[Swan-dev] pluto crash at start: with Electric Fence linked
Andrew Cagney
andrew.cagney at gmail.com
Wed Feb 12 18:57:15 UTC 2020
efence should be enabled on testing?
make OBJDIR=OBJ.kvm USE_EFENCE=true ALL_ALGS=false USE_SECCOMP=true
USE_LABELED_IPSEC=true USE_NSS_IPSEC_PROFILE=true SD_RESTART_TYPE=no
USE_KLIPS=true USE_NSS_PRF= USE_FIPSCHECK=true base
On Wed, 12 Feb 2020 at 13:44, Antony Antony <antony at phenome.org> wrote:
> can't start pluto with Electric Fence enabled, on F30 with updates.
>
> I noticed Electric Fence was disabled.
> I enabled EF, then pluto, #master on F30, fails to start.
> Tuomo suspect pk11-kit is part of issue.
>
> Here are few lines from gdb bt, and link to full bt bellow.
>
> #14 0x00007fc59225c1e6 in NSS_Initialize (configdir=<optimized out>,
> certPrefix=<optimized out>, keyPrefix=<optimized out>,
> secmodName=<optimized
> out>, flags=<optimized out>) at nssinit.c:889
> #15 0x000055d20d21b630 in lsw_nss_setup (configdir=0x7fc590f38fe8
> "/etc/ipsec.d", setup_flags=1, get_password=0x55d20d21be05
> <lsw_nss_get_password>, err=0x7ffdc1af1730 "\020n\364\220\305\177") at
> /home/build/libreswan/lib/libswan/lswnss.c:58
> #16 0x000055d20d182f1e in pluto_init_nss (nssdir=0x7fc590f38fe8
> "/etc/ipsec.d") at /home/build/libreswan/programs/pluto/plutomain.c:424
> #17 0x000055d20d18586a in main (argc=5, argv=0x7ffdc1af1aa8) at
> /home/build/libreswan/programs/pluto/plutomain.c:1644
> (gdb)
>
> https://swantest.libreswan.fi/gdb-stdout.txt
>
> gdb stderr: there are bunch of gdb errors I not sure if they are
> related.
> warning: Loadable section ".note.gnu.property" outside of ELF segments
> https://swantest.libreswan.fi/gdb-err.txt
>
> So far I have only noticed the crash on F30 with updates.
> I wonder why this not happening in our kvm testing. May be the kvm install
> has a bit older pk1-kit* and/or NSS rpms. With an update this bug may
> appear
> in kvm testing too.
>
> It is triggered from call to NSS/NSPR, access freed memory and Electric
> Fence call abort.
>
> Has anyone else noticed this issue with F30 updates or later?
>
> there was a mention of p11-kit issue:
> https://lists.libreswan.org/pipermail/swan-dev/2020-January/003553.html
>
> -antony
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20200212/7618d30c/attachment.html>
More information about the Swan-dev
mailing list