Date: Sat, 12 Nov 2005 11:20:21 GMT From: Robert Watson <rwatson@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/85816: maxproc=1 in login.conf causes kernel panic when logging into account via ssh Message-ID: <200511121120.jACBKLgA036418@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/85816; it has been noted by GNATS. From: Robert Watson <rwatson@FreeBSD.org> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: bug-followup@FreeBSD.org Subject: Re: kern/85816: maxproc=1 in login.conf causes kernel panic when logging into account via ssh Date: Sat, 12 Nov 2005 11:14:49 +0000 (GMT) On Wed, 14 Sep 2005, Gleb Smirnoff wrote: > #8 0xc05743c3 in unp_discard (fp=0xc1ca6e58) at > /usr/src/sys/kern/uipc_usrreq.c:1887 > No locals. > #9 0xc0572b2b in unp_freerights (rp=0xc1b4ad28, fdcount=1) > at /usr/src/sys/kern/uipc_usrreq.c:1272 > i = 0 > fp = (struct file *) 0x0 > #10 0xc0572df7 in unp_externalize (control=0xc1b4ad00, controlp=0xe1b7dc54) > at /usr/src/sys/kern/uipc_usrreq.c:1321 > td = (struct thread *) 0xc1c597d0 > cm = (struct cmsghdr *) 0xc1b4ad18 > i = -1068065433 > fdp = (int *) 0xe1b7dbc8 > rp = (struct file **) 0xc1b4ad24 > fp = (struct file *) 0xc1c70000 > data = (void *) 0xc1c70000 > clen = 16 This coulid well be related to the UNIX domain socket garbage collector bugs I fixed in HEAD a day or two ago. Could you try to reproduce this with uipc_usrreq.c:1.159? Likely, sshd's privsep (or some related notion) is resulting in closing of a UNIX domains socket while a descriptor is in flight, which turns out to be broken in several revisions of 5.x and 6.x (and with additional bugs in 4.x). I believe I've fixed most known bugs in this code with the above mentioned revision, so it may now work better. Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200511121120.jACBKLgA036418>