segmentation fault in gpg --gen-key on AIX 6.1
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	sieutruc
	Jun 27 2014, 1:14 AM

Description

Hello,

I have compiled successfully gpg2.0.24 for AIX 6.1. All functions work well.
But when i lanched a command that requires gpg-agent, i got always the same
error, for ex:

sub* 2048R/D4EA41ED created: 2014-06-26 expires: 2016-02-16 usage: E
[ultimate] (1)* test1

gpg> primary

You need a passphrase to unlock the secret key for
user: "test1"
2048-bit RSA key, ID 8C83A591, created 2014-06-26

gpg: signal 11 caught ... exiting
Segmentation fault

How to solve solve that problem ?

Thanks.

Details

Version: <= 2.1.1

Related Objects

Mentioned Here: rAb6da2da96780: Fix possible segv in a call to _assuan_debug.
T1407: Segmentation fault

Event Timeline

sieutruc set Version to 2.0.24.Jun 27 2014, 1:14 AM

sieutruc added projects: gnupg, Bug Report.

sieutruc added a subscriber: sieutruc.

I need at least a stack backtrace to fix that. The easiest way to produce one
is to run gpg under a debugger. I do not know which debugger is installed on
your systen (adb, xdb) - with gdb you would run it this way

$ gdb gpg
(gdb) run --edit-key KEYID
[after the segv]
(gdb) bt
(gdb) info r

Post the output here if possible.

It is good that you reported this now because I was about to do a 2.0.25 today.

Program received signal SIGSEGV, Segmentation fault.
0xd065ea30 in int_vasprintf ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

(gdb) bt
#0 0xd065ea30 in int_vasprintf ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

#1 0xd065e9d8 in _assuan_vasprintf ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

#2 0xd065e868 in _assuan_debug ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

#3 0xd065d5b0 in assuan_new_ext ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

#4 0x1005e818 in ?? ()
#5 0x1005bee4 in ?? ()
#6 0x1005cd8c in ?? ()
#7 0x1005a338 in ?? ()
#8 0x1005a898 in ?? ()
#9 0x10058434 in ?? ()
#10 0x100804cc in ?? ()
#11 0x10082508 in ?? ()
#12 0x10074518 in ?? ()
#13 0x1007ac70 in ?? ()
warning: (Internal error: pc 0x100071a3 in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x100071a3 in read in psymtab, but not in symtab.)

#14 0x100071a4 in ?? ()
warning: (Internal error: pc 0x100001bb in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x100001bb in read in psymtab, but not in symtab.)

#15 0x100001bc in ?? ()
(gdb) info r
r0 0xd06689a0 3496380832
r1 0x2ff20be0 804391904
r2 0xf15b74e4 4049302756
r3 0x2ff20d14 804392212
r4 0x80 128
r5 0xb8050012 3087335442
r6 0x7f7f7f7f 2139062143
r7 0x3 3
r8 0x25700a00 628099584
r9 0x28 40
r10 0xd0668a2c 3496380972
r11 0xd06689c8 3496380872
r12 0xf02a56f8 4029306616
r13 0x100afe54 269155924
r14 0x3001bdd8 805420504
r15 0x800 2048
r16 0x30005e08 805330440
r17 0x0 0
r18 0x0 0
r19 0x2 2
r20 0x0 0
r21 0x100ab0b0 269136048
r22 0x3000507c 805326972
---Type <return> to continue, or q <return> to quit---
r23 0x0 0
r24 0x0 0
r25 0x0 0
r26 0xd06689b0 3496380848
r27 0x0 0
r28 0x68 104
r29 0x2ff20cb0 804392112
r30 0xd06689c8 3496380872
r31 0x2ff20cd0 804392144
pc 0xd065ea30 0xd065ea30 <int_vasprintf+56>
msr 0xd032 53298
cr 0x42322022 1110581282
lr 0xd065ea20 0xd065ea20 <int_vasprintf+40>
ctr 0xd0105800 3490732032
xer 0xc 12

and rpm -qa | grep libassuan
libassuan-2.1.1-1

Here it is.

sieutruc removed a project: Info Needed.Jun 27 2014, 2:24 PM

Okay, that looks more like a bug in libassuan. Without me really looking
at backtrace; might this patch

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libassuan.git;a=patch;h=46b6d97b4a396c16df53e82872c3cc772d427623

help?

