Hi Matt,
Matt Caswell wrote:
Hi Roumen
On 10/03/16 22:21, Roumen Petrov wrote:
Hello,
With new thread model in some configurations openssl hands on unload of
engine.
I just pushed commit 773fd0bad4 to master which should hopefully resolve
this issue.
It seems to me hang is resolved after recent changes in init.c - commit
"Fix the init cleanup order" (
58a8fc25d73d8558df25d998f85d4714fbbe74ac)
.
May be cleanup function could free error list after all other clean-up code.
I would like to test engine "reference counters but build fail - please
apply patch 0003-build-with-defined-ENGINE_REF_COUNT_DEBUG.patch.
I'm not sure that memory leaks are resolved - valgrind report that
err_string_lock and ex_data_lock are not freed.
Now some regression tests of an engine fail with "corrupted
double-linked list" .Tests call openssl dgst command with key from file
or engine. Keys are rsa, dsa and ec. Digest verify command fail only if
key format is from engine , key is EC key with prime256v1 or secp521r1.
Tests pass with EC secp384r1. Also all test pass if engine code print
debug messages to stderr.
Stack trace
*** Error in '<BUILDDIR>/apps/openssl': corrupted double-linked list:
0x00000000006de730 ***
^C
Program received signal SIGINT, Interrupt.
0x00007ffff6fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff6fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
#1 0x00007ffff6f3024a in _L_lock_12669 () from /lib64/libc.so.6
#2 0x00007ffff6f2d975 in malloc () from /lib64/libc.so.6
#3 0x00007ffff7de1b26 in _dl_map_object () from /lib64/ld-linux-x86-64.so.2
#4 0x00007ffff7ded387 in dl_open_worker () from /lib64/ld-linux-x86-64.so.2
#5 0x00007ffff7de8924 in _dl_catch_error () from
/lib64/ld-linux-x86-64.so.2
#6 0x00007ffff7decc7b in _dl_open () from /lib64/ld-linux-x86-64.so.2
#7 0x00007ffff6fe0752 in do_dlopen () from /lib64/libc.so.6
#8 0x00007ffff7de8924 in _dl_catch_error () from
/lib64/ld-linux-x86-64.so.2
#9 0x00007ffff6fe0812 in __libc_dlopen_mode () from /lib64/libc.so.6
#10 0x00007ffff6fb9825 in init () from /lib64/libc.so.6
#11 0x00007ffff7282120 in pthread_once () from /lib64/libpthread.so.0
#12 0x00007ffff6fb993c in backtrace () from /lib64/libc.so.6
#13 0x00007ffff6f232a4 in __libc_message () from /lib64/libc.so.6
#14 0x00007ffff6f293d7 in malloc_printerr () from /lib64/libc.so.6
#15 0x00007ffff6f2ab0c in _int_free () from /lib64/libc.so.6
#16 0x00007ffff781b962 in CRYPTO_free (str=0x6de850, file=0x7ffff78eb3e6
"crypto/threads_pthread.c", line=99) at crypto/mem.c:226
#17 0x00007ffff787e7f5 in CRYPTO_THREAD_lock_free (lock=0x6de850) at
crypto/threads_pthread.c:99
#18 0x00007ffff780eda5 in EVP_PKEY_free_it (x=0x6e9310) at
crypto/evp/p_lib.c:447
#19 0x00007ffff780ecf4 in EVP_PKEY_free (x=0x6e9310) at
crypto/evp/p_lib.c:431
#20 0x00007ffff7811307 in EVP_PKEY_CTX_free (ctx=0x6de3a0) at
crypto/evp/pmeth_lib.c:331
#21 0x00007ffff77f7cd3 in EVP_MD_CTX_reset (ctx=0x6be5d0) at
crypto/evp/digest.c:138
#22 0x00007ffff77f7d34 in EVP_MD_CTX_free (ctx=0x6be5d0) at
crypto/evp/digest.c:154
#23 0x00007ffff77f59a3 in md_free (a=0x6be510) at crypto/evp/bio_md.c:116
#24 0x00007ffff77359b8 in BIO_free (a=0x6be510) at crypto/bio/bio_lib.c:138
#25 0x000000000042d54a in dgst_main (argc=1, argv=0x7fffffffd950) at
apps/dgst.c:444
#26 0x0000000000438844 in do_cmd (prog=0x6b5f20, argc=11,
argv=0x7fffffffd900) at apps/openssl.c:570
#27 0x0000000000437ff3 in main (argc=11, argv=0x7fffffffd900) at
apps/openssl.c:274
(gdb)
I use "0004-avoid-corrupted-double-linked-list-in-EVP_PKEY.patch" as
work-around.
Roumen
>From f6cee8a8c2c9362463cd75f6e64128097d8ce8a2 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:02:42 +0200
Subject: [PATCH 3/4] build with defined ENGINE_REF_COUNT_DEBUG
---
crypto/engine/eng_lib.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index dd47342..e6feef1 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -122,7 +122,7 @@ int engine_free_util(ENGINE *e, int locked)
CRYPTO_atomic_add(&e->struct_ref, -1, &i, global_engine_lock);
else
i = --e->struct_ref;
- engine_ref_debug(e, 0, -1)
+ engine_ref_debug(e, 0, -1);
if (i > 0)
return 1;
REF_ASSERT_ISNT(i < 0);
--
1.8.4
>From d741a6f8998f90e65f8c3afd02a0a8ed66a70d55 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:47:44 +0200
Subject: [PATCH 4/4] avoid "corrupted double-linked list" in EVP_PKEY
---
crypto/evp/p_lib.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a7d6244..05300ae 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -445,6 +445,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
x->engine = NULL;
#endif
CRYPTO_THREAD_lock_free(x->lock);
+ x->lock = NULL;
}
static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
--
1.8.4
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev