[pf4freebsd] panic using synproxy

Wed Sep 15 20:50:32 PDT 2004

This is a 5.1 using 5.1.04 pfaltq patch by Dennis,

the box paniced after I introduced a synproxy rule. :)

db> show map
Task map 0xc02993f2: pmap=0x8908458b, nentries=1166878580, 
version=3249999616

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x860246cb
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc036acb6
stack pointer           = 0x10:0xd68b8a08
frame pointer           = 0x10:0xd68b8a28
code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
processor eflags        = resume, IOPL = 0
current process         = 12 (swi1: net)
kernel: type 12 trap, code=0
Stopped at      ip_input+0x332: movl    0x8(%eax),%esi

db> ps
   pid   proc     addr    uid  ppid  pgrp  flag   stat  wmesg    wchan  cmd
26487 c431d960 e0e15000 1004   544   544 0004100 norm[CVQ  select 
c04555d4][SLP] pickup
25005 c4317000 e0db5000    0     1 25005 0000000 norm[SLPQ     bpf 
c6534d00][SLP] snort
25003 c417c000 dfb87000    0     1 25003 0000000 norm[SLPQ     bpf 
c6535b00][SLP] snort
23895 c6a783c0 e1069000    0 23871 23895 0004002 norm[SLPQ   ttyin 
c6483e40][SLP] zsh
23871 c6a79000 e106f000 1001 21439 23871 0004102 norm[SLPQ    wait 
c6a79000][SLP] su
22091 c65c15a0 e0f9f000   80   450   450 0000100 norm[SLPQ  accept 
c4284d36][SLP] httpd
22090 c6a753c0 e1061000   80   450   450 0000100 norm[SLPQ  accept 
c4284d36][SLP] httpd
22083 c468bb40 e0f82000   80   450   450 0000100 norm[SLPQ  accept 
c4284d36][SLP] httpd
21984 c468cd20 e0fa1000   80   450   450 0000100 norm[SLPQ  accept 
c4284d36][SLP] httpd
21982 c65c3d20 e0fdb000   80   450   450 0000100 norm[SLPQ  accept 
c4284d36][SLP] httpd
21439 c468c960 e0f97000 1001 21438 21439 0004002 norm[SLPQ   pause 
c43e0000][SLP] zsh
21438 c441a1e0 e0f06000 1001 21435 21435 0000100 norm[CVQ  select 
c04555d4][SLP] sshd
21435 c43171e0 e0dbb000    0   400 21435 0000100 norm[SLPQ  sbwait 
c6cf6364][SLP] sshd
19022 c441a000 e0f05000 1001 19019 19019 0000100 norm[CVQ  select 
c04555d4][SLP] sshd
19019 c441a960 e0f58000    0   400 19019 0000100 norm[SLPQ  sbwait 
c6a8f664][SLP] sshd
82019 c6a75780 e1063000    0 82018 82018 0000000 norm[SLPQ  piperd 
c41b1160][SLP] nmbd
82018 c6a791e0 e1070000    0     1 82018 0000001 norm[CVQ  select 
c04555d4][SLP] nmbd
82016 c6a78d20 e106e000    0     1 82016 0000001 norm[CVQ  select 
c04555d4][SLP] smbd
81658 c6a75960 e1064000    0     1 81658 0000000 norm[CVQ  select 
c04555d4][SLP] dhcpd
45011 c65c1b40 e0fd0000 1004   544   544 0004100 norm[CVQ  select 
c04555d4][SLP] qmgr
31564 c65c1d20 e0fd1000    0     1 31563 0000000 norm[SLPQ  piperd 
c41b28f0][SLP] nmbd
31506 c468b000 e0f6e000    0     1 31505 0000000 norm[SLPQ  piperd 
c43fe370][SLP] nmbd
  1351 c431d1e0 e0e11000    0     1  1351 0004002 norm[SLPQ   ttyin 
c4072610][SLP] getty
   632 c4419000 e0efd000    0     1   632 0004002 norm[SLPQ   ttyin 
c4484c10][SLP] getty
   631 c44191e0 e0efe000    0     1   631 0004002 norm[SLPQ   ttyin 
c4485010][SLP] getty
   630 c44193c0 e0eff000    0     1   630 0004002 norm[SLPQ   ttyin 
c4485410][SLP] getty
   629 c44195a0 e0f00000    0     1   629 0004002 norm[SLPQ   ttyin 
c4485810][SLP] getty
   628 c4419780 e0f01000    0     1   628 0004002 norm[SLPQ   ttyin 
c4485c10][SLP] getty
   627 c4419960 e0f02000    0     1   627 0004002 norm[SLPQ   ttyin 
c43c8a10][SLP] getty
   626 c4419b40 e0f03000    0     1   626 0004002 norm[SLPQ   ttyin 
c43c8e10][SLP] getty
   625 c4419d20 e0f04000    0     1   625 0004002 norm[SLPQ   ttyin 
c14fc010][SLP] getty
   622 c441a3c0 e0f07000    3   600   576 0004002 norm[SLPQ  piperd 
c41b1d10][SLP] multilog
   621 c441a5a0 e0f08000    3   616   576 0004002 norm[SLPQ  piperd 
c41b2790][SLP] multilog
   620 c431db40 e0e16000    3   602   576 0004002 norm[SLPQ  piperd 
c43fe000][SLP] multilog
   619 c43e91e0 e0db2000    3   615   576 0004102 norm[CVQ  select 
c04555d4][SLP] dnscache
   618 c431d3c0 e0e12000    3   601   576 0004102 norm[CVQ  select 
c04555d4][SLP] dnscache
   617 c403fd20 dfb7c000    3   599   576 0004102 norm[CVQ  select 
c04555d4][SLP] dnscache
   616 c417e5a0 dfb92000    0   576   576 0004002 norm[CVQ  select 
c04555d4][SLP] supervise
   615 c43ea1e0 e0e74000    0   576   576 0004002 norm[CVQ  select 
c04555d4][SLP] supervise
   603 c43e9d20 e0e4b000    0     1   603 0000000 norm[CVQ  select 
c04555d4][SLP] inetd
   602 c43e9b40 e0e4a000    0   576   576 0004002 norm[CVQ  select 
c04555d4][SLP] supervise
   601 c417ed20 dfbbd000    0   576   576 0004002 norm[CVQ  select 
c04555d4][SLP] supervise
   600 c43e9960 e0e49000    0   576   576 0004002 norm[CVQ  select 
c04555d4][SLP] supervise
   599 c43e9780 e0e48000    0   576   576 0004002 norm[CVQ  select 
c04555d4][SLP] supervise
   577 c43e93c0 e0e46000    0     1   576 0004002 norm[SLPQ  piperd 
c41b1e70][SLP] readproctitle
   576 c43e95a0 e0e47000    0     1   576 0004002 norm[SLPQ  nanslp 
c045498c][SLP] svscan
   571 c43ea000 e0e4c000    0     1   570 0000000 norm[CVQ  select 
c04555d4][SLP] snmpd
   544 c4317d20 e0e0f000    0     1   544 0004100 norm[CVQ  select 
c04555d4][SLP] master
   495 c4317780 e0dbe000   88   463    40 0004102 norm[CVQ  select 
c04555d4][SLP] mysqld
   487 c431d780 e0e14000    0     1   487 0000000 norm[SLPQ     bpf 
c42d2200][SLP] pflogd
   463 c41c6b40 e0da3000    0     1    40 0004002 norm[SLPQ    wait 
c41c6b40][SLP] sh
   450 c417e960 dfb94000    0     1   450 0000000 norm[CVQ  select 
c04555d4][SLP] httpd
   418 c41c65a0 e0da0000    0     1   418 0000000 norm[SLPQ  nanslp 
c045498c][SLP] cron
   400 c41c63c0 e0d9f000    0     1   400 0000100 norm[CVQ  select 
c04555d4][SLP] sshd
   253 c41c61e0 e0d9e000    0     1   253 0000000 norm[CVQ  select 
c04555d4][SLP] syslogd
   142 c41c6960 e0da2000    0     1   142 0000000 norm[SLPQ   pause 
c4181000][SLP] adjkerntz
    39 c417c1e0 dfb88000    0     0     0 0000204 norm[SLPQ  nfsidl 
c046554c][SLP] nfsiod 3
    38 c417c3c0 dfb89000    0     0     0 0000204 norm[SLPQ  nfsidl 
c0465548][SLP] nfsiod 2
    37 c417c5a0 dfb8a000    0     0     0 0000204 norm[SLPQ  nfsidl 
c0465544][SLP] nfsiod 1
    36 c417c780 dfb8b000    0     0     0 0000204 norm[SLPQ  nfsidl 
c0465540][SLP] nfsiod 0
    35 c417c960 dfb8c000    0     0     0 0000204 norm[SLPQ  vlruwt 
c417c960][SLP] vnlru
    34 c417cb40 dfb8d000    0     0     0 0000204 norm[SLPQ  syncer 
c0454340][SLP] syncer
    33 c417cd20 dfb8e000    0     0     0 0000204 norm[SLPQ  psleep 
c045599c][SLP] bufdaemon
    32 c417e000 dfb8f000    0     0     0 000020c norm[SLPQ  pgzero 
c0466c08][SLP] pagezero
    31 c417e1e0 dfb90000    0     0     0 0000204 norm[SLPQ  pollid 
c0450898][SLP] idlepoll
     9 c3fc35a0 d7af6000    0     0     0 0000204 norm[SLPQ  psleep 
c0466c34][SLP] vmdaemon
