Site Navigation

Date:      Fri, 14 Jun 2002 10:07:24 -0700
From:      Lars Eggert <larse@ISI.EDU>
To:        Julian Elischer <julian@elischer.org>
Cc:        Archie Cobbs <archie@dellroad.org>, net@FreeBSD.ORG
Subject:   Re: netgraph encryption?
Message-ID:  <3D0A22CC.4010003@isi.edu>
References:  <Pine.BSF.4.21.0206132242280.97512-100000@InterJet.elischer.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is a cryptographically signed message in MIME format.

--------------ms070201040104090009040106
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Julian Elischer wrote:
> I haven't seen a problem with multicast and netgraph but 
> that doesn't mean there isn't a problem. Let us see if there is a
> traceback.

Here's one (4.5-RELEASE + security advisory patches). I can readily 
reproduce this crash, so I have a good setup to test things for you 
while tracking this down.

I set up a netgraph UDP tunnel as follows:

ngctl mkpeer iface dummy inet
ifconfig ng0 206.117.27.2 206.117.27.3 netmask 255.255.255.128 mtu 1400
ngctl mkpeer ng0: ksocket inet inet/dgram/udp
ngctl msg ng0:inet bind inet/128.9.160.108:48286
ngctl msg ng0:inet connect inet/128.9.112.2:19071


Then I start mrouted (here in debug mode, which may help you debug things:

[root@keg: /usr/src/sys/compile/KERNEL-1.37] mrouted -d
debug level 0x2de (pruning,routing,peers,cache,interface,membership,igmp)
09:57:11.493 mrouted version 3.9-beta3+IOS12 starting
09:57:11.493 Getting vifs from kernel interfaces
09:57:11.493 installing xl0 (128.9.160.108 on subnet 128.9.160/20) as 
vif #0 - rate=0
09:57:11.494 installing ng0 (206.117.27.2 on subnet 206.117.27.0/25) as 
vif #1 - rate=0
09:57:11.494 Getting vifs from /etc/mrouted.conf
09:57:11.494 Installing vifs in mrouted...
09:57:11.494 vif #0, phyint 128.9.160.108
09:57:11.494 assuming querier duties on vif 0
09:57:11.494 sending query on vif 0
09:57:11.495 SENT membership query   from 128.9.160.108   to 224.0.0.1
09:57:11.495 SENT neighbor probe     from 128.9.160.108   to 224.0.0.4
09:57:11.495 vif #1, phyint 206.117.27.2
09:57:11.495 assuming querier duties on vif 1
09:57:11.495 sending query on vif 1
09:57:11.495 SENT membership query   from 206.117.27.2    to 224.0.0.1
09:57:11.496 SENT neighbor probe     from 206.117.27.2    to 224.0.0.4
vifs_with_neighbors = 0

Virtual Interface Table
Vif  Name  Local-Address                               M  Thr  Rate   Flags
  0    xl0  128.9.160.108   subnet: 128.9.160/20        1   1      0 
querier
                      IGMP querier: 128.9.160.108      (this system)
                       Nbr bitmaps: 0x0000000000000000

  1    ng0  206.117.27.2    subnet: 206.117.27.0/25     1   1      0 
querier rexmit_prunes
                      IGMP querier: 206.117.27.2       (this system)
                       Nbr bitmaps: 0x0000000000000000


Multicast Routing Table (2 entries)
  Origin-Subnet      From-Gateway    Metric Tmr Fl In-Vif  Out-Vifs
  206.117.27.0/25                       1     0 C.   1    0*
  128.9.160/20                          1     0 C.   0    1*

