openssh trava com 100% cpu quando a compactação é usada

3

O servidor ansible openssh trava com 100% cpu, quando a compactação é solicitada ( ssh -C )

ssh -vvv -C root@host
[...]
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).
Authenticated to host
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting [email protected]
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: proc

Então o cliente trava (não reage mais a ctrl-c) e o servidor tem um processo com 100% cpu (mas aceita novas conexões ssh).

strace no cliente termina com:

ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 -opost -isig -icanon -echo ...}) = 0
                                                                                 ioctl(0, TCGETS, {B38400 -opost -isig -icanon -echo ...}) = 0
                                                                                                                                              clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214378998}) = 0
                                                      clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214391217}) = 0
                                                                                                                           select(9, [5], [4], NULL, {tv_sec=300, tv_usec=0}) = 1 (out [4], left {tv_sec=299, tv_usec=999998})
                                                                 clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214421550}) = 0
                                                                                                                                      write(4, "2rv070G7T421aE734>47&
Process 257 attached
select(7, [3 4], NULL, NULL, NULL)      = 1 (in [3])
accept(3, {sa_family=AF_INET, sin_port=htons(43604), sin_addr=inet_addr("192.168.100.1")}, [16]) = 5
fcntl(5, F_GETFL)                       = 0x2 (flags O_RDWR)
pipe([6, 7])                            = 0
socketpair(PF_LOCAL, SOCK_STREAM, 0, [8, 9]) = 0
rt_sigprocmask(SIG_BLOCK, ~[], [], 8)   = 0
fork()                                  = 821
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
close(7)                                = 0
write(8, "
ssh -vvv -C root@host
[...]
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).
Authenticated to host
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting [email protected]
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: proc
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, SNDCTL_TMR_STOP or TCSETSW, {B38400 -opost -isig -icanon -echo ...}) = 0
                                                                                 ioctl(0, TCGETS, {B38400 -opost -isig -icanon -echo ...}) = 0
                                                                                                                                              clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214378998}) = 0
                                                      clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214391217}) = 0
                                                                                                                           select(9, [5], [4], NULL, {tv_sec=300, tv_usec=0}) = 1 (out [4], left {tv_sec=299, tv_usec=999998})
                                                                 clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214421550}) = 0
                                                                                                                                      write(4, "2rv070G7T421aE734>47&
Process 257 attached
select(7, [3 4], NULL, NULL, NULL)      = 1 (in [3])
accept(3, {sa_family=AF_INET, sin_port=htons(43604), sin_addr=inet_addr("192.168.100.1")}, [16]) = 5
fcntl(5, F_GETFL)                       = 0x2 (flags O_RDWR)
pipe([6, 7])                            = 0
socketpair(PF_LOCAL, SOCK_STREAM, 0, [8, 9]) = 0
rt_sigprocmask(SIG_BLOCK, ~[], [], 8)   = 0
fork()                                  = 821
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
close(7)                                = 0
write(8, "%pre%%pre%%pre%6%pre%", 5)             = 5
write(8, "%pre%%pre%%pre%5\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"..., 245) = 245
close(8)                                = 0
close(9)                                = 0
close(5)                                = 0
getpid()                                = 257
getpid()                                = 257
getpid()                                = 257
select(7, [3 4 6], NULL, NULL, NULL)    = 1 (in [6])
close(6)                                = 0
select(7, [3 4], NULL, NULL, NULL
#g15U5"..., 112) = 112 clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214447208}) = 0 clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214457769}) = 0 select(9, [5], [], NULL, {tv_sec=300, tv_usec=0}
%pre%6%pre%", 5) = 5 write(8, "%pre%%pre%%pre%5\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"..., 245) = 245 close(8) = 0 close(9) = 0 close(5) = 0 getpid() = 257 getpid() = 257 getpid() = 257 select(7, [3 4 6], NULL, NULL, NULL) = 1 (in [6]) close(6) = 0 select(7, [3 4], NULL, NULL, NULL
#g15U5"..., 112) = 112 clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214447208}) = 0 clock_gettime(CLOCK_BOOTTIME, {tv_sec=337152, tv_nsec=214457769}) = 0 select(9, [5], [], NULL, {tv_sec=300, tv_usec=0}

Strace no servidor: uma vez que o processo trava, anexar com strace -p ao processo de suspensão não mostra mais nada. Anexando ao processo principal mostra na conexão:

%pre%

Depois disso, nenhuma saída adicional até a próxima conexão (suspensa), que retorna a mesma saída.

    
por allo 06.02.2017 / 17:44

1 resposta

1

Parece ser um bug conhecido do openssh no linux alpino.

    
por 24.02.2017 / 13:09

Tags