[
https://issues.apache.org/jira/browse/KUDU-1901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15886976#comment-15886976
]
Todd Lipcon commented on KUDU-1901:
-----------------------------------
I re-built my local openssl with TSAN and it spat out a few bening-looking
races, but also spat out the one that seems to be the issue:
{code}
WARNING: ThreadSanitizer: data race (pid=31048)
Read of size 4 at 0x7d300000b958 by thread T11:
#0 internal_verify /home/todd/git/openssl/crypto/x509/x509_vfy.c:1754
(libcrypto.so.1.0.0+0x0000001bb729)
#1 X509_verify_cert /home/todd/git/openssl/crypto/x509/x509_vfy.c:486
(libcrypto.so.1.0.0+0x0000001be669)
#2 ssl_add_cert_chain /home/todd/git/openssl/ssl/ssl_cert.c:1122
(libssl.so.1.0.0+0x000000066496)
#3 ssl3_output_cert_chain /home/todd/git/openssl/ssl/s3_both.c:327
(libssl.so.1.0.0+0x000000038c3d)
#4 ssl3_send_server_certificate /home/todd/git/openssl/ssl/s3_srvr.c:3333
(libssl.so.1.0.0+0x000000020cf2)
#5 ssl3_accept /home/todd/git/openssl/ssl/s3_srvr.c:428
(libssl.so.1.0.0+0x00000002232f)
#6 SSL_accept /home/todd/git/openssl/ssl/ssl_lib.c:990
(libssl.so.1.0.0+0x000000063a9e)
#7 ssl23_get_client_hello /home/todd/git/openssl/ssl/s23_srvr.c:647
(libssl.so.1.0.0+0x00000003bbe3)
#8 ssl23_accept /home/todd/git/openssl/ssl/s23_srvr.c:209
(libssl.so.1.0.0+0x00000003ccb8)
#9 SSL_do_handshake /home/todd/git/openssl/ssl/ssl_lib.c:2777
(libssl.so.1.0.0+0x0000000618ca)
#10 kudu::security::TlsHandshake::Continue(std::__1::basic_string<char,
std::__1::char_traits<char>, std::__1::allocator<char> > const&,
std::__1::basic_string<char, std::__1::char_traits<char>,
std::__1::allocator<char> >*)
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake.cc:92:12
(libsecurity.so+0x00000004d54f)
#11
kudu::security::TestTlsHandshakeBase::RunHandshake(kudu::security::TlsVerificationMode,
kudu::security::TlsVerificationMode)
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:112:27
(tls_handshake-test+0x0000004d6dbc)
#12
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1::operator()()
const
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:151:11
(tls_handshake-test+0x0000004d598e)
#13
_ZNSt3__18__invokeIZN4kudu8security55TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test8TestBodyEvE3$_1JEEEDTclclsr3std3__1E7forwardIT_Efp_Espclsr3std3__1E7forwardIT0_Efp0_EEEOS5_DpOS6_
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/type_traits:4287:1
(tls_handshake-test+0x0000004d58eb)
#14 void
std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>&,
std::__1::__tuple_indices<>)
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/thread:346
(tls_handshake-test+0x0000004d58eb)
#15 void*
std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>
>(void*)
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/thread:356
(tls_handshake-test+0x0000004d58eb)
Previous write of size 4 at 0x7d300000b958 by thread T10:
#0 internal_verify /home/todd/git/openssl/crypto/x509/x509_vfy.c:1776
(libcrypto.so.1.0.0+0x0000001bb768)
#1 X509_verify_cert /home/todd/git/openssl/crypto/x509/x509_vfy.c:486
(libcrypto.so.1.0.0+0x0000001be669)
#2 ssl_add_cert_chain /home/todd/git/openssl/ssl/ssl_cert.c:1122
(libssl.so.1.0.0+0x000000066496)
#3 ssl3_output_cert_chain /home/todd/git/openssl/ssl/s3_both.c:327
(libssl.so.1.0.0+0x000000038c3d)
#4 ssl3_send_server_certificate /home/todd/git/openssl/ssl/s3_srvr.c:3333
(libssl.so.1.0.0+0x000000020cf2)
#5 ssl3_accept /home/todd/git/openssl/ssl/s3_srvr.c:428
(libssl.so.1.0.0+0x00000002232f)
#6 SSL_accept /home/todd/git/openssl/ssl/ssl_lib.c:990
(libssl.so.1.0.0+0x000000063a9e)
#7 ssl23_get_client_hello /home/todd/git/openssl/ssl/s23_srvr.c:647
(libssl.so.1.0.0+0x00000003bbe3)
#8 ssl23_accept /home/todd/git/openssl/ssl/s23_srvr.c:209
(libssl.so.1.0.0+0x00000003ccb8)
#9 SSL_do_handshake /home/todd/git/openssl/ssl/ssl_lib.c:2777
(libssl.so.1.0.0+0x0000000618ca)
#10 kudu::security::TlsHandshake::Continue(std::__1::basic_string<char,
std::__1::char_traits<char>, std::__1::allocator<char> > const&,
std::__1::basic_string<char, std::__1::char_traits<char>,
std::__1::allocator<char> >*)
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake.cc:92:12
(libsecurity.so+0x00000004d54f)
#11
kudu::security::TestTlsHandshakeBase::RunHandshake(kudu::security::TlsVerificationMode,
kudu::security::TlsVerificationMode)
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:112:27
(tls_handshake-test+0x0000004d6dbc)
#12
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1::operator()()
const
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:151:11
(tls_handshake-test+0x0000004d598e)
#13
_ZNSt3__18__invokeIZN4kudu8security55TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test8TestBodyEvE3$_1JEEEDTclclsr3std3__1E7forwardIT_Efp_Espclsr3std3__1E7forwardIT0_Efp0_EEEOS5_DpOS6_
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/type_traits:4287:1
(tls_handshake-test+0x0000004d58eb)
#14 void
std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>&,
std::__1::__tuple_indices<>)
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/thread:346
(tls_handshake-test+0x0000004d58eb)
#15 void*
std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>
>(void*)
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/thread:356
(tls_handshake-test+0x0000004d58eb)
{code}
> OpenSSL crashes if cert is adopted concurrently with a handshake
> ----------------------------------------------------------------
>
> Key: KUDU-1901
> URL: https://issues.apache.org/jira/browse/KUDU-1901
> Project: Kudu
> Issue Type: Bug
> Components: security
> Affects Versions: 1.3.0
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Priority: Blocker
>
> We saw this in a test case and I was able to reproduce it.
> https://github.com/openssl/openssl/issues/2165 indicates that it's a known
> issue (or expected behavior) of OpenSSL.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
