pivy-agent dumps core on ssh-add -X (from time to time)

[rdslw]

during ssh-add -X (pin entering) either it hanged or sth happened during/after entering pin (to unlock yubikey rsa keys) and pivy-agent crashed with core dumped.

[459301.127769] pivy-agent[1116]: segfault at 0 ip 00007ef5c95982a2 sp 00007ffc90911bc0 error 4 in libc.so.6[7ef5c954a000+176000]
[459301.127783] Code: 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 41 57 41 56 41 55 41 54 49 89 f4 55 4c 0f af e2 53 48 83 ec 18 4d 85 e4 0f 84 8f 00 00 00 <8b> 01 49 89 fe 48 89 f5 49 89 d5 48 89 cb 25 00 80 00 00 75 34 64

[danmcd]

I'd ask for the dump, but that might contain sensitive information. Can you paste the output of pstack <corefile> here?

[rdslw]

I do have that corefile, but as You wrote, I suspect it contains some priv info. In terms of pstack, my distro does not have it, and the only version I found works on running processes (pids) not coredumps: https://code.lm7.fr/robotux/pstack

Please advise.

[danmcd]

Hmm, I'm most likely going to have to defer this to @arekinath if he's listening, then.

Maybe:

gdb <core>
where

and that'll show you the crash-stack. It's been a while since I've used gdb, but that might yield a stack w/o giving away sensitive information.

[rdslw]

unfortunately my pivy-agent is stripped no debug binary

Reading symbols from /usr/bin/pivy-agent...
--Type <RET> for more, q to quit, c to continue without paging--
(No debugging symbols found in /usr/bin/pivy-agent)
[New LWP 1116]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `pivy-agent -g CENSORED'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007ef5c95982a2 in fread () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007ef5c95982a2 in fread () from /usr/lib/libc.so.6
#1  0x000057dc214d42b5 in ?? ()
#2  0x000057dc214d3187 in ?? ()
#3  0x00007ef5c954b310 in __libc_start_call_main () from /usr/lib/libc.so.6
#4  0x00007ef5c954b3c1 in __libc_start_main_impl () from /usr/lib/libc.so.6
#5  0x000057dc214d31ce in ?? ()
(gdb) 

[arekinath]

Well, that's not a lot to go on. But looking over the code, there is one place in the pivy-agent code where we could crash in fread() because of a missing check on the return value of fopen() (on a file in /proc in the Linux-specific code, if the process which is trying to connect to pivy-agent crashes or gives up really quickly and immediately exits)

I can't say for sure if that's what happened here, but it's a bug anyway, so I've pushed a fix for it as https://github.com/arekinath/pivy/commit/74daf14723c5dc30395374cae0474433976e1ef5

[rdslw]

Thank you @arekinath . From your description and symptoms I've seen this may be it. It was ssh-add (external process connecting to pivy-agent) while either terminated, or timeouted without input. So it may be it.

Any new release planned soon, or shall I try to built from master?

[rdslw]

I was using 0.9.0 with manual patch with https://github.com/arekinath/pivy/commit/74daf14723c5dc30395374cae0474433976e1ef5 and did not observe this behaviour anymore.

Closing as looks as fixed. Will reopen in case of problems, but think not :)