Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Sep 2010 11:14:26 +0300
From:      Berk Gulenler <gulenler@boun.edu.tr>
To:        freebsd-questions@freebsd.org
Subject:   Page Fault While in Kernel Mode (IPNAT)
Message-ID:  <4CA05262.3040405@boun.edu.tr>

next in thread | raw e-mail | index | archive | help
Hi, I have a firewall for NAT operations only. While doing NAT, server 
crashes. Below you can find the required info about my problem. Thanks.

Some useful info about my NAT server:

FreeBSD xxx.cc.boun.edu.tr 7.3-RELEASE FreeBSD 7.3-RELEASE #2: Fri Sep 
17 15:09:54 EEST 2010 xxx@xxx.cc.boun.edu.tr:/usr/obj/usr/src/sys/FW  i386

bge0: <HP NC7782 Gigabit Server Adapter, ASIC rev. 0x002100> mem 
0xfdef0000-0xfdefffff irq 25 at device 1.0 on pci3
bge1: <HP NC7782 Gigabit Server Adapter, ASIC rev. 0x002100> mem 
0xfdee0000-0xfdeeffff irq 26 at device 1.1 on pci3

net.inet.ipf.ipf_natrules_sz: 127
net.inet.ipf.ipf_nattable_sz: 300000

513/897/1410 mbufs in use (current/cache/total)
512/540/1052/0 mbuf clusters in use (current/cache/total/max)
512/512 mbuf+clusters out of packet secondary zone in use (current/cache)
0/5/5/12800 4k (page size) jumbo clusters in use (current/cache/total/max)
0/0/0/6400 9k jumbo clusters in use (current/cache/total/max)
0/0/0/3200 16k jumbo clusters in use (current/cache/total/max)
1152K/1324K/2476K bytes allocated to network (current/cache/total)
0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
0/0/0 requests for jumbo clusters denied (4k/9k/16k)
0/5/6656 sfbufs in use (current/peak/max)
0 requests for sfbufs denied
0 requests for sfbufs delayed
0 requests for I/O initiated by sendfile
0 calls to protocol drain routines

mapped    in    183625863    out    126618997
added    2265807    expired    1350387
no memory    8899    bad nat    12314
inuse    13690
orphans    0
rules    49
wilds    0
hash efficiency    97.64%
bucket usage    4.46%
minimal length    0
maximal length    3
average length    1.024
TCP Entries per state
      0     1     2     3     4     5     6     7     8     9    10    11
     42  2236    51   417  3311   348   200    23    20     0  3763   729

Debug info:

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you 
are
welcome to change it and/or distribute copies of it under certain 
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address    = 0x4
fault code        = supervisor read, page not present
instruction pointer    = 0x20:0x8593c94b
stack pointer            = 0x28:0x853488dc
frame pointer            = 0x28:0x85348958
code segment        = base 0x0, limit 0xfffff, type 0x1b
             = DPL 0, pres 1, def32 1, gran 1
processor eflags    = interrupt enabled, resume, IOPL = 0
current process        = 25 (irq26: bge1)
trap number        = 12
panic: page fault
cpuid = 0
Uptime: 2d0h6m24s
Physical memory: 2035 MB
Dumping 335 MB: 320 304 288 272 256 240 224 208 192 176 160 144 128 112 
96 80 64 48 32 16

Reading symbols from /boot/kernel/acpi.ko...Reading symbols from 
/boot/kernel/acpi.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/acpi.ko
Reading symbols from /boot/kernel/ipl.ko...Reading symbols from 
/boot/kernel/ipl.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/ipl.ko
#0  doadump () at pcpu.h:196
196        __asm __volatile("movl %%fs:0,%0" : "=r" (td));

####################################################################################################### 


