sftp-server segfaults on startup when "sftplogging" USE flag is enabled. gdb backtrace: (gdb) run Starting program: /usr/lib/misc/sftp-server (no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. 0xb7d77c76 in __strtouq_internal () from /lib/tls/libc.so.6 (gdb) bt #0 0xb7d77c76 in __strtouq_internal () from /lib/tls/libc.so.6 #1 0xb7d77a55 in __strtol_internal () from /lib/tls/libc.so.6 #2 0x0804b288 in ?? () #3 0x00000000 in ?? () #4 0x00000000 in ?? () #5 0x0000000a in ?? () #6 0x00000000 in ?? () #7 0x00000000 in ?? () #8 0x00000000 in ?? () #9 0x00000000 in ?? () #10 0x00000000 in ?? () # emerge --info Portage 2.0.51.16 (default-linux/x86/2004.3, gcc-3.4.3, glibc-2.3.4.20050125-r0, 2.6.10 i686) ================================================================= System uname: 2.6.10 i686 Intel(R) Celeron(R) CPU 2.60GHz Gentoo Base System version 1.6.9 Python: dev-lang/python-2.1.3-r1,dev-lang/python-2.2.3-r5,dev-lang/python-2.3.4-r1 [2.3.4 (#1, Feb 9 2005, 00:17:03)] distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.3 [enabled] dev-lang/python: 2.1.3-r1, 2.2.3-r5, 2.3.4-r1 sys-devel/autoconf: 2.59-r6, 2.13 sys-devel/automake: 1.4_p6, 1.7.9-r1, 1.5, 1.9.4, 1.6.3, 1.8.5-r3 sys-devel/binutils: 2.15.92.0.2-r2 sys-devel/libtool: 1.5.10-r4 virtual/os-headers: 2.6.7-r4 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=pentium4 -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache cvs digest distlocks sandbox sfperms sign userpriv" GENTOO_MIRRORS="http://mirror.gentoo.sk/pub ftp://ftp.sh.cvut.cz/MIRRORS/gentoo/gentoo http://ftp.easynet.nl/mirror/gentoo" LANG="POSIX" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage/" PORTDIR_OVERLAY="/usr/local/portage" SYNC="cvs://ticho@cvs.gentoo.org:/var/cvsroot" USE="x86 X aalib alsa apache2 apm avi berkdb bitmap-fonts bluetooth cdr crypt curl divx4linux encode esd f77 faad fam flac font-server foomaticdb gdbm gif gnutls gtk gtk2 guile imagemagick imlib ipv6 java jpeg junit libg++ libwww mad mailwrapper mbox mikmod mmx mozilla moznocompose moznoirc moznomail moznoxft mpeg ncurses nls nntp nptl nvidia ogg oggvorbis opengl oss pam pdflib perl php png python qt quicktime readline samba sample sasl sdl slang sse ssl tcltk tcpd tetex tiff truetype truetype-fonts type1 type1-fonts unicode vim-with-x vorbis xml xml2 xmms xv zlib" Unset: ASFLAGS, CBUILD, CTARGET, LC_ALL, LDFLAGS
It won't die for me: ---8<--- [ebuild R ] net-misc/openssh-3.9_p1-r1 -X509 -chroot -debug +ipv6 -kerberos -ldap +pam (-selinux) -sftplogging* -skey -smartcard -static +tcpd (-uclibc) 0 kB ---8<--- And my emerge info: ---8<--- Portage 2.0.51-r15 (default-linux/x86/2004.3, gcc-3.3.5, glibc-2.3.4.20040808-r1,glibc-2.2.5-r4, 2.6.10 i686) ================================================================= System uname: 2.6.10 i686 AMD Athlon(TM) XP 2000+ Gentoo Base System version 1.4.16 Python: dev-lang/python-2.3.4-r1 [2.3.4 (#1, Feb 12 2005, 19:39:03)] dev-lang/python: 2.3.4-r1 sys-devel/autoconf: 2.59-r6, 2.13 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.4 sys-devel/binutils: 2.11.92.0.12.3-r2, 2.15.92.0.2-r1 sys-devel/libtool: 1.4.3-r1, 1.5.10-r4 virtual/os-headers: 2.4.18, 2.4.19-r1, 2.4.21-r1 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-march=athlon-xp -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -mcpu=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache collision-protect cvs distlocks fixpackages notitles sandbox sfperms sign strict userpriv" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/Linux/distributions/gentoo" LANG="es_ES@euro" LC_ALL="es_ES@euro" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/home/ferdy/gentoo/overlay" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 X aalib alsa apm avi berkdb