Page MenuHome GnuPG
Create Task
Maniphest T2852

scdaemon + forwarded ssh agent: 100% reproducible crash
Closed, ResolvedPublic
Actions

Description

Hi,

I'm experiencing a 100% reproducible scdaemon crash in the following environment:

  • macOS Sierra
  • scdaemon 2.0.30 (installed as a part of OSX GPGTools 2016.10)
  • Yubikey NEO
  • gpg-agent is acting as ssh-agent
  • ssh-agent is forwarded to some trusted hosts ("ForwardAgent yes" in ~/.ssh/config)

The following steps reproduce the crash:

  • login to a trusted host using ssh key (key is inserted and unlocked by typing PIN code)
  • detach Yubikey from the machine
  • logoff from the trusted host

scdaemon crashes with the following callstack:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libsystem_kernel.dylib 0x00007fffc6316dda __pthread_kill + 10
1 libsystem_pthread.dylib 0x00007fffc6402787 pthread_kill + 90
2 libsystem_c.dylib 0x00007fffc627c420 abort + 129
3 scdaemon 0x000000010003f134 do_logv + 617
4 scdaemon 0x000000010003f45e log_bug + 141
5 scdaemon 0x000000010001b04a release_application + 109
6 scdaemon 0x0000000100008510 cmd_restart + 28
7 libassuan.0.dylib 0x000000010016f775 dispatch_command + 519
8 libassuan.0.dylib 0x000000010016f210 assuan_process + 151
9 scdaemon 0x0000000100005dff scd_command_handler + 496
10 scdaemon 0x00000001000052ec start_connection_thread + 152
11 libpth.20.0.27.dylib 0x00000001001819f5 pth_spawn_trampoline + 27
12 libpth.20.0.27.dylib 0x000000010017edda pth_mctx_set_bootstrap + 126
13 libpth.20.0.27.dylib 0x000000010017ed5c pth_mctx_set_trampoline + 37
14 libsystem_platform.dylib 0x00007fffc63f5bcd _sigtramp + 45
15 ??? 000000000000000000 0 + 0
16 libpth.20.0.27.dylib 0x0000000100181660 pth_spawn + 570
17 scdaemon 0x000000010000484f main + 3275
18 scdaemon 0x000000010000394c start + 52

Last lines in the log file:

2016-11-23 19:26:31 scdaemon[10144] DBG: asking for PIN '||Please enter the PIN'
2016-11-23 19:26:37 scdaemon[10144] updating slot 0 status: 0x0007->0x0000 (1->2)
2016-11-23 19:26:37 scdaemon[10144] sending signal 31 to client 545
2016-11-23 19:26:38 scdaemon[10144] Ohhhh jeeee: trying to release an already released context

Full crash log is attached.

Details

Version
2.0.30

Related Objects

Event Timeline

pbor added a subscriber: pbor.Nov 23 2016, 5:42 PM

919_scdaemon_2016-11-23-184946_phobos-2.crash13 KBDownload

pbor set Version to 2.0.30.Nov 23 2016, 5:42 PM
pbor added projects: gnupg, Bug Report.
pbor added a comment.Nov 23 2016, 6:56 PM

The same problem reproduces with gnupg2 installed from Homebrew (w/o GPGTools patches).

gniibe added a subscriber: gniibe.Nov 29 2016, 2:23 AM

Thank you for your report.
In 2.1.x, I fixed scdaemon so that card removal works fine.
I'll backport to 2.0.

gniibe claimed this task.Nov 29 2016, 2:23 AM
gniibe added a project: Restricted Project.Nov 30 2016, 2:22 AM

Fixed in STABLE-BRANCH-2-0 branch of git repo, as of the commit:
5c599e4f6edd288f4759c9fc2bcf9fe87dee1836

werner added a project: gnupg (gpg20).Jan 23 2017, 11:18 PM
werner closed this task as Resolved.Jan 31 2017, 1:33 PM
werner removed a project: Restricted Project.
werner added a project: Unreleased.