09:57:11.498 RECV membership query   from 128.9.160.108   to 224.0.0.1
09:57:11.498 ignoring query from 128.9.160.108; querier on vif 0 is still me
09:57:11.498 RECV membership query   from 206.117.27.2    to 224.0.0.1
09:57:11.498 ignoring query from 206.117.27.2; querier on vif 1 is still me
09:57:11.566 RECV neighbor probe     from 128.9.160.194   to 224.0.0.4
09:57:11.566 checking probe from 128.9.160.194 (3.255) on vif 0
09:57:11.566 New neighbor 128.9.160.194 on vif 0 v3.255 nf 0x0e idx 0
09:57:11.566 waiting for probe from 128.9.160.194 with my addr
09:57:14.570 RECV neighbor probe     from 128.9.160.72    to 224.0.0.4
09:57:14.570 checking probe from 128.9.160.72 (3.255) on vif 0
09:57:14.570 New neighbor 128.9.160.72 on vif 0 v3.255 nf 0x0f idx 1
09:57:14.570 SENT neighbor probe     from 128.9.160.108   to 224.0.0.4
09:57:14.570 SENT route report       from 128.9.160.108   to 224.0.0.4
09:57:14.626 RECV neighbor probe     from 128.9.160.194   to 224.0.0.4
09:57:14.626 checking probe from 128.9.160.194 (3.255) on vif 0
09:57:14.627 128.9.160.194 on vif 0 exits WAITING
09:57:14.627 SENT neighbor probe     from 128.9.160.108   to 224.0.0.4
09:57:14.627 SENT route report       from 128.9.160.108   to 224.0.0.4
09:57:14.650 RECV route report       from 128.9.160.194   to 224.0.0.4
09:57:14.651 Updating 7 routes from 128.9.160.194 to 224.0.0.4
09:57:14.651 SENT route report       from 128.9.160.108   to 224.0.0.4
09:57:14.665 RECV neighbor probe     from 128.9.160.72    to 224.0.0.4
09:57:14.666 checking probe from 128.9.160.72 (3.255) on vif 0
09:57:14.676 RECV route report       from 128.9.160.72    to 224.0.0.4
09:57:14.676 Updating 7 routes from 128.9.160.72 to 224.0.0.4
09:57:14.687 RECV route report       from 128.9.160.194   to 224.0.0.4
09:57:14.687 Updating 1 routes from 128.9.160.194 to 224.0.0.4
09:57:14.697 RECV route report       from 128.9.160.72    to 224.0.0.4
09:57:14.697 Updating 1 routes from 128.9.160.72 to 224.0.0.4
09:57:16.714 aging forwarding cache entries
09:57:16.714 sending query on vif 0
09:57:16.714 SENT membership query   from 128.9.160.108   to 224.0.0.1
09:57:16.714 sending query on vif 1
09:57:16.715 SENT membership query   from 206.117.27.2    to 224.0.0.1
09:57:16.715 SENT neighbor probe     from 128.9.160.108   to 224.0.0.4
09:57:16.715 SENT neighbor probe     from 206.117.27.2    to 224.0.0.4
09:57:16.715 RECV membership query   from 128.9.160.108   to 224.0.0.1
09:57:16.715 ignoring query from 128.9.160.108; querier on vif 0 is still me
09:57:16.715 RECV membership query   from 206.117.27.2    to 224.0.0.1
09:57:16.715 ignoring query from 206.117.27.2; querier on vif 1 is still me
09:57:17.230 RECV V2 member report   from 128.9.160.142   to 224.0.0.2
09:57:17.231 group 224.0.0.2 joined on vif 0
09:57:18.421 RECV neighbor probe     from 128.9.112.65    to 224.0.0.4
09:57:18.421 warning - ignoring probe from non-neighbor 128.9.112.65, 
check for misconfigured tunnel or routing on 128.9.112.65
09:57:19.424 SENT route report       from 128.9.160.108   to 224.0.0.4
09:57:19.425 update 9 starting at 9 of 9
09:57:21.522 RECV neighbor probe     from 128.9.160.194   to 224.0.0.4


And then it crashes. Here's the panic info:

Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x10
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc1be5bfc
stack pointer           = 0x10:0xcdfa6e00
frame pointer           = 0x10:0xcdfa6e10
code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 511 (mrouted)
interrupt mask          = net
kernel: type 12 trap, code=0
Stopped at ng_iface_ioctl+0x7c:	testb	$0x1,0x10(%edi)


