Hi,
> [root@localhost ~]# rpm -qi glibc-devel > Name : glibc-devel Relocations: (not relocatable) > Version : 2.12 Vendor: CentOS > Release : 1.107.el6_4.5 Build Date: Mon 14 Oct 2013 09:14:18 BST I see a more recent glibc when booting from Centos 6.4 livecd: > [root@livecd ~]# rpm -qi glibc-devel > Name : glibc-devel Relocations: (not relocatable) > Version : 2.12 Vendor: CentOS > Release : 1.132.el6 Build Date: Thu 21 Nov 2013 > 04:38:29 PM EST I suspect this is the glibc release that is working for you? I don't quite understand the centos release logic here, but I suspect el6 and el6_4 are repositories with el6_4 being the old one. > Thank you for this detailed report, this is *very* useful. As you tracked > the crash to happen inside openssl, I think you should file a report to > centos/redhat because it's a security issue. Yes, this should be reported. I'm just wondering why the executable is linked against so many libs, with only openssl and pcre enabled: > [root@localhost ~]# ldd /usr/sbin/haproxy > linux-vdso.so.1 => (0x00007fff3e5d1000) > libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fdd7c79e000) > libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007fdd7c541000) > libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007fdd7c1a6000) > libpcreposix.so.0 => /usr/lib64/libpcreposix.so.0 (0x00007fdd7bfa4000) > libpcre.so.0 => /lib64/libpcre.so.0 (0x00007fdd7bd78000) > libc.so.6 => /lib64/libc.so.6 (0x00007fdd7b9e4000) > libfreebl3.so => /lib64/libfreebl3.so (0x00007fdd7b782000) > libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fdd7b53e000) > libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fdd7b257000) > libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fdd7b053000) > libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fdd7ae27000) > libdl.so.2 => /lib64/libdl.so.2 (0x00007fdd7ac22000) > libz.so.1 => /lib64/libz.so.1 (0x00007fdd7aa0c000) > /lib64/ld-linux-x86-64.so.2 (0x00007fdd7c9db000) > libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fdd7a801000) > libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fdd7a5fd000) > libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fdd7a3e3000) > libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fdd7a1c6000) > libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fdd79fa6000) Also, the real crash seems to happen in libkrb, which, in theory, would not be necessary for haproxy (but its probably linked because of openssl). Another workaround is probably to build against your own static build of openssl and pcre, and avoid all those dependancies. README has suggestions to statically compile PCRE and openssl, if you want to give it a try. But the culprit really seem to be your libraries. Regards, Lukas
