Bug 241698 - pfctl segmentation fault, weird "set skip" behavior
Summary: pfctl segmentation fault, weird "set skip" behavior
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 12.0-RELEASE
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-11-04 03:57 UTC by Stéphane Lapie
Modified: 2019-11-04 09:34 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stéphane Lapie 2019-11-04 03:57:29 UTC
I was running pf with the following line :

set skip on lo

Replacing it to :

set skip on lo0

And then reloading configuration with the following command ends up causing a segmentation fault and a core dump :

# pfctl -f /etc/pf.conf

The core dump reveals it occured in strncmp() but pfctl did not provide the base symbols so I can't be sure yet of what is going on.

#0  0x000000080048c1d5 in strncmp () from /lib/libc.so.7
(gdb) bt
#0  0x000000080048c1d5 in strncmp () from /lib/libc.so.7
#1  0x000000000021d7f0 in ?? ()
#2  0x0000000000220c6a in ?? ()
#3  0x0000000000222cbb in ?? ()
#4  0x000000000021d11b in ?? ()
#5  0x000000080026d000 in ?? ()
#6  0x0000000000000000 in ?? ()

It should also be noted that re-trying the command right after this works, this time. Also, for some reason, I had to run pfctl twice to have traffic on the loopback interface processed properly. (This would prove to be nasty because DNS queries and traffic between jails would end up blocked...)

As a workaround, I have now removed "set skip on lo" and gone for "pass quick on lo0 no state". This has mitigated both issues (the pf segfault when rewriting pf.conf between lo and lo0, and traffic to lo0 being blocked)
Comment 1 Kristof Provost freebsd_committer 2019-11-04 08:38:11 UTC
This is a known problem. See #229241 (and possibly others). It'll be fixed in 12.1.
Comment 2 Stéphane Lapie 2019-11-04 09:03:48 UTC
Ah, many thanks and sorry for the duplicate.
I couldn't find anything relevant when searching for my symptoms.

Thanks for the prompt answer!
Comment 3 Kristof Provost freebsd_committer 2019-11-04 09:34:36 UTC
It helped that you posted a thorough description of the problem.