From nobody@FreeBSD.ORG  Fri May 19 20:45:23 2000
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id E451237B5D5; Fri, 19 May 2000 20:45:23 -0700 (PDT)
Message-Id: <20000520034523.E451237B5D5@hub.freebsd.org>
Date: Fri, 19 May 2000 20:45:23 -0700 (PDT)
From: tjohnson@csgrad.cs.vt.edu
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@FreeBSD.org
Subject: mrouted and IPDIVERT cause a panic
X-Send-Pr-Version: www-1.0

>Number:         18687
>Category:       kern
>Synopsis:       mrouted and IPDIVERT cause a panic
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 19 20:50:01 PDT 2000
>Closed-Date:    Thu Nov 15 20:51:39 PST 2001
>Last-Modified:  Thu Nov 15 20:51:58 PST 2001
>Originator:     Tommy Johnson
>Release:        FreeBSD 4.0
>Organization:
just me...
>Environment:
FreeBSD teryx.cuscus.com 4.0-RELEASE FreeBSD 4.0-RELEASE #6: Thu May 18 20:00:13 EDT 2000     protius@zarquon.cuscus.com:/usr/src/sys/compile/TERYX  i386

(SMP, dual pentium-100)
It was also duplicated on a FreeBSD 3.4 machine
>Description:
The system panics when mrouted is run when IPDIVERT is enabled.
This is for my gateway machine...
this is from FreeBSD 4.0,

Final words (retyped, from spectaculary bad handwriting...)

page fault in kernel mode
mp_lock=01000002 cpuid=1 lapicid=01000000
fault virtual addr=0x640232
fault code    supervisor read, page not present
IP     0x8:0xc01b0716
SP    0x10:0xff80ddb4
FP    0x10:0xff80ddbc
Code Segment  base 0x0, limit 0xfffff type 0x1b
              OPL 0, pres 1, def32 1 gran 1
eflags:     interupt enabled, resume, IOPL=0
process:   idle
interupt mask   =  <- SMP:XXX
kernel: type 12 trap,code =0
stopped at divert_packet_0x8a  movsml 0x22(%eax),%eax

trace back:
divert_packet
ip_output
tbf_send_packet      
tbf_control
encap_send
ip_mdq
X_ip_mforward
ip_input
ipintr
swi_net_next  
>How-To-Repeat:
Compile a kernel with:
options IPFIREWALL
options IPDIVERT
options IPFILTER
options MROUTING

Get NAT running.
Build yourself a tunnel to another computer.  Run a few copies of vic.
It should crash within a minute.

>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: mike 
State-Changed-When: Sat Jul 21 19:39:05 PDT 2001 
State-Changed-Why:  

Does this problem still occur in newer versions of FreeBSD, 
such as 4.3-RELEASE? 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=18687 
State-Changed-From-To: feedback->closed 
State-Changed-By: mike 
State-Changed-When: Thu Nov 15 20:51:39 PST 2001 
State-Changed-Why:  

Timeout; no response from originator. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=18687 
>Unformatted:
