cdaemon crashes (was: coredumps)

Yuriy M. Kaminskiy yumkam at gmail.com
Tue May 30 18:20:20 CEST 2017 

Typo: of course, it crashes; it needs some persuasion to dump core :-)

On 30.05.2017 15:09, Yuriy M. Kaminskiy wrote:
> When I tried to rebuild gnupg2 2.1.21-2 debian package from
> experimental in pbuilder, I got a number of sigsegv's from scdaemon
> while running tests:
>
> XXX XX XX:22:40 $host kernel: pipe-connection[14829]: segfault at 24 ip
> 00000
> 000f7652da6 sp 00000000f7498040 error 4 in
> libpthread-2.19.so[f764a000+17000]
> XXX XX XX:22:46 $host kernel: pipe-connection[14975]: segfault at 24 ip
> 00000
> 000f7634da6 sp 00000000f747a040 error 4 in
> libpthread-2.19.so[f762c000+17000]
> (and a lot more).
>
> Annoyingly, test-suite does not catch this as error, it has not left any
> core, and name of executable was masked, so after twiddling here and
> there, I got core and discovered that scdaemon dies when it tries to use
> libusb after libusb intiialization failed:
 >
> (gdb) bt
> #0  __GI___pthread_mutex_lock (mutex=0x18) at
> ../nptl/pthread_mutex_lock.c:66
> #1  0xf7e61cb6 in libusb_get_device_list (ctx=0x0,
>      list=0x565c7800 <ccid_usb_dev_list>) at ../../libusb/core.c:671
> #2  0x56567a53 in ccid_dev_scan (idx_max_p=0xf7301514, t_p=0xf7301508)
>      at ../../scd/ccid-driver.c:1301
> #3  0x56563fad in apdu_dev_list_start (portstr=0x0, l_p=0xf7cc61cc)
>      at ../../scd/apdu.c:1857
> #4  0x5656db06 in select_application (ctrl=0x565d1268, name=0xf730052d
> "openpgp", r_app=0x565d1270, scan=1, serialno_bin=0x0,
> serialno_bin_len=0) at ../../scd/app.c:329
> #5  0x5655d392 in open_card_with_request (serialno=<optimized out>,
> apptype=<optimized out>, ctrl=0x565d1268) at ../../scd/command.c:235
> #6  cmd_serialno (ctx=0xf7300468, line=<optimized out>)
>      at ../../scd/command.c:294
> #7  0xf7e9ee96 in ?? () from /usr/lib/i386-linux-gnu/libassuan.so.0
> (gdb) up
> #1  0xf7e61cb6 in libusb_get_device_list (ctx=0x0,
>      list=0x565c7800 <ccid_usb_dev_list>) at ../../libusb/core.c:671
> 671            usbi_mutex_lock(&ctx->usb_devs_lock);
> (gdb) p ctx
> $3 = (libusb_context *) 0x0
> (gdb) p usbi_default_context
> $4 = (struct libusb_context *) 0x0
>
> (when application does not specify context (ctx=NULL), libusb uses
> "default context"; but as initialization failed, it is NULL too).
>
> (this is on debian jessie, i386, libusb-1.0 1.0.19, and various related
> libraries from backports [Build-Depends])
>
> With patch below, it just freezes at
> === cut ===
> ...
> PASS: tests/openpgp/decrypt-unwrap-verify.scm
> Checking signing with the default hash algorithm
>       > plain-1 plain-2 <<< [here]
> === cut ===
> Have no idea why.
>
> --- gnupg2-2.1.21/scd/ccid-driver.c.orig    2017-05-15
> 15:13:22.000000000 +0300
> +++ gnupg2-2.1.21/scd/ccid-driver.c    2017-05-30 14:36:35.000000000 +0300
> @@ -1228,7 +1228,12 @@
>      if (!initialized_usb)
>       {
> -      libusb_init (NULL);
> +      int rc;
> +      if ((rc = libusb_init (NULL)) != 0)
> +        {
> +          fprintf(stderr, "libusb_init failed: %s/%s\n",
> libusb_error_name(rc), libusb_strerror(rc));
(obviously, this debug print code should be replaced with:
              DEBUGOUT_1 ("usb_init failed: %s\n", libusb_error_name(rc));
for consistency).
> +          return NULL;
> +        }
>         initialized_usb = 1;
>       }
>   @@ -1294,7 +1299,14 @@
>      if (!initialized_usb)
>       {
> -      libusb_init (NULL);
> +      int rc;
> +      if ((rc = libusb_init (NULL)) != 0)
> +        {
> +           fprintf(stderr, "libusb_init failed: %s/%s\n",
> libusb_error_name(rc), libusb_strerror(rc));
               DEBUGOUT_1 ("usb_init failed: %s\n", libusb_error_name(rc));
> +          *idx_max_p = 0;
> +          *t_p = NULL;
> +          return gpg_err_make(GPG_ERR_SOURCE_SCD, GPG_ERR_HARDWARE);
> +        }
>         initialized_usb = 1;
>       }

E.g. in chrtoot (or other container) without /dev/bus or /proc/bus/usb 
present:
Before:
$ ../scd/scdaemon --server --homedir /tmp/gpgscm-...-run-tests-...
scdaemon[24322]: DBG: changed working directory to '/tmp'
OK GNU Privacy Guard's Smartcard server ready
learn
Segmentation fault

After:
$ ../scd/scdaemon --server --homedir /tmp/gpgscm-...-run-tests-...
scdaemon[24267]: DBG: changed working directory to '/tmp'
OK GNU Privacy Guard's Smartcard server ready
learn
ccid_dev_scan: libusb_init failed (LIBUSB_ERROR_OTHER): Other error
ERR 100663425 Hardware problem <SCD>
^D
scdaemon[24267]: scdaemon (GnuPG) 2.1.21 stopped

More information about the Gnupg-users mailing list