(kgdb) bt
#0  dumpsys () at ../../kern/kern_shutdown.c:474
#1  0xc017bcb0 in boot (howto=260) at ../../kern/kern_shutdown.c:313
#2  0xc017c0b5 in panic (fmt=0xc02f16a4 "from debugger") at 
../../kern/kern_shutdown.c:582
#3  0xc013f965 in db_panic (addr=-1044489220, have_addr=0, count=1, 
modif=0xcdfa6c6c "")
     at ../../ddb/db_command.c:435
#4  0xc013f903 in db_command (last_cmdp=0xc035c938, 
cmd_table=0xc035c778, aux_cmd_tablep=0xc03985b8)
     at ../../ddb/db_command.c:333
#5  0xc013f9ca in db_command_loop () at ../../ddb/db_command.c:457
#6  0xc0141b63 in db_trap (type=12, code=0) at ../../ddb/db_trap.c:71
#7  0xc02bc38c in kdb_trap (type=12, code=0, regs=0xcdfa6dc0) at 
../../i386/i386/db_interface.c:158
#8  0xc02c98ec in trap_fatal (frame=0xcdfa6dc0, eva=16) at 
../../i386/i386/trap.c:951
#9  0xc02c95ad in trap_pfault (frame=0xcdfa6dc0, usermode=0, eva=16) at 
../../i386/i386/trap.c:849
#10 0xc02c913f in trap (frame={tf_fs = -840368112, tf_es = -869138416, 
tf_ds = 16, tf_edi = 0,
       tf_esi = -1044495616, tf_ebp = -839225840, tf_isp = -839225876, 
tf_ebx = -2145359600,
       tf_edx = 6686720, tf_ecx = 6686720, tf_eax = 6686720, tf_trapno = 
12, tf_err = 0,
       tf_eip = -1044489220, tf_cs = 8, tf_eflags = 66118, tf_esp = 1, 
tf_ss = -1044495616})
     at ../../i386/i386/trap.c:448
#11 0xc1be5bfc in ?? ()
#12 0xc01b622c in if_allmulti (ifp=0xc1be4300, onswitch=1) at 
../../net/if.c:1375
#13 0xc01d61c2 in add_vif (vifcp=0xcdfa6ea4) at 
../../netinet/ip_mroute.c:734
#14 0xc01d5bfd in X_ip_mrouter_set (so=0xccd2a480, sopt=0xcdfa6f24) at 
../../netinet/ip_mroute.c:410
#15 0xc01da70d in rip_ctloutput (so=0xccd2a480, sopt=0xcdfa6f24) at 
../../netinet/raw_ip.c:378
#16 0xc019b3ee in sosetopt (so=0xccd2a480, sopt=0xcdfa6f24) at 
../../kern/uipc_socket.c:1127
#17 0xc019e83f in setsockopt (p=0xcc3246c0, uap=0xcdfa6f80) at 
../../kern/uipc_syscalls.c:1113
#18 0xc02c9b26 in syscall2 (frame={tf_fs = 47, tf_es = 47, tf_ds = 47, 
tf_edi = 0, tf_esi = 1,
       tf_ebp = -1077938012, tf_isp = -839225388, tf_ebx = 1, tf_edx = 
134609892, tf_ecx = 6,
       tf_eax = 105, tf_trapno = 7, tf_err = 2, tf_eip = 671831280, 
tf_cs = 31, tf_eflags = 659,
       tf_esp = -1077938088, tf_ss = 47}) at ../../i386/i386/trap.c:1157
#19 0xc02bd165 in Xint0x80_syscall ()
#20 0x804e584 in ?? ()
#21 0x804b6e5 in ?? ()
#22 0x8055302 in ?? ()
#23 0x804b5d6 in ?? ()
#24 0x8048fc1 in ?? ()


