数据飞机重新启动后,多个all_task过程崩溃

数据飞机重新启动后,多个all_task过程崩溃

30748
Created On 03/05/21 16:09 PM - Last Modified 04/19/21 16:45 PM


Symptom


  • 多个all_task过程在掌握中崩溃.log
INFO: all_task_1: exited, Core: True, Exit signal: SIGSEGV
INFO: all_task_1: saved core file all_task_1_9.0.12_0.core
INFO: all_task_1: process running with pid 10432
INFO: all_task_2: exited, Core: True, Exit signal: SIGSEGV
INFO: all_task_2: saved core file all_task_2_9.0.12_0.core
  • 数据飞机在系统日志中重新启动
INFO: data_plane: exited
INFO: data_plane: unable to send early dp down (slot 1); retry in 2 seconds
INFO: logrcvr: exited, Core: False, Exit code: 0
INFO: devsrvr: exited, Core: False, Exit code: 0
INFO: data_plane: unable to send early dp down (slot 1); retry in 2 seconds
  • HA 系统日志中的故障转移
 Warning:  ha_event_log(src/ha_event.c:47): HA Group 1: All HA1 connections down
 debug: ha_sysd_haX_link_change(src/ha_sysd.c:2331): Seeing HA1 peer link unknown, waiting hold
 debug: ha_sysd_haX_link_change(src/ha_sysd.c:2331): Seeing HA1-Backup peer link unknown, waiting hold
 HA2 peer link unknown
 HA2-Backup peer link unknown
 HA3 peer link unknown
  • all_task过程崩溃回溯是指pan_proxy_process
Thread 1 (Thread 0x7ffff7fe4900 (LWP 4311)):
#0  pan_fptcp_input (fptcp=0x55555598d388, tcb=tcb@entry=0x20, conn=conn@entry=0x7fffffffe7c0, 
    wqe=wqe@entry=0xe0562a9f40, proc_opq=proc_opq@entry=0x7fffffffe7b0) at pan_fptcp.c:1957
#1  0x00007ffff759fe09 in pan_proxy_process_ingress_inline (work=0xe0562a9f40, conn=0xe0152a7680, 
    sp=sp@entry=0xe15d55b680) at pan_proxy.c:3758
#2  0x00007ffff759ff7e in pan_proxy_process_ingress_proxy (work=<optimized out>, conn=<optimized out>, 
    sp=0xe15d55b680, proc_data=<optimized out>) at pan_proxy.c:3805
#3  0x00007ffff75a2b6c in pan_proxy_process_ingress (work=work@entry=0xe0562a9f40) at pan_proxy.c:4021
#4  0x00007ffff7308cdd in pan_flow_proc_flags (work=work@entry=0xe0562a9f40, sp=sp@entry=0xe15d55b680,
    b_packet_done=b_packet_done@entry=0x7fffffffe9f0) at src/pan_flow_proc.c:2691
#5  0x00007ffff730a50d in pan_flow_process_fastpath (work=<optimized out>) at src/pan_flow_proc.c:3993
#6  0x000055555555761c in main (ac=<optimized out>, av=<optimized out>) at pan_task.c:460

 

Environment


  • 帕洛阿尔托防火墙。
  • PAN-OS 9.0.12
  • 主动/被动 HA


 

Cause


  • 处理邮件流量 (smtp 和 pop3) 与多部分文件名,使用长文件名通常看到编码用于 ISO 非英语语言时,会导致缓冲区溢出,损坏数据。

Resolution


升级到 PAN-OS 版本 8.1.19, 9.0.13, 9.1.7, 10.0.3, 所有这些都有修复。指PAN-150852 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001UiJCAU&lang=zh_CN&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language