Hosting Provided By

kernel/3283: crash 3.3 GENERIC #35 with nmap -f

From: Evan Champion <evanchampion(at)hotmail.com>
Date: Mon Jun 02 2003 - 01:16:48 EDT

>Number: 3283
>Category: kernel
>Synopsis: crash 3.3 GENERIC #35 with nmap -f
>Confidential: yes
net
>Environment:

	System      : OpenBSD 3.3
	Architecture: OpenBSD.i386
	Machine     : i386

>Description:

	repeatable kernel panic using nmap -f.  Apologies for any type-os

but it's very easy to reproduce so hopefully you can see it yourself.

dmesg log:
panic: pool_get(mbpl): free list modified: magic=eeb; page 0xd093f000;item addr 0xd093fd00

ddb trace:

uvm_fault(0xdad6d91c, 0x1000, 0, 1) -> e kernel: page fault trap, code=0
Stopped at m_freem+0x2d: movswl 0x10(%ebx),%eax ddb> trace
m_freem(d093f400,0,10,3,dadac8a8) at m_freem+0x2d sendit(dadac8a8,3,dae60f1c,0,dae60f7c) at sendit+0x2a4 sys_sendto(dadac8a8,dae60f88,dae60f7c,d02d9929,0) at sys_sendto+0x56 syscall() at syscall+0x20d
--- syscall (number 133) ---
0x39015:
>How-To-Repeat:

nmap -f -sS -O 127.0.0.1

	using nmap 3.00 from ports.  crashes every single time.  crash
	only occurs with -f and probe of local system.

	system is basically fresh OpenBSD from current snap (May 30),
	generic kernel #35.  Occurs any time, even right after reboot.
	No extra daemons running.

	running OpenBSD within vmware 4.0.  Since mentions uvm, I do have
	sysctl vm.swapencrypt.enable=1.

>Fix:

>Release-Note:
Received on Mon Jun 2 01:41:27 2003

This message: [ Message body ]
Next message: Theo de Raadt: "Re: system/3278"
Previous message: Erblichs: "uvm_pdaemon.c : 1.4.2.8 : swamping disk"
In reply to marko(at)thetaworld.net: "user/3225: sc-7.15.tgzm the sc when quits kills all parent shells and commands"
Reply: mtoups(at)andrew.cmu.edu: "kernel/3485: crash on boot with certain ServerWorks CSB6 IDE chipsets"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:29:57 EDT

Do you need help?