Re: [radsecproxy] sigsegv with radsecproxy
2 Aug
2017
2 Aug
'17
9:58 a.m.
Ralf Hildebrandt <Ralf.Hildebrandt(a)charite.de> wrote
Tue, 1 Aug 2017 15:34:16 +0200:
No crashes today, either.
Thanks for the update. I think it's time for radsecproxy-1.6.9.
Two things regarding this bug though.
Why didn't we hear from this until now? The offending code is far from
new. Who else besides Ralf run radsecproxy in a static configuration (ie
no dynamicLookupCommand) on a multicore system and handle at least 10
requests/second? Would you mind grepping your logs for signs of crashes?
'createlistener' might be a good string to grep for.
I'm assuming that _reading_ a uint32_t without protection is going to be
safe on all architectures we care about. Let me know if you think this
is not true.
Ralf is currently running with a patch that fixes this
by taking a
separate mutex before increasing or decreasing the reference count for a
realm.
No crashes so far; I'd say we need to give this 2 more working days,
but it sure seem to be crashing less than before (which was about 4
times a day)