bitmap-fonts cdr clisp crypt cscope cups curl dga encode ethereal f77 fam fbcon flac font-server foomaticdb fortran gd gdbm gif gtk gtk2 guile imagemagick imap imlib imlib2 ipv6 java jpeg libg++ libwww lirc mad maildir mikmod motif mpeg ncurses nls oggvorbis opengl oss pam pdflib perl plotutils png python quicktime radeon readline samba sdl slang spell sqlite ssl svga tcltk tcpd tetex tiff truetype truetype-fonts type1-fonts v4l xml xml2 xmms xv zlib" Unset: ASFLAGS, CBUILD, CTARGET, LDFLAGS ---8<--- I can login with sftp with no problem: ---8<--- --(ferdy@posidon$ ferdy )-- sftp localhost Connecting to localhost... Password: sftp> version SFTP protocol version 3 ---8<--- HTH Cheers, Ferdy
aliz is the primary maintainer for openssh. You might want to rebuild openssh and friends to make that gdb output a little more useful. FEATURES="nostrip" CFLAGS="-g3 -fno-omit-frame-pointer -fno-pie" LDFLAGS="-ggdb" emerge $(ldd `which ssh` | awk '{print $3}' | xargs -n1 qpkg -nc -f | sort -u | awk '{print $1}') openssl openssh gdb /usr/lib/misc/sftp-server run bt full info reg disass $eip-0x20 $eip+0x20
Did that: # gdb /usr/lib/misc/sftp-server GNU gdb 6.2.1 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"...(no debugging symbols found)...Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) run Starting program: /usr/lib/misc/sftp-server Program received signal SIGSEGV, Segmentation fault. 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 292 strtol_l.c: Adres
Did that: # gdb /usr/lib/misc/sftp-server GNU gdb 6.2.1 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"...(no debugging symbols found)...Using host libthread_db library "/lib/tls/libthread_db.so.1". (gdb) run Starting program: /usr/lib/misc/sftp-server Program received signal SIGSEGV, Segmentation fault. 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 292 strtol_l.c: Adresár alebo súbor neexistuje. in strtol_l.c (gdb) bt #0 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 #1 0xb7d5171f in *__GI___strtol_internal (nptr=0x0, endptr=0x0, base=0, group=0) at strtol.c:99 #2 0xb7d4ee16 in atoi (nptr=0x0) at stdlib.h:333 #3 0x0804b88b in ?? () #4 0x00000000 in ?? () #5 0x00000000 in ?? () #6 0x00000000 in ?? () #7 0x00000000 in ?? () #8 0x00000000 in ?? () #9 0x00000000 in ?? () #10 0x00000000 in ?? () #11 0x00000000 in ?? () #12 0x00000000 in ?? ()
Whats at 0x0804b88b? Where is the call to atoi(NULL) comming from? /me thinks the this is happening cuz the "openssh-3.9_p1-sftplogging-1.2-gentoo.patch.bz2" was written by somebody that can't be bothered to read a manpage and should be removed/fixed. Observe the following from the patch that gets conditionally added to the ebuild.. + /* Transaction logging */ + + if (atoi(getenv("LOG_SFTP")) == 1) + { + permit_logging = 1; + log_init("sftp-server", atoi(getenv("SFTP_LOG_LEVEL")), + atoi(getenv("SFTP_LOG_FACILITY")), 0); + }; #include <stdio.h> int main() { /* this should segfault */ return atoi(NULL); } And the return value as stated by the getenv() manpage. The getenv() function returns a pointer to the value in the environment, or NULL if there is no match. This proves it. #include <stdio.h> int main() { if ((char *)(getenv("SOMETHING_THAT_DOES_NOT_EXIST")) == NULL) puts("getenv returns NULL;"); /* this should segfault */ return atoi(NULL); }
Sorry, forgot to do the full bt and other steps you suggested - here they are: (gdb) run Starting program: /usr/lib/misc/sftp-server Program received signal SIGSEGV, Segmentation fault. 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 292 strtol_l.c: No such file or directory. in strtol_l.c (gdb) bt full #0 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 negative = -1207953772 cutoff = 3086968540 cutlim = 3221205088 i = 1 s = 0x0 c = 183 'ˇ' save = 0x0 end = 0xb8000fb4 "
