Date: Sun, 19 Apr 2026 22:19:08 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 289475] sshd dumps core after freebsd-update to 14.3-RELEASE-p2 Message-ID: <bug-289475-227-m2FLFROOKt@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-289475-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=289475 --- Comment #10 from John W. O'Brien <john@saltant.com> --- I hit a problem today that seems very much like this after deploying a new instance on the Vultr cloud in their US ORD data center. The host was provisioned from the hoster's FreeBSD 14 image and came up as 14.4-RELEASE-p1. >From the logs: root@swivet:~ # grep fatal /var/log/auth.log Apr 19 16:50:32 swivet sshd[891]: fatal: pack_hostkeys: serialize hostkey private: string is too large Apr 19 19:21:35 swivet sshd[1012]: fatal: pack_hostkeys: serialize hostkey private: incomplete message Apr 19 21:58:14 swivet sshd[8072]: fatal: pack_hostkeys: serialize hostkey private: string is too large >From a core dump with a filesystem timestamp of "Apr 19 21:40", which oddly doesn't match any of the log entries: root@swivet:/ # lldb /usr/libexec/sshd-session -c sshd-session.core (lldb) target create "/usr/libexec/sshd-session" --core "sshd-session.core" Core file '/sshd-session.core' (x86_64) was loaded.o.11... (lldb) bt * thread #1, name = 'sshd-session', stop reason = signal SIGSEGV * frame #0: 0x00003bcf05420f35 libcrypto.so.30`___lldb_unnamed_symbol8978 + 1493 frame #1: 0x00003bcf0541f205 libcrypto.so.30`___lldb_unnamed_symbol8972 + 229 frame #2: 0x00003bcf0540f99d libcrypto.so.30`___lldb_unnamed_symbol8901 + 109 frame #3: 0x00003bcf05406ad9 libcrypto.so.30`___lldb_unnamed_symbol8877 + 3433 frame #4: 0x00003bcf054051f3 libcrypto.so.30`BN_mod_exp_mont + 179 frame #5: 0x00003bcf05402a06 libcrypto.so.30`BN_BLINDING_create_param + 406 frame #6: 0x00003bcf055ab8cb libcrypto.so.30`RSA_setup_blinding + 155 frame #7: 0x00003bcf055ab7fa libcrypto.so.30`RSA_blinding_on + 74 frame #8: 0x00003bcf0004efd8 libprivatessh.so.5`___lldb_unnamed_symbol2268 + 392 frame #9: 0x00003bcf00017b0d libprivatessh.so.5`Fssh_sshkey_private_deserialize + 365 frame #10: 0x00003bc6de0ba0e7 sshd-session`___lldb_unnamed_symbol1094 + 759 frame #11: 0x00003bc6de0b91c6 sshd-session`___lldb_unnamed_symbol1093 + 1654 frame #12: 0x00003bcf058342f0 libc.so.7`__libc_start1 + 336 frame #13: 0x00003bc6de0b8521 sshd-session`___lldb_unnamed_symbol1081 + 33 I've been trying to induce the crash by adjusting my ssh client config, but so far no luck. >From dmesg (manually excerpted): CPU: Intel Xeon Processor (Skylake, IBRS) (2594.06-MHz K8-class CPU) Origin="GenuineIntel" Id=0x50654 Family=0x6 Model=0x55 Stepping=4 Features=0x783fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2> Features2=0xfffa3203<SSE3,PCLMULQDQ,SSSE3,FMA,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV> AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM> AMD Features2=0x21<LAHF,ABM> Structured Extended Features=0xd10307a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,AVX512F,AVX512DQ,CLWB,AVX512CD,AVX512BW,AVX512VL> Structured Extended Features2=0x18<PKU,OSPKE> Structured Extended Features3=0x84000000<IBPB,SSBD> XSAVE Features=0x1<XSAVEOPT> Loader config (as provisioned): root@swivet:~ # cat /boot/loader.conf aesni_load="YES" cc_htcp_load="YES" crypto_load="YES" cryptodev_load="YES" virtio_random_load="YES" Also maybe related: https://forums.freebsd.org/threads/sshd-frequent-crashes-segfault-and-fatal-during-key-checks.102252/#post-754827 -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-289475-227-m2FLFROOKt>