[tor-relays] If you get weird crashes, that might be why

pa011 pa011 at web.de
Sun Jun 26 21:40:56 UTC 2016


Hi Yuriy and Pascal,

I don’t know where that "Op$bf: " is from, it is stated that way in the
Tor log file.

What looks very different from other relay debug files are the number of
entries like these:

Jun 25 20:05:50 kernel: [61536.640020] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143200123:1143203019 (repaired)
Jun 25 20:05:54 kernel: [61540.044045] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143205915:1143208811 (repaired)
Jun 25 20:05:59 kernel: [61544.900036] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143211707:1143214603 (repaired)
Jun 25 20:06:31 kernel: [61577.120054] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143252251:1143255147 (repaired)
Jun 25 20:06:37 kernel: [61583.684050] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143258043:1143260939 (repaired)
Jun 25 20:06:41 kernel: [61587.156021] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143262387:1143266731 (repaired)
Jun 25 20:06:41 kernel: [61587.588021] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143263835:1143266731 (repaired)
Jun 25 20:06:45 kernel: [61591.492022] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143269627:1143272523 (repaired)
Jun 25 20:07:22 kernel: [61628.072061] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143310171:1143313067 (repaired)
Jun 25 20:07:53 kernel: [61659.280023] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143343475:1143347819 (repaired)
Jun 25 20:07:53 kernel: [61659.708017] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143344923:1143347819 (repaired)
Jun 25 20:08:21 kernel: [61687.148034] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143379675:1143382571 (repaired)
Jun 25 20:08:32 kernel: [61698.296025] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143391259:1143394155 (repaired)
Jun 25 20:08:39 kernel: [61705.388024] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143398499:1143399947 (repaired)
Jun 25 20:09:03 kernel: [61729.729801] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143426011:1143428907 (repaired)
Jun 25 20:09:15 kernel: [61741.832029] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143437595:1143440491 (repaired)
Jun 25 20:10:58 kernel: [61844.000083] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143491894:1143494790 (repaired)
Jun 25 20:11:02 kernel: [61848.120017] Peer 47.19.79.xxx:4700/55752
unexpectedly shrunk window 1143497686:1143500582 (repaired)

and the number of lines like:

kernel: [113700.366999] nf_conntrack: table full, dropping packet

which comes nearly every second -sometime more.

Memory is used about 50 percent -disk space more than enough.




Am 26.06.2016 um 19:39 schrieb Yuriy M. Kaminskiy:
> On 26.06.2016 16:22, pa011 wrote:
>> On start-up my Exit (Linux 3.16.0-4-amd64) Tor 0.2.7.6  creates this log
>> message:
>>
>> [warn] OpenSSL version from headers does not match the version we're
>> running with.If you get weird crashes, that might be why. (Compiled
>> with 100010bf: Op$bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f:
>                  ^^^^^^^
>> OpenSSL 1.0.1t  3 May 2016).
>>
>> Unfortunately it really crashes ones a day. This seems to be an ongoing
>> problem for years now?
>>
>> Could anyone please give some help - or is there none?
> 
> No, this is NOT a reason for those crashes.
> 
> Background:
> At May/June 2016, Debian jessie transitioned from heavily-patched
> openssl 1.0.1k (with a lot of security patches backported from later
> [stable] versions) to (much more lightly-patched) openssl 1.0.1t (which
> already included all those security fixes).
> 
> Both versions are (supposed to be) completely binary compatible, and
> running a binary compiled against 1.0.1k with openssl 1.0.1t should be
> completely safe.
> 
> If your tor crashes daily (and especially if that also happened before
> June 2016, when debian transitioned to 1.0.1t), the reason must be
> something else (hardware problem, insufficient resources [memory? disk?
> process/task/thread limit?], some obscure tor bug).
> 
> That said, above message looks weird. It comes from this code:
> 
> log_warn(LD_CRYPTO, "OpenSSL version from headers does not match the "
>        "version we're running with. If you get weird crashes, that "
>        "might be why. (Compiled with %lx: %s; running with %lx: %s).",
>        (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
>        SSLeay(), SSLeay_version(SSLEAY_VERSION));
> 
> What is that "Op$bf: " in above message and where it comes from?
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xC8C330E7.asc
Type: application/pgp-keys
Size: 3104 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160626/864628e9/attachment.key>


More information about the tor-relays mailing list