Hi Nikos, Sorry, I don't know how to use valgrind 3.11.0, which always showed some errors even as I just ran safe ocserv 0.10.8 . GCC version is: gcc (Ubuntu 4.8.4-2ubuntu1~14.04) 4.8.4 valgrind ocserv -c /etc/ocserv/config -f ==5112== Memcheck, a memory error detector ==5112== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==5112== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==5112== Command: ocserv -c /etc/ocserv/config -f ==5112== Setting 'radius' as primary authentication method Enabling 'certificate' as authentication method listening (TCP) on 0.0.0.0:443... listening (UDP) on 0.0.0.0:443... valgrind: m_scheduler/sema.c:104 (vgModuleLocal_sema_down): Assertion 'sema->owner_lwpid != lwpid' failed. host stacktrace: ==0== at 0x3803D1C8: show_sched_status_wrk (m_libcassert.c:343) sched status: running_tid=0 Thread 1: status = VgTs_WaitSys (lwpid 5115) ==0== at 0x62F3D8A: prctl (syscall-template.S:81) ==0== by 0x558EEBC: seccomp_load (in /usr/lib/x86_64-linux-gnu/libseccomp.so.2.1.0) ==0== by 0x41F04B: disable_system_calls (worker-privs.c:115) ==0== by 0x40CD9F: vpn_server (worker-vpn.c:417) ==0== by 0x407529: main (main.c:1251) Note: see also the FAQ in the source distribution. It contains workarounds to several common problems. In particular, if Valgrind aborted or crashed after identifying problems in your program, there's a good chance that fixing those problems will prevent Valgrind aborting or crashing, especially if it happened in m_mallocfree.c. If that doesn't help, please report this bug to: www.valgrind.org In the bug report, send all the above text, the valgrind version, and what OS and version you are using. Thanks. 2015-12-18 18:07 GMT+08:00 Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com>: > On Wed, Dec 16, 2015 at 11:28 AM, yick xie <yick.xie at gmail.com> wrote: >> Hello, >> >> As the title, running ocserv with the profile.xml config will >> encounter a server error when an IOS Anyconnect client tries to >> connect the server. Yet there is no problem when just using Windows 7 >> Anyconnect, or just roughly with profile.xml disabled. >> The ocserv was complied at commit >> a52ffc4d06578d0209397753eb6ad3b778ed581e(When max-clients is set >> adjust the file descriptor limits accordingly). The error shows >> "segfault at a0 ip 000000000041c95d sp 00007fff95a51c20 error 4 in >> ocserv[400000+59000]" > > Hi Yick, > Could you use valgrind to run ocserv and send the output of this > crash in that case? > >> processing: User-Agent: AnyConnect ERROR_NOT_USED 4.0.03016 > > That's an interesting user-agent string :) > >> webvpn=B4HK6PlpHYicYsLXPbLzdnZsGy5X954oDl54R9/mi6R3ZY6jgX9R7OYQUobcS60ToFr6qSU47qF11EZ2kjq3aw6kUfdI9c3Zj1yai2pvGmnGVw==; >> webvpnc=bu:/&p:t&iu:1/&sh:7E9BB890976A71EB71695B6054CF0ED41FCA4E9D&lu:/+CSCOT+/translation-table?textdomain%3DAnyConnect%26type%3Dmanifest&fu:profiles%2F/etc/ocserv/profile.xml&fh:291FF7BC238526C0C9DA9AE91EB408CB229F07D4; > > The cookies are better not sent to a list. They can be used to resume > your session. > > regards, > Nikos
