Re: [openssl-dev] OPENSSL_cleanup new issue

Tue, 15 Mar 2016 14:23:28 -0700 

Hi Matt,

Matt Caswell wrote:

Hi Roumen

On 10/03/16 22:21, Roumen Petrov wrote:

Hello,

With new thread model in some configurations openssl hands on unload of
engine.

I just pushed commit 773fd0bad4 to master which should hopefully resolve
this issue.
It seems to me hang is resolved after recent changes in init.c - commit "Fix the init cleanup order" ( 

58a8fc25d73d8558df25d998f85d4714fbbe74ac)

.
May be cleanup function could free error list after all other clean-up code.
I would like to test engine "reference counters but build fail - please apply patch 0003-build-with-defined-ENGINE_REF_COUNT_DEBUG.patch.
I'm not sure that memory leaks are resolved - valgrind report that err_string_lock and ex_data_lock are not freed.
Now some regression tests of an engine fail with "corrupted double-linked list" .Tests call openssl dgst command with key from file or engine. Keys are rsa, dsa and ec. Digest verify command fail only if key format is from engine , key is EC key with prime256v1 or secp521r1. Tests pass with EC secp384r1. Also all test pass if engine code print debug messages to stderr. 

Stack trace
*** Error in '<BUILDDIR>/apps/openssl': corrupted double-linked list: 0x00000000006de730 *** 
^C
Program received signal SIGINT, Interrupt.
0x00007ffff6fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff6fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x00007ffff6f3024a in _L_lock_12669 () from /lib64/libc.so.6
#2  0x00007ffff6f2d975 in malloc () from /lib64/libc.so.6
#3  0x00007ffff7de1b26 in _dl_map_object () from /lib64/ld-linux-x86-64.so.2
#4  0x00007ffff7ded387 in dl_open_worker () from /lib64/ld-linux-x86-64.so.2
#5 0x00007ffff7de8924 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2 
#6  0x00007ffff7decc7b in _dl_open () from /lib64/ld-linux-x86-64.so.2
#7  0x00007ffff6fe0752 in do_dlopen () from /lib64/libc.so.6
#8 0x00007ffff7de8924 in _dl_catch_error () from /lib64/ld-linux-x86-64.so.2 
#9  0x00007ffff6fe0812 in __libc_dlopen_mode () from /lib64/libc.so.6
#10 0x00007ffff6fb9825 in init () from /lib64/libc.so.6
#11 0x00007ffff7282120 in pthread_once () from /lib64/libpthread.so.0
#12 0x00007ffff6fb993c in backtrace () from /lib64/libc.so.6
#13 0x00007ffff6f232a4 in __libc_message () from /lib64/libc.so.6
#14 0x00007ffff6f293d7 in malloc_printerr () from /lib64/libc.so.6
#15 0x00007ffff6f2ab0c in _int_free () from /lib64/libc.so.6
#16 0x00007ffff781b962 in CRYPTO_free (str=0x6de850, file=0x7ffff78eb3e6 "crypto/threads_pthread.c", line=99) at crypto/mem.c:226 #17 0x00007ffff787e7f5 in CRYPTO_THREAD_lock_free (lock=0x6de850) at crypto/threads_pthread.c:99 #18 0x00007ffff780eda5 in EVP_PKEY_free_it (x=0x6e9310) at crypto/evp/p_lib.c:447 #19 0x00007ffff780ecf4 in EVP_PKEY_free (x=0x6e9310) at crypto/evp/p_lib.c:431 #20 0x00007ffff7811307 in EVP_PKEY_CTX_free (ctx=0x6de3a0) at crypto/evp/pmeth_lib.c:331 #21 0x00007ffff77f7cd3 in EVP_MD_CTX_reset (ctx=0x6be5d0) at crypto/evp/digest.c:138 #22 0x00007ffff77f7d34 in EVP_MD_CTX_free (ctx=0x6be5d0) at crypto/evp/digest.c:154 
#23 0x00007ffff77f59a3 in md_free (a=0x6be510) at crypto/evp/bio_md.c:116
#24 0x00007ffff77359b8 in BIO_free (a=0x6be510) at crypto/bio/bio_lib.c:138
#25 0x000000000042d54a in dgst_main (argc=1, argv=0x7fffffffd950) at apps/dgst.c:444 #26 0x0000000000438844 in do_cmd (prog=0x6b5f20, argc=11, argv=0x7fffffffd900) at apps/openssl.c:570 #27 0x0000000000437ff3 in main (argc=11, argv=0x7fffffffd900) at apps/openssl.c:274 
(gdb)
I use "0004-avoid-corrupted-double-linked-list-in-EVP_PKEY.patch" as work-around. 


Roumen








>From f6cee8a8c2c9362463cd75f6e64128097d8ce8a2 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:02:42 +0200
Subject: [PATCH 3/4] build with defined ENGINE_REF_COUNT_DEBUG

---
 crypto/engine/eng_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index dd47342..e6feef1 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -122,7 +122,7 @@ int engine_free_util(ENGINE *e, int locked)
         CRYPTO_atomic_add(&e->struct_ref, -1, &i, global_engine_lock);
     else
         i = --e->struct_ref;
-    engine_ref_debug(e, 0, -1)
+    engine_ref_debug(e, 0, -1);
     if (i > 0)
         return 1;
     REF_ASSERT_ISNT(i < 0);
-- 
1.8.4


>From d741a6f8998f90e65f8c3afd02a0a8ed66a70d55 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:47:44 +0200
Subject: [PATCH 4/4] avoid "corrupted double-linked list" in EVP_PKEY

---
 crypto/evp/p_lib.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a7d6244..05300ae 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -445,6 +445,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
     x->engine = NULL;
 #endif
     CRYPTO_THREAD_lock_free(x->lock);
+    x->lock = NULL;
 }
 
 static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
-- 
1.8.4


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to