From owner-freebsd-net@FreeBSD.ORG Thu May 28 14:09:53 2015 Return-Path: Delivered-To: net@freebsd.org Received: from mx2.freebsd.org (mx2.freebsd.org [IPv6:2001:1900:2254:206a::19:2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 10B3B292 for ; Thu, 28 May 2015 14:09:53 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from butcher-nb.yandex.net (hub.freebsd.org [IPv6:2001:1900:2254:206c::16:88]) by mx2.freebsd.org (Postfix) with ESMTP id 4835E6665B; Thu, 28 May 2015 14:09:52 +0000 (UTC) (envelope-from ae@FreeBSD.org) Message-ID: <55672123.1090101@FreeBSD.org> Date: Thu, 28 May 2015 17:07:31 +0300 From: "Andrey V. Elsukov" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Julian Kornberger , "net@freebsd.org" Subject: Re: Crash with GRE und IPFW fwd References: <5566565A.7030200@tzi.de> In-Reply-To: <5566565A.7030200@tzi.de> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="f0sVFN71psP7CX91X1KjeGkdS0ILJTg1u" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2015 14:09:53 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --f0sVFN71psP7CX91X1KjeGkdS0ILJTg1u Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 28.05.2015 02:42, Julian Kornberger wrote: > Fatal trap 12: page fault while in kernel mode > cpuid =3D 0; apic id =3D 00 > fault virtual address =3D 0x7c > fault code =3D supervisor read data, page not present > instruction pointer =3D 0x20:0xffffffff80a58105 > stack pointer =3D 0x28:0xfffffe00957335e0 > frame pointer =3D 0x28:0xfffffe00957336e0 > code segment =3D base 0x0, limit 0xfffff, type 0x1b > =3D DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags =3D interrupt enabled, resume, IOPL =3D 0 > current process =3D 1707 (tcpmssd) > trap number =3D 12 > panic: page fault > cpuid =3D 0 > KDB: stack backtrace: > #0 0xffffffff80963000 at kdb_backtrace+0x60 > #1 0xffffffff80928125 at panic+0x155 > #2 0xffffffff80d258df at trap_fatal+0x38f > #3 0xffffffff80d25bf8 at trap_pfault+0x308 > #4 0xffffffff80d2525a at trap+0x47a > #5 0xffffffff80d0b142 at calltrap+0x8 > #6 0xffffffff81a15797 at gre_output+0x467 > #7 0xffffffff80a59024 at ip_output+0x11b4 > #8 0xffffffff819b257a at div_send+0x33a Just noticed, you use ip_divert(4). gre(4) uses mbuf_tag to prevent infinity loop and stack exhausting. When packet goes through ip_divert, it loses this tag. You need to check your rules and avoid applying divert rules to GRE packets. Also you can use some netgraph based tcpmss implementation. --=20 WBR, Andrey V. Elsukov --f0sVFN71psP7CX91X1KjeGkdS0ILJTg1u Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJVZyEjAAoJEAHF6gQQyKF6qY4IAJu6TLB+5GobZafP5qkkrsHm ILadB6o26Pjv8VGUyuXB30dvgG1fWzw0s2FwQIpEsqpItRsJ7Se+LRmUkVXey4+L muuPr7U2rz1r5har4S0skCmIRzgIw5SKaMUKO3KNp4/tpnEfwDcaezrDi41cYPwA RSdmDPuDCd/Wyh7LSaMhpswr6CfSkYaUJ1IVzkSbvKTOWvIQbayTDeHJkXQZMHbQ ELWYM7hdBxiWqoSlEFGATzXiE74L1aSBed335TpguNJYYcB6ABuO+T+Bw1Y6u4uA iyC8LetgMw+mVlPNtyG2RfGEuSfmkGPQNo/eMkZ6231tmaIRtbXkz11i+2CcXbM= =WrQ8 -----END PGP SIGNATURE----- --f0sVFN71psP7CX91X1KjeGkdS0ILJTg1u--