[strongSwan] why strongswan 4.6.4 resstart automatically soomtimes?

nanjian5 nanjian5 at gmail.com
Wed Apr 10 15:13:04 CEST 2013 

Hi,

> The dameon modules of charon said it receive the signal 10 and kill
itself.
> I check usage of linux signal in the manual of linux, and find that signal
> 10 means SIGBUS because of bad memory access.

Under which architecture does your system run? What compiler did you
use?

To identify the issue, it would help to get a backtrace from where that
SIGBUS is raised. You may try to run charon in the foreground with
"ipsec start --attach-gdb". If you don't have gdb on that system, "ipsec
start --nofork" might work, as a backtrace gets printed to stderr if
your system features the backtrace() call.

Regards
Martin
===========================================================
Hi,
This is what happen after "ipsec start --attach-gdb" when 120 ipsec tunnels
is establishing per second and strongswan is loging into syslog.


372[CFG] <3108> looking for peer configs matching
10.2.0.5[%any]...10.0.13.125[a2430]

461[CFG] <au-gw|3005> selected peer config 'au-gw'

916[CFG] <3072> looking for peer configs matching
10.2.0.5[%any]...10.0.27.193[a6082]

721[CFG] <3101> looking for peer configs matching
10.2.0.5[%any]...10.0.13.123[a2428]

907[CFG] <3071> looking for peer configs matching
10.2.0.5[%any]...10.0.25.184[a5561]

591[CFG] <3096> looking for peer configs matching
10.2.0.5[%any]...10.0.25.190[a5567]

946[CFG] <3109> looking for peer configs matching
10.2.0.5[%any]...10.0.21.173[a4526]

998[CFG] <3074> looking for peer configs matching
10.2.0.5[%any]...10.0.21.164[a4517]

724[CFG] <3099> looking for peer configs matching
10.2.0.5[%any]...10.0.21.170[a4523]

771[CFG] <3069> looking for peer configs matching
10.2.0.5[%any]...10.0.27.191[a6080]

60[CFG] <au-gw|3007> selected peer config 'au-gw'

128[CFG] <3123> looking for peer configs matching
10.2.0.5[%any]...10.0.13.129[a2434]

843[CFG] <3103> looking for peer configs matching
10.2.0.5[%any]...10.0.27.201[a6090]

619[CFG] <3107> looking for peer configs matching
10.2.0.5[%any]...10.0.21.171[a4524]

843[CFG] <au-gw|3103> selected peer config 'au-gw'

202[CFG] <au-gw|2993> selected peer config 'au-gw'

956[CFG] <au-gw|2985> selected peer config 'au-gw'

857[CFG] <au-gw|3000> selected peer config 'au-gw'

541[CFG] <au-gw|3045> selected peer config 'au-gw'

510[CFG] <au-gw|3047> selected peer config 'au-gw'

383[CFG] <au-gw|2991> selected peer config 'au-gw'

471[CFG] <3112> looking for peer c[New LWP 31095]

onfigs matching 10.2.0.5[%any]...10.0.21.174[a4527]

433[JOB] <2950> deleting half open IKE_SA after timeout

369[JOB] <2966> deleting half open IKE_SA after timeout

441[JOB] <2975> deleting half open IKE_SA after timeout

215[JOB] <2976> deleting half open IKE_SA after timeout

215[JOB] <2967> deleting half open IKE_SA after timeout

182[JOB] <2982> deleting half open IKE_SA after timeout

668[CFG] <au-gw|3050> selected peer config 'au-gw'

855[CFG] <au-gw|3090> selected peer config 'au-gw'

854[JOB] <2969> deleting half open IKE_SA after timeout



Program received signal SIGSEGV, Segmentation fault.

[Switching to LWP 31095]

0x0000005555b08c68 in memcpy () from /lib64/libc.so.6

(gdb) bt

#0  0x0000005555b08c68 in memcpy () from /lib64/libc.so.6

#1  0x0000005555e21414 in SHA1_Update ()

   from /tmp/lib/lib/ipsec/plugins/libstrongswan-openssl.so

#2  0x000000574b6fee70 in ?? ()

warning: GDB can't find the start of the function at 0x574b6fee70.







We build the strongswan with the following command:
./configure --build=mips64octeon --host=mips64-octeon-linux-gnu
 --with-lib-prefix=/usr/local/Cavium_Networks/OCTEON-SDK/prj/openssl
--prefix=/tmp/lib ABI=64 CFLAGS=-mabi=64   --enable-eap-aka
--enable-eap-radius   --enable-nat-transport    --enable-kernel-pfkey
--enable-socket-default --enable-socket-raw --enable-socket-dynamic
 --disable-gmp --enable-openssl   --enable-eap-identity --enable-updown
 --enable-dhcp --enable-farp;make clean;make;make install

the linux version is :

Linux (none) 2.6.21.7RadiSys-ATCA7220 #10 SMP Sun Jan 1 10:15:42 CST 2012
 mips64 unknown.

Is it enough to fixed this bug?



regards
nanjian5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130410/a7b40c03/attachment.html>

More information about the Users mailing list