Hello Maximilian Stein,
maybe the package maintainer can get some information out of that
kernel line, but maybe you can install a core dump collector
like e.g. systemd-coredump.
When the next crash happens you can examine the core by:
coredumpctl list
coredumpctl gdb <PID>
Even better if debug symbols could be installed before. [1]
Now I see one thing - you are running 1.0.35-1, is this
a local rebuilt package or the package from testing?
If the latter with some guessing the location *could* be there:
0x000000000000929d <send_meta+45>: movslq 0x98c(%rbx),%rdx
And that would point to following line:
src/meta.c:44 if(!c->outbuflen) {
But this is just based on the offsets and if the used package
was built by debian.
Kind regards,
Bernhard
[1] https://wiki.debian.org/HowToGetABacktrace
apt install devscripts dpkg-dev binutils gdb
wget http://ftp.de.debian.org/debian/pool/main/t/tinc/tinc_1.0.35-1_amd64.deb
wget
http://snapshot.debian.org/archive/debian-debug/20181008T214825Z/pool/main/t/tinc/tinc-dbgsym_1.0.35-1_amd64.deb
dpkg -i *.deb
mkdir tinc/orig -p
cd tinc/orig
dget http://deb.debian.org/debian/pool/main/t/tinc/tinc_1.0.35-1.dsc
cd ../..
# From #914360:
kernel: [52018.886642] tincd[691]: segfault at 98c ip 0000557ae018e29d sp
00007ffffc40f5b0 error 4 in tincd[557ae0189000+19000]
0x557ae0189000 - 0x557ae018e29d = 0x529D
benutzer@debian:~$ script -a out.txt -c "gdb -q --args /usr/sbin/tincd"
Reading symbols from /usr/sbin/tincd...Reading symbols from
/usr/lib/debug/.build-id/5b/0adb3822421ae6a87900b011c2b6af3e355be8.debug...done.
done.
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /home/benutzer/tinc/orig/tinc-1.0.35/src
Source directories searched: /home/benutzer/tinc/orig/tinc-1.0.35/src:$cdir:$cwd
(gdb) info target
Symbols from "/usr/sbin/tincd".
Local exec file:
`/usr/sbin/tincd', file type elf64-x86-64.
Entry point: 0x5ac0
...
0x0000000000004c90 - 0x000000000001c922 is .text
...
(gdb) disassemble 0x0000000000004c90,0x000000000001c922
(gdb) q
# grep for 29d
benutzer@debian:~$ grep -i "29d " out.txt
0x000000000000929d <send_meta+45>: movslq 0x98c(%rbx),%rdx
<<<<< looks promising as it uses that 98c offset too
0x00000000000093d8 <send_meta+360>: jmpq 0x929d <send_meta+45>
0x000000000000d29d <load_all_subnets+397>: retq
0x000000000000e29d <setup_myself+3485>: lea 0xf1b2(%rip),%rsi
# 0x1d456
0x000000000001029d <do_outgoing_connection+1453>: je 0xff2a
<do_outgoing_connection+570>
0x000000000001329d <send_metakey+669>: mov %rax,0x90(%rbx)
0x000000000001629d <add_subnet_h+509>: mov %r14,%rdi
0x000000000001a29d <net2str+381>: push %rax
(gdb) disassemble /m send_meta
Dump of assembler code for function send_meta:
37 bool send_meta(connection_t *c, const char *buffer, int length) {
0x0000000000009270 <+0>: push %r12
0x0000000000009272 <+2>: mov %rsi,%r12
0x0000000000009275 <+5>: push %rbp
0x0000000000009276 <+6>: mov %edx,%ebp
0x0000000000009278 <+8>: push %rbx
0x0000000000009279 <+9>: mov %rdi,%rbx
0x000000000000927c <+12>: sub $0x10,%rsp
0x0000000000009280 <+16>: mov %fs:0x28,%rax
0x0000000000009289 <+25>: mov %rax,0x8(%rsp)
0x000000000000928e <+30>: xor %eax,%eax
38 int outlen;
39 int result;
40
41 ifdebug(META) logger(LOG_DEBUG, "Sending %d bytes of metadata
to %s (%s)", length,
0x0000000000009290 <+32>: cmpl $0x3,0x1ef51(%rip) # 0x281e8
<debug_level>
0x0000000000009297 <+39>: ja 0x93c0 <send_meta+336>
0x00000000000093c0 <+336>: mov 0x28(%rdi),%r8
0x00000000000093c4 <+340>: mov (%rdi),%rcx
0x00000000000093c7 <+343>: lea 0x14302(%rip),%rsi # 0x1d6d0
0x00000000000093ce <+350>: mov $0x7,%edi
0x00000000000093d3 <+355>: callq 0x8fe0 <logger>
0x00000000000093d8 <+360>: jmpq 0x929d <send_meta+45>
0x00000000000093dd <+365>: nopl (%rax)
42 c->name, c->hostname);
43
44 if(!c->outbuflen) {
<<<<<<<<<<<< would be here maybe with c == NULL ?
0x000000000000929d <+45>: movslq 0x98c(%rbx),%rdx
0x00000000000092a4 <+52>: test %edx,%edx
0x00000000000092a6 <+54>: jne 0x92b6 <send_meta+70>
45 c->last_flushed_time = now;
0x00000000000092a8 <+56>: mov 0x1ef81(%rip),%rax # 0x28230 <now>
0x00000000000092af <+63>: mov %rax,0x9a0(%rbx)
46 }
gdb -q --args /usr/sbin/tincd
set width 0
set pagination off
directory /home/benutzer/tinc/orig/tinc-1.0.35/src
