GNOME Bugzilla – Bug 575247
ssh agent hangs, then aborts when ctrl-c'ing ssh process
Last modified: 2009-04-11 16:12:04 UTC
I am using gnome-keyring 2.25.92 as an ssh agent on Mandriva 2009.1 Cooker x86_64. It happens fairly often that when I ssh to a remote system, the ssh process immediately hangs when making the connection. I can ctrl-c the process, and when I try to connect again to the remote host, ssh asks my passphrase at the console, instead of using gnome-keyring's ssh agent. At that moment gnome-keyring is not running anymore. I reproduced this problem in gdb: 1. So gnome-keyring is running and I entered my passphrase when connecting with ssh for the first time. Some time later I ssh to a remote host, and the ssh process hangs. I interrupted the gnome-keyring process and got some backtraces:
+ Trace 213448
Thread 1 (Thread 0x7f66d49bb6f0 (LWP 32450))
(possibly sensitive data in the backtraces replaced by FOO)
Thanks for all the research you've put into this. I've actually been trying to track down this bug (or a similar one) myself. I'm eager to track it down. It's good to hear that this is somewhat reproducible for you. One thing that would help, is if you would build 2.26.0 with the following configure option: --enable-valgrind=run This will cause gnome-keyring-daemon to be started up running under the valgrind memory debugger. Log files will be written to /tmp/gkr-valgrind.* Could you attach the log files here (after looking over them)? Thanks!
*** Bug 574247 has been marked as a duplicate of this bug. ***
I reproduced the problem with a gnome-keyring rebuilt with --enable-valgrind=run. I don't have the impression that there is lots of information though. Also important to note is that the gnome-keyring daemon did not abort completely. As soon as connecting to an ssh host started to hang, I could still log in to other remote hosts without any problem using my key, however, all subsequent attempts to connect to the ssh host where it hung the first time, were hanging again.
Created attachment 130925 [details] gkr-valgrind.log.
Created attachment 130926 [details] gkr-valgrind.log.9871
Thanks. Appreciate it. Well that rules out some other part overwriting memory in the allocator. Would you have time to build gnome-keyring with --enable-debug and post the stack traces again? The ones above include optimization. Thanks again!
Richard, did you bump into this same problem with 2.26.0? If so, I'd love a stack current trace with --enable-debug. Thanks in advance!
Yes, I seem to get this on every logon, after a few minutes heavy keyring use the daemon locks up in a tight loop, and has to be kill -9'd. I'll try to compile with --enable-debug, but it's tricky to do as I don't know how to "restart" the keyring-daemon when the session is already up. Richard.
Thanks, I'm looking forward to any additional info.
I think I found this bug. Sorry for all the hassle... I'll attach a patch for anyone to test if interested. The code has also been committed to SVN, along with a bunch of other changes that help verify that these memory allocation subroutines do their job properly.
Created attachment 131888 [details] [review] Patch which should fix the problem
I've pushed that patch into Fedora 11. Thanks!
Using the rawhide package with this fix applied and I get the following assertion when trying to use the same key for another ssh session. Program received signal SIGABRT, Aborted.
+ Trace 214224
Thread 140527134984464 (LWP 626)
Doesn't happen with 2.26.0 without the patch.
confirmed on jaunty the patch makes gnome-keyring crash easily
the patch added to this bug is not the same version than the one commited to svn, the svn variant seems to work correctly
(In reply to comment #15) > the patch added to this bug is not the same version than the one commited to > svn, the svn variant seems to work correctly > I maybe blind, but I can't see the difference between the attachment in comment #11 and http://svn.gnome.org/viewvc/gnome-keyring/trunk/egg/egg-secure-memory.c?r1=1707&r2=1708 or the patch that was acutally tested and reverted in rawhide http://cvs.fedoraproject.org/viewvc/rpms/gnome-keyring/devel/gnome-keyring-2.26.0-egg-endless-loop.patch?revision=1.1&view=markup
http://svn.gnome.org/viewvc/gnome-keyring/trunk/egg/egg-secure-memory.c?r1=1706&r2=1705&pathrev=1706 is the correct svn change
Yes, that's an additional fix. I'll mark this fixed. Please reopen if this bug continues to be a problem with the SVN gnome-2-26 branch (or the upcoming 2.26.1 release).
*** Bug 577587 has been marked as a duplicate of this bug. ***
I've just tried with both the endless loop and the assert fixes and it still dies for me on attempt to use the same key second time with the backtrace from comment 13. Fixed by reverting the endless loop patch.
Yanko, are you building with the latest from SVN gnome-2-26 branch? There's a number of fixes, and it may be hard to track all the patches. Anyone testing this can get it like so: svn co http://svn.gnome.org/svn/gnome-keyring/branches/gnome-2-26 gnome-keyring-2-26
do you still plan svn change before 2.26.1? otherwise you could roll the tarball today and let people test it and roll a new tarball if required later
(In reply to comment #21) > Yanko, are you building with the latest from SVN gnome-2-26 branch? There's a > number of fixes, and it may be hard to track all the patches. Anyone testing > this can get it like so: > > svn co http://svn.gnome.org/svn/gnome-keyring/branches/gnome-2-26 > gnome-keyring-2-26 I was just trying 2.26.0 + r1708 and r1706 , with r1708 being the problem. I rolled myslef a rpm of 2.26.0 + diff to gnome-2-26 and I can't reproduce the crash any more. Those semee like a quite a number of changes, a 2.26.1 would be appreciated.
Good news. I want to roll 2.26.1 as soon as possible, but I'd like some feedback on the following patches first (if at all possible): * Bug #577614 * Bug #578708