[Bug 60461] New: SIGSEGV in SSLSocket.getInfos

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
41 messages Options
123
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] New: SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

            Bug ID: 60461
           Summary: SIGSEGV in SSLSocket.getInfos
           Product: Tomcat 8
           Version: 8.5.8
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: regression
          Priority: P2
         Component: Catalina
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: ----

Created attachment 34512
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34512&action=edit
JVM crash log

I recently upgraded my development setup from Tomcat 8.5.6 to 8.5.8 and
experiences a lot of SIGSEGV in Tomcat Native since then.

It always happens when calling SSLSocket.getInfos, but not on every call.

My HTTPS connector is configured this way :

    <Connector port="8443" SSLEnabled="true"
                protocol="org.apache.coyote.http11.Http11AprProtocol"
                maxThreads="150" scheme="https" secure="true"
                sslProtocol="TLS"
               
sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation"
                SSLCertificateFile="${catalina.home}/conf/certificate.crt"
                SSLCertificateKeyFile="${catalina.home}/conf/privateKey.key"
                server="Apache-Coyote/1.1"
                URIEncoding="UTF-8">
      <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    </Connector>

I use Google Chrome 55 as HTTP client.

Debugging the project with Netbeans and attaching GDB to the java process, I
get the following stacktrace when SEGV :

__GI_raise (sig=6, sig@entry=6)
__GI_abort ()  
os::abort(bool) ()      
VMError::report_and_die() ()    
JVM_handle_linux_signal ()      
signalHandler(int, siginfo*, void*) ()  
<signal handler called> ()      
Java_org_apache_tomcat_jni_SSLSocket_getInfoS (e=0x7fc41861b1f8,
o=0x7fc37a6f2b68, sock=140478657220768, what=2)        

So, the violation occurs on the last line of :

TCN_IMPLEMENT_CALL(jstring, SSLSocket, getInfoS)(TCN_STDARGS, jlong sock,
                                                 jint what)
{
    tcn_socket_t   *a = J2P(sock, tcn_socket_t *);
    tcn_ssl_conn_t *s;
    jstring value = NULL;
    apr_status_t rv = APR_SUCCESS;

    UNREFERENCED(o);
    TCN_ASSERT(sock != 0);

    s = (tcn_ssl_conn_t *)(a->opaque);

Please find attached the JVM crash log.

To debug, I configure native with :

    ./configure CC=${IDE_CC} CXX=${IDE_CXX} CFLAGS="-g3 -gdwarf-2"
CXXFLAGS="-g3 -gdwarf-2" --with-java-home=/usr/lib/jvm/java-8-oracle
--with-ssl=/home/lpenet/devoss/openssl-1.0.2j

and configure openssl 1.0.2j with the following command line :

    ./config no-shared -fPIC

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #1 from Ludovic Pénet <[hidden email]> ---
I did not explicitly mentionned it, but I use stock openssl sources and the
native version included in tomcat 8.5.8 sources.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #2 from Remy Maucherat <[hidden email]> ---
Maybe, but when I see that, I think you should complain to other people as
well:
j
org.apache.catalina.connector.Request.getAttributeNames()Ljava/util/Enumeration;+17
j
org.apache.myfaces.webapp.ManagedBeanDestroyerListener.requestDestroyed(Ljavax/servlet/ServletRequestEvent;)V+13

It's only cosmetic, bt why are you specifying sslImplementationName when you're
using APR ? Do you expect it to use it JSSE by accident ?
server="Apache-Coyote/1.1" is the default already, so no need to

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #3 from Ludovic Pénet <[hidden email]> ---
Specifying sslImplementationName is just plain paranoia, and to make it clear
for coworkers arriving on the project and not already knowing it is the default
with APR.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Christopher Schultz <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #34512|text/x-log                  |text/plain
          mime type|                            |

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Mark Thomas <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |NEEDINFO

--- Comment #4 from Mark Thomas <[hidden email]> ---
The MyFaces code doesn't seem to be doing anything unreasonable (like retaining
references to previous requests).

I've been unable to reproduce this. A minimal (i.e. the smallest possible) test
case that reproduces this (at least some of the time, ideally all of the time)
is going to be required to investigate this further.

It would also be worth testing with 8.5.9.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #5 from Ludovic Pénet <[hidden email]> ---
Thank you for your quick reply.

I acknowledge your request and will do my best to prepare this.

However, I have to finish urgent work before a long christmas break and I might
not do this before the second half of January.

For the time being, I stick to 8.5.6 as I saw no security patch of interest to
me but will test with the latest version (8.5.9 or later) then.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #6 from Christopher Schultz <[hidden email]> ---
I would be interested to know if Tomcat 8.5.8 with the libtcnative from 8.5.6
still exhibits the same problem. Is that something you can test easily?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #7 from Ludovic Pénet <[hidden email]> ---
Yes, in fact, I already tried it.

And yes, it has the same behaviour.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Ludovic Pénet <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEEDINFO                    |RESOLVED

--- Comment #8 from Ludovic Pénet <[hidden email]> ---
Hi.

I tested with Tomcat 8.5.10 (built from sources as the release is still in
progress), and it works fine.

So, I think we can close this issue.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #9 from [hidden email] ---
Created attachment 34790
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=34790&action=edit
8.5.11 Windows Crash Log

This crash still exists in 8.5.11 on Windows. I've uploaded my log.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Ludovic Pénet <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |---

--- Comment #10 from Ludovic Pénet <[hidden email]> ---
Reopening, following mattcoz comment.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Mark Thomas <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |NEEDINFO

--- Comment #11 from Mark Thomas <[hidden email]> ---
Steps to reproduce please on a clean install of the latest release of any of
the supported Tomcat versions (7.0.x, 8.0.x, 8.5.x, 9.0.x) and the latest
Tomcat Native release (1.2.x).

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #12 from [hidden email] ---
Unfortunately I have no idea what is causing it and I don't know how to
reproduce it. I installed a fresh copy of 8.5.11 with tcnative 1.2.10 and then
copied in my configuration files. It crashed only once since I installed it on
the 27th. It had crashed 6 times in 8.5.6 since late November, but 3 of those
were in the last week and I'm not sure what could have changed. I did install a
new SSL certificate, but it seems to be working fine most of the time. I really
wish I could be of more help.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

[hidden email] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |NEW

--- Comment #13 from [hidden email] ---
Well it was going well for a while, then it crashed again last night. I'm at a
loss here, what can I do to help figure this out?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Mark Thomas <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |NEEDINFO

--- Comment #14 from Mark Thomas <[hidden email]> ---
Steps to reproduce still required.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

[hidden email] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |NEW

--- Comment #15 from [hidden email] ---
I'm sorry, I have no steps, I don't know how to reproduce it. Is there any
other information I can give you? Is there anything I should do to try to
figure out how to reproduce it?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

Mark Thomas <[hidden email]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |NEEDINFO

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

[hidden email] changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEEDINFO                    |NEW

--- Comment #16 from [hidden email] ---
Looking at his log and my logs, the commonality is that it starts with a call
to getAttributeNames on the request. Not sure if that helps at all, that's a
call that works all the time without crashing. I have multiple sites running on
the server and the crashes are not limited to just one of them. None of them
are doing anything out of the ordinary, and nothing in any of my logs looks
suspicious. I would LOVE to give you the info you need, but I just don't know
what that could be. I need some guidance more than just NEEDINFO.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 60461] SIGSEGV in SSLSocket.getInfos

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461

--- Comment #17 from [hidden email] ---
Another crash last night, please let me know what I can do to help.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

123
Loading...