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libassuan.git;a=patch;h=134c045c7d1f93ce61f62193d33af8a6e8825543

should workaround your bug unless you enable debugging.

Iam sorry because i didn't have access to the machine AIX, so here it is the
full debug informations of the error that i faced.

(gdb) bt
#0 0xd71c0a30 in int_vasprintf () from
/opt/freeware/lib/libassuan.a(libassuan.so.0)
#1 0xd71c09d8 in _assuan_vasprintf ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

#2 0xd71c0868 in _assuan_debug () from
/opt/freeware/lib/libassuan.a(libassuan.so.0)
#3 0xd71bf5b0 in assuan_new_ext ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

#4 0x1002e2f8 in start_new_gpg_agent (r_ctx=0x30007a5c <_callagent.bss_>,

errsource=GPG_ERR_SOURCE_GPG, homedir=0x100f2e90 <__dbsubn+23068> "~/.gnupg",
agent_program=0x0, opt_lc_ctype=0x0, opt_lc_messages=0x0,
session_env=0x3000aa38, verbose=0, debug=0, status_cb=0x0, status_cb_arg=0x0)
at asshelp.c:268

#5 0x10011280 in start_agent (for_card=0) at call-agent.c:126
#6 0x100153b4 in agent_get_s2k_count (r_count=0x2ff21bb4) at call-agent.c:1351
#7 0x10083f98 in encode_s2k_iterations (iterations=0) at passphrase.c:70
#8 0x100853e8 in passphrase_to_dek_ext (keyid=0x0, pubkey_algo=0, cipher_algo=3,

s2k=0xb0000558, mode=2, tryagain_text=0x0, custdesc=0x0, custprompt=0x0,
canceled=0x2ff21dc0) at passphrase.c:535

#9 0x100c1ca0 in do_ask_passphrase (ret_s2k=0x2ff21d88, mode=0,

r_canceled=0x2ff21dc0) at keygen.c:2280

#10 0x100c485c in generate_keypair (fname=0x0, card_serialno=0x0,

backup_encryption_dir=0x0) at keygen.c:3217

#11 0x10009058 in main (argc=0, argv=0x2ff220d8) at gpg.c:3699
(gdb) frame 0
#0 0xd71c0a30 in int_vasprintf () from
/opt/freeware/lib/libassuan.a(libassuan.so.0)
(gdb) list
1871 return configname;
1872 }
1873
1874
1875 int
1876 main (int argc, char **argv)
1877 {
1878 ARGPARSE_ARGS pargs;
1879 IOBUF a;
1880 int rc=0;

(gdb) frame 1
#1 0xd71c09d8 in _assuan_vasprintf ()

from /opt/freeware/lib/libassuan.a(libassuan.so.0)

(gdb) list
1881 int orig_argc;
1882 char **orig_argv;
1883 const char *fname;
1884 char *username;
1885 int may_coredump;
1886 strlist_t sl, remusr= NULL, locusr=NULL;
1887 strlist_t nrings=NULL, sec_nrings=NULL;
1888 armor_filter_context_t *afx = NULL;
1889 int detached_sig = 0;
1890 FILE *configfp = NULL;

(gdb) frame 2
#2 0xd71c0868 in _assuan_debug () from
/opt/freeware/lib/libassuan.a(libassuan.so.0)
(gdb) list
1891 char *configname = NULL;
1892 char *save_configname = NULL;
1893 char *default_configname = NULL;
1894 unsigned configlineno;
1895 int parse_debug = 0;
1896 int default_config = 1;
1897 int default_keyring = 1;
1898 int greeting = 0;
1899 int nogreeting = 0;
1900 char *logfile = NULL;

