I'd suspect a use after free - *xauth would contain gibberish. It looks like xauth_pam_abort() is freeing the object instead of leaving it to xauth_pam_child_cleanup().
On 16 December 2017 at 13:14, Antony Antony <[email protected]> wrote: > Hi > > I noticed a coredump in xauth-pluto-20-pam-timeout since week or so. > I think it is related to a recent fixes to xauth pam stuff around Dec 5th > or so. > > It is happening when shutting down the host, after the test case. > > ../bin/check-for-core.sh > CORE FOUND: /tmp/core.east.pluto.2260 > [New LWP 2260] > [New LWP 2265] > [New LWP 2266] > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > Core was generated by `PATH/libexec/ipsec/pluto --leak-detective --config > /etc/ipsec.conf --nofo'. > Program terminated with signal SIGSEGV, Segmentation fault. > #0 0x00007f8cdb4bb378 in xauth_pam_child_cleanup (status=9, > arg=0x7f8cd22c5f98) at > PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/xauth.c:110 > 110 DBG(DBG_XAUTH, { > #0 0x00007f8cdb4bb378 in xauth_pam_child_cleanup (status=9, > arg=0x7f8cd22c5f98) at > PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/xauth.c:110 > #1 0x00007f8cdb4f39d6 in childhandler_cb (unused=17, event=8, arg=0x0) at > PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/server.c:909 > #2 0x00007f8cd9454a05 in event_signal_closure (base=<optimized out>, > base=<optimized out>, ev=0x7f8cd239bf70) at event.c:1064 > #3 event_process_active_single_queue (activeq=0x7f8cd3841ff0, > base=0x7f8cd383bd80) at event.c:1342 > #4 event_process_active (base=<optimized out>) at event.c:1420 > #5 event_base_loop (base=0x7f8cd383bd80, flags=0) at event.c:1621 > #6 0x00007f8cdb4f3f01 in call_server () at > PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/server.c:1074 > #7 0x00007f8cdb4f0211 in main (argc=5, argv=0x7fff61b7cd68) at > PATH/src/debug/libreswan-3.22_412_g696a3b5_master/programs/pluto/plutomain.c:1747 > mv: failed to preserve ownership for ‘OUTPUT/core.east.pluto.2260’: > Operation not permitted > east # > if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi > > > earliest I noticed > https://swantest.libreswan.fi/results/blackswan/2017-12-08-swantest-3.22-412-g696a3b5f4-master/xauth-pluto-20-pam-timeout/OUTPUT/east.console.verbose.txt > > -antony > _______________________________________________ > Swan-dev mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan-dev _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