Sorry, forgot to do the full bt and other steps you suggested - here they are: (gdb) run Starting program: /usr/lib/misc/sftp-server Program received signal SIGSEGV, Segmentation fault. 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 292 strtol_l.c: No such file or directory. in strtol_l.c (gdb) bt full #0 0xb7d5198c in *__GI_____strtol_l_internal (nptr=0x0, endptr=0x0, base=10, group=0, loc=0xb7e3c3c0) at strtol_l.c:292 negative = -1207953772 cutoff = 3086968540 cutlim = 3221205088 i = 1 s = 0x0 c = 183 'ˇ' save = 0x0 end = 0xb8000fb4 "ô^\001" overflow = 134534115 cnt = 3085064768 current = (struct locale_data *) 0xb7e25a40 thousands = 0x0 thousands_len = 0 grouping = 0x0 #1 0xb7d5171f in *__GI___strtol_internal (nptr=0x0, endptr=0x0, base=0, group=0) at strtol.c:99 No locals. #2 0xb7d4ee16 in atoi (nptr=0x0) at stdlib.h:333 No locals. #3 0x0804b88b in ?? () No symbol table info available. ---Type <return> to continue, or q <return> to quit--- #4 0x00000000 in ?? () No symbol table info available. #5 0x00000000 in ?? () No symbol table info available. #6 0x00000000 in ?? () No symbol table info available. #7 0x00000000 in ?? () No symbol table info available. #8 0x00000000 in ?? () No symbol table info available. #9 0x00000000 in ?? () No symbol table info available. #10 0x00000000 in ?? () No symbol table info available. #11 0x00000000 in ?? () No symbol table info available. #12 0x00000000 in ?? () No symbol table info available. #13 0x00000000 in ?? () No symbol table info available. #14 0x00000000 in ?? () No symbol table info available. #15 0x00000000 in ?? () ---Type <return> to continue, or q <return> to quit---q Quit (gdb) info reg eax 0x0 0 ecx 0xb7e25a40 -1209902528 edx 0x0 0 ebx 0xb7e3bff4 -1209810956 esp 0xbfffaff0 0xbfffaff0 ebp 0xbfffb040 0xbfffb040 esi 0x0 0 edi 0xa 10 eip 0xb7d5198c 0xb7d5198c eflags 0x10283 66179 cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 (gdb) disass $eip-0x20 $eip+0x20 Dump of assembler code from 0xb7d5196c to 0xb7d519ac: 0xb7d5196c <*__GI_____strtol_l_internal+92>: push %ss 0xb7d5196d <*__GI_____strtol_l_internal+93>: add %al,(%eax) 0xb7d5196f <*__GI_____strtol_l_internal+95>: add %dh,(%ecx) 0xb7d51971 <*__GI_____strtol_l_internal+97>: rolb $0x5f,0x5e5b44c4(%ebx) 0xb7d51978 <*__GI_____strtol_l_internal+104>: pop %ebp 0xb7d51979 <*__GI_____strtol_l_internal+105>: ret 0xb7d5197a <*__GI_____strtol_l_internal+106>: lea 0x0(%esi),%esi 0xb7d51980 <*__GI_____strtol_l_internal+112>: mov 0x8(%ebp),%esi 0xb7d51983 <*__GI_____strtol_l_internal+115>: mov 0x18(%ebp),%ecx 0xb7d51986 <*__GI_____strtol_l_internal+118>: mov %esi,0xffffffe0(%ebp) 0xb7d51989 <*__GI_____strtol_l_internal+121>: mov 0x34(%ecx),%ecx 0xb7d5198c <*__GI_____strtol_l_internal+124>: movsbl (%esi),%eax 0xb7d5198f <*__GI_____strtol_l_internal+127>: mov %ecx,0xffffffc8(%ebp) 0xb7d51992 <*__GI_____strtol_l_internal+130>: testb $0x20,0x1(%ecx,%eax,2) 0xb7d51997 <*__GI_____strtol_l_internal+135>: je 0xb7d51abf <*__GI_____strtol_l_internal+431> 0xb7d5199d <*__GI_____strtol_l_internal+141>: lea 0x0(%esi),%esi 0xb7d519a0 <*__GI_____strtol_l_internal+144>: inc %esi 0xb7d519a1 <*__GI_____strtol_l_internal+145>: mov 0xffffffc8(%ebp),%ecx 0xb7d519a4 <*__GI_____strtol_l_internal+148>: movzbl (%esi),%edx 0xb7d519a7 <*__GI_____strtol_l_internal+151>: movsbl %dl,%eax 0xb7d519aa <*__GI_____strtol_l_internal+154>: testb $0x20,0x1(%ecx,%eax,2) ---Type <return> to continue, or q <return> to quit--- End of assembler dump.
openssh-3.9_p1-sftplogging-1.2-gentoo.patch is just the upstream sftplogging patch with a fix or two added locally
looking at the patch a little more. The env should be set by the child_set_env() option.
