[
https://issues.apache.org/jira/browse/KUDU-1901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15886985#comment-15886985
]
Todd Lipcon commented on KUDU-1901:
-----------------------------------
actually above one was also benign I think, but this one's the bad one:
{code}
==================
WARNING: ThreadSanitizer: data race (pid=2576)
Write of size 8 at 0x7d30000081d8 by main thread (mutexes: write M554):
#0 free
/home/todd/git/kudu/thirdparty/src/llvm-3.9.1.src/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:634
(tls_handshake-test+0x00000043f0e7)
#1 CRYPTO_free /home/todd/git/openssl/crypto/mem.c:442
(libcrypto.so.1.0.0+0x000000070aa1)
#2 asn1_item_combine_free /home/todd/git/openssl/crypto/asn1/tasn_fre.c:171
(libcrypto.so.1.0.0+0x000000193e4d)
#3 ASN1_item_free /home/todd/git/openssl/crypto/asn1/tasn_fre.c:72
(libcrypto.so.1.0.0+0x000000193e4d)
#4 X509_free /home/todd/git/openssl/crypto/asn1/x_x509.c:143
(libcrypto.so.1.0.0+0x00000018cd0c)
#5 ssl_set_cert /home/todd/git/openssl/ssl/ssl_rsa.c:444
(libssl.so.1.0.0+0x00000007097d)
#6 SSL_CTX_use_certificate /home/todd/git/openssl/ssl/ssl_rsa.c:389
(libssl.so.1.0.0+0x00000007097d)
#7 kudu::security::TlsContext::AdoptSignedCert(kudu::security::Cert const&)
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_context.cc:361:3
(libsecurity.so+0x000000049a47)
#8
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:170:5
(tls_handshake-test+0x0000004cfd0b)
#9 void
testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test,
void>(testing::Test*, void (testing::Test::*)(), char const*)
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2078:10
(libgmock.so+0x000000049ba3)
#10 void
testing::internal::HandleExceptionsInMethodIfSupported<testing::Test,
void>(testing::Test*, void (testing::Test::*)(), char const*)
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2114
(libgmock.so+0x000000049ba3)
#11 testing::Test::Run()
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2150:5
(libgmock.so+0x00000002e7ef)
#12 testing::TestInfo::Run()
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2326:11
(libgmock.so+0x00000002f827)
#13 testing::TestCase::Run()
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2444:28
(libgmock.so+0x000000030478)
#14 testing::internal::UnitTestImpl::RunAllTests()
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:4315:43
(libgmock.so+0x00000003a8d1)
#15 bool
testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,
bool>(testing::internal::UnitTestImpl*, bool
(testing::internal::UnitTestImpl::*)(), char const*)
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2078:10
(libgmock.so+0x00000004a753)
#16 bool
testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,
bool>(testing::internal::UnitTestImpl*, bool
(testing::internal::UnitTestImpl::*)(), char const*)
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:2114
(libgmock.so+0x00000004a753)
#17 testing::UnitTest::Run()
/home/todd/git/kudu/thirdparty/src/gmock-1.7.0/gtest/src/gtest.cc:3926:10
(libgmock.so+0x00000003a308)
#18 RUN_ALL_TESTS()
/home/todd/git/kudu/build/tsan/../../thirdparty/installed/tsan/include/gtest/gtest.h:2288:46
(libkudu_test_main.so+0x0000000030cb)
#19 main
/home/todd/git/kudu/build/tsan/../../src/kudu/util/test_main.cc:89:13
(libkudu_test_main.so+0x000000002927)
Previous write of size 4 at 0x7d30000081dc by thread T4 (mutexes: write M294):
#0 CRYPTO_add_lock /home/todd/git/openssl/crypto/cryptlib.c:633
(libcrypto.so.1.0.0+0x00000006fbb5)
#1 ssl_cert_dup /home/todd/git/openssl/ssl/ssl_cert.c:295
(libssl.so.1.0.0+0x000000064487)
#2 SSL_new /home/todd/git/openssl/ssl/ssl_lib.c:323
(libssl.so.1.0.0+0x000000062cb2)
#3
kudu::security::TlsContext::InitiateHandshake(kudu::security::TlsHandshakeType,
kudu::security::TlsHandshake*) const
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_context.cc:395:40
(libsecurity.so+0x000000049f0d)
#4
kudu::security::TestTlsHandshakeBase::RunHandshake(kudu::security::TlsVerificationMode,
kudu::security::TlsVerificationMode)
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:91:5
(tls_handshake-test+0x0000004d6bc7)
#5
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1::operator()()
const
/home/todd/git/kudu/build/tsan/../../src/kudu/security/tls_handshake-test.cc:151:11
(tls_handshake-test+0x0000004d598e)
#6
_ZNSt3__18__invokeIZN4kudu8security55TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test8TestBodyEvE3$_1JEEEDTclclsr3std3__1E7forwardIT_Efp_Espclsr3std3__1E7forwardIT0_Efp0_EEEOS5_DpOS6_
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/type_traits:4287:1
(tls_handshake-test+0x0000004d58eb)
#7 void
std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>&,
std::__1::__tuple_indices<>)
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/thread:346
(tls_handshake-test+0x0000004d58eb)
#8 void*
std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct,
std::__1::default_delete<std::__1::__thread_struct> >,
kudu::security::TestTlsHandshakeConcurrent_TestConcurrentAdoptCert_Test::TestBody()::$_1>
>(void*)
/home/todd/git/kudu/thirdparty/installed/tsan/include/c++/v1/thread:356
(tls_handshake-test+0x0000004d58eb)
{code}
(soon followed by use-after-free errors)
> OpenSSL crashes if cert is adopted concurrently with a handshake
> ----------------------------------------------------------------
>
> Key: KUDU-1901
> URL: https://issues.apache.org/jira/browse/KUDU-1901
> Project: Kudu
> Issue Type: Bug
> Components: security
> Affects Versions: 1.3.0
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Priority: Blocker
>
> We saw this in a test case and I was able to reproduce it.
> https://github.com/openssl/openssl/issues/2165 indicates that it's a known
> issue (or expected behavior) of OpenSSL.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
