openssl: Downgrading a key is not thread safe
I modified the multi threads test in #13987 so that one thread worker did a key downgrade, at the same time as other workers were using the EVP_PKEY.
I get regular seg faults and lots of errors reported from tsan:
==================
WARNING: ThreadSanitizer: data race (pid=408166)
Read of size 8 at 0x7b4400000a28 by thread T10 (mutexes: write M2751):
#0 memcpy <null> (threadstest+0x430f37)
#1 evp_pkey_downgrade /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1973:16 (libcrypto.so.3+0x3757f6)
#2 EVP_PKEY_get0 /home/matt/dev/openssl-write/crypto/evp/p_lib.c:736:10 (libcrypto.so.3+0x379970)
#3 thread_downgrade_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:411:9 (threadstest+0x4b5e8b)
#4 thread_run /home/matt/dev/openssl-write/test/threadstest.c:74:5 (threadstest+0x4b562a)
Previous atomic write of size 4 at 0x7b4400000a28 by thread T9:
#0 __tsan_atomic32_fetch_add <null> (threadstest+0x472059)
#1 CRYPTO_UP_REF /home/matt/dev/openssl-write/include/internal/refcount.h:38:12 (libcrypto.so.3+0x37c5c0)
#2 EVP_PKEY_up_ref /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1624:9 (libcrypto.so.3+0x37c4ed)
#3 int_ctx_new /home/matt/dev/openssl-write/crypto/evp/pmeth_lib.c:327:9 (libcrypto.so.3+0x383221)
#4 EVP_PKEY_CTX_new_from_pkey /home/matt/dev/openssl-write/crypto/evp/pmeth_lib.c:352:12 (libcrypto.so.3+0x383368)
#5 thread_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:371:15 (threadstest+0x4b5feb)
#6 thread_run /home/matt/dev/openssl-write/test/threadstest.c:74:5 (threadstest+0x4b562a)
Location is heap block of size 296 at 0x7b4400000a00 allocated by main thread:
#0 malloc <null> (threadstest+0x425874)
#1 CRYPTO_malloc /home/matt/dev/openssl-write/crypto/mem.c:184:12 (libcrypto.so.3+0x3bfc59)
#2 CRYPTO_zalloc /home/matt/dev/openssl-write/crypto/mem.c:191:11 (libcrypto.so.3+0x3bfcc4)
#3 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1418:21 (libcrypto.so.3+0x37c016)
#4 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#5 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#6 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#7 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#8 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#9 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#10 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#11 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#12 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#13 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#14 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#15 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#16 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#17 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#18 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#19 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#20 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#21 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#22 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#23 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#24 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#25 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#26 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#27 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Mutex M2751 (0x7b1000008980) created at:
#0 pthread_rwlock_init <null> (threadstest+0x429279)
#1 CRYPTO_THREAD_lock_new /home/matt/dev/openssl-write/crypto/threads_pthread.c:41:9 (libcrypto.so.3+0x3dd191)
#2 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1428:17 (libcrypto.so.3+0x37c080)
#3 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#4 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#5 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#6 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#7 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#8 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#9 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#10 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#11 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#12 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#13 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#14 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#15 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#16 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#17 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#18 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#19 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#20 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#21 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#22 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#23 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#24 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#25 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#26 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Thread T10 (tid=408199, running) created by main thread at:
#0 pthread_create <null> (threadstest+0x42713b)
#1 run_thread /home/matt/dev/openssl-write/test/threadstest.c:80:12 (threadstest+0x4b54f6)
#2 test_multi /home/matt/dev/openssl-write/test/threadstest.c:483:17 (threadstest+0x4b52aa)
#3 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#4 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Thread T9 (tid=408198, running) created by main thread at:
#0 pthread_create <null> (threadstest+0x42713b)
#1 run_thread /home/matt/dev/openssl-write/test/threadstest.c:80:12 (threadstest+0x4b54f6)
#2 test_multi /home/matt/dev/openssl-write/test/threadstest.c:482:10 (threadstest+0x4b526a)
#3 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#4 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
SUMMARY: ThreadSanitizer: data race (/home/matt/dev/openssl-write/test/threadstest+0x430f37) in memcpy
==================
==================
WARNING: ThreadSanitizer: data race (pid=408166)
Write of size 8 at 0x7b4400000a20 by thread T10 (mutexes: write M2751):
#0 memset <null> (threadstest+0x430bd2)
#1 evp_pkey_reset_unlocked /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1401:7 (libcrypto.so.3+0x37c266)
#2 evp_pkey_downgrade /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1975:9 (libcrypto.so.3+0x375812)
#3 EVP_PKEY_get0 /home/matt/dev/openssl-write/crypto/evp/p_lib.c:736:10 (libcrypto.so.3+0x379970)
#4 thread_downgrade_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:411:9 (threadstest+0x4b5e8b)
#5 thread_run /home/matt/dev/openssl-write/test/threadstest.c:74:5 (threadstest+0x4b562a)
Previous read of size 8 at 0x7b4400000a20 by main thread:
#0 evp_pkey_export_to_provider /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1719:31 (libcrypto.so.3+0x37601a)
#1 evp_pkey_asym_cipher_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:49:15 (libcrypto.so.3+0x2fd990)
#2 EVP_PKEY_encrypt_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:171:12 (libcrypto.so.3+0x2fd6fd)
#3 thread_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:377:14 (threadstest+0x4b6034)
#4 test_multi /home/matt/dev/openssl-write/test/threadstest.c:486:5 (threadstest+0x4b52e5)
#5 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#6 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Location is heap block of size 296 at 0x7b4400000a00 allocated by main thread:
#0 malloc <null> (threadstest+0x425874)
#1 CRYPTO_malloc /home/matt/dev/openssl-write/crypto/mem.c:184:12 (libcrypto.so.3+0x3bfc59)
#2 CRYPTO_zalloc /home/matt/dev/openssl-write/crypto/mem.c:191:11 (libcrypto.so.3+0x3bfcc4)
#3 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1418:21 (libcrypto.so.3+0x37c016)
#4 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#5 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#6 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#7 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#8 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#9 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#10 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#11 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#12 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#13 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#14 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#15 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#16 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#17 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#18 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#19 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#20 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#21 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#22 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#23 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#24 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#25 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#26 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#27 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Mutex M2751 (0x7b1000008980) created at:
