Stuck CLOSED sockets / sshd / zombies...
Konstantin Belousov
kostikbel at gmail.com
Wed Apr 9 11:19:25 UTC 2014
On Wed, Apr 09, 2014 at 11:15:20AM +0100, Karl Pielorz wrote:
>
>
> --On 09 April 2014 11:49 +0300 Konstantin Belousov <kostikbel at gmail.com>
> wrote:
>
> > Hm, I think my instructions were flawed, you have to install with
> > DEBUG_FLAGS as well:
> > make install DEBUG_FLAGS=-g
> >
> > You do not need to re-run the tests if rtld did not changed after
> > the installation. Reinstall and get the backtrace again, please.
>
> Ok, did that - output below,
>
> -Karl
>
> ---
>
> "
> [Switching to LWP 100218]
> 0x00000008038ea89c in __error () from /lib/libthr.so.3
> (gdb) bt
> #0 0x00000008038ea89c in __error () from /lib/libthr.so.3
> #1 0x00000008038e104f in __thr_rwlock_rdlock (rwlock=0x803af9480,
> flags=<value optimized out>, tsp=<value optimized out>)
> at /usr/src/lib/libthr/thread/thr_umtx.c:277
> #2 0x00000008038e821c in _thr_rtld_rlock_acquire (lock=0x803af9480) at
> atomic.h:143
> #3 0x000000080064f9a2 in digest_dynamic1 (obj=0x80085fe00, early=32767,
> dyn_rpath=0x80582a93c, dyn_soname=0x80582a93c, dyn_runpath=0x7fffffffba30)
> at /usr/src/libexec/rtld-elf/rtld.c:1103
> #4 0x00000008006498c9 in objlist_call_init (list=<value optimized out>,
> lockstate=0x0) at /usr/src/libexec/rtld-elf/rtld.c:287
> #5 0x00000008006470cd in _rtld_bind_start () at
> /usr/src/libexec/rtld-elf/amd64/rtld_start.S:121
> #6 0x000000000041072c in grace_alarm_handler (sig=-17504) at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:378
> #7 <signal handler called>
> #8 0x00000008038ea89c in __error () from /lib/libthr.so.3
> #9 0x00000008038e104f in __thr_rwlock_rdlock (rwlock=0x803af9480,
> flags=<value optimized out>, tsp=<value optimized out>)
> at /usr/src/lib/libthr/thread/thr_umtx.c:277
> #10 0x00000008038e821c in _thr_rtld_rlock_acquire (lock=0x803af9480) at
> atomic.h:143
> #11 0x000000080064f9a2 in digest_dynamic1 (obj=0x80085fe00, early=32767,
> dyn_rpath=0x8038d8e30, dyn_soname=0x100000001, dyn_runpath=0x7fffffffc040)
> at /usr/src/libexec/rtld-elf/rtld.c:1103
> #12 0x00000008006498c9 in objlist_call_init (list=<value optimized out>,
> lockstate=0xffff00001f80) at /usr/src/libexec/rtld-elf/rtld.c:287
> #13 0x00000008006470cd in _rtld_bind_start () at
> /usr/src/libexec/rtld-elf/amd64/rtld_start.S:121
> #14 0x000000000042f9dd in sshpam_sigchld_handler (sig=<value optimized
> out>) at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/auth-pam.c:152
> #15 <signal handler called>
> #16 0x0000000800653aea in lmc_parse () at
> /usr/src/libexec/rtld-elf/libmap.c:306
> #17 0x000000080064a835 in objlist_call_fini () at
> /usr/src/libexec/rtld-elf/rtld.c:2267
> #18 0x000000080064a1eb in symlook_default (req=0x7fffffffd050,
> refobj=<value optimized out>) at /usr/src/libexec/rtld-elf/rtld.c:3620
> #19 0x0000000800edd121 in openpam_clear_chains () from /usr/lib/libpam.so.5
> #20 0x0000000800edd0bc in openpam_clear_chains () from /usr/lib/libpam.so.5
> #21 0x0000000800edd0bc in openpam_clear_chains () from /usr/lib/libpam.so.5
> #22 0x0000000800edd061 in openpam_clear_chains () from /usr/lib/libpam.so.5
> #23 0x0000000800ed99e7 in pam_end () from /usr/lib/libpam.so.5
> #24 0x000000000042e15d in sshpam_cleanup () at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/auth-pam.c:614
> #25 0x000000000041d58f in do_cleanup (authctxt=0x80401a600) at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/session.c:2732
> #26 0x000000000041064f in ssh_cleanup_exit (i=255) at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:2545
> #27 0x0000000000428f83 in mm_request_receive (sock=<value optimized out>,
> m=<value optimized out>)
> at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/monitor_wrap.c:153
> #28 0x0000000000427e26 in monitor_read (pmonitor=0x804022220, ent=0x6465a0,
> pent=0x7fffffffd0c0)
> at /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/monitor.c:593
> #29 0x0000000000427b49 in monitor_child_preauth (_authctxt=<value optimized
> out>, pmonitor=0x804022220)
> at /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/monitor.c:387
> #30 0x000000000040fd15 in main (ac=<value optimized out>, av=<value
> optimized out>) at
> /usr/src/secure/usr.sbin/sshd/../../../crypto/openssh/sshd.c:679
> "
It is still mostly nonsensical, due to bad and missing debugging information.