(gdb) list
1901 int use_random_seed = 1;
1902 enum cmd_and_opt_values cmd = 0;
1903 const char *debug_level = NULL;
1904 const char *trustdb_name = NULL;
1905 char *def_cipher_string = NULL;
1906 char *def_digest_string = NULL;
1907 char *compress_algo_string = NULL;
1908 char *cert_digest_string = NULL;
1909 char *s2k_cipher_string = NULL;
1910 char *s2k_digest_string = NULL;

(gdb) frame 4
#4 0x1002e2f8 in start_new_gpg_agent (r_ctx=0x30007a5c <_callagent.bss_>,

errsource=GPG_ERR_SOURCE_GPG, homedir=0x100f2e90 <__dbsubn+23068> "~/.gnupg",
agent_program=0x0, opt_lc_ctype=0x0, opt_lc_messages=0x0,
session_env=0x3000aa38, verbose=0, debug=0, status_cb=0x0, status_cb_arg=0x0)
at asshelp.c:268

268 in asshelp.c
(gdb) list
263 in asshelp.c
(gdb) info locals
err = 0
infostr = 0xb0000508
"\aöº²Ã\230\006=Ì:²Ä4\001=ZF\202gþëLÚñªN\"é»ÃÑ¯\n\230Ù>/Î\223#l\025\235Ì
lÙz4v0g,\a\025¤dT°¸\227%à`"
p = 0xb00004f4 ""
ctx = 0x0
sockname = 0x0
argv = {0x0, 0x0, 0x0}
pid = 0
excode = 0

(gdb) frame 5
#5 0x10011280 in start_agent (for_card=0) at call-agent.c:126
126 rc = start_new_gpg_agent (&agent_ctx,
(gdb) list
121 to the agent. */
122 if (agent_ctx)
123 rc = 0;
124 else
125 {
126 rc = start_new_gpg_agent (&agent_ctx,
127 GPG_ERR_SOURCE_DEFAULT,
128 opt.homedir,
129 opt.agent_program,
130 opt.lc_ctype, opt.lc_messages,
(gdb) info locals
rc = -971823094
info = {error = 547959831,

  apptype = 0x8ae2be5a <error: Cannot access memory at address 0x8ae2be5a>,
  serialno = 0x4bd8d52f <error: Cannot access memory at address 0x4bd8d52f>,
  disp_name = 0x669992ce <error: Cannot access memory at address 0x669992ce>,
  disp_lang = 0x53cbeb7b <error: Cannot access memory at address 0x53cbeb7b>,
  disp_sex = 0,
  pubkey_url = 0x53cbeb7b <error: Cannot access memory at address 0x53cbeb7b>,
  login_data = 0x3af86 "\aä`\177", private_do = {
    0x2ff21a50 "/ò\032à$\210\202$×\006¢ÄñQà\230/ò\032 ñQÛü×\006\230¸", 0x0, 0x0,
    0x0}, cafpr1valid = 47 '/', cafpr2valid = -14 'ò', cafpr3valid = 26 '\032',
  cafpr1 = "P", '\000' <repeats 16 times>, "ðBü",
  cafpr2 = "xñP·\214\000\000\000\000ñPµ¼ñP¶<\000\000",
  cafpr3 = "\000\000\000\000\001ñQà\230\000\000\000\bñPµX°\000\005",
  fpr1valid = 93 ']', fpr2valid = 47 '/', fpr3valid = -14 'ò',
  fpr1 = "\032à$\210\202$×\006¢ÄñQà\230/ò\032 ñQ",
  fpr2 = "Ûü×\006\230¸\000\000\000\000\060\000¶ÈðBüx\000",
  fpr3 = "\000\006\000\000\000\000/ò\032Ð\000\000\000 \000\000\000\000\000",
  fpr1time = 876758, fpr2time = 4030921848, fpr3time = 0, sig_counter = 2952791397,
  chv1_cached = 804395744, is_v2 = -559038737, chvmaxlen = {-687433544, -264047608,
    -559038737}, chvretry = {-559038737, -559038737, -559038737}, key_attr = {{
      algo = -559038737, nbits = 3735928559}, {algo = -559038737, nbits = 138}, {
      algo = 1, nbits = 8}}, extcap = {ki = 0, aac = 0}}

