From owner-freebsd-bugs@FreeBSD.ORG  Sat Nov 12 11:20:27 2005
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8F95F16A41F
	for <freebsd-bugs@hub.freebsd.org>;
	Sat, 12 Nov 2005 11:20:27 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B65A643D55
	for <freebsd-bugs@hub.freebsd.org>;
	Sat, 12 Nov 2005 11:20:22 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jACBKMbp036419
	for <freebsd-bugs@freefall.freebsd.org>; Sat, 12 Nov 2005 11:20:22 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jACBKLgA036418;
	Sat, 12 Nov 2005 11:20:21 GMT (envelope-from gnats)
Date: Sat, 12 Nov 2005 11:20:21 GMT
Message-Id: <200511121120.jACBKLgA036418@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Robert Watson <rwatson@FreeBSD.org>
Cc: 
Subject: Re: kern/85816: maxproc=1 in login.conf causes kernel panic when
 logging into account via ssh
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Robert Watson <rwatson@FreeBSD.org>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Nov 2005 11:20:27 -0000

The following reply was made to PR kern/85816; it has been noted by GNATS.

From: Robert Watson <rwatson@FreeBSD.org>
To: Gleb Smirnoff <glebius@FreeBSD.org>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/85816: maxproc=1 in login.conf causes kernel panic when
 logging into account via ssh
Date: Sat, 12 Nov 2005 11:14:49 +0000 (GMT)

 On Wed, 14 Sep 2005, Gleb Smirnoff wrote:
 
 > #8 0xc05743c3 in unp_discard (fp=0xc1ca6e58) at
 > /usr/src/sys/kern/uipc_usrreq.c:1887
 > No locals.
 > #9 0xc0572b2b in unp_freerights (rp=0xc1b4ad28, fdcount=1)
 > at /usr/src/sys/kern/uipc_usrreq.c:1272
 > i = 0
 > fp = (struct file *) 0x0
 > #10 0xc0572df7 in unp_externalize (control=0xc1b4ad00, controlp=0xe1b7dc54)
 > at /usr/src/sys/kern/uipc_usrreq.c:1321
 > td = (struct thread *) 0xc1c597d0
 > cm = (struct cmsghdr *) 0xc1b4ad18
 > i = -1068065433
 > fdp = (int *) 0xe1b7dbc8
 > rp = (struct file **) 0xc1b4ad24
 > fp = (struct file *) 0xc1c70000
 > data = (void *) 0xc1c70000
 > clen = 16
 
 This coulid well be related to the UNIX domain socket garbage collector 
 bugs I fixed in HEAD a day or two ago.  Could you try to reproduce this 
 with uipc_usrreq.c:1.159?  Likely, sshd's privsep (or some related notion) 
 is resulting in closing of a UNIX domains socket while a descriptor is in 
 flight, which turns out to be broken in several revisions of 5.x and 6.x 
 (and with additional bugs in 4.x).  I believe I've fixed most known bugs 
 in this code with the above mentioned revision, so it may now work better.
 
 Robert N M Watson