[Swan-dev] pluto crash at start: with Electric Fence linked

Antony Antony antony at phenome.org
Wed Feb 12 18:43:53 UTC 2020


can't start pluto with Electric Fence enabled, on F30 with updates.

I noticed Electric Fence was disabled.
I enabled EF, then pluto, #master on F30, fails to start.
Tuomo suspect pk11-kit is part of issue.

Here are few lines from gdb bt, and link to full bt bellow.

#14 0x00007fc59225c1e6 in NSS_Initialize (configdir=<optimized out>, 
certPrefix=<optimized out>, keyPrefix=<optimized out>, secmodName=<optimized 
out>, flags=<optimized out>) at nssinit.c:889
#15 0x000055d20d21b630 in lsw_nss_setup (configdir=0x7fc590f38fe8 "/etc/ipsec.d", setup_flags=1, get_password=0x55d20d21be05 <lsw_nss_get_password>, err=0x7ffdc1af1730 "\020n\364\220\305\177") at /home/build/libreswan/lib/libswan/lswnss.c:58
#16 0x000055d20d182f1e in pluto_init_nss (nssdir=0x7fc590f38fe8 "/etc/ipsec.d") at /home/build/libreswan/programs/pluto/plutomain.c:424
#17 0x000055d20d18586a in main (argc=5, argv=0x7ffdc1af1aa8) at /home/build/libreswan/programs/pluto/plutomain.c:1644
(gdb)

https://swantest.libreswan.fi/gdb-stdout.txt

gdb  stderr: there are bunch of gdb errors I not sure if they are related.  
warning: Loadable section ".note.gnu.property" outside of ELF segments
https://swantest.libreswan.fi/gdb-err.txt

So far I have only noticed the crash on F30 with updates.
I wonder why this not happening in our kvm testing. May be the kvm install 
has a bit older pk1-kit* and/or NSS rpms. With an update this bug may appear 
in kvm testing too.

It is  triggered from call to NSS/NSPR, access freed memory and Electric 
Fence call abort.

Has anyone else noticed this issue with F30 updates or later?

there was a mention of p11-kit issue:
https://lists.libreswan.org/pipermail/swan-dev/2020-January/003553.html

-antony


More information about the Swan-dev mailing list