NetBSD Problem Report #38668

From martin@duskware.de  Thu May 15 20:01:45 2008
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id 54D1163B99E
	for <gnats-bugs@gnats.netbsd.org>; Thu, 15 May 2008 20:01:45 +0000 (UTC)
Message-Id: <20080515195329.D008E63B293@narn.NetBSD.org>
Date: Thu, 15 May 2008 19:53:29 +0000 (UTC)
From: degroote@netbsd.org
Reply-To: degroote@netbsd.org
To: netbsd-bugs-owner@NetBSD.org
Subject: fast_ipsec, ipv6 ans socket locking doesn't play well together
X-Send-Pr-Version: www-1.0

>Number:         38668
>Category:       kern
>Synopsis:       fast_ipsec, ipv6 ans socket locking doesn't play well together
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu May 15 20:05:00 +0000 2008
>Closed-Date:    Sat Feb 18 16:23:58 +0000 2012
>Last-Modified:  Sat Feb 18 16:23:58 +0000 2012
>Originator:     A. Degroote
>Release:        4.99.62
>Organization:
>Environment:
GENERIC + FAST_IPSEC 4.99.62
>Description:
When I was hacking fast_ipsec, I notice that current fast_ipsec in ipv6 doesn't work well. It panics when receiving the first packet cyphered.

Some other points. In ipv4, it works well. It fails for ipv6, in tcp/udp/icmp. 

Traceback for the panic :

panic: kernel diagnostic assertion "solocked(sb->sb_so)" failed: file "/home/zul/netbsd-dev/src/sys/sys/socketvar.h", line 335
Stopped in pid 0.24 (system) at netbsd:breakpoint+0x4:  popl    %ebp
db{0}> bt
breakpoint(c0ab509b,c68c0a18,c0ae2400,4,6d8,c0a1dc14,4,0,2c,0) at netbsd:breakpo
int+0x4
panic(c0ac5688,c0a1398c,c0a170bb,c0a170d0,14f,28,c68c0bdc,c015b6d7,c0a1398c,c0a1
70d0) at netbsd:panic+0x1b0
__kernassert(c0a1398c,c0a170d0,14f,c0a170bb,2c,0,c68c0a9c,c051ed3b,c0f7080c,c0ae
05c0) at netbsd:__kernassert+0x39
tcp_input(c0f21b00,28,6,1,c10820c0,c0f742e8,c68c0c7c,c01b4560,c68c0c84,c68c0c8c)
 at netbsd:tcp_input+0x1d37
tcp6_input(c68c0c84,c68c0c8c,6,c68c0c6f,c604ec40,c70ea000,32,0,6,c68c0c84) at ne
tbsd:tcp6_input+0x9a
ipsec6_common_input_cb(c0f21b00,c105f080,28,6,0,c0a1f91c,1f6,c011296d,51,a6c834c
7) at netbsd:ipsec6_common_input_cb+0x160
esp_input_cb(c106febc,c0b82cb0,c604e780,c604ec40,c604ec40,c0113920,0,c01002e1,c6
04ec40,0) at netbsd:esp_input_cb+0x68b
cryptoret(c604ec40,0,c01002cd,0,c01002cd,0,0,0,0,0) at netbsd:cryptoret+0x80

>How-To-Repeat:
Set up an host with fast_ipsec + ipv6. Try to communicate with another host. 

For this test, I use something like that to setup the host (but it is not really relevant IHMO).

#!/bin/sh

A=
B=

# Clean SPD
setkey -FP

# Clean SAD
setkey -F

# Ipcomp policy
#
setkey -c << EOF

add $A $B esp 0xabd9da39 -E aes-cbc 0xb341aa065c3850edd6a61e150d6a5fd3 -A hmac-sha256 0x54f79f479a32814347bb768d3e01b2b58e49ce674ec6e2d327b63408c56ef4e8;

add $B $A esp 0xc9dbb83d -E aes-cbc 0xf7795f6bdd697a43a4d28dcf1b79062d -A hmac-sha256 0x7f48ee352c626cdc2a731b9d90bd63e29db2a9c683044b70b2f4441521b622d6;

add $A $B ipcomp 1004 -m transport -C deflate;
add $B $A ipcomp 1005 -m transport -C deflate;

spdadd $A $B any -P in ipsec ipcomp/transport//use esp/transport//require;
spdadd $B $A any -P out ipsec ipcomp/transport//use esp/transport//require;
EOF

>Fix:
Don't know

>Release-Note:

>Audit-Trail:

State-Changed-From-To: open->feedback
State-Changed-By: drochner@NetBSD.org
State-Changed-When: Wed, 25 Jan 2012 12:27:26 +0000
State-Changed-Why:
MP safety has been fixed in -current (by KERNEL_LOCKs),
do you still see crashes?


From: Arnaud Degroote <arnaud.degroote@laas.fr>
To: gnats-bugs@NetBSD.org
Cc: kern-bug-people@NetBSD.org, netbsd-bugs@NetBSD.org, gnats-admin@NetBSD.org,
        drochner@NetBSD.org, degroote@NetBSD.org
Subject: Re: kern/38668 (fast_ipsec, ipv6 ans socket locking doesn't play
 well together)
Date: Sat, 18 Feb 2012 16:57:49 +0100

 --vkogqOf2sHV7VnPd
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable

 On 25/Jan - 12:27, drochner@NetBSD.org wrote:
 > Synopsis: fast_ipsec, ipv6 ans socket locking doesn't play well together
 >=20
 > State-Changed-From-To: open->feedback
 > State-Changed-By: drochner@NetBSD.org
 > State-Changed-When: Wed, 25 Jan 2012 12:27:26 +0000
 > State-Changed-Why:
 > MP safety has been fixed in -current (by KERNEL_LOCKs),
 > do you still see crashes?
 >=20
 I don't have anymore good environment to test. A quick test in qemu vm
 seems to confirm it has been fixed, so you can close it.

 Thanks


 --vkogqOf2sHV7VnPd
 Content-Type: application/pgp-signature; name="signature.asc"
 Content-Description: Digital signature

 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)

 iQEcBAEBAgAGBQJPP8p9AAoJEAeVGKMo0YKe2YQH/0oxWUkiyvnHVailC+2sgW6V
 dNYtpxdKdEQIel//WkXjxcl05DdYEZR71nYiCiksQlSVptOPQyeasFdLYIiUBOgq
 z0HXE/a/sg5EyHrIbYP3vtjzW5jf5pxLvpnz+3PpPX99XiNLwXIDTJVBnHDNDcmQ
 /yMRSECWDcXl8km9h3cZK4ytq6Y9FMk+P0frrOAqyb9/wkh+TEi70vYReGvpyxGD
 mx6BleKhZrKJkXkDzBUUo1mqDZHupiY/PeRLW3UmAj7GYv+NCYZW7jnzFOklbiHg
 boivl3hh8itoyv6l3ESxwVH1wOkZV+W7WhUOIegfJDEkWcxVcyWv2eLKf2SpnHw=
 =X5JN
 -----END PGP SIGNATURE-----

 --vkogqOf2sHV7VnPd--

State-Changed-From-To: feedback->closed
State-Changed-By: drochner@NetBSD.org
State-Changed-When: Sat, 18 Feb 2012 16:23:58 +0000
State-Changed-Why:
submitter agrees that this is fixed


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.