Project

General

Profile

Bug #163

/usr/libexec/ipsec/charon was killed by signal 11 (SIGSEGV)

Added by G. V. over 8 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Category:
libstrongswan
Target version:
Start date:
15.12.2011
Due date:
Estimated time:
Affected version:
4.6.1
Resolution:

Description

Every time I stop ipsec, strongswan exit with a crash. Fedora 16, x86_64:

Dec 6 10:21:40 iXXXXX abrtd: Directory 'ccpp-2011-12-06-10:21:39-4398' creation detected
Dec 6 10:21:40 iXXXXX abrt4422: Saved core dump of pid 4398 (/usr/libexec/ipsec/charon) to /var/spool/abrt/ccpp-2011-12-06-10:21:39-4398 (36352000 bytes)
Dec 6 10:21:40 iXXXXX abrtd: New dump directory /var/spool/abrt/ccpp-2011-12-06-10:21:39-4398, processing

cmdline: /usr/libexec/ipsec/charon --use-syslog

backtrace (5.09 KB) backtrace Bactrace G. V., 15.12.2011 09:29
flush_cache.patch (1.13 KB) flush_cache.patch Tobias Brunner, 15.12.2011 10:21

History

#1 Updated by Tobias Brunner over 8 years ago

I can't reproduce this, but I suspect it happens because the plugin which provides the implementation for the certificates and crls that are cached in the credential manager is already unloaded when these are flushed from it during destruction. Hence the segmentation fault.

Could you please try if the attached patch fixes the problem.

Regards,
Tobias

#2 Updated by G. V. over 8 years ago

Hi!

flush_cache.patch does not apply clean againt strongswan-4.6.1 (daemon.c).

In your patch lib->plugins->unload(lib->plugins); is called after #ifdef ME ... #endif.

In strongswan-4.6.1 the lib->plugins->unload(lib->plugins); is called before #ifdef statement.

Sincerely,
Gabriel

#3 Updated by G. V. over 8 years ago

Hi again!

I modified the patch (called 'lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);' right above 'lib->plugins->unload(lib->plugins);' in daemon.c, strongswan 4.6.1 ).
Compiled strongswan, installed the new version. stopping charon works as expected (no crash anymore).

Thank you for your help.

Sincerely,
Gabriel

#4 Updated by Tobias Brunner over 8 years ago

  • Status changed from Feedback to Resolved
  • Target version set to 4.6.2

Yes, the patch was against the current master, sorry about that. Anyway, thanks for testing it.

Fixed in a5951a28.

Regards,
Tobias

#5 Updated by Tobias Brunner over 8 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF