Two different hardware firewall 4.6 machines in the last 24 hours have
produced the following:
UVM_fault(0xd0891180, 0x0, 0, 3) -> e
Kernel: page fault trap, code = 0
Stopped at pf_test_rule+0xa87: movl %ecx,0x4(%ecx)
Ddb{0}>
Frozen, couldn't type anything...
Now, I did some research and found this thread:
http://www.mail-archive.com/misc@openbsd.org/msg83853.html from late last
year. In summary, it sounds like Henning may have fixed it from this post:
http://marc.info/?l=openbsd-cvs&m=124955744915786&w=2
My question is: should I just make my own patch and roll out changes to all
our firewalls in our enterprise from some revision of pf.c (1.656, 1.657,
1.??? *which one*) to minimize risk of this crash happening again. We have
only had 4.6 in production on one of the two machines [above] for a week and
the other about a month, we have about half a dozen other firewalls at 4.6
just in the last week.
Also, why didn't this make it to an errata reliability fix?
