Subject: Re: [libssh2] #117: crash with libgcrypt

Re: [libssh2] #117: crash with libgcrypt

From: libssh2 Trac <trac_at_libssh2.stuge.se>
Date: Tue, 16 Feb 2010 12:29:14 -0000

#117: crash with libgcrypt
----------------------+-----------------------------------------------------
  Reporter: fdupoux | Owner:
      Type: defect | Status: new
  Priority: normal | Milestone:
 Component: crypto | Version:
Resolution: | Keywords:
  Blocking: | Blockedby:
----------------------+-----------------------------------------------------

Old description:

> Hi,
>
> I am using libssh2-1.2 to get a shell through ssh connections and the
> program often crashes when libssh2-1.2 is using libgcrypt (there is a
> crash every few
> hours). The program is linked to libgcrypt.so.11 when it fails. The error
> message is always the same when it aborts:
> programname: ath.c:193: _gcry_ath_mutex_lock: Assertion `*lock ==
> ((ath_mutex_t) 0)' failed.
>
> I currently have this problem on a Debian Lenny-5.03-amd64 system. I have
> only installed "debian/stable" packages on my system except those which
> are in "debian/testing":
> libgcrypt11 1.4.4-4
> libgpg-error0 1.6-1
> libssh2-1 1.2-1
> libssh2-1-dbg 1.2-1
> libssh2-1-dev 1.2-1
>
> I recompiled libssh2-1.2 on other boxes using OpenSSL for crypto (using
> libcrypto.so.6) and there was no crash. Unfortunately the debian version
> of libssh2-1.2 is compiled against the libgcrypt implementation of
> crypto.
>
> I have reproduced this problem on multiple linux boxes (i686 and x86-64).
>
> I don't know if it's a problem in libssh2 or in libcrypto, but I hope
> these two backtraces below will help to fix it. Unfortunately there is no
> libgcrypt11-dbg
> package available for that version of libgcrypt, so the backtrace is
> incomplete.
>
> Thanks
>
> (gdb) bt
> #0 0x00007faa5bae8ed5 in raise () from /lib/libc.so.6
> #1 0x00007faa5baea3f3 in abort () from /lib/libc.so.6
> #2 0x00007faa5bae1dc9 in __assert_fail () from /lib/libc.so.6
> #3 0x00007faa5af67fcb in ?? () from /usr/lib/libgcrypt.so.11
> #4 0x00007faa5af9c5d0 in ?? () from /usr/lib/libgcrypt.so.11
> #5 0x00007faa5af9c71e in ?? () from /usr/lib/libgcrypt.so.11
> #6 0x00007faa5af9d72d in ?? () from /usr/lib/libgcrypt.so.11
> #7 0x00007faa5be26113 in _libssh2_transport_write (session=0x1c0cac0,
> data=0x7faa540012a0 "^", data_len=69) at
> transport.c:758
> #8 0x00007faa5be0f48c in _libssh2_channel_write (channel=0x1bff560,
> stream_id=0,
> buf=0x421e0bf0 "echo \"#{START}#$(echo
> '[*895346*]'
> 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
> at channel.c:2114
> #9 0x00007faa5be0f721 in libssh2_channel_write_ex (channel=0x1bff560,
> stream_id=0,
> buf=0x421e0bf0 "echo \"#{START}#$(echo
> '[*895346*]'
> 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
> at channel.c:2161
>
> (gdb) bt
> #0 0x00007faa5bae8ed5 in raise () from /lib/libc.so.6
> #1 0x00007faa5baea3f3 in abort () from /lib/libc.so.6
> #2 0x00007faa5bae1dc9 in __assert_fail () from /lib/libc.so.6
> #3 0x00007faa5af67fcb in ?? () from /usr/lib/libgcrypt.so.11
> #4 0x00007faa5af9c5d0 in ?? () from /usr/lib/libgcrypt.so.11
> #5 0x00007faa5af9c71e in ?? () from /usr/lib/libgcrypt.so.11
> #6 0x00007faa5af9d72d in ?? () from /usr/lib/libgcrypt.so.11
> #7 0x00007faa5be26113 in _libssh2_transport_write
> (session=0x7faa54060fa0,
> data=0x7faa54049e50 "^", data_len=69) at
> transport.c:758
> #8 0x00007faa5be0f48c in _libssh2_channel_write (channel=0x7faa54044c60,
> stream_id=0,
> buf=0x41b6fbf0 "echo \"#{START}#$(echo
> '[*463794*]'
> 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
> at channel.c:2114
> #9 0x00007faa5be0f721 in libssh2_channel_write_ex
> (channel=0x7faa54044c60, stream_id=0,
> buf=0x41b6fbf0 "echo \"#{START}#$(echo
> '[*463794*]'
> 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
> at channel.c:2161

New description:

 Hi,

 I am using libssh2-1.2 to get a shell through ssh connections and the
 program often crashes when libssh2-1.2 is using libgcrypt (there is a
 crash every few
 hours). The program is linked to libgcrypt.so.11 when it fails. The error
 message is always the same when it aborts:
 programname: ath.c:193: _gcry_ath_mutex_lock: Assertion `*lock ==
 ((ath_mutex_t) 0)' failed.

