segfaults #13
Comments
|
Hello. I have same problem with segmentation fault. When i try telnet mmproxy host, on host mmproxy crash and wrote in stdout - "Segmentation fault". |
|
I'm afraid I will need to see gdb backtrace. run mmproxy under gdb and type "bt" once it crashes. |
Thank you! I will do so and commit the backtrace. Please stand by. |
|
Hello! I did what you have asked for and was able to reproduce a crash, but unfortunately with no backtrace (see output from gdb): |
|
Oh! Interesting! This might be a seccomp bug. Please disable seccomp with "--do-not-sandbox", and run "strace -C" on the running mmproxy for a while and show the output. https://github.com/cloudflare/mmproxy/blob/master/src/main.c#L564-L601 |
|
Hello! I'm back from holyday - sorry that you had to wait for my reply. I did what you have asked for and was not able to reproduce a crash with the --do-not-sandbox parameter, but I think I remember that I have tried this parameter before and the process also crashed after a while. Unfortunately, the process sometimes crashes after a few seconds/minutes and sometimes after hours. This is what I did now: Find the output of "strace -C" (running for 5 minutes with multiple concurrent connections) attached: Thank you for your help! Your suppor is really appriciated! |
|
Another possibility is that bad data is being passed in the proxy headers. I saw this during some initial testing where the proxy headers I created had bad data in them (I let comma delimited data slip through in the IP address). The validation of 'bad' data in the mmproxy code is fairly limited from what I saw. |
|
Tiny update from my side: Despite I was not able to reproduce the behaviour manually by running mmproxy with gdb within an adequate time, the mmproxy still keeps crashing when running as a daemon and while using the --do-not-sandbox parameter for multiple times a day. Any thoughts on that or anything I can do to sort that out? Your help is very appriciated! Thank's in advance! |
|
I am having the same issue and can not seem to find a cause or a solution. I have tried everything mentioned here without any luck. The software is very useful but I can not continue using it for much longer if I can't get this issue nipped. I would try to diagnose it myself but I do not really have much experience with software like this. I would really appreciate any more possible solutions that anyone can suggest. I am still unsure if it's a problem with the software or just user error on my end. |
|
I am in the same boat as @Rar349. I found another version that seems to work at https://github.com/path-network/go-mmproxy if it helps anyone. |
|
That looks fantastic and I'm a huge Go fan. Thank you @lindafarley !!! It's significantly faster as well. |
|
Try 53ee896 fix |
|
Thank you very much for providing this fix! I've installed the new version now on a server, where we see multiple crashes every day. Will keep you up to date about the further behaviour at the end of the week. |
|
I downloaded and compiled the new version, including the fix, and then installed it. Unfortunately the process still crashes multiple times per hour and restarts due to systemd. |
|
ok, then it must be the seccomp filter |
What does that mean for this issue/case? Can I do or try something? |
It cannot be the seccomp filter because it was disabled with @Abraxas0 Can you please compile mmproxy with |
We do no longer use this software, as it was not stable in production and this issue has been reported two years ago. We had the urgent need for a working solution. Anyway, thank you for your reply on this issue and your offer of support. |
May I ask what you are using now? |
Probably the software linked in #13 (comment) |
|
You should be able to use haproxy |
You, of course, may ask :) We finally decided to use go-mmproxy (as mentioned above) behind a haproxy with proxy protocol to offer high available SFTP access to our hosting customers without missing the original IP addresses on the SFTP server (for logging and security reasons). This setup works really fine and we never had any crashes or other issues since switching to go-mmproxy. |
ghost
mentioned this issue
Hi!
I love mmproxy, it helps me a lot hiding my SSH server behind a HA proxy. Unfortunately, multiple times a day the mmproxy process crashes with a segfault.
I have no experience reporting segfaults, this is my first report :) ... so I send you the information I think you need - please ask for further information, if needed:
OS: CentOS 7.5.1804
Kernel: 3.10.0-862.el7.x86_64
Log lines:
Any thoughts on that?
Thank you for that great piece of software!
The text was updated successfully, but these errors were encountered: