[
https://issues.apache.org/jira/browse/GUACAMOLE-194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15848349#comment-15848349
]
Robin commented on GUACAMOLE-194:
---------------------------------
We are using RDP for all sessions, with the SFTP option enabled.
On some of our gateway servers, these segfaults ARE survivable for other
connections.
However, in this instance, it seemed that every thread started crashing with
the same error.
This is a Debian gateway VM: 24GB RAM, 2 cores, 40GB HDD - we'll call it
GATEWAY1
The logs show the server being quiet from 00:00 then threads crashing
repeatedly from around 01:19 until 03:10 when the docker network port entered
the disabled state.
Please see attached in GATEWAY1-logs.zip:
* combined guacd & guacamole logs (from SIEM - apologies for reverse order)
* /var/log/messages file showing summary of segfaults & the error where docker
networking gets disabled
Another gateway (on Ubuntu - let's say GATEWAY2) has been up for 10 days and
seen 454 instances of one of these segfaults:
* free(): invalid pointer: 0x00007f80d8004000
* double free or corruption (fasttop): 0x00007f80d800ae10
* double free or corruption (out): 0x00007f80d80008d0
But in this instance, the container has survived and continues to serve
connections.
However, we do see instances of repeated user disconnections on this gateway
which don't correlate with the timings of the segfaults, so I'm unsure whether
these are truly related.
I have attached guacamole and guacd logs of an instance where a single user
(mdsl_user1) attempted to connect but was repeatedly disconnected.
It looks to us like "Error waiting for file descriptor." then "User is not
responding." then ERRINFO_UNKNOWN 0x0000000C: Unknown error.
Subsequently, it seems like the user is getting disconnected by himself:
"Another user connected to the server, forcing the disconnection of the current
connection."
We have attached the relevant logs as GATEWAY2-logs.zip
We are not experienced in unpicking these logs so are not sure whether there is
more we could be investigating, or whether we should raise a separate item for
this.
> Double free() in guac_common_ssh_destroy_user()
> -----------------------------------------------
>
> Key: GUACAMOLE-194
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-194
> Project: Guacamole
> Issue Type: Bug
> Components: guacd
> Affects Versions: 0.9.10-incubating
> Environment: guacd docker container on ubuntu and debian
> Reporter: Robin
> Attachments: GATEWAY1-logs.zip, GATEWAY2-logs.zip, guacd-stack
> trace.txt
>
>
> We are heavy users of the RDP feature with SSH/SFTP for file downloads and
> uploads. We are seeing frequent guacd crashes, even the first session log
> off can cause a crash.
> After a few sessions (Sometimes hundreds, often thousands) the container
> becomes unstable, causes very high system load and no new connections via
> guacamole are possible. We typically also see the virtual docker Ethernet
> adapter enter the disabled state.
> {code:none|title=https://github.com/apache/incubator-guacamole-server/blob/d831a4b9dfee685d2c00f83dabff59d0be917496/src/common-ssh/guac_ssh_user.c}
> void guac_common_ssh_destroy_user(guac_common_ssh_user* user) {
> /* Free private key, if present */
> if (user->private_key != NULL)
> guac_common_ssh_key_free(user->private_key);
> /* Free all other data */
> free(user->password);
> free(user->username);
> free(user);
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
