Date: Wed, 15 May 2002 17:24:25 -0400 (EDT) From: Rich Bud <rbud@fortean.com> To: freebsd-alpha@freebsd.org Subject: natd sig 10 under stable Message-ID: <20020515160407.T28044-100000@nemesis.fortean.com>
next in thread | raw e-mail | index | archive | help
I'm running stable on a 500au, using natd to redirect to a local network.
Recently i've run into a problem where booting a windoze 98 box on the
local net crashes natd at the point someone logs into the desktop. This
happens up through a buildworld on 5/13. I can restart natd after it
crashes and all is well until the 98 box is rebooted. The message is:
chorizo /kernel: pid 403 (natd), uid 0: exited on signal 10 (core dumped)
I logged the traffic from that box through my firewall, and i know what
packet is causing this: it's a udp packet from netbios (137) to my isp's
dns server.
chorizo /kernel: ipfw: 53 Accept UDP 10.0.0.33:137 NN.NN.NN.NN:53 in via dc0
If i put the accept rule before natd's divert rule, i get the expected
'out via xl0' line right after as the packet goes out the external card.
If i put it after, natd crashes.
I ran natd under gdb, and i've appended a small chunk of output below
in case it suggests something obvious, but i don't know what to look for.
Has anyone else run into this, or can anyone give me a hint where to look
next in debugging the problem?
BTW, Craig Burgess posted about a sig 10 in natd back in february under
different conditions. I didn't see any replies, so i'm guessing this is
the same problem...
Many thanks for any ideas,
Rich Bud <rbud@fortean.com>
GDB Output
==========
Program received signal SIGBUS, Bus error.
0x120008614 in AliasHandleQuestion (count=1, q=0x11feb911, pmax=0x11feb926 "", nbtarg=0x11feb838) at /usr/src/lib/libalias/alias_nbt.c:290
290 switch ( ntohs(q->type) ) {
(gdb) ptype q
type = struct {
u_short type;
u_short class;
} *
q = (NBTNsQuestion *) 0x11feb911, q->class = 1, q->type = 0
(gdb) bt
#0 0x120008994 in AliasHandleQuestion (count=1, q=0x11feb911, pmax=0x11feb926 "9qÍK\234BÀ\2159qÍUEú", nbtarg=0x11feb838) at /usr/src/lib/libalias/alias_nbt.c:290
#1 0x120009408 in AliasHandleUdpNbtNS (pip=0x11feb910, link=0x11feb926, alias_address=0x11feb926, alias_port=0x11feb838, original_address=0x12007a088,
original_port=0x0) at /usr/src/lib/libalias/alias_nbt.c:661
#2 0x1200046a8 in UdpAliasOut (pip=0x11feb8e8) at /usr/src/lib/libalias/alias.c:839
#3 0x120005858 in PacketAliasOut (ptr=0x11feb8e8 "E", maxpacketsize=65535) at /usr/src/lib/libalias/alias.c:1429
#4 0x12000102c in DoAliasing (fd=6, direction=2) at /usr/src/sbin/natd/natd.c:519
#5 0x120000b3c in main (argc=301971880, argv=0x6) at /usr/src/sbin/natd/natd.c:372
Here are the parameters going into AliasHandleQuestion():
p = (u_char *) 0x11feb910 ""
nsh->qdcount = 256
pmax = 0x11feb926 "9qÍK\234BÀ\2159qÍUEú"
nbtarg = {oldaddr = {s_addr = 553648138}, oldport = 35072, newaddr = {s_addr = 1699289666}, newport = 35072, uh_sum = 0x11feb902}
Moving out, here's the buffer being processed:
(gdb) frame 4
#4 0x12000102c in DoAliasing (fd=6, direction=2) at /usr/src/sbin/natd/natd.c:519
519 PacketAliasOut (buf, IP_MAXPACKET);
(gdb) print buf
$6 = "E\000\000>5\000\000\000\177\021\237ñ\n\000\000!\030]C@\000\211\0005\000*\227ÿ\000\034\001\000\000\001\000\000\000\000\000\000\000\000\000\001\000\001", '\000' <repeats 16 times>, "9qÍK\234BÀ\2159qÍUEú", '\000' <repeats 60 times>, "isrrdisabled.bin", '\000' <repeats 112 times>, "c\202Sc5\001\0056\004\n\002\001à3\004\000'\215\000\001\004ÿÿà\000\002\004ÿÿ¹°\003\004\n(`\001\004\004\030]CO\a\004\030]COC\020isrrdisabled.binB\01324.93.67.79", '\000' <repeats 16 times>, "ÿ", '\000' <repeats 51015 times>...
Now what?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-alpha" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020515160407.T28044-100000>