-- 
Lars Eggert <larse@isi.edu>           USC Information Sciences Institute

--------------ms070201040104090009040106
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIIrjCC
ArUwggIeoAMCAQICAwWBRzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNV
BAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUx
HTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVl
bWFpbCBSU0EgMjAwMC44LjMwMB4XDTAxMDgyNDE2NDAwMFoXDTAyMDgyNDE2NDAwMFowVDEP
MA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYDVQQDEwtMYXJzIEVnZ2VydDEc
MBoGCSqGSIb3DQEJARYNbGFyc2VAaXNpLmVkdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA0AvLBsD78nxcUHeHkaMgl3b4qYPnfgbf8Lh+HQP8RgGMRG/Yb+vTpkGezlwt9pkJxiD1
1uZDy4CNNJUu3gKxKSb+zRV70O+lkwwftuHoLHoH4xwo3LcQ2LGDpd+I95tUN4dfJ3TmeEcU
SF50dC/SuUI4w8AlhXQ8IxrhgdayTpECAwEAAaNWMFQwKgYFK2UBBAEEITAfAgEAMBowGAIB
BAQTTDJ1TXlmZkJOVWJOSkpjZFoyczAYBgNVHREEETAPgQ1sYXJzZUBpc2kuZWR1MAwGA1Ud
EwEB/wQCMAAwDQYJKoZIhvcNAQECBQADgYEAheZhn0pQA8zI7U2K1ZIAl11j0a1DKxnp3GtT
vOUrGRB3WvYxidvdZ1kizhEsWeXU81TkNDH0DaRqtOEeu6Q2OhB+jeKEqY7IDAJE4/fI0e+d
6PnG1hd+vEvYmsKHkmzBhPc94XUOKNWO+qVNP2NGyNI3QIDy5wX4fdcOo1S34r4wggK1MIIC
HqADAgECAgMFgUcwDQYJKoZIhvcNAQECBQAwgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxX
ZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYD
VQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg
UlNBIDIwMDAuOC4zMDAeFw0wMTA4MjQxNjQwMDBaFw0wMjA4MjQxNjQwMDBaMFQxDzANBgNV
BAQTBkVnZ2VydDENMAsGA1UEKhMETGFyczEUMBIGA1UEAxMLTGFycyBFZ2dlcnQxHDAaBgkq
hkiG9w0BCQEWDWxhcnNlQGlzaS5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAL
ywbA+/J8XFB3h5GjIJd2+KmD534G3/C4fh0D/EYBjERv2G/r06ZBns5cLfaZCcYg9dbmQ8uA
jTSVLt4CsSkm/s0Ve9DvpZMMH7bh6Cx6B+McKNy3ENixg6XfiPebVDeHXyd05nhHFEhedHQv
0rlCOMPAJYV0PCMa4YHWsk6RAgMBAAGjVjBUMCoGBStlAQQBBCEwHwIBADAaMBgCAQQEE0wy
dU15ZmZCTlViTkpKY2RaMnMwGAYDVR0RBBEwD4ENbGFyc2VAaXNpLmVkdTAMBgNVHRMBAf8E
AjAAMA0GCSqGSIb3DQEBAgUAA4GBAIXmYZ9KUAPMyO1NitWSAJddY9GtQysZ6dxrU7zlKxkQ
d1r2MYnb3WdZIs4RLFnl1PNU5DQx9A2karThHrukNjoQfo3ihKmOyAwCROP3yNHvnej5xtYX
frxL2JrCh5JswYT3PeF1DijVjvqlTT9jRsjSN0CA8ucF+H3XDqNUt+K+MIIDODCCAqGgAwIB
AgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT
BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3
dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lv
bjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkB
FhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgy
NzIzNTk1OVowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNV
BAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBT
ZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUq
bXA8+tyu9+50bzC8M5B/+TRxoKNtmPHDT6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC
9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoTh/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEww
KQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQI
MAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBADGxS0dd+QFx5fVTbF15
1j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3UFWobPcNrUwbvAP0teuiR59s
ogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o89kTqJmmHf0iezqWf54TY
yWJirQXGMYICpjCCAqICAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJu
IENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRD
ZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIw
MDAuOC4zMAIDBYFHMAkGBSsOAwIaBQCgggFhMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEw
HAYJKoZIhvcNAQkFMQ8XDTAyMDYxNDE3MDcyNlowIwYJKoZIhvcNAQkEMRYEFGSIkCP5OCpL
I5ZjvC46Wwx5JvBYMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwIC
AgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGtBgsqhkiG9w0B
CRACCzGBnaCBmjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAG
A1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRl
IFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMF
gUcwDQYJKoZIhvcNAQEBBQAEgYBVaKNZyFfqEHxUZ97JUWJy6+w9yqNXTBjgkDu8OEUXQ5xW
763ethUvhb4S/jyNLZFZ8CZuiX9jjY73/Suh9BNgal9VKKCGdoAO/zZR3K/Bl2o97RWL1nk8
DOb36BpLrPRHcmHp7dr8YKNVXT+7IM4/7sEn8kxLLpZlWXzgVdOAOQAAAAAAAA==
--------------ms070201040104090009040106--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D0A22CC.4010003>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact