Bug 499135 - Openssl crashes with a segfault..
Openssl crashes with a segfault..
Status: CLOSED INSUFFICIENT_DATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: openssl (Show other bugs)
5.3
x86_64 Linux
low Severity medium
: rc
: ---
Assigned To: Tomas Mraz
BaseOS QE
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-05-05 07:12 EDT by damian
Modified: 2012-03-05 11:27 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-03-05 11:27:46 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description damian 2009-05-05 07:12:03 EDT
Description of problem:

I see a number of core dumps from openssl processes after a weekend test on a RHEL 5.3 system

Version-Release number of selected component (if applicable):

openssl-0.9.8e-7.el5

How reproducible:

Frequent

Steps to Reproduce:
1. openssl is called with command line /usr/bin/openssl s_client -quiet -connect host:port -crlf
  
Actual results:

Core dump at times..


Additional info:

[root@morpheus1 exds]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.3 (Tikanga)
[root@morpheus1 exds]# gdb /usr/bin/openssl core.5905
GNU gdb Fedora (6.8-27.el5)
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu"...
Reading symbols from /lib64/libssl.so.6...Reading symbols from /usr/lib/debug/lib64/libssl.so.0.9.8e.debug...done.
done.
Loaded symbols for /lib64/libssl.so.6
Reading symbols from /usr/lib64/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib64/libgssapi_krb5.so.2
Reading symbols from /usr/lib64/libkrb5.so.3...done.
Loaded symbols for /usr/lib64/libkrb5.so.3
Reading symbols from /lib64/libcom_err.so.2...done.
Loaded symbols for /lib64/libcom_err.so.2
Reading symbols from /usr/lib64/libk5crypto.so.3...done.
Loaded symbols for /usr/lib64/libk5crypto.so.3
Reading symbols from /lib64/libcrypto.so.6...Reading symbols from /usr/lib/debug/lib64/libcrypto.so.0.9.8e.debug...done.
done.
Loaded symbols for /lib64/libcrypto.so.6
Reading symbols from /lib64/libdl.so.2...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /usr/lib64/libz.so.1...done.
Loaded symbols for /usr/lib64/libz.so.1
Reading symbols from /lib64/libc.so.6...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /usr/lib64/libkrb5support.so.0...done.
Loaded symbols for /usr/lib64/libkrb5support.so.0
Reading symbols from /lib64/libkeyutils.so.1...done.
Loaded symbols for /lib64/libkeyutils.so.1
Reading symbols from /lib64/libresolv.so.2...done.
Loaded symbols for /lib64/libresolv.so.2
Reading symbols from /lib64/ld-linux-x86-64.so.2...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libselinux.so.1...done.
Loaded symbols for /lib64/libselinux.so.1
Reading symbols from /lib64/libsepol.so.1...done.
Loaded symbols for /lib64/libsepol.so.1
Reading symbols from /lib64/libnss_files.so.2...done.
Loaded symbols for /lib64/libnss_files.so.2
Core was generated by `/usr/bin/openssl s_client -quiet -connect morpheus7-mp 443 -crlf'.
Program terminated with signal 11, Segmentation fault.
[New process 5905]
#0  0x0000003f7e87b59b in memcpy () from /lib64/libc.so.6
(gdb) bt
#0  0x0000003f7e87b59b in memcpy () from /lib64/libc.so.6
#1  0x0000003f850204b0 in do_ssl3_write (s=<value optimized out>, type=<value
optimized out>, buf=<value optimized out>, len=<value optimized out>,
create_empty_fragment=<value optimized out>) at /usr/include/bits/string3.h:51
#2  0x0000003f850206f8 in ssl3_write_bytes (s=<value optimized out>,
type=<value optimized out>, buf_=<value optimized out>, len=<value optimized
out>) at s3_pkt.c:543
#3  0x000000000042f0c9 in s_client_main (argc=<value optimized out>,
argv=<value optimized out>) at s_client.c:941
#4  0x00000000004108eb in do_cmd (prog=0x7e0ade0, argc=5, argv=0x7fff7be85b90)
at openssl.c:396
#5  0x0000000000410f24 in main (Argc=6, Argv=0x7fff7be85b88) at openssl.c:315
Comment 1 Tomas Mraz 2009-06-30 06:23:32 EDT
Could you please try to run the openssl s_client under gdb and print the backtrace from it?
Comment 2 damian 2009-06-30 11:57:58 EDT

Hi Tomas,

We only see this bug when the system is stressed so it is hard to reproduce (especially wrapped in gdb). I am nor sure I would get more info anyway than the core file provides?

D.
Comment 3 Tomas Mraz 2009-07-01 04:20:05 EDT
Could it be that the system is in an out of memory condition and some allocation fails?
Comment 4 damian 2009-07-01 06:46:31 EDT
No - system memory looks fine. I have graphs of mem usage and it looks fine.
Comment 5 Tomas Mraz 2009-10-08 11:30:21 EDT
I am sorry, I cannot reproduce this intermittent issue, could you please report the issue through the regular https://www.redhat.com/apps/support/ support so it can be investigated properly.

Note You need to log in before you can comment on or make changes to this bug.