[ https://issues.apache.org/jira/browse/TS-4222?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sudheer Vinukonda resolved TS-4222. ----------------------------------- Resolution: Fixed > ATS 6.2.0 seg faults while processing ssl_multicert.config > ---------------------------------------------------------- > > Key: TS-4222 > URL: https://issues.apache.org/jira/browse/TS-4222 > Project: Traffic Server > Issue Type: Bug > Components: SSL > Affects Versions: 6.2.0 > Reporter: Prakhar Rudra > Assignee: Sudheer Vinukonda > Fix For: 6.2.0 > > > ATS version 6.2.0 segment fault error while checking config using > traffic_server -Cverify_config > It occurs after "INFO: Successfully loaded plugin.config" > only entry in ssl_multicert.config is as below, > dest_ip=* ssl_cert_name=fullchain1.pem ssl_key_name=privkey1.pem > gdb --args traffic_server -Cverify_config > (gdb) run > yields > INFO: Successfully loaded plugin.config > Thread 1 "traffic_server" received signal SIGSEGV, Segmentation fault. > 0x0000000000000000 in ?? () > (gdb) print SSLConfigParams::load_ssl_file_cb > $1 = (load_ssl_file_func) 0x0 > Thanks jpeach > Details: > http://pastebin.com/K0876r2T > http://pastebin.com/iP5MAYLu > Thanks > Pulling the info from the above pastebin's to jira for posterity. > {code} > git clone https://github.com/tatsuhiro-t/spdylay.git > cd spdylay/ > autoreconf -if > automake > autoconf > ./configure --prefix=/usr > make > make install > cd ../trafficserver/ > autoreconf -if > export PKG_CONFIG_PATH=/usr/lib/pkgconfig > ./configure --enable-spdy --enable-experimental-plugins > --enable-linux-native-aio --with-zlib=/root/c/ats/zlib-1.2.8 > --with-pcre=/root/c/ats/pcre-8.38 > --with-openssl=/root/c/ats/openssl-1.0.1f[WITH CLOUDFLARE PATCH] > ************** > gdb --args traffic_server -Cverify_config > ...standard info.. > (gdb) run > Starting program: /usr/local/bin/traffic_server -Cverify_config > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". > traffic_server: using root directory '/usr/local' > [New Thread 0x7ffff1f55700 (LWP 19595)] > NOTE: VERIFY > [New Thread 0x7ffff0c16700 (LWP 19596)] > [New Thread 0x7ffff0a14700 (LWP 19597)] > INFO:Successfully loaded remap.config > INFO: Successfully loaded records.config > INFO: Successfully loaded plugin.config > Thread 1 "traffic_server" received signal SIGSEGV, Segmentation fault. > 0x0000000000000000 in ?? () > (gdb) bt full > #0 0x0000000000000000 in ?? () > No symbol table info available. > #1 0x0000000000789374 in SSLInitServerContext > (params=params@entry=0x117a140, sslMultCertSettings=..., certList=...) > at SSLUtils.cc:1384 > bio = {_r = 0x1181f50} > cert = 0x1182100 > ca = <optimized out> > certname = <optimized out> > cert_tok = {_data = <optimized out>, _delimiter = 44 ',', _mode = 0, > _escape = 92 '\\', _start = <optimized out>, > _length = <optimized out>} > key_tok = {_data = <optimized out>, _delimiter = 44 ',', _mode = 0, > _escape = 92 '\\', _start = 0, > _length = <optimized out>} > ca_tok = {_data = <optimized out>, _delimiter = 44 ',', _mode = 0, > _escape = 92 '\\', _start = 0, > _length = <optimized out>} > server_verify_client = <optimized out> > completeServerCertPath = <optimized out> > ctx = <optimized out> > digest = {digest = 0x0, engine = 0x7ffff7ffe4e0, flags = > 140737488346576, md_data = 0x1f7ff7600, pctx = 0x7ffff7ffe188, > update = 0x7fffffffddc0} > ca_list = 0x0 > hash_buf = > "\277\037D\000\000\000\000\000~KgY\000\000\000\000\377\377\377\377\000\000\000\000@\241\027\001\000\000\000\000\b\206\271\367\377\177\000\000\000v\377\367\377\177\000\000)\371\203\000\000\000\000\000\000l\231\365\377\177\000" > hash_len = 0 > __FUNCTION__ = "SSLInitServerContext" > additional_cache_flags = <optimized out> > ud = {_configParams = 0x117a140, _serverDialog = 0x0, _serverCert = > 0x117cef0 "fullchain1.pem", > _serverKey = 0x117ceb0 "privkey1.pem"} > #2 0x000000000078a370 in ssl_store_ssl_context > (params=params@entry=0x117a140, lookup=lookup@entry=0x117c550, > sslMultCertSettings=...) at SSLUtils.cc:1666 > cert_list = {n = 1, i = 0, v = 0x7fffffffded8, e = {0x1182100, 0x0, > 0x0, 0x0}} > ctx = <optimized out> > keyblock = <optimized out> > inserted = <optimized out> > #3 0x000000000078b5e5 in SSLParseCertificateConfiguration > (params=params@entry=0x117a140, lookup=lookup@entry=0x117c550) > at SSLUtils.cc:1902 > sslMultiCertSettings = {session_ticket_enabled = 1, addr = > {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = { > _r = 0x0}, <No data fields>}, cert = > {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = { > _r = 0x117ce90 "fullchain1.pem"}, <No data fields>}, > first_cert = > {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = { > _r = 0x117cef0 "fullchain1.pem"}, <No data fields>}, > ca = {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = > {_r = 0x0}, <No data fields>}, > key = {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = > {_r = 0x117ceb0 "privkey1.pem"}, <No data fields>}, > ticket_key_filename = > {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = {_r = 0x0}, <No > data fields>}, > ---Type <return> to continue, or q <return> to quit--- > dialog = {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> > >> = {_r = 0x0}, <No data fields>}, > opt = SSLCertContext::OPT_NONE} > errPtr = <optimized out> > tok_state = 0x1180cfe "" > line = <optimized out> > file_buf = <optimized out> > line_num = 73 > line_info = {type = MATCH_NONE, dest_entry = 0, num_el = 2, line = > {{0x1180cc8 "ssl_cert_name", 0x1180ce5 "ssl_key_name", > 0x0 <repeats 38 times>}, {0x1180cd6 "fullchain1.pem", 0x1180cf2 > "privkey1.pem", 0x0 <repeats 38 times>}}, > line_num = 0, next = 0x0} > sslCertTags = {match_host = 0x0, match_domain = 0x0, match_ip = 0x0, > match_regex = 0x0, match_url = 0x0, > match_host_regex = 0x0, dest_error_msg = false} > __FUNCTION__ = "SSLParseCertificateConfiguration" > __func__ = "SSLParseCertificateConfiguration" > elevate_setting = <optimized out> > elevate_access = {elevated = false, saved_uid = 65534, level = 0, > cap_state = 0x0} > #4 0x000000000077709c in SSLCertificateConfig::reconfigure () at > SSLConfig.cc:393 > retStatus = true > params = {ptr = 0x117a140} > lookup = 0x117c550 > __FUNCTION__ = "reconfigure" > #5 0x000000000077730c in SSLCertificateConfig::startup () at SSLConfig.cc:371 > params = {ptr = 0x117a140} > __FUNCTION__ = "startup" > #6 0x00000000004e6d2b in cmd_verify () at Main.cc:772 > exitStatus = <optimized out> > params = <optimized out> > #7 0x0000000000494049 in cmd_mode () at Main.cc:926 > No locals. > #8 main (argv=<optimized out>) at Main.cc:1751 > admin_user_p = <optimized out> > enabled = <optimized out> > __FUNCTION__ = "main" > user = {<ats_scoped_resource<detail::SCOPED_MALLOC_TRAITS<char> >> = > {_r = 0x110ced0 "nobody"}, <No data fields>} > main_thread = <optimized out> > mlock_flags = <optimized out> > machine_addr = {sa = {sa_family = 2, sa_data = > "\000\000>qˎ\000\000\000\000\000\000\000"}, sin = {sin_family = 2, > sin_port = 0, sin_addr = {s_addr = 2395697470}, sin_zero = > "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2, > sin6_port = 0, sin6_flowinfo = 