I'm dealing with a serious problem. My program is running into a
segfault, and I cannot solve that. I've been looking at it for more
than a week, and do not know why it segfaults.
I'm using gcry_mpi_powm to calculate the "e", "f" and shared key in
Diffie-Hellman key exchange.
a. the values p, g, x, e and f (all type gcry_mpi_t) are initialized
b. p and g are set to fixed values, read from hardcoded values using
with format GCRYMPI_FMT_USG.
c. x is set using gcry_mpi_randomize.
d. e is calculated like : gcry_mpi_powm(e, g, x, p)
now the journal entries look like:
Jan 05 05:30:36 ws-001.bononline.nl kernel: traps: sonssc
general protection fault ip:7fa60c1e4359 sp:7fa60afbaa10 error:0 in
Jan 05 05:30:36 ws-001.bononline.nl systemd: Created slice
Jan 05 05:30:36 ws-001.bononline.nl systemd: Started Process Core
Dump (PID 6212/UID 0).
Jan 05 05:30:36 ws-001.bononline.nl systemd-coredump: 
Process 6196 (sonssc) of user 0 dumped core.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f20b7e5f359 in ?? () from /lib64/libc.so.6
[Current thread is 1 (Thread 0x7f20b6c37640 (LWP 15027))]
#0 0x00007f20b7e5f359 in () at /lib64/libc.so.6
#1 0x00007f20b8322395 in () at /usr/lib64/libgcrypt.so.20
#2 0x00007f20b83e410b in () at /usr/lib64/libgcrypt.so.20
#3 0x000055e95c8bbad4 in dh_create_local_key (k=0x7f20b6c36730) at
#4 0x000055e95c8bc939 in start_diffiehellman_client
(connection=0x7f20a40021c0, k=0x7f20b6c36730, H=0x7f20b6c36100) at
I'm still busy tracking this segfault.
I've compiled the latest git version of libgcrypt, installed in
/home/sbon/usr, add some debug flags,
and made sonssc link against it, and again the same segfault, but now
with more information:
coredump gdb gives oa:
#0 0x00007f6f1245d489 in () at /lib64/libc.so.6
#1 0x00007f6f1294a9d5 in _gcry_free (p=0x7f6f0c001458) at global.c:1035
#2 0x00007f6f12a138bf in _gcry_mpi_free_limb_space (a=<optimized
out>, nlimbs=<optimized out>) at mpiutil.c:158
#3 0x00007f6f12a0feeb in _gcry_mpi_powm (res=0x7f6f0c00c5c8,
base=<optimized out>, expo=<optimized out>, mod=<optimized out>) at
#4 0x00007f6f12946db5 in gcry_mpi_powm (w=<optimized out>,
b=<optimized out>, e=<optimized out>, m=<optimized out>) at
#5 0x00005613647db46b in dh_create_local_key (k=0x7f6f11a5c6f0) at
#6 0x00005613647dc2b5 in start_diffiehellman_client
Now something is getting more clear. Is it possible that the
_gcry_free function assumes it is dealing with secure memory?
the program is doing something what is hard to trace with gdb. GDB
shows the trace, but it does not happen there. It has to do with
memory allocated in a way causing this, and I cannot find it.
In the meantime I've solved this issue when it looks as if it crashes
when calling gcry_mpi_powm, but stuck now somewhere else.
This gives me hope, I can solve something, but still not able to make
it run and stay that way.
I've solved the issue. It was indeed something I suspected: something
else was not allocated the right way, and later somewhere in the
process this will cause errors.
The place it segfaults is not related to the bug.
Anyway, it's running again. Thanks for your time and effort,