Created attachment 51576 [details, diff] openssh-3.9_p1-sftplogging-2.interdiff perhaps try this.
Thanks! I had the same problem on amd64 and the patch solved the problem. I placed the patch right after the 1.2-gentoo sftp-logging patch: use sftplogging && { epatch ${FILESDIR}/${P}-sftplogging-1.2-gentoo.patch.bz2 epatch ${FILESDIR}/${P}-sftplogging-2.interdiff } Regards Christian
I'm sorry to say that it did not help in my case. I'll provide a gdb backtrack tomorrow.
Hm, even after recompiling everything related with settings suggested by solar, the backtrack is full of unknown symbols. (gdb) run Starting program: /usr/lib/misc/sftp-server Program received signal SIGSEGV, Segmentation fault. 0x0804b97c in ?? () (gdb) bt full #0 0x0804b97c in ?? () No symbol table info available. #1 0x0804ebd8 in _IO_stdin_used () No symbol table info available. #2 0x00000000 in ?? () No symbol table info available. #3 0x00000000 in ?? () No symbol table info available. #4 0x00000000 in ?? () No symbol table info available. #5 0x00000000 in ?? () No symbol table info available. #6 0x00000000 in ?? () No symbol table info available. #7 0x00000000 in ?? () No symbol table info available. #8 0x00000000 in ?? () No symbol table info available. #9 0x00000000 in ?? () No symbol table info available. (gdb) info reg eax 0x0 0 ecx 0x4653 18003 edx 0x53 83 ebx 0xb7e3bff4 -1209810956 esp 0xbfffb070 0xbfffb070 ebp 0xbffff0e8 0xbffff0e8 esi 0x0 0 edi 0xb8000c80 -1207956352 eip 0x804b97c 0x804b97c eflags 0x10246 66118 cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x33 51 (gdb) disass $eip-0x20 $eip+0x20 Dump of assembler code from 0x804b95c to 0x804b99c: 0x0804b95c <_init+10888>: and $0x4,%al 0x0804b95e <_init+10890>: movl $0x804ebac,(%esp) 0x0804b965 <_init+10897>: call 0x804cfb2 <error+40> 0x0804b96a <_init+10902>: movl $0x804ebd6,(%esp) 0x0804b971 <_init+10909>: call 0x8048fcc <_init+248> 0x0804b976 <_init+10914>: mov %eax,0xffffffdc(%ebp) 0x0804b979 <_init+10917>: mov 0xffffffdc(%ebp),%eax 0x0804b97c <_init+10920>: cmpb $0x0,(%eax) 0x0804b97f <_init+10923>: je 0x804b9b1 <_init+10973> 0x0804b981 <_init+10925>: mov 0xffffffdc(%ebp),%eax 0x0804b984 <_init+10928>: cmpb $0x2f,(%eax) 0x0804b987 <_init+10931>: jle 0x804b9b1 <_init+10973> 0x0804b989 <_init+10933>: mov 0xffffffdc(%ebp),%eax 0x0804b98c <_init+10936>: cmpb $0x39,(%eax) 0x0804b98f <_init+10939>: jg 0x804b9b1 <_init+10973> 0x0804b991 <_init+10941>: mov 0xffffffe0(%ebp),%eax 0x0804b994 <_init+10944>: lea 0x0(,%eax,8),%edx 0x0804b99b <_init+10951>: mov 0xffffffdc(%ebp),%eax End of assembler dump.
Created attachment 53482 [details, diff] openssh-3.9_p1-sftplogging-1.2-gentoo.patch
Created attachment 53483 [details, diff] openssh-4.0_p1-sftplogging-1.2-gentoo.patch
could you try one of these patches (depending on whether you're still using 3.9 or you upgraded to 4.0)
The 3.9 patch seems to have helped, thanks!
fixed in cvs for both 3.9 and 4.0
One more thing regarding this patch - it would be nice if following two hunks were removed from the patch, as they spam logfiles: @@ -449,6 +467,8 @@ } } } + if ( permit_logging == 1 ) + logit("reading file"); if (status != SSH2_FX_OK) send_status(id, status); } @@ -483,10 +503,13 @@ } else if (ret == len) { status = SSH2_FX_OK; } else { + if ( permit_logging == 1 ) logit("nothing at all written"); } } } + if ( permit_logging == 1 ) + logit("writing file"); send_status(id, status); xfree(data); } I get tons of "Mar 19 14:34:44 src@thelair sftp-server[5283]: reading file" on every transfer. Looks like it's a leftover from some debugging.
done
