I have wrote a multi-threaded server (UNIX) and I use OpenSSL for encrypting communication between the server and the client (the client is an MFC application, but I think this doesn't matter...). Server is running fine but randomly it crashes and every time in SSL_read() method. Here is a snippet from one of the core dumps: ------------------------------------------------------------------------ Core was generated by `/foo/bar -l'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/lib/libccext2-1.5.so.0...done. Loaded symbols for /usr/lib/libccext2-1.5.so.0 Reading symbols from /usr/lib/libccgnu2-1.5.so.0...done. Loaded symbols for /usr/lib/libccgnu2-1.5.so.0 Reading symbols from /usr/lib/libboost_regex.so.1...done. Loaded symbols for /usr/lib/libboost_regex.so.1 Reading symbols from /lib/tls/libpthread.so.0...done. Loaded symbols for /lib/tls/libpthread.so.0 Reading symbols from /usr/lib/libdaemon.so.0...done. Loaded symbols for /usr/lib/libdaemon.so.0 Reading symbols from /lib/libssl.so.4...done. Loaded symbols for /lib/libssl.so.4 Reading symbols from /lib/libcrypto.so.4...done. Loaded symbols for /lib/libcrypto.so.4 Reading symbols from /usr/lib/liblog4cxx.so.9...done. Loaded symbols for /usr/lib/liblog4cxx.so.9 Reading symbols from /usr/lib/libstdc .so.6...done. Loaded symbols for /usr/lib/libstdc .so.6 Reading symbols from /lib/tls/libm.so.6...done. Loaded symbols for /lib/tls/libm.so.6 Reading symbols from /lib/libgcc_s.so.1...done. Loaded symbols for /lib/libgcc_s.so.1 Reading symbols from /lib/tls/libc.so.6...done. Loaded symbols for /lib/tls/libc.so.6 Reading symbols from /lib/tls/librt.so.1...done. Loaded symbols for /lib/tls/librt.so.1 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /lib/ld-linux.so.2...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /usr/lib/libgssapi_krb5.so.2...done. Loaded symbols for /usr/lib/libgssapi_krb5.so.2 Reading symbols from /usr/lib/libkrb5.so.3...done. Loaded symbols for /usr/lib/libkrb5.so.3 Reading symbols from /lib/libcom_err.so.2...done. Loaded symbols for /lib/libcom_err.so.2 Reading symbols from /usr/lib/libk5crypto.so.3...done. Loaded symbols for /usr/lib/libk5crypto.so.3 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /lib/libdl.so.2...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /usr/lib/libxml2.so.2...done. Loaded symbols for /usr/lib/libxml2.so.2 Reading symbols from /lib/libnss_files.so.2...done. Loaded symbols for /lib/libnss_files.so.2 Reading symbols from /lib/libnss_dns.so.2...done. Loaded symbols for /lib/libnss_dns.so.2 #0 0x00c9b770 in SSL_read () from /lib/libssl.so.4 (gdb) bt #0 0x00c9b770 in SSL_read () from /lib/libssl.so.4 #1 0x0805b27f in wns::ServerPort::pending (this=0x9305a30) at serverport.cpp:85 #2 0x00d51241 in ost::SocketService::run (this=0x92cf930) at socketport.cpp:748 #3 0x00e0713d in ccxx_exec_handler (th=0x92cf930) at thread.cpp:1097 #4 0x00a813cc in start_thread () from /lib/tls/libpthread.so.0 #5 0x004d9c3e in clone () from /lib/tls/libc.so.6 ------------------------------------------------------------------------
I also made a disassembly: ------------------------------------------------------------------------ (gdb) disass Dump of assembler code for function SSL_read: 0x00c9b75b : push �p 0x00c9b75c : mov %esp,�p 0x00c9b75e : push �x 0x00c9b75f : call 0xc867ce 0x00c9b764 : add $0x130f4,�x 0x00c9b76a : sub $0x14,%esp 0x00c9b76d : mov 0x8(�p),�x 0x00c9b770 : mov 0x20(�x),�x 0x00c9b773 : test �x,�x 0x00c9b775 : je 0xc9b7a9 0x00c9b777 : testb $0x2,0x30(�x) 0x00c9b77b : je 0xc9b78c 0x00c9b77d : movl $0x1,0x18(�x) 0x00c9b784 : xor �x,�x 0x00c9b786 : add $0x14,%esp 0x00c9b789 : pop �x 0x00c9b78a : pop �p 0x00c9b78b : ret 0x00c9b78c : mov 0x10(�p),�x 0x00c9b78f : mov 0x8(�x),�x 0x00c9b792 : mov �x,0x8(%esp) 0x00c9b796 : mov 0xc(�p),�x 0x00c9b799 : mov �x,(%esp) 0x00c9b79c : mov �x,0x4(%esp) 0x00c9b7a0 : call *0x18(�x) 0x00c9b7a3 : add $0x14,%esp 0x00c9b7a6 : pop �x 0x00c9b7a7 : pop �p 0x00c9b7a8 : ret 0x00c9b7a9 : lea 0xffffad32(�x),�x 0x00c9b7af : movl $0x345,0x10(%esp) 0x00c9b7b7 : movl $0x114,0x8(%esp) 0x00c9b7bf : mov �x,0xc(%esp) 0x00c9b7c3 : movl $0xdf,0x4(%esp) 0x00c9b7cb : movl $0x14,(%esp) 0x00c9b7d2 : call 0xc85c68 0x00c9b7d7 : mov $0xffffffff,�x 0x00c9b7dc : jmp 0xc9b786 End of assembler dump. ------------------------------------------------------------------------ The crash is always in the line 0x00c9b770 : mov 0x20(�x),�x Can anyone suggest me what to do? Thanks for your time! Regards, Scerbatiuc Ion __________________________________ Whozin - Are you in? We pay you to read your own e-mail! Primul webmail adevărat în limba română !
