c - OpenSSL produces core dump under Valgrind due to RDRAND -
this code:
#include <openssl/rsa.h> int main(){ bignum *bne = null; unsigned long e = rsa_f4; rsa *r = null; bne = bn_new(); bn_set_word(bne,e); r = rsa_new(); int ret = rsa_generate_key_ex(r, 1024, bne, null); const bignum *n = null; const bignum *d = null; rsa_get0_key(r, &n, null, &d); bn_print_fp(stdout, n); rsa_free(r); bn_free(bne); return 0; }
this how compiled it:
gcc -wall -wextra -wl,-rpath,/home/roman/dropbox/uni/rsa/my_work/library/lib -g sharedlibrarytest.c -o sharedlibrarytest -i/home/roman/dropbox/uni/rsa/my_work/library/include - l/home/roman/dropbox/uni/rsa/my_work/library/lib -lcrypto -ldl
everything ok, when run ./sharedlibrarytest
. however, when run in valgrind, says illegal instruction (core dumped)
, there memory leaks don't understand (i can't see any).
do know causes this? running openssl 1_1_0e.
here valgrind output.
$ valgrind ./sharedlibrarytest ==4500== memcheck, memory error detector ==4500== copyright (c) 2002-2015, , gnu gpl'd, julian seward et al. ==4500== using valgrind-3.11.0 , libvex; rerun -h copyright info ==4500== command: ./sharedlibrarytest ==4500== vex amd64->ir: unhandled instruction bytes: 0x48 0xf 0xc7 0xf0 0x72 0x2 0xe2 0xf8 vex amd64->ir: rex=1 rex.w=1 rex.r=0 rex.x=0 rex.b=0 vex amd64->ir: vex=0 vex.l=0 vex.nvvvv=0x0 esc=0f vex amd64->ir: pfx.66=0 pfx.f2=0 pfx.f3=0 ==4500== valgrind: unrecognised instruction @ address 0x5026fa5. ==4500== @ 0x5026fa5: openssl_ia32_rdrand (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4fc2b12: rand_bytes (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4ef698e: bn_rand (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4ef5430: bn_generate_prime_ex (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4fca616: rsa_generate_key_ex (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x400963: main (sharedlibrarytest.c:12) ==4500== program tried execute instruction valgrind ==4500== did not recognise. there 2 possible reasons this. ==4500== 1. program has bug , erroneously jumped non-code ==4500== location. if running memcheck , saw ==4500== warning bad jump, it's program's fault. ==4500== 2. instruction legitimate valgrind doesn't handle it, ==4500== i.e. it's valgrind's fault. if think case or ==4500== not sure, please let know , we'll try fix it. ==4500== either way, valgrind raise sigill signal ==4500== kill program. ==4500== ==4500== process terminating default action of signal 4 (sigill) ==4500== illegal opcode @ address 0x5026fa5 ==4500== @ 0x5026fa5: openssl_ia32_rdrand (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4fc2b12: rand_bytes (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4ef698e: bn_rand (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4ef5430: bn_generate_prime_ex (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x4fca616: rsa_generate_key_ex (in /home/roman/dropbox/uni/rsa/my_work/library/lib/libcrypto.so.1.1) ==4500== 0x400963: main (sharedlibrarytest.c:12) ==4500== ==4500== heap summary: ==4500== in use @ exit: 6,216 bytes in 32 blocks ==4500== total heap usage: 146 allocs, 114 frees, 14,880 bytes allocated ==4500== ==4500== leak summary: ==4500== lost: 0 bytes in 0 blocks ==4500== indirectly lost: 0 bytes in 0 blocks ==4500== possibly lost: 0 bytes in 0 blocks ==4500== still reachable: 6,216 bytes in 32 blocks ==4500== suppressed: 0 bytes in 0 blocks ==4500== rerun --leak-check=full see details of leaked memory ==4500== ==4500== counts of detected , suppressed errors, rerun with: -v ==4500== error summary: 0 errors 0 contexts (suppressed: 0 0) illegal instruction (core dumped)
this looks known bug in valgrind, there patch.
the problem valgrind not support cpu instruction libcrypto using. solution not tell libcrypto instruction available.
the memory leaks result of abnormal termination. is, destructors of different objects not called.
solutions
get latest stable version
apply patch
get svn version online repo
Comments
Post a Comment