Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath

To: gnats-bugs%NetBSD.org@localhost
Subject: Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath
From: Dominik Bialy <dmb%yenn.ulegend.net@localhost>
Date: Sat, 17 Jun 2017 10:25:33 +0200

On Fri, Jun 16, 2017 at 11:05:01PM +0000, Christos Zoulas wrote:
> The following reply was made to PR kern/52304; it has been noted by GNATS.
> 
> From: christos%zoulas.com@localhost (Christos Zoulas)
> To: gnats-bugs%NetBSD.org@localhost, kern-bug-people%netbsd.org@localhost, 
> 	gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
> Cc: 
> Subject: Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath
> Date: Fri, 16 Jun 2017 19:03:20 -0400
> 
>  On Jun 16, 10:40pm, dmb%yenn.ulegend.net@localhost (dmb%yenn.ulegend.net@localhost) wrote:
>  -- Subject: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepat
>  
>  | >Number:         52304
>  | >Category:       kern
>  | >Synopsis:       8.0_BETA panics on ipsec traffic
>  | >Confidential:   yes
>  | >Severity:       serious
>  | >Priority:       high
>  | >Responsible:    kern-bug-people
>  | >State:          open
>  | >Class:          sw-bug
>  | >Submitter-Id:   net
>  | >Arrival-Date:   Fri Jun 16 22:40:00 +0000 2017
>  | >Originator:     Dominik Bialy
>  | >Release:        NetBSD 8.0_BETA
>  | >Organization:
>  | Underlegend Networks
>  | >Environment:
>  | System: NetBSD yenn 8.0_BETA NetBSD 8.0_BETA (YENN) #2: Thu Jun 15 05:53:36 UTC 2017 builds@yenn:/var/obj/sys/arch/amd64/compile/YENN amd64
>  | Architecture: x86_64
>  | Machine: amd64
>  | >Description:
>  | 	The machine couldn't survive more than a few minutes of exposing on the internet.
>  | 	I found that the cause was the ipsec traffic.
>  | 
>  | 	Here's a picture of ddb running (forgot "bt", sorry):
>  | 
>  | https://www.dropbox.com/s/jxtktcs69ou7pxz/20170615_150358.jpg?dl=0
>  | 
>  | 	sys/netinet/tcp_input.c, line 1838
>  | 
>  | >How-To-Repeat:
>  | 	Use ipsec on 8 BETA?  Or maybe use NetBSD 6 configs for ipsec on NetBSD 8.
>  | >Fix:
>  | 	No idea.  Don't start ipsec to mitigate the bug.
>  
>  inp is probably NULL; can you please amend the assert not to fire if
>  inp == NULL?
>  
>  christos
>  
Thank you for your reply, Christos -- this machine is pretty much
"production", so I can't restart for now...

Dominik

References:
- Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath
  - From: Christos Zoulas

Prev by Date: Re: port-amd64/51134 (Random shutdown (power button pressed) inside VirtualBox 5 on Windows 7)
Next by Date: Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath
Previous by Thread: Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath
Next by Thread: Re: kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath
Indexes:

Home | Main Index | Thread Index | Old Index