the systemtap script below can be used to monitor the dst count for all
net namespaces.  When any of the counts goes significantly negative
(more than 32 * CPUS negative) it indicates this bug is reproduced -
meaning, the count from one net namespace was incorrectly shifted to
another net namespace, and once that happens enough times one (or more)
net namespaces have a count that goes negative (which is not possible).
Other net namespaces have counts that are much higher than they should
be.  Note this script is just for ipv4, but the bug exists for ipv6 also
(and the patch fixes ipv6 also).


global dst_count

probe kernel.function("xfrm_resolve_and_create_bundle") {
  if ($family == 2) {
    dst_count[&$pols[0]->xp_net] = 

probe timer.sec(1) {
  foreach (c in dst_count) {
    printf("%ld ", dst_count[c])

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  using ipsec, many connections result in no buffer space error

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to