 I currently have this problem on a Debian Lenny-5.03-amd64 system. I have
 only installed "debian/stable" packages on my system except those which
 are in "debian/testing":
 libgcrypt11 1.4.4-4
 libgpg-error0 1.6-1
 libssh2-1 1.2-1
 libssh2-1-dbg 1.2-1
 libssh2-1-dev 1.2-1

 I recompiled libssh2-1.2 on other boxes using OpenSSL for crypto (using
 libcrypto.so.6) and there was no crash. Unfortunately the debian version
 of libssh2-1.2 is compiled against the libgcrypt implementation of crypto.

 I have reproduced this problem on multiple linux boxes (i686 and x86-64).

 I don't know if it's a problem in libssh2 or in libcrypto, but I hope
 these two backtraces below will help to fix it. Unfortunately there is no
 libgcrypt11-dbg
 package available for that version of libgcrypt, so the backtrace is
 incomplete.

 Thanks

 (gdb) bt
 #0 0x00007faa5bae8ed5 in raise () from /lib/libc.so.6
 #1 0x00007faa5baea3f3 in abort () from /lib/libc.so.6
 #2 0x00007faa5bae1dc9 in __assert_fail () from /lib/libc.so.6
 #3 0x00007faa5af67fcb in ?? () from /usr/lib/libgcrypt.so.11
 #4 0x00007faa5af9c5d0 in ?? () from /usr/lib/libgcrypt.so.11
 #5 0x00007faa5af9c71e in ?? () from /usr/lib/libgcrypt.so.11
 #6 0x00007faa5af9d72d in ?? () from /usr/lib/libgcrypt.so.11
 #7 0x00007faa5be26113 in _libssh2_transport_write (session=0x1c0cac0,
                                 data=0x7faa540012a0 "^", data_len=69) at
 transport.c:758
 #8 0x00007faa5be0f48c in _libssh2_channel_write (channel=0x1bff560,
 stream_id=0,
                                 buf=0x421e0bf0 "echo \"#{START}#$(echo
 '[*895346*]'
                                 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
 at channel.c:2114
 #9 0x00007faa5be0f721 in libssh2_channel_write_ex (channel=0x1bff560,
 stream_id=0,
                                 buf=0x421e0bf0 "echo \"#{START}#$(echo
 '[*895346*]'
                                 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
 at channel.c:2161

 (gdb) bt
 #0 0x00007faa5bae8ed5 in raise () from /lib/libc.so.6
 #1 0x00007faa5baea3f3 in abort () from /lib/libc.so.6
 #2 0x00007faa5bae1dc9 in __assert_fail () from /lib/libc.so.6
 #3 0x00007faa5af67fcb in ?? () from /usr/lib/libgcrypt.so.11
 #4 0x00007faa5af9c5d0 in ?? () from /usr/lib/libgcrypt.so.11
 #5 0x00007faa5af9c71e in ?? () from /usr/lib/libgcrypt.so.11
 #6 0x00007faa5af9d72d in ?? () from /usr/lib/libgcrypt.so.11
 #7 0x00007faa5be26113 in _libssh2_transport_write
 (session=0x7faa54060fa0,
                                 data=0x7faa54049e50 "^", data_len=69) at
 transport.c:758
 #8 0x00007faa5be0f48c in _libssh2_channel_write (channel=0x7faa54044c60,
 stream_id=0,
                                 buf=0x41b6fbf0 "echo \"#{START}#$(echo
 '[*463794*]'
                                 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
 at channel.c:2114
 #9 0x00007faa5be0f721 in libssh2_channel_write_ex
 (channel=0x7faa54044c60, stream_id=0,
                                 buf=0x41b6fbf0 "echo \"#{START}#$(echo
 '[*463794*]'
                                 2>&1)#{RES}#${?}#{END}#\"\n", buflen=60)
 at channel.c:2161 

--
Comment(by stuge):
 Can you reproduce with libssh2 version 1.2.4?
-- 
Ticket URL: <http://trac.libssh2.org/ticket/117#comment:3>
libssh2 <http://trac.libssh2.org/>
C library for writing portable SSH2 clients
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-02-16