First, my patch seems to be buggy, I miscalculated the offsets of the
saved registers. Hopefully, improved version is at the end of the message.
Also, I suspect that there is a mismatch between installed and built
rtld. Please do the clean build with DEBUG_FLAGS=-g and patch applied and
install (again with DEBUG_FLAGS=-g).
Second, the debugging information in your libthr.so.3 is partial.
Could you, please rebuild it and install with DEBUG_FLAGS=-g from
the clean state ?
Also, please rebuild you pam installation with '-g'.
After this is done, reproduce the issue and take the backtrace once more.
Sorry, but the current backtrace is not useful.
diff --git a/libexec/rtld-elf/amd64/rtld_start.S b/libexec/rtld-elf/amd64/rtld_start.S
index da3d156..2481f09 100644
--- a/libexec/rtld-elf/amd64/rtld_start.S
+++ b/libexec/rtld-elf/amd64/rtld_start.S
@@ -79,17 +79,39 @@
.globl _rtld_bind_start
.type _rtld_bind_start, at function
_rtld_bind_start:
+ .cfi_startproc
+ .cfi_adjust_cfa_offset 16
subq $8,%rsp
+ .cfi_adjust_cfa_offset 8
pushfq # Save rflags
+ .cfi_adjust_cfa_offset 8
pushq %rax # Save %rax
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %rax,-32
pushq %rdx # Save %rdx
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %rdx,-40
pushq %rcx # Save %rcx
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %rcx,-48
pushq %rsi # Save %rsi
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %rsi,-56
pushq %rdi # Save %rdi
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %rdi,-64
pushq %r8 # Save %r8
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %r8,-72
pushq %r9 # Save %r9
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %r9,-80
pushq %r10 # Save %r10
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %r10,-88
pushq %r11 # Save %r11
+ .cfi_adjust_cfa_offset 8
+ .cfi_offset %r11,-96
movq 0x58(%rsp),%rdi # Fetch obj argument
movq 0x60(%rsp),%rsi # Fetch reloff argument
@@ -101,16 +123,37 @@ _rtld_bind_start:
movq %rax,0x60(%rsp) # Store target over reloff argument
popq %r11 # Restore %r11
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %r11
popq %r10 # Restore %r10
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %r10
popq %r9 # Restore %r9
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %r9
popq %r8 # Restore %r8
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %r8
popq %rdi # Restore %rdi
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %rdi
popq %rsi # Restore %rsi
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %rsi
popq %rcx # Restore %rcx
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %rcx
popq %rdx # Restore %rdx
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %rdx
popq %rax # Restore %rax
+ .cfi_adjust_cfa_offset -8
+ .cfi_restore %rax
popfq # Restore rflags
+ .cfi_adjust_cfa_offset -8
leaq 16(%rsp),%rsp # Discard spare, obj, do not change rflags
ret # "Return" to target address
+ .cfi_endproc
+ .size _rtld_bind_start, . - _rtld_bind_start
.section .note.GNU-stack,"",%progbits
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20140409/0a6ee7a5/attachment.sig>
More information about the freebsd-hackers
mailing list