Guest

Preview Tool

Cisco Bug: CSCvs38533 - ISR4431 16.6.6 Chunk Memory corruption after PKI commands

Last Modified

Dec 19, 2019

Products (1)

  • Cisco IOS

Known Affected Releases

16.6.6

Description (partial)

Symptom:
crash in two ISR4k (SW: 16.6.6) routers after configuring the following with Cisco prime:

#INTERACTIVE
crypto pki enroll VPN_main <IQ>Password<R>"Password"<IQ>password<R>"Password"<IQ>yes/no<R>yes
#ENDS_INTERACTIVE
#INTERACTIVE
crypto pki enroll VPN_backup <IQ>Password<R>"Password"<IQ>Re-enter password<R>"Password"<IQ>yes/no<R>yes
#ENDS_INTERACTIVE



The same config were input manually and it was implemented successfully.

Conditions:
From the crashinfo files we can see that crashed occurred due to chunk memory corruption:

current chunk header = 0x7F439C4C2330
data check, ptr = 0x7F439C4C2348

next chunk header = 0x7F439C4C23B0
data check, ptr = 0x7F439C4C23C8

previous chunk header = 0x7F439C4C22B0
data check, ptr = 0x7F439C4C22C8

1631477: Sep 19 19:23:39.702: %SYS-2-CHUNKBADREFCOUNT: Bad chunk reference count, chunk 80007F439C4C0C90 data 80007F439C4C2348 refcount FFFFFFFFFFFFFFFF alloc pc 80005600D826E4FF. -Process= "Crypto IKEv2", ipl= 0, pid= 420
-Traceback= 1#947d4bcc5ad4070668f5b7196e2b09d2  :5600D235B000+59329F4 :5600D235B000+591CDD4 :5600D235B000+C890216 iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+417927 iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+3B6132 iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+3B77F6 iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+3510BA iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+35653B iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+3572C0 iosd_shr_m_uk9_IPSEC_**MSG 00001 TRUNCATED**
**MSG 00001 CONTINUATION #01**Core_crb:7F4438909000+3B52BA iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+3B5734 iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+36DA99 iosd_shr_m_uk9_IPSEC_Core_crb:7F4438909000+419645

Traceback summary
-----------------
% 0x5600d7c8d9f4 : __be_chunk_free_inline
% 0x5600d7c77dd4 : __be_free_lite_internal
% 0x5600debeb216 : __be_free
% 0x7f4438d20927 : __be_ikev2_timer_destroy
% 0x7f4438cbf132 : __be_ikev2_delete_neg
% 0x7f4438cc07f6 : __be_ikev2_delete_request
% 0x7f4438c5a0ba : __be_fsm_del_neg
% 0x7f4438c5f53b : __be_ikev2_sm_internal
% 0x7f4438c602c0 : __be_ikev2_sm_dequeue_wr
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.