#6 0x100153b4 in agent_get_s2k_count (r_count=0x2ff21bb4) at call-agent.c:1351
1351 err = start_agent (0);
(gdb) list
1346 membuf_t data;
1347 char *buf;
1348
1349 *r_count = 0;
1350
1351 err = start_agent (0);
1352 if (err)
1353 return err;
1354
1355 init_membuf (&data, 32);
(gdb) info locals
err = 3607370940
data = {len = 804395904, size = 2139062143,

buf = 0xd703e1dc <_gcry_global_is_operational+56> "`", out_of_core = 1852138852}

buf = 0x2ff21bd0 "/ò\034À"

(gdb) frame 7
#7 0x10083f98 in encode_s2k_iterations (iterations=0) at passphrase.c:70
70 err = agent_get_s2k_count (&mycnt);
(gdb) list
65 if (!iterations)
66 {
67 unsigned long mycnt;
68
69 /* Ask the gpg-agent for a useful iteration count. */
70 err = agent_get_s2k_count (&mycnt);
71 if (err || mycnt < 65536)
72 {
73 /* Don't print an error if an older agent is used. */
74 if (err && gpg_err_code (err) != GPG_ERR_ASS_PARAMETER)
(gdb) info locals
err = 3735928559
c = 0 '\000'
result = 173 ''
count = 4030919688
mycnt = 0

(gdb) frame 8
#8 0x100853e8 in passphrase_to_dek_ext (keyid=0x0, pubkey_algo=0, cipher_algo=3,

s2k=0xb0000558, mode=2, tryagain_text=0x0, custdesc=0x0, custprompt=0x0,
canceled=0x2ff21dc0) at passphrase.c:535

535 opt.s2k_count = encode_s2k_iterations (0);
(gdb) list
530 /* We delay the encoding until it is really needed. This is
531 if we are going to dynamically calibrate it, we need to
532 call out to gpg-agent and that should not be done during
533 option processing in main(). */
534 if (!opt.s2k_count)
535 opt.s2k_count = encode_s2k_iterations (0);
536 s2k->count = opt.s2k_count;
537 }
538 }
539
(gdb) info locals
pw = 0x0
dek = 0xd703e514 <_gcry_xmalloc_secure+24>
help_s2k = {mode = 5, hash_algo = 47 '/', salt = "ò\034p0\000\071ô",

count = 804396096}

dummy_canceled = 804396160
s2k_cacheidbuf = "\020\020\036t/ò\034Ü\000\000\000\000/ò\034 \000"
s2k_cacheid = 0x0
buf =
"/ò\034À\000\000\000\024\020\001~\000/ò\034p/ò\034Ð\020\016í\220\020\016í\234/ò\034À/ò\034À\000\000\000\020×\003\204
\000\000\000\000\000"

(gdb) frame 9
#9 0x100c1ca0 in do_ask_passphrase (ret_s2k=0x2ff21d88, mode=0,

r_canceled=0x2ff21dc0) at keygen.c:2280

2280 dek = passphrase_to_dek_ext (NULL, 0, opt.s2k_cipher_algo, s2k, 2,
(gdb) list
2275
2276 s2k = xmalloc_secure( sizeof *s2k );
2277 for(;;) {
2278 s2k->mode = opt.s2k_mode;
2279 s2k->hash_algo = S2K_DIGEST_ALGO;
2280 dek = passphrase_to_dek_ext (NULL, 0, opt.s2k_cipher_algo, s2k, 2,
2281 errtext, custdesc, NULL, r_canceled);
2282 if (!dek && *r_canceled) {
2283 xfree(dek); dek = NULL;
2284 xfree(s2k); s2k = NULL;
(gdb) info locals
dek = 0x0
s2k = 0xb0000558
errtext = 0x0
custdesc = 0x0