๐ BUG: Linux (386) "panic: runtime error: makeslice: len out of range"
Closed this issue ยท 4 comments
0x5f3 commented
What version of nebula
are you using? (nebula -version
)
1.9.3
What operating system are you using?
Linux (386)
Describe the Bug
Hardware: Synology DS214play
Running error with: panic: runtime error: makeslice: len out of range
Other hosts running on amd64, arm64, arm7 are able to connect without any issues.
Logs from affected hosts
DEBU[0000] Client nebula certificate cert="NebulaCertificate {\n\tDetails {\n\t\tName: ###########_001\n\t\tIps: [\n\t\t\t10.8.0.201/24\n\t\t]\n\t\tSubnets: []\n\t\tGroups: [\n\t\t\t\"###########\"\n\t\t]\n\t\tNot before: 2024-06-21 11:19:35 +0000 GMT\n\t\tNot After: 2029-06-21 17:19:35 +0000 GMT\n\t\tIs CA: false\n\t\tIssuer: ###########\n\t\tPublic key: ###########\n\t\tCurve: CURVE25519\n\t}\n\tFingerprint: ###########\n\tSignature: ###########\n}"
DEBU[0000] Trusted CA fingerprints fingerprints="[###########]"
INFO[0000] Firewall rule added firewallRule="map[caName: caSha: direction:outgoing endPort:0 groups:[] host:any ip: localIp: proto:0 startPort:0]"
INFO[0000] Firewall rule added firewallRule="map[caName: caSha: direction:incoming endPort:0 groups:[] host:any ip: localIp: proto:0 startPort:0]"
INFO[0000] Firewall started firewallHashes="SHA:###########,FNV:2782948616"
INFO[0000] listening "0.0.0.0" 35198
INFO[0000] Main HostMap created network=10.8.0.201/24 preferredRanges="[]"
INFO[0000] punchy enabled
panic: runtime error: makeslice: len out of range
goroutine 1 [running]:
github.com/slackhq/nebula.NewTimerWheel[...](...)
github.com/slackhq/nebula/timeout.go:70
github.com/slackhq/nebula.NewLockingTimerWheel[...](...)
github.com/slackhq/nebula/timeout.go:86
github.com/slackhq/nebula.NewHandshakeManager(0xa8829b0, 0xaa104c0, 0xaa128c8, {0x879ffe8, 0xaa0a500}, {0x5f5e100, 0x14, 0x40, 0x1, 0xaa00450})
github.com/slackhq/nebula/handshake_manager.go:113 +0xd4
github.com/slackhq/nebula.Main(0xa8d5dc0, 0x0, {0x879a5c0, 0x5}, 0xa8829b0, 0x0)
github.com/slackhq/nebula/main.go:211 +0x17b9
main.main()
github.com/slackhq/nebula/cmd/nebula/main.go:55 +0x469
Config files from affected hosts
pki:
ca: /etc/nebula/certs/nebula.internal.ca.crt
cert: /etc/nebula/certs/nebula.internal.###########_001.crt
key: /etc/nebula/certs/nebula.internal.###########_001.key
# disconnect_invalid: true
static_host_map:
"10.8.0.1": ["###########:65199"]
"10.8.0.2": ["###########:65199"]
"10.8.0.3": ["###########:65199"]
"10.8.0.4": ["###########:65199"]
lighthouse:
am_lighthouse: false
interval: 60
hosts:
- "10.8.0.1"
- "10.8.0.2"
- "10.8.0.3"
- "10.8.0.4"
remote_allow_list:
"0.0.0.0/0": true
"10.8.0.0/24": true
local_allow_list:
interfaces:
'docker*': false
'veth*': false
"10.8.0.0/24": true
listen:
host: 0.0.0.0
port: 35199
punchy:
punch: true
relay:
relays:
am_relay: false
use_relays: true
tun:
disabled: false
dev: nebula0
drop_local_broadcast: false
drop_multicast: false
tx_queue: 500
mtu: 1300
routes:
unsafe_routes:
cipher: aes
handshakes:
try_interval: 100ms
retries: 20
trigger_buffer: 64
logging:
level: debug
format: text
firewall:
outbound_action: drop
inbound_action: drop
conntrack:
tcp_timeout: 12m
udp_timeout: 3m
default_timeout: 10m
outbound:
- port: any
proto: any
host: any
inbound:
- port: any
proto: any
host: any
JackDoanRivian commented
@0x5f3 are you able to try the branch above and see if it works for you? I don't have an i386 machine to test on, but I reproduced your crash by running an i386 nebula on an amd64 target.
0x5f3 commented
@0x5f3 are you able to try the branch above and see if it works for you? I don't have an i386 machine to test on, but I reproduced your crash by running an i386 nebula on an amd64 target.
I am currently unable to log in to the host, but I will test the branch and share my findings once I am able to access it.