Steve Clark wrote:
> Hi Darren,
I am now getting the following panic:
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x1c
fault code = supervisor write, page not present
instruction pointer = 0x20:0xc06404ba
stack pointer = 0x28:0xc75169f8
frame pointer = 0x28:0xc75169f8
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 13 (swi1: net)
trap number = 12
panic: page fault
cpuid = 0
Uptime: 1h4m48s
Dumping 111 MB (2 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 111MB (28400 pages) 95 79 63 47 31 15
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) add-symbol-file
/mnt/src/ip_fil4.1.26/BSD/FreeBSD-6.1-STABLE-i386/ipf.ko 0xc0b3b084
add symbol table from file
"/mnt/src/ip_fil4.1.26/BSD/FreeBSD-6.1-STABLE-i386/ipf.ko" at
.text_addr = 0xc0b3b084
(y or n) y
Reading symbols from
/mnt/src/ip_fil4.1.26/BSD/FreeBSD-6.1-STABLE-i386/ipf.ko...done.
(kgdb) bt
#0 doadump () at pcpu.h:165
#1 0xc06492b2 in boot (howto=260) at ../../../kern/kern_shutdown.c:409
#2 0xc06495d9 in panic (fmt=0xc0910386 "%s") at
./../../kern/kern_shutdown.c:565
#3 0xc082d99c in trap_fatal (frame=0xc75169b8, eva=28) at
./../../i386/i386/trap.c:837
#4 0xc082d6db in trap_pfault (frame=0xc75169b8, usermode=0, eva=28)
at ../../../i386/i386/trap.c:745
#5 0xc082d335 in trap (frame=
{tf_fs = 8, tf_es = 40, tf_ds = 40, tf_edi = 0, tf_esi =
-1061813396, tf_ebp = -950965768, tf_isp = -950965788, tf_ebx =
-1032953240, tf_edx = -1048515968, tf_ecx = 0, tf_eax = 4, tf_trapno =
12, tf_err = 2, tf_eip = -1067187014, tf_cs = 32, tf_eflags = 590466,
tf_esp = -950965720, tf_ss = -1061944816}) at
./../../i386/i386/trap.c:435
#6 0xc08198fa in calltrap () at ../../../i386/i386/exception.s:139
#7 0xc06404ba in _mtx_lock_flags (m=0x0, opts=0, file=0xc0b5a16f
"../../fil.c", line=5222) at atomic.h:146
#8 0xc0b40210 in fr_movequeue (tqe=0xc26e6268, oifq=0x0,
nifq=0xc0b6036c) at ../../fil.c:5222
#9 0xc0b4d81b in fr_tcp_age (tqe=0xc26e6268, fin=0x4, tqtab=0x4,
flags=0, seqnext=0) at ../../ip_state.c:3605
#10 0xc0b468aa in nat_update (fin=0xc7516b40, nat=0xc26e6200,
np=0xc94d76c) at ../../ip_nat.c:3666
..
Not unexpected.
See below for the patch I should have sent you the first time.
Darren
Index: ip_nat.c
===================================================================
RCS file: /devel/CVS/IP-Filter/ip_nat.c,v
retrieving revision 2.195.2.105
diff -c -r2.195.2.105 ip_nat.c
*** ip_nat.c 21 Dec 2007 23:03:24 -0000 2.195.2.105
--- ip_nat.c 7 Feb 2008 01:41:35 -0000
***************
*** 2587,2593 ****
nat->nat_ptr = np;
nat->nat_p = fin->fin_p;
nat->nat_mssclamp = np->in_mssclamp;
! if (nat->nat_p == IPPROTO_TCP)
nat->nat_seqnext[0] = ntohl(tcp->th_seq);
if ((np->in_apr != NULL) && ((ni->nai_flags & NAT_SLAVE) == 0))
--- 2587,2593 ----
nat->nat_ptr = np;
nat->nat_p = fin->fin_p;
nat->nat_mssclamp = np->in_mssclamp;
! if (nat->nat_p == IPPROTO_TCP && tcp != NULL)
nat->nat_seqnext[0] = ntohl(tcp->th_seq);
if ((np->in_apr != NULL) && ((ni->nai_flags & NAT_SLAVE) == 0))
***************
*** 3678,3704 ****
ifq2 = NULL;
if (nat->nat_p == IPPROTO_TCP && ifq2 == NULL) {
! u_32_t end, ack;
! u_char tcpflags;
! tcphdr_t *tcp;
! int dsize;
! tcp = fin->fin_dp;
! tcpflags = tcp->th_flags;
! dsize = fin->fin_dlen - (TCP_OFF(tcp) << 2) +
! ((tcpflags & TH_SYN) ? 1 : 0) +
! ((tcpflags & TH_FIN) ? 1 : 0);
! ack = ntohl(tcp->th_ack);
! end = ntohl(tcp->th_seq) + dsize;
! if (SEQ_GT(ack, nat->nat_seqnext[1 - fin->fin_rev]))
! nat->nat_seqnext[1 - fin->fin_rev] = ack;
! if (nat->nat_seqnext[fin->fin_rev] == 0)
! nat->nat_seqnext[fin->fin_rev] = end;
! (void) fr_tcp_age(&nat->nat_tqe, fin, nat_tqb, 0);
} else {
if (ifq2 == NULL) {
if (nat->nat_p == IPPROTO_UDP)
--- 3678,3706 ----
ifq2 = NULL;
if (nat->nat_p == IPPROTO_TCP && ifq2 == NULL) {
! if (!fin->fin_off) {
! u_32_t end, ack;
! u_char tcpflags;
! tcphdr_t *tcp;
! int dsize;
! tcp = fin->fin_dp;
! tcpflags = tcp->th_flags;
! dsize = fin->fin_dlen - (TCP_OFF(tcp) << 2) +
! ((tcpflags & TH_SYN) ? 1 : 0) +
! ((tcpflags & TH_FIN) ? 1 : 0);
! ack = ntohl(tcp->th_ack);
! end = ntohl(tcp->th_seq) + dsize;
! if (SEQ_GT(ack, nat->nat_seqnext[1 - fin->fin_rev]))
! nat->nat_seqnext[1 - fin->fin_rev] = ack;
! if (nat->nat_seqnext[fin->fin_rev] == 0)
! nat->nat_seqnext[fin->fin_rev] = end;
! (void) fr_tcp_age(&nat->nat_tqe, fin, nat_tqb, 0);
! }
} else {
if (ifq2 == NULL) {
if (nat->nat_p == IPPROTO_UDP)
