Date: Thu, 19 Feb 2015 12:02:05 -0600 From: Dan Lists <lists.dan@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: FreeBSD 10.1 Kernel Panic (DoS?) Message-ID: <CAPW8bZ3gk8_GEqFkn7ukrtb54%2BMJNVReGADBj=V5HfOYhXRzdQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I recently installed FreeBSD 10.1 on a server, and I am having frequent
kernel panics. It looks like the problem is in the ipf code. Possibly in
the handling of fragments. This could be a DoS.
Some information from the core.txt is below. I have not included the
entire thing as it is 25,000 lines. I would appreciate some help debugging
this issue. I can provide additional information if necessary. Thanks in
advance for your help!
FreeBSD name.changed 10.1-RELEASE-p5 FreeBSD 10.1-RELEASE-p5 #0: Tue Jan 27
04
Fatal trap 9: general protection fault while in kernel mode
cpuid = 10; apic id = 34
instruction pointer = 0x20:0xffffffff80d22bc8
stack pointer = 0x28:0xfffffe00002ad5b0
frame pointer = 0x28:0xfffffe00002ad690
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 12 (irq256: bce0)
trap number = 9
panic: general protection fault
cpuid = 10
KDB: stack backtrace:
#0 0xffffffff80963000 at kdb_backtrace+0x60
#1 0xffffffff80928125 at panic+0x155
#2 0xffffffff80d24f1f at trap_fatal+0x38f
#3 0xffffffff80d24b7c at trap+0x75c
#4 0xffffffff80d0a782 at calltrap+0x8
#5 0xffffffff81a1e4f1 at ipf_frag_known+0x51
#6 0xffffffff81a37818 at ipf_check+0x308
#7 0xffffffff809f5324 at pfil_run_hooks+0x84
#8 0xffffffff80a5526e at ip_input+0x2fe
#9 0xffffffff809f44e2 at netisr_dispatch_src+0x62
#10 0xffffffff809eb996 at ether_demux+0x126
#11 0xffffffff809ec63e at ether_nh_input+0x35e
#12 0xffffffff809f44e2 at netisr_dispatch_src+0x62
#13 0xffffffff80485967 at bce_intr+0x6e7
#14 0xffffffff808faf4b at intr_event_execute_handlers+0xab
#15 0xffffffff808fb396 at ithread_loop+0x96
#16 0xffffffff808f8b6a at fork_exit+0x9a
#17 0xffffffff80d0acbe at fork_trampoline+0xe
Uptime: 19h31m40s
Dumping 1282 out of 16347
MB:..2%..12%..22%..32%..42%..52%..62%..72%..82%..92%
Reading symbols from /boot/kernel/ipl.ko.symbols...done.
Loaded symbols for /boot/kernel/ipl.ko.symbols
Reading symbols from /boot/kernel/ums.ko.symbols...done.
Loaded symbols for /boot/kernel/ums.ko.symbols
Reading symbols from /boot/kernel/ipfw.ko.symbols...done.
Loaded symbols for /boot/kernel/ipfw.ko.symbols
#0 doadump (textdump=<value optimized out>) at pcpu.h:219
219 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) #0 doadump (textdump=<value optimized out>) at pcpu.h:219
#1 0xffffffff80927da2 in kern_reboot (howto=260)
at /usr/src/sys/kern/kern_shutdown.c:452
#2 0xffffffff80928164 in panic (fmt=<value optimized out>)
at /usr/src/sys/kern/kern_shutdown.c:759
#3 0xffffffff80d24f1f in trap_fatal (frame=<value optimized out>,
eva=<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:865
#4 0xffffffff80d24b7c in trap (frame=<value optimized out>)
at /usr/src/sys/amd64/amd64/trap.c:203
#5 0xffffffff80d0a782 in calltrap ()
at /usr/src/sys/amd64/amd64/exception.S:232
#6 0xffffffff80d22bc8 in bcmp () at /usr/src/sys/amd64/amd64/support.S:82
#7 0xffffffff81a1e2f2 in ipf_frag_lookup ()
at
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/ip_frag.c:67
#8 0xffffffff81a1e4f1 in ipf_frag_known (fin=0xfffffe00002ad708,
passp=0xfffffe00002ad704)
at
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/ip_frag.c:85
#9 0xffffffff81a37818 in ipf_check (ctx=0xffffffff81a57688,
ip=<value optimized out>, hlen=<value optimized out>,
ifp=<value optimized out>, out=0, mp=0xfffffe00002ad868)
at
/usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/fil.c:3025
#10 0xffffffff809f5324 in pfil_run_hooks (ph=0xffffffff8164cef8,
mp=0xfffffe00002ad8f0, ifp=0xfffff800085bb800, dir=1, inp=0x0)
at /usr/src/sys/net/pfil.c:82
#11 0xffffffff80a5526e in ip_input (m=0xfffff8002b5dfd00)
at /usr/src/sys/netinet/ip_input.c:488
#12 0xffffffff809f44e2 in netisr_dispatch_src (proto=<value optimized out>,
source=<value optimized out>, m=0x1) at /usr/src/sys/net/netisr.c:972
#13 0xffffffff809eb996 in ether_demux (ifp=<value optimized out>,
m=0xfffff8002b5dfd00) at /usr/src/sys/net/if_ethersubr.c:851
#14 0xffffffff809ec63e in ether_nh_input (m=<value optimized out>)
at /usr/src/sys/net/if_ethersubr.c:646
#15 0xffffffff809f44e2 in netisr_dispatch_src (proto=<value optimized out>,
source=<value optimized out>, m=0x1) at /usr/src/sys/net/netisr.c:972
#16 0xffffffff80485967 in bce_intr (xsc=0xfffffe0000e62000)
at /usr/src/sys/dev/bce/if_bce.c:6828
#17 0xffffffff808faf4b in intr_event_execute_handlers (
p=<value optimized out>, ie=0xfffff800085ea300)
at /usr/src/sys/kern/kern_intr.c:1263
#18 0xffffffff808fb396 in ithread_loop (arg=0xfffff80008626940)
at /usr/src/sys/kern/kern_intr.c:1276
#19 0xffffffff808f8b6a in fork_exit (
callout=0xffffffff808fb300 <ithread_loop>, arg=0xfffff80008626940,
frame=0xfffffe00002adc00) at /usr/src/sys/kern/kern_fork.c:996
#20 0xffffffff80d0acbe in fork_trampoline ()
at /usr/src/sys/amd64/amd64/exception.S:606
#21 0x0000000000000000 in ?? ()
Current language: auto; currently minimal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPW8bZ3gk8_GEqFkn7ukrtb54%2BMJNVReGADBj=V5HfOYhXRzdQ>