/sbin/ifconfig epair0a destroy" export jail_overlay_exec_poststop3="/sbin/ifconfig epair1a destroy" """ cloned interfaces in rc.conf: """ ... cloned_interfaces="lo1 gre0 gre1 tun257 tun258 epair5 epair4 epair3 epair2 epair1 epair0" ifconfig_epair0a="inet *.*.*7.1/30 -tso -rxcsum descr vnet-overlay" ifconfig_epair0b="-tso -rxcsum descr vnet-overlay" ifconfig_epair1a="inet *.*.*8.1/30 fib 1 -tso -rxcsum descr vnet-overlay-fib-1" ifconfig_epair1b="fib 1 -tso -rxcsum descr vnet-overlay-fib-1" ... """ Errata in previous comment: *Special Control Device*
Not sure if relevant but interface renaming seems to conflict with the name checks performed by `make_dev_sv`. For example, the following commands trigger the panic: # Destroy all existing tuns ifconfig -l -g tun | xargs -I {} ifconfig {} destroy # Create a new tun "/dev/tun0", and add a symbolic link "/dev/tun1" pointing on it ifconfig tun create name tun1 # KERNEL PANIC here # panic: make_dev_sv: bad si_name (error=17, si_name=tun1) ifconfig tun create (Tested on 653738e895ba, which is a bit old)
https://reviews.freebsd.org/D43001
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=0365e5fc905b425313a0a2d89f0d8e2566924df2 commit 0365e5fc905b425313a0a2d89f0d8e2566924df2 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-12-12 00:13:59 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-12-12 04:02:11 +0000 if_tun: check device name to avoid panic if the name already exists, which is possible with the interface renaming. PR: 266999 Reviewed by: kevans Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D43001 sys/net/if_tuntap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=399961e0a4132fb14b9b975c937cbc46849f8b39 commit 399961e0a4132fb14b9b975c937cbc46849f8b39 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-12-12 00:13:59 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-12-19 00:28:47 +0000 if_tun: check device name PR: 266999 (cherry picked from commit 0365e5fc905b425313a0a2d89f0d8e2566924df2) sys/net/if_tuntap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=a317a58658d4a529211c66b675ec7998032ecb4e commit a317a58658d4a529211c66b675ec7998032ecb4e Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2023-12-12 00:13:59 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2023-12-19 00:29:28 +0000 if_tun: check device name PR: 266999 (cherry picked from commit 0365e5fc905b425313a0a2d89f0d8e2566924df2) sys/net/if_tuntap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
^Triage: the 12 branch is now out of support. Already MFCed to 13. Assign to committer that resolved.