NetBSD Problem Report #59929

From root@netbsd.org  Sun Jan 18 09:02:45 2026
Return-Path: <root@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "mail.netbsd.org", Issuer "R13" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 3B2931A923D
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 18 Jan 2026 09:02:45 +0000 (UTC)
Message-Id: <20260118090243.836D142C96@shadow.netbsd.org>
Date: Sun, 18 Jan 2026 09:02:43 +0000 (UTC)
From: spz@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: blocklistd stops working with 'no message (Message too long)'
X-Send-Pr-Version: 3.95
X-From4GNATS: "spz@NetBSD.org via gnats" <gnats-admin@NetBSD.org>

>Number:         59929
>Category:       bin
>Synopsis:       blocklistd stops working with 'no message (Message too long)'
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jan 18 09:05:00 +0000 2026
>Last-Modified:  Wed Mar 04 19:40:01 +0000 2026
>Originator:     S.P.Zeidler
>Release:        NetBSD 11.0_BETA
>Organization:
	TNF
>Environment:
System: NetBSD shadow.netbsd.org 11.0_BETA NetBSD 11.0_BETA (SHADOW) #0: Thu Nov 6 06:19:38 UTC 2025 spz@franklin.NetBSD.org:/home/netbsd/11/amd64/obj/sys/arch/amd64/compile/SHADOW amd64
Architecture: x86_64
Machine: amd64

also happens on NetBSD 11.0_BETA/sparc64 with Jan 11th netbsd-11

>Description:
syslog says:
Jan  1 08:03:53 shadow blocklistd[1439]: processing type=1 fd=1020 remote=209.97.134.59:467
46 msg="ssh" uid=0 gid=0
Jan  1 08:03:53 shadow blocklistd[1439]: blocked 209.97.134.59/32:22 for 3600 seconds
Jan  1 08:08:35 shadow blocklistd[1439]: processing type=1 fd=1021 remote=199.233.217.206:6
5249 msg="sshd" uid=0 gid=0
Jan  1 08:11:27 shadow blocklistd[1439]: processing type=1 fd=1022 remote=2.57.121.112:1919
0 msg="ssh" uid=0 gid=0
Jan  1 08:11:44 shadow blocklistd[1439]: processing type=1 fd=1023 remote=45.148.10.121:356
02 msg="ssh" uid=0 gid=0
Jan  1 08:13:35 shadow blocklistd[1439]: no message (Message too long)
Jan  1 08:17:36 shadow blocklistd[1439]: no message (Message too long)
Jan  1 08:17:36 shadow blocklistd[1439]: no message (Message too long)
Jan  1 08:17:36 shadow blocklistd[1439]: no message (Message too long)
Jan  1 08:22:35 shadow blocklistd[1439]: popen /libexec/blocklistd-helper failed (Too many 
open files)
Jan  1 08:22:35 shadow blocklistd[1439]: released 193.32.162.151/32:22 after 3600 seconds
Jan  1 08:23:35 shadow blocklistd[1439]: no message (Message too long)
Jan  1 08:25:07 shadow blocklistd[1439]: no message (Message too long)
Jan  1 08:28:36 shadow blocklistd[1439]: no message (Message too long)

and no more blockable 'explorers' get blocked. Note the fd growing monotonical and
the dysfunction appearing when the descriptors limit is reached.

>How-To-Repeat:
	wait, be 'explored'
>Fix:


>Audit-Trail:
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/59929 CVS commit: [netbsd-11] src/external/bsd/blocklist
Date: Wed, 4 Mar 2026 19:35:10 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Wed Mar  4 19:35:10 UTC 2026

 Modified Files:
 	src/external/bsd/blocklist/bin [netbsd-11]: blocklistd.c
 	    blocklistd.conf.5 run.c support.c
 	src/external/bsd/blocklist/port [netbsd-11]: popenve.c

 Log Message:
 Pull up the following revisions, requested by christos in ticket #194:

 	external/bsd/blocklist/bin/blocklistd.c         up to 1.15
 	external/bsd/blocklist/bin/blocklistd.conf.5    up to 1.9
 	external/bsd/blocklist/bin/run.c                up to 1.4
 	external/bsd/blocklist/bin/support.c            up to 1.4
 	external/bsd/blocklist/port/popenve.c           up to 1.3

 PR 59929: fix a filedescriptor leak.


 To generate a diff of this commit:
 cvs rdiff -u -r1.10.2.1 -r1.10.2.2 \
     src/external/bsd/blocklist/bin/blocklistd.c
 cvs rdiff -u -r1.7 -r1.7.2.1 src/external/bsd/blocklist/bin/blocklistd.conf.5
 cvs rdiff -u -r1.3 -r1.3.2.1 src/external/bsd/blocklist/bin/run.c \
     src/external/bsd/blocklist/bin/support.c
 cvs rdiff -u -r1.2 -r1.2.2.1 src/external/bsd/blocklist/port/popenve.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2026 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.