2395697470, sin6_addr = {__in6_u = > {__u6_addr8 = '\000' <repeats 15 times>, > __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, > 0, 0}}}, sin6_scope_id = 0}} > cluster_type = 3 > stacksize = 1048576 > num_remap_threads = <optimized out> > {code} > {code} > Continued after http://pastebin.com/K0876r2T > (gdb) l > 1458 } else { > 1459 Debug("log", "duping stderr"); > 1460 dup2(log_fd, STDERR_FILENO); > 1461 close(log_fd); > 1462 } > 1463 } > 1464 } > 1465 > 1466 // > 1467 // Main > (gdb) l > 1468 // > 1469 > 1470 int > 1471 main(int /* argc ATS_UNUSED */, const char **argv) > 1472 { > 1473 #if TS_HAS_PROFILER > 1474 HeapProfilerStart("/tmp/ts.hprof"); > 1475 ProfilerStart("/tmp/ts.prof"); > 1476 #endif > 1477 bool admin_user_p = false; > (gdb) l - > ...same as first , as usual .... > (gdb) l - > 1448 Debug("log", "duping stdout"); > 1449 dup2(log_fd, STDOUT_FILENO); > 1450 close(log_fd); > 1451 } > 1452 } > 1453 if (*bind_stderr != 0) { > 1454 Debug("log", "binding stderr to %s", bind_stderr); > 1455 log_fd = elevating_open(bind_stderr, O_WRONLY | O_APPEND | > O_CREAT | O_SYNC, 0644); > 1456 if (log_fd < 0) { > 1457 fprintf(stdout, "[Warning]: TS unable to open log file \"%s\" > [%d '%s']\n", bind_stderr, errno, strerror(errno)); > (gdb) l - > 1438 { > 1439 int log_fd; > 1440 unsigned int flags = O_WRONLY | O_APPEND | O_CREAT | O_SYNC; > 1441 > 1442 if (*bind_stdout != 0) { > 1443 Debug("log", "binding stdout to %s", bind_stdout); > 1444 log_fd = elevating_open(bind_stdout, flags, 0644); > 1445 if (log_fd < 0) { > 1446 fprintf(stdout, "[Warning]: TS unable to open log file \"%s\" > [%d '%s']\n", bind_stdout, errno, strerror(errno)); > 1447 } else { > (gdb) l > ...same as.. > (gdb) l > 1458 } else { > 1459 Debug("log", "duping stderr"); > 1460 dup2(log_fd, STDERR_FILENO); > 1461 close(log_fd); > 1462 } > 1463 } > 1464 } > 1465 > 1466 // > 1467 // Main > (gdb) l > 1468 // > 1469 > 1470 int > 1471 main(int /* argc ATS_UNUSED */, const char **argv) > 1472 { > 1473 #if TS_HAS_PROFILER > 1474 HeapProfilerStart("/tmp/ts.hprof"); > 1475 ProfilerStart("/tmp/ts.prof"); > 1476 #endif > 1477 bool admin_user_p = false; > (gdb) l > 1478 > 1479 #if defined(DEBUG) && defined(HAVE_MCHECK_PEDANTIC) > 1480 mcheck_pedantic(NULL); > 1481 #endif > 1482 > 1483 pcre_malloc = ats_malloc; > 1484 pcre_free = ats_free; > 1485 > 1486 // Verify system dependent 'constants' > 1487 check_system_constants(); > (gdb) c > Continuing. > traffic_server: Segmentation fault (Address not mapped to object [(nil)]) > traffic_server - STACK TRACE: > /lib/x86_64-linux-gnu/libpthread.so.0(+0x10cd0)[0x7ffff6450cd0] > Thread 1 "traffic_server" received signal SIGSEGV, Segmentation fault. > 0x0000000000000000 in ?? () > (gdb) l > 1488 > 1489 // Define the version info > 1490 appVersionInfo.setup(PACKAGE_NAME, "traffic_server", > PACKAGE_VERSION, __DATE__, __TIME__, BUI; > 1491 > 1492 // Before accessing file system initialize Layout engine > 1493 Layout::create(); > 1494 chdir_root(); // change directory to the install root of traffic > server. > 1495 > 1496 process_args(&appVersionInfo, argument_descriptions, > countof(argument_descriptions), argv); > 1497 command_flag = command_flag || *command_string; > (gdb) c > Continuing. > Couldn't get registers: No such process. > Couldn't get registers: No such process. > Couldn't get registers: No such process. > (gdb) [Thread 0x7ffff0a14700 (LWP 19601) exited] > [Thread 0x7ffff0c16700 (LWP 19600) exited] > [Thread 0x7ffff7fe0780 (LWP 19598) exited] > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)