[Dibbler-devel] Dibbler client crashes if address is duplicate

Mircea Ciocan mirceac at gmail.com
Mon Jul 25 13:39:50 CEST 2016


Another back trace of same core, this time full, it seem to be more useful:
(gdb) bt full
#0  0x0000000000000000 in ?? ()
No symbol table info available.
#1  0x0000000000492db2 in TMsg::getSize (this=0x20f6f20) at Msg.cpp:71
        pktsize = 14
        opt = {ptr = }
#2  0x000000000042a92e in TClntMsg::send (this=0x20f6f20) at ClntMsg.cpp:349
        pkt = 0x20f7700 ""
        ptrIface = {ptr = 0x20f6f38}
#3  0x0000000000439f42 in TClntMsgRequest::TClntMsgRequest (this=0x20f6f20,
IAs=..., srvDUID=..., iface=23) at ClntMsgRequest.cpp:171
        ptr = {ptr = 0x20f6fe0}
        ClntAddrIA = {ptr = 0x20f70b0}
#4  0x0000000000412ce9 in TClntTransMgr::checkDecline (this=0x20f5af0) at
ClntTransMgr.cpp:1223
        decline = {ptr = 0x20f7210}
        ptrIface = {ptr = 0x20f4dd0}
        duid = {ptr = 0x20f7650}
        request = {ptr = 0x20f7950}
        declineIALst = {lista = std::list = {[0] = {ptr = 0x20f6390}}, it =
{ptr = }}
        firstIA = {ptr = 0x20f6390}
        ptrIA = {ptr = 0x20f7110}
#5  0x000000000040dd63 in TClntTransMgr::doDuties (this=0x20f5af0) at
ClntTransMgr.cpp:479
        msg = {ptr = 0x20f72f0}
#6  0x000000000040716d in TDHCPClient::run (this=0x7ffdaa325880) at
./Misc/DHCPClient.cpp:168
        timeout = 1
        msg = {ptr = 0x20f6ce0}
        msg = {ptr = 0x20f61c0}
#7  0x00000000004061b0 in run () at ./Port-linux/dibbler-client.cpp:116
        client = {IsDone_ = false, linkstates = {ifindex = {0 <repeats 16
times>}, stat = {0 <repeats 16 times>}, cnt = 0}}
#8  0x000000000040667f in main (argc=4, argv=0x7ffdaa325ac8) at
./Port-linux/dibbler-client.cpp:182
        result = -1
        command = 0x7ffdaa327825 "run"


On Fri, Jul 22, 2016 at 4:29 PM, Tomek Mrugalski <thomson at klub.com.pl>
wrote:

> On 22/07/16 11:45, Mircea Ciocan wrote:
> > Hello all, I have deployed the dibbler client in a moderately large
> > network using ISC DHCP server version 4.1.1 and for some weeks all
> > worked OK, but now I have the following problem:
> >
> > In some specific situations the dibbler-client dies without a trace, and
> > the only messages I have in the DHCP server log:
> >
> > Jul 21 09:59:24 dhcpd: Client XXXX releases address YYYY
> > Jul 21 10:00:20 dhcpd: Client XXXX reports address YYYY is already in
> > use by another host!
> > Jul 21 10:32:39 dhcpd: Client XXXX reports address YYYY is already in
> > use by another host!
> >
> > Afterwards, the dibbler-client suddenly dies, and the device is left
> > without any valid IPv6 address, thus is becoming unreachable :(.
> What do you mean by "dies"? Segfaults or terminates silently?
>
> This should be relatively easy to reproduce: configure your server with
> a very small pool of one address and then configure manually this
> address on the server's interface. The client will get this address and
> should trigger the DAD routine.
>
> > As far as my research was able to discover could be a situation similar
> > to this one:
> >
> > http://comments.gmane.org/gmane.network.dhcp.isc.dhcp-client/8957
> >
> > While having duplicate DUIDs in a network is a bad thing, but sometimes
> > this is happening and the client service should not crash but reject the
> > address, this seem to be a bug.
> True. Out of curiosity, what was the reason for duplicate DUIDs to
> appear? Cloned VM, cheap NICs that happen to have the same address or
> something else?
>
> > Tomasz or anybody that knows the code base organisation, could you
> > kindly point me to the C++ module that deals with this condition to try
> > to see what is happening and what leads to the crash ?
> The actual determination if address is duplicated is check in
> is_addr_tentative function in Port-linux/lowlevel-linux.c. You can grep
> *.cpp sources to find where this function is called from. The areas you
> should look at will are:
>
> AddrMgr/AddrIA.cpp:447
> ClntAddrMgr/ClntAddrMgr.cpp:371
> ClntCfgMgr/ClntCfgMgr.cpp:230 and 842
>
> If dibbler-client segfaults, you can set ulimit -c 9999999999 and then
> dibbler will dump the core, which can be inspected with gdb. If that is
> the case, please send me the backtrace of it (bt command in gdb).
>
> If dibbler quits silently, there may be another cause. Dibbler uses
> imported code from iproute tools that I don't fully understand. There's
> a lot of exit() calls in it. One possibility is that those pieces of the
> code are somehow triggered.
>
> Good luck,
> Tomek
>
> _______________________________________________
> Dibbler-devel mailing list
> Dibbler-devel at klub.com.pl
> http://klub.com.pl/cgi-bin/mailman/listinfo/dibbler-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://klub.com.pl/pipermail/dibbler-devel/attachments/20160725/df1e7a08/attachment-0001.html>


More information about the Dibbler-devel mailing list