Bug 6563 – statically linked gsi-enabled sshd segmentation fault

Bug 6563 - statically linked gsi-enabled sshd segmentation fault

Summary:

statically linked gsi-enabled sshd segmentation fault

Status:	RESOLVED WONTFIX

Product:	GSI-OpenSSH
Component:	GSI-OpenSSH
Version:	4.2.0
Platform:	PC Linux

Importance:	P3 normal
Target Milestone:	---
Assigned To:	Jim Basney

URL:	http://lists.globus.org/pipermail/gsi...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-12-05 09:18 by Jim Basney
Modified:	2009-02-25 13:52 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Jim Basney 2008-12-05 09:18:52

Andreas Maier wrote:
> Hello,
> 
> I tried to compile a static version of gsissh from globus-toolkit v4.2.1
> using
> 
>> ./configure --prefix=/home/globus
>> --with-gsiopensshargs="--with-globus-static 
> --with-ldflags="-static""
> 
> After calling
>> make gsi-openssh 2>&1 | tee make.log
>> make install
> 
> I get a binary with no dynamically linked libraries
> 
>> ldd sshd
> not a dynamic executable
> 
> I started sshd with
> 
>> ulimit -s 1000000  # just to make sure we have no stack problem
>> sudo strace /home/lu64lay/globus2/sbin/sshd -p 1234 -ddd
> 
> I tried to connect to sshd using
> 
>> gsissh -p 1234 localhost
> 
> However sshd generates a segmentation fault at connection time as you
> can see
> from the strace output (see below).
> 
> Is this a bug in sshd? Or do I have to generate gsissh with different
> options to get a working static executable? Is it possible at all to make
> a static version of gsissh?
> 
> Any help will be appreciated.
> 
> Andreas Maier
> 
> P.S.:
> 
> ....
> 
>  write(2, "debug2: parse_server_config: con"..., 62debug2:
> parse_server_config:
> config reprocess config len 329
> ) = 62
> write(2, "debug1: Config token is protocol"..., 34debug1: Config token
> is protocol
> ) = 34
> write(2, "debug1: Config token is rsaauthe"..., 43debug1: Config token is
> rsaauthentication
> ) = 43
> write(2, "debug1: Config token is pubkeyau"..., 46debug1: Config token is
> pubkeyauthentication
> ) = 46
> write(2, "debug1: Config token is challeng"..., 57debug1: Config token is
> challengeresponseauthentication
> ) = 57
> write(2, "debug1: Config token is x11forwa"..., 39debug1: Config token is
> x11forwarding
> ) = 39
> write(2, "debug1: Config token is useprivi"..., 48debug1: Config token is
> useprivilegeseparation
> ) = 48
> write(2, "debug1: Config token is subsyste"..., 35debug1: Config token
> is subsystem
> ) = 35
> open("/etc/ld.so.cache", O_RDONLY)      = 5
> fstat(5, {st_mode=S_IFREG|0644, st_size=159215, ...}) = 0
> mmap(NULL, 159215, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b8f8b72f000
> close(5)                                = 0
> open("/lib64/libnss_compat.so.2", O_RDONLY) = 5
> read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\26\0"...,
> 832) = 832
> fstat(5, {st_mode=S_IFREG|0755, st_size=38678, ...}) = 0
> mmap(NULL, 1078536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) =
> 0x2b8f8b756000
> madvise(0x2b8f8b756000, 1078536, MADV_SEQUENTIAL|0x1) = 0
> mprotect(0x2b8f8b75d000, 1044480, PROT_NONE) = 0
> mmap(0x2b8f8b85c000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x6000) = 0x2b8f8b85c000
> close(5)                                = 0
> open("/lib64/libnsl.so.1", O_RDONLY)    = 5
> read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000H\0\0"...,
> 832) = 832
> fstat(5, {st_mode=S_IFREG|0755, st_size=99531, ...}) = 0
> mmap(NULL, 1136936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) =
> 0x2b8f8b85e000
> madvise(0x2b8f8b85e000, 1136936, MADV_SEQUENTIAL|0x1) = 0
> mprotect(0x2b8f8b871000, 1044480, PROT_NONE) = 0
> mmap(0x2b8f8b970000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x12000) = 0x2b8f8b970000
> mmap(0x2b8f8b972000, 6440, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b8f8b972000
> close(5)                                = 0
> munmap(0x2b8f8b72f000, 159215)          = 0
> open("/etc/nsswitch.conf", O_RDONLY)    = 5
> fstat(5, {st_mode=S_IFREG|0644, st_size=1201, ...}) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
> 0x2b8f8b72f000
> read(5, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1201
> read(5, "", 4096)                       = 0
> close(5)                                = 0
> munmap(0x2b8f8b72f000, 4096)            = 0
> open("/etc/ld.so.cache", O_RDONLY)      = 5