#0  doadump () at pcpu.h:196
#1  0x80746017 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418
#2  0x807462e9 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:574
#3  0x8097483c in trap_fatal (frame=0x8534889c, eva=4) at 
/usr/src/sys/i386/i386/trap.c:950
#4  0x80974aa0 in trap_pfault (frame=0x8534889c, usermode=0, eva=4) at 
/usr/src/sys/i386/i386/trap.c:863
#5  0x80975459 in trap (frame=0x8534889c) at 
/usr/src/sys/i386/i386/trap.c:541
#6  0x8095915b in calltrap () at /usr/src/sys/i386/i386/exception.s:166
#7  0x8593c94b in nat_new (fin=0x853489c0, np=0x855ee800, natsave=0x0, 
flags=Variable "flags" is not available.
) at 
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/ip_nat.c:2577
#8  0x8593cf04 in fr_checknatout (fin=0x853489c0, passp=0x85348a6c) at 
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/ip_nat.c:3828
#9  0x85959c6c in fr_check (ip=0x873c0810, hlen=20, ifp=0x855b7400, 
out=1, mp=0x85348ab8)
     at 
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/fil.c:2624
#10 0x859517be in fr_check_wrapper (arg=0x0, mp=0x85348ab8, 
ifp=0x855b7400, dir=2)
     at 
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/ip_fil_freebsd.c:178 

#11 0x807f5708 in pfil_run_hooks (ph=0x80b026e0, mp=0x85348b44, 
ifp=0x855b7400, dir=2, inp=0x0) at /usr/src/sys/net/pfil.c:78
#12 0x8080ea72 in ip_output (m=0x85b2a800, opt=0x0, ro=0x85348b7c, 
flags=1, imo=0x0, inp=0x0) at /usr/src/sys/netinet/ip_output.c:443
#13 0x8080bb04 in ip_forward (m=0x85b2a800, srcrt=0) at 
/usr/src/sys/netinet/ip_input.c:1366
#14 0x8080d0b0 in ip_input (m=0x85b2a800) at 
/usr/src/sys/netinet/ip_input.c:609
#15 0x807f3ea5 in netisr_dispatch (num=2, m=0x85b2a800) at 
/usr/src/sys/net/netisr.c:185
#16 0x807e7b51 in ether_demux (ifp=0x855b7400, m=0x85b2a800) at 
/usr/src/sys/net/if_ethersubr.c:834
#17 0x807e7f43 in ether_input (ifp=0x855b7400, m=0x85b2a800) at 
/usr/src/sys/net/if_ethersubr.c:692
#18 0x80529582 in bge_rxeof (sc=0x855c4000, rx_prod=317, holdlck=1) at 
/usr/src/sys/dev/bge/if_bge.c:3392
#19 0x8052b602 in bge_intr (xsc=0x855c4000) at 
/usr/src/sys/dev/bge/if_bge.c:3653
#20 0x8072285b in ithread_loop (arg=0x855b97a0) at 
/usr/src/sys/kern/kern_intr.c:1181
#21 0x8071eff9 in fork_exit (callout=0x807226b0 <ithread_loop>, 
arg=0x855b97a0, frame=0x85348d38) at /usr/src/sys/kern/kern_fork.c:811
#22 0x809591d0 in fork_trampoline () at 
/usr/src/sys/i386/i386/exception.s:271

####################################################################################################### 


0x8593c94b is in nat_new 
(/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/ip_nat.c:2577). 

2572        nat->nat_ifps[1] = np->in_ifps[1];
2573        nat->nat_ptr = np;
2574        nat->nat_p = fin->fin_p;
2575        nat->nat_mssclamp = np->in_mssclamp;
2576        if (nat->nat_p == IPPROTO_TCP)
2577            nat->nat_seqnext[0] = ntohl(tcp->th_seq);
2578
2579        if ((np->in_apr != NULL) && ((ni->nai_flags & NAT_SLAVE) == 0))
2580            if (appr_new(fin, nat) == -1)
2581                return -1;

-- 
Berk Gulenler
System Administrator
Bogazici University Computer Center

Phone:  +90 212 359 47 16
Fax:    +90 212 257 50 21
E-mail: gulenler@boun.edu.tr




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CA05262.3040405>