     8 c3fc3780 d7af7000    0     0     0 0000204 norm[SLPQ  psleep 
c0466c20][SLP] pagedaemon
    30 c3fc3960 d7af8000    0     0     0 0000204 new [IWAIT] irq8: rtc
    29 c3fc3b40 d7af9000    0     0     0 0000204 new [IWAIT] irq0: clk
    28 c3fc3d20 d7afa000    0     0     0 0000204 new [IWAIT] irq3: sio1
    27 c403f000 dfb4e000    0     0     0 0000204 new [IWAIT] irq4: sio0
    26 c403f1e0 dfb4f000    0     0     0 0000204 norm[IWAIT] swi0: tty:sio
    25 c403f3c0 dfb50000    0     0     0 0000204 new [IWAIT] irq15: ata1
    24 c403f5a0 dfb51000    0     0     0 0000204 norm[IWAIT] irq14: ata0
    23 c403f780 dfb52000    0     0     0 0000204 norm[LOCK  Giant 
c0452300] irq11: fxp1
    22 c403f960 dfb53000    0     0     0 0000204 norm[RUNQ] irq10: fxp0
    21 c150a1e0 d68f4000    0     0     0 0000204 norm[SLPQ  nothing 
c0551d80][SLP] acpi_thermal
     7 c150a3c0 d68f5000    0     0     0 0000204 norm[SLPQ  actask 
c05521cc][SLP] acpi_task2
     6 c150a5a0 d68f6000    0     0     0 0000204 norm[SLPQ  actask 
c05521cc][SLP] acpi_task1
     5 c150a780 d68f7000    0     0     0 0000204 norm[SLPQ  actask 
c05521cc][SLP] acpi_task0
    20 c150a960 d68f8000    0     0     0 0000204 new [IWAIT] irq9: acpi0
    19 c150ab40 d68f9000    0     0     0 0000204 new [IWAIT] irq13:
    18 c150ad20 d6921000    0     0     0 0000204 norm[IWAIT] swi6: 
acpitaskq
    17 c3fc3000 d7af3000    0     0     0 0000204 new [IWAIT] swi5:+
    16 c3fc31e0 d7af4000    0     0     0 0000204 new [IWAIT] swi6: task 
queue
    15 c3fc33c0 d7af5000    0     0     0 0000204 norm[SLPQ   sleep 
c04409e0][SLP] random
     4 c1503000 d689d000    0     0     0 0000204 norm[SLPQ  g_down 
c044d458][SLP] g_down
     3 c15031e0 d68ec000    0     0     0 0000204 norm[SLPQ    g_up 
c044d454][SLP] g_up
     2 c15033c0 d68ed000    0     0     0 0000204 norm[SLPQ  g_events 
c044d44c][SLP] g_event
    14 c15035a0 d68ee000    0     0     0 0000204 new [IWAIT] swi4: vm
    13 c1503780 d68ef000    0     0     0 000020c norm[RUNQ] swi7: 
tty:sio clock
    12 c1503960 d68f0000    0     0     0 0000204 norm[CPU 0] swi1: net
    11 c1503b40 d68f1000    0     0     0 000020c norm[Can run] idle
     1 c1503d20 d68f2000    0     0     1 0004200 norm[SLPQ    wait 
c1503d20][SLP] init
    10 c150a000 d68f3000    0     0     0 0000204 norm[CVQ  ktrace 
c0450e34][SLP] ktrace
     0 c044d540 c0581000    0     0     0 0000200 norm[SLPQ   sched 
c044d540][SLP] swapper

db> trace
ip_input(0,1c3dfc6c,3b751984,d68b8ce4,c3f3d140) at ip_input+0x332
swi_net(0,0,0,0,c1503960) at swi_net+0x16d
ithread_loop(c1502200,d68b8d48,0,0,c1504980) at ithread_loop+0x1c2
fork_exit(c01dd910,c1502200,d68b8d48) at fork_exit+0xaf
fork_trampoline() at fork_trampoline+0x1a
--- trap 0x1, eip = 0, esp = 0xd68b8d7c, ebp = 0 ---

db> show registers
cs                 0x8
ds                0x10
es                0x10
fs                0x18
ss                0x10
eax                  0
ecx                0x4
edx         0xc1504980
ebx                  0
esp         0xd68b8c38
ebp         0xd68b8cc8
esi         0xc1e5d830
edi               0x14
eip         0xc02993f2  ip_input+0x332
efl            0x10246
dr0                  0
dr1                  0
dr2                  0
dr3                  0
dr4         0xffff0ff0
dr5              0x400
dr6         0xffff0ff0
dr7              0x400
ip_input+0x332: movl    0x8(%eax),%esi

Hope this helps,
BA