Segfaults on connection loss
Guus Sliepen
guus at tinc-vpn.org
Thu Jun 26 20:33:01 CEST 2014
On Wed, Jun 25, 2014 at 08:40:08AM +0200, zorun wrote:
> I have been able to trigger this segfault reliably, with Tinc 1.0.24:
>
> 0/ setup your local Tinc node to connect to a remote dual-stacked Tinc
> node (that is, the remote node has both a A and a AAAA record)
>
> 1/ run Tinc in debug mode, "tincd -n NETNAME -D -d 3"
>
> 2/ wait until Tinc establishes a connection with the remote server
> (lots of "Got PACKET from REMOTE (XX.XX.XX.XX port 656)" messages)
>
> 3/ apply an insane amount of delay on your physical interface: "tc
> qdisc del dev eth0 root netem delay 10s"
>
> 4/ wait for Tinc to timeout on a ping. It will then try to reconnect,
> and crash:
I tried to reproduce it, but I do not get a crash. Running it in
valgrind doesn't produce any errors either. One difference I observe
with your log:
> REMOTE (XX.XX.XX.XX port 656) didn't respond to PING in 5 seconds
> Closing connection with REMOTE (XX.XX.XX.XX port 656)
> Sending DEL_EDGE to everyone (BROADCAST)
> UDP address of REMOTE cleared
> UDP address of OTHER_SERVER1 cleared
> UDP address of OTHER_SERVER2 cleared
> UDP address of OTHER_SERVER3 cleared
> UDP address of OTHER_SERVER4 cleared
> Sending DEL_EDGE to everyone (BROADCAST)
> Trying to connect to REMOTE (2001:db8::1 port 656)
> Connected to REMOTE (2001:db8::1 port 656)
> Sending ID to REMOTE (2001:db8::1 port 656)
> Timeout from REMOTE (2001:db8::1 port 656) during authentication
I wonder how you get to this point with the tc qdisc command, because if
I do that then it never gets to the point where it makes a connection to
the other side, because the SYN packets are also delayed 10 seconds. So
I get:
Trying to connect to REMOTE (2606:2800:220:6d:26bf:1447:1097:aa7 port 655)
Connected to REMOTE (2606:2800:220:6d:26bf:1447:1097:aa7 port 655)
Sending ID to REMOTE (2606:2800:220:6d:26bf:1447:1097:aa7 port 655)
Timeout from REMOTE (2606:2800:220:6d:26bf:1447:1097:aa7 port 655) during authentication
Another difference is that you have 4 other nodes connected to the VPN,
what happens if those are not running when you do this test?
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc-devel/attachments/20140626/5bef96d9/attachment.sig>
More information about the tinc-devel
mailing list