Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pmanak
Staff
Staff

Created on ‎08-07-2024 09:01 AM

Article Id 329314

Troubleshooting Tip: cw_acd daemon crash causes traffic disruption

Description This article describes the known issue where a cw_acd daemon crash causes traffic disruption.
Scope FortiGate.
Solution

FortiGate firewalls have multiple daemons running in the background that handle traffic from clients and help the firewall to manage other devices. One of the daemons is CAPWAP AC daemon (cw_acd), which assists in managing FortiAP from the Firewall.

 

Starting from FortiOS firmware 7.2.5 and 7.4.1, this specific daemon (cw_acd) crashes, causing intermittent traffic disruption and impacting the ability of users to browse the internet. This issue occurs when specific AP models report certain types of data to the controller. Below is the crashlog:

 

5161: 2023-09-04 14:20:34 <31455> firmware FortiGate-1801F v7.2.5,build1517b1517,230606 (GA.F) (Release)
5162: 2023-09-04 14:20:34 <31455> application cw_acd
5163: 2023-09-04 14:20:34 <31455> *** signal 6 (Aborted) received ***
5164: 2023-09-04 14:20:34 <31455> Register dump:
5165: 2023-09-04 14:20:34 <31455> RAX: 0000000000000000 RBX: 00007f577785c040
5166: 2023-09-04 14:20:34 <31455> RCX: 00007f577aa22e11 RDX: 0000000000000000
5167: 2023-09-04 14:20:34 <31455> R08: 0000000000000000 R09: 00007ffe4206c950
5168: 2023-09-04 14:20:34 <31455> R10: 0000000000000008 R11: 0000000000000246
5169: 2023-09-04 14:20:34 <31455> R12: 00007ffe4206cbf0 R13: 0000000000001000
5170: 2023-09-04 14:20:34 <31455> R14: 0000000000000040 R15: 00007f5776000000
5171: 2023-09-04 14:20:34 <31455> RSI: 00007ffe4206c950 RDI: 0000000000000002
5172: 2023-09-04 14:20:34 <31455> RBP: 00007ffe4206cd30 RSP: 00007ffe4206c950
5173: 2023-09-04 14:20:34 <31455> RIP: 00007f577aa22e11 EFLAGS: 0000000000000246
5174: 2023-09-04 14:20:34 <31455> CS: 0033 FS: 0000 GS: 0000
5175: 2023-09-04 14:20:34 <31455> Trap: 0000000000000000 Error: 0000000000000000
5176: 2023-09-04 14:20:34 <31455> OldMask: 0000000000000000
5177: 2023-09-04 14:20:34 <31455> CR2: 0000000000000000
5178: 2023-09-04 14:20:34 <31455> stack: 0x7ffe4206c950 - 0x7ffe4206d910
5179: 2023-09-04 14:20:34 <31455> Backtrace:
5180: 2023-09-04 14:20:34 <31455> [0x7f577aa22e11] => /usr/lib/x86_64-linux-gnu/libc.so.6
5181: 2023-09-04 14:20:34 (gsignal+0x00000141) liboffset 00038e11
5182: 2023-09-04 14:20:34 <31455> [0x7f577aa0c557] => /usr/lib/x86_64-linux-gnu/libc.so.6
5183: 2023-09-04 14:20:34 (abort+0x00000123) liboffset 00022557
5184: 2023-09-04 14:20:34 <31455> [0x7f577aa65640] => /usr/lib/x86_64-linux-gnu/libc.so.6 liboffset
5185: 2023-09-04 14:20:34 0007b640
5186: 2023-09-04 14:20:34 <31455> [0x7f577aaf379d] => /usr/lib/x86_64-linux-gnu/libc.so.6 liboffset
5187: 2023-09-04 14:20:34 0010979d
5188: 2023-09-04 14:20:34 <31455> [0x7f577aaf3752] => /usr/lib/x86_64-linux-gnu/libc.so.6 liboffset
5189: 2023-09-04 14:20:34 00109752
5190: 2023-09-04 14:20:34 <31455> [0x00689e82] => /bin/cw_acd
5191: 2023-09-04 14:20:34 <31455> [0x0068a5c2] => /bin/cw_acd
5192: 2023-09-04 14:20:34 <31455> fortidev 6.0.1.0005

 

This issue has been already added to the release notes under the known issues of firmware versions 7.2.8 and 7.4.2. The Bug ID is #949682, and it will be fixed in firmware 7.2.9, 7.4.5, and 7.6.1.
870
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.