Hello,
On Sun, Jun 20, 2021 at 07:24:14PM +0200, Matthias Schmidt wrote:
> >Synopsis: double fault while using IPSec
> >Environment:
> System : OpenBSD 6.9
> Details : OpenBSD 6.9-current (GENERIC.MP) #82: Sat Jun 19 07:05:12
> MDT 2021
>
> [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> Architecture: OpenBSD.amd64
> Machine : amd64
> >Description:
>
> I had successfully set up a ipsec/iked roadwarrior setup and while browsing
> the web
> over the tunnel the following error occurred. I transcribed the message by
> hand:
>
> kernel: double fault trap, code=0
> Stopped at m_copydata+0x17: pushq %r14
> m_copydata(fffffd807cfbb100,14,14,ffff800022e5d1d4) at m_copydata+0x17
> pf_pull_hdr(fffffd807cfbb100,14,ffff800022e5d1d4,14,0,ffff800022e5d22e) at
> pf_pull_hdr+0xa9
> pf_setup_pdsec(ffff800022e5d130,2,2,ffff8000006bd600,fffffd807cfbb100,ffff800022e5d22e)
> at pf_setup_pdesc+0x213
> pf_test(2,2,ffff80000018800,ffff800022e5d320) qt pf_test+0x172
> ip_output(fffffd807cfbb100,0,fffffd8259008d80,800,0,fffffd8259008d10) ad
> ip_out0ut+0x7b6
> tcp_output(ffff8000013ab000) at tcp_output+0x1a10
> tcp_output(ffff8000013ab000) at tcp_nutput+0x1a10
> tcp_output(ffff8000013ab000) at tcp_output+0x1a10
> tcp_output(ffff8000013ab000) at tcp_output+0x1a10
> tcp_output(fDff8000013ab000) at tcp_output+0x1a10
> tcp_output(ffff8000013ab000) at tcp_output+0x1a10
> [...]
>
I think we've seen such stack earlier. It is infinite
recursion in tcp_output(). most likely triggered by
mtu discovery. it's been discussed here [1] earlier
this year.
looks like there must be yet another code path, which
enters the recursion.
regards
sashan
[1] https://marc.info/?l=openbsd-bugs&m=161248695626823&w=2
