Netcat's `-k` option doesn't work on vanilla openbsd netcat

[stevenengler]

This issue applies to the openbsd version of netcat, without any of the debian patches. Specifically, the version of netcat on fedora 40.

The -k option is documented as:

When a connection is completed, listen for another one. Requires -l. When used together with the -u option, the server socket is not connected and it can receive UDP datagrams from multiple hosts.

This is designed so that a netcat server can accept multiple clients in a row. But vanilla openbsd netcat actually closes and recreates the listening socket after each client connection. See the comment at #3558 (comment) for details.

Since netcat is closing the listening socket and immediately opening a new socket and trying to bind to the same listening address, the original listening socket won't have been disassociated from the network interface yet due to #3563. So when netcat tries to bind the new socket, it gets EADDRINUSE.

00:00:00.000000000 [tid 1000] socket(AF_INET, 1, 6) = 3
00:00:00.000000000 [tid 1000] setsockopt(3, 1, 2, 0x7ffc0bf2bb1c, 4) = 0
00:00:00.000000000 [tid 1000] setsockopt(3, 1, 15, 0x7ffc0bf2bb1c, 4) = 0
00:00:00.000000000 [tid 1000] bind(3, 0.0.0.0:8080, 16) = 0
00:00:00.000000000 [tid 1000] listen(3, 1) = 0
00:00:00.000000000 [tid 1000] accept4(3, 0x7ffc0bf2bc80, 128 (0x7ffc0bf2bb18), 2048) = <blocked>
00:00:02.003000000 [tid 1000] accept4(3, 0x7ffc0bf2bc80, 16 (0x7ffc0bf2bb18), 2048) = 4
[snip]
00:00:02.003000000 [tid 1000] close(4) = 0
00:00:02.003000000 [tid 1000] close(3) = 0
00:00:02.003000000 [tid 1000] socket(AF_INET, 1, 6) = 3
00:00:02.003000000 [tid 1000] setsockopt(3, 1, 2, 0x7ffc0bf2bb1c, 4) = 0
00:00:02.003000000 [tid 1000] setsockopt(3, 1, 15, 0x7ffc0bf2bb1c, 4) = 0
00:00:02.003000000 [tid 1000] bind(3, 0.0.0.0:8080, 16) = -98 (EADDRINUSE)
00:00:02.003000000 [tid 1000] close(3) = 0
00:00:02.003000000 [tid 1000] write(2, "nc: Address already in use\n", 27) = 27

This issue is the same as #3563, and should be closed when/if #3563 is fixed. But I opened this as a separate issue so that we track this as a known compatibility issue with netcat. And we can ensure that netcat works properly after #3563 is fixed.

[stevenengler]

With the changes from #3643, I have tested the simulation from #3558 (comment) using -N instead of -q 0 on fedora 42, and still get the "nc: Address already in use" error.

Two possible reasons why this is failing may be:

1. Shadow seems to need the plugin to wait a little while before the address can be used again.

   shadow/src/test/socket/bind/test_bind.rs

   Lines 252 to 255 in d9c7c07

   	// https://github.com/shadow/shadow/issues/3563: some non-zero time needs to pass
   	// for shadow to clean up state and recognize the address as being available again.
   	// Unclear why.
   	std::thread::sleep(std::time::Duration::from_nanos(1));

2. There might still be a child socket left around in the time-wait state. Since Shadow doesn't support SO_REUSEADDR and we can see from the above strace that netcat is setting it (setsockopt(3, 1, 2, ...)), it might be failing for this reason.

   shadow/src/main/host/descriptor/socket/inet/legacy_tcp.rs

   Lines 1337 to 1340 in d9c7c07

   	(libc::SOL_SOCKET, libc::SO_REUSEADDR) => {
   	// TODO: implement this, tor and tgen use it
   	log::trace!("setsockopt SO_REUSEADDR not yet implemented");
   	}

   Edit: But considering Support SO_REUSEADDR (and lack of SO_REUSEADDR) #3649 and Shadow allows overlapping local addresses #3111, I don't think that this is the issue. Even if one of the child sockets is still bound, Shadow should still be allowing a new listening socket to be bound to the same local address.

[stevenengler]

Shadow seems to need the plugin to wait a little while before the address can be used again.

I think that this is the most likely reason. If I add model_unblocked_syscall_latency: true and max_unapplied_cpu_latency: 1 ns, the simulation is successful.

[stevenengler]

With the changes from #3643 + #3652, this is working for me on Fedora 42.