> fstat(5, {st_mode=S_IFREG|0644, st_size=159215, ...}) = 0
> mmap(NULL, 159215, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b8f8b72f000
> close(5)                                = 0
> open("/lib64/libnss_nis.so.2", O_RDONLY) = 5
> read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320$\0\0"...,
> 832) = 832
> fstat(5, {st_mode=S_IFREG|0755, st_size=53187, ...}) = 0
> mmap(NULL, 1090744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) =
> 0x2b8f8b974000
> madvise(0x2b8f8b974000, 1090744, MADV_SEQUENTIAL|0x1) = 0
> mprotect(0x2b8f8b97d000, 1048576, PROT_NONE) = 0
> mmap(0x2b8f8ba7d000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x9000) = 0x2b8f8ba7d000
> close(5)                                = 0
> munmap(0x2b8f8b72f000, 159215)          = 0
> open("/etc/shadow", O_RDONLY)           = 5
> fcntl(5, F_GETFD)                       = 0
> fcntl(5, F_SETFD, FD_CLOEXEC)           = 0
> lseek(5, 0, SEEK_CUR)                   = 0
> fstat(5, {st_mode=S_IFREG|0640, st_size=495, ...}) = 0
> mmap(NULL, 495, PROT_READ, MAP_SHARED, 5, 0) = 0x2b8f8b72f000
> lseek(5, 495, SEEK_SET)                 = 495
> fstat(5, {st_mode=S_IFREG|0640, st_size=495, ...}) = 0
> munmap(0x2b8f8b72f000, 495)             = 0
> close(5)                                = 0
> open("/etc/ld.so.cache", O_RDONLY)      = 5
> fstat(5, {st_mode=S_IFREG|0644, st_size=159215, ...}) = 0
> mmap(NULL, 159215, PROT_READ, MAP_PRIVATE, 5, 0) = 0x2b8f8b72f000
> close(5)                                = 0
> open("/lib64/libnss_winbind.so.2", O_RDONLY) = 5
> read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \27\0\0"...,
> 832) = 832
> fstat(5, {st_mode=S_IFREG|0755, st_size=23616, ...}) = 0
> mmap(NULL, 1091664, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) =
> 0x2b8f8ba7f000
> madvise(0x2b8f8ba7f000, 1091664, MADV_SEQUENTIAL|0x1) = 0
> mprotect(0x2b8f8ba84000, 1048576, PROT_NONE) = 0
> mmap(0x2b8f8bb84000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x5000) = 0x2b8f8bb84000
> mmap(0x2b8f8bb85000, 18512, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b8f8bb85000
> close(5)                                = 0
> open("/lib64/libpthread.so.0", O_RDONLY) = 5
> read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 Z\0\0\0"...,
> 832) = 832
> fstat(5, {st_mode=S_IFREG|0755, st_size=123722, ...}) = 0
> mmap(NULL, 1147768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) =
> 0x2b8f8bb8a000
> madvise(0x2b8f8bb8a000, 1147768, MADV_SEQUENTIAL|0x1) = 0
> mprotect(0x2b8f8bb9e000, 1044480, PROT_NONE) = 0
> mmap(0x2b8f8bc9d000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x13000) = 0x2b8f8bc9d000
> mmap(0x2b8f8bc9f000, 13176, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2b8f8bc9f000
> close(5)                                = 0
> set_tid_address(0x7d98f0)               = 23203
> rt_sigaction(SIGRTMIN, {0x2b8f8bb8f5d0, [], SA_RESTORER|SA_SIGINFO,
> 0x2b8f8bb97c00}, NULL, 8) = 0
> rt_sigaction(SIGRT_1, {0x2b8f8bb8f520, [],
> SA_RESTORER|SA_RESTART|SA_SIGINFO,
> 0x2b8f8bb97c00}, NULL, 8) = 0
> rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
> getrlimit(RLIMIT_STACK, {rlim_cur=1000000*1024, rlim_max=1000000*1024}) = 0
> --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> +++ killed by SIGSEGV +++
>

------- Comment #1 From Jim Basney 2008-12-05 09:19:51 -------

Andreas Maier wrote:
> Jim Basney wrote:
>> - What platform and operating system are you using?
> 
> I use Suse Linux Enterprise Desktop 10.2 (64 bit)
>> uname -a
> Linux xx01 2.6.16.60-0.31-smp #1 SMP Tue Oct 7 16:16:29 UTC 2008 x86_64 x86_64 x86_64 GNU/Linux
> 
>> - Does the problem also occur when using
>>   "sshd -ddd -o 'UsePrivilegeSeparation no' -r"?
> 
> This didn't change anything.

------- Comment #2 From Jim Basney 2009-02-25 13:52:04 -------

I finally found some time to look into this. It's a messy issue with glibc and
NSS. There's some info at:
  http://www.gnu.org/software/libc/FAQ.html#s-2.22
It depends on glibc version, NSS configuration, etc. It's not specific to
GSI-OpenSSH. The same occurs for static compiles of vanilla OpenSSH. Using
--with-globus-static (i.e., static linking against Globus libraries) works OK.
It's the --with-ldflags="-static" (static linking against system libraries)
that fails.

I don't see anything I can do about this. I'm going to close this ticket as
WONTFIX.