#0 pthread_rwlock_init <null> (threadstest+0x429279)
#1 CRYPTO_THREAD_lock_new /home/matt/dev/openssl-write/crypto/threads_pthread.c:41:9 (libcrypto.so.3+0x3dd191)
#2 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1428:17 (libcrypto.so.3+0x37c080)
#3 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#4 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#5 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#6 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#7 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#8 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#9 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#10 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#11 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#12 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#13 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#14 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#15 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#16 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#17 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#18 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#19 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#20 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#21 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#22 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#23 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#24 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#25 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#26 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Thread T10 (tid=408199, running) created by main thread at:
#0 pthread_create <null> (threadstest+0x42713b)
#1 run_thread /home/matt/dev/openssl-write/test/threadstest.c:80:12 (threadstest+0x4b54f6)
#2 test_multi /home/matt/dev/openssl-write/test/threadstest.c:483:17 (threadstest+0x4b52aa)
#3 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#4 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
SUMMARY: ThreadSanitizer: data race (/home/matt/dev/openssl-write/test/threadstest+0x430bd2) in memset
==================
==================
WARNING: ThreadSanitizer: data race (pid=408166)
Write of size 8 at 0x7b4400000a58 by thread T10 (mutexes: write M2751):
#0 memset <null> (threadstest+0x430bd2)
#1 evp_pkey_reset_unlocked /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1402:7 (libcrypto.so.3+0x37c293)
#2 evp_pkey_downgrade /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1975:9 (libcrypto.so.3+0x375812)
#3 EVP_PKEY_get0 /home/matt/dev/openssl-write/crypto/evp/p_lib.c:736:10 (libcrypto.so.3+0x379970)
#4 thread_downgrade_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:411:9 (threadstest+0x4b5e8b)
#5 thread_run /home/matt/dev/openssl-write/test/threadstest.c:74:5 (threadstest+0x4b562a)
Previous read of size 8 at 0x7b4400000a58 by main thread:
#0 evp_keymgmt_util_export_to_provider /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:101:13 (libcrypto.so.3+0x365b6e)
#1 evp_pkey_export_to_provider /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1847:15 (libcrypto.so.3+0x376a19)
#2 evp_pkey_asym_cipher_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:49:15 (libcrypto.so.3+0x2fd990)
#3 EVP_PKEY_encrypt_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:171:12 (libcrypto.so.3+0x2fd6fd)
#4 thread_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:377:14 (threadstest+0x4b6034)
#5 test_multi /home/matt/dev/openssl-write/test/threadstest.c:486:5 (threadstest+0x4b52e5)
#6 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#7 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Location is heap block of size 296 at 0x7b4400000a00 allocated by main thread:
#0 malloc <null> (threadstest+0x425874)
#1 CRYPTO_malloc /home/matt/dev/openssl-write/crypto/mem.c:184:12 (libcrypto.so.3+0x3bfc59)
#2 CRYPTO_zalloc /home/matt/dev/openssl-write/crypto/mem.c:191:11 (libcrypto.so.3+0x3bfcc4)
#3 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1418:21 (libcrypto.so.3+0x37c016)
#4 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#5 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#6 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#7 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#8 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#9 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#10 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#11 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#12 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#13 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#14 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#15 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#16 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#17 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#18 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#19 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#20 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#21 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#22 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#23 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#24 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#25 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#26 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#27 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Mutex M2751 (0x7b1000008980) created at:
#0 pthread_rwlock_init <null> (threadstest+0x429279)
#1 CRYPTO_THREAD_lock_new /home/matt/dev/openssl-write/crypto/threads_pthread.c:41:9 (libcrypto.so.3+0x3dd191)
#2 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1428:17 (libcrypto.so.3+0x37c080)
#3 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#4 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#5 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#6 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#7 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#8 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#9 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#10 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#11 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#12 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#13 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#14 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#15 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#16 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#17 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#18 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#19 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#20 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#21 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#22 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#23 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#24 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#25 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#26 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Thread T10 (tid=408199, running) created by main thread at:
#0 pthread_create <null> (threadstest+0x42713b)
#1 run_thread /home/matt/dev/openssl-write/test/threadstest.c:80:12 (threadstest+0x4b54f6)
#2 test_multi /home/matt/dev/openssl-write/test/threadstest.c:483:17 (threadstest+0x4b52aa)
#3 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#4 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
SUMMARY: ThreadSanitizer: data race (/home/matt/dev/openssl-write/test/threadstest+0x430bd2) in memset
==================
==================
WARNING: ThreadSanitizer: data race (pid=408166)
Write of size 8 at 0x7b4400000a60 by thread T10 (mutexes: write M2751):
#0 memset <null> (threadstest+0x430bd2)
#1 evp_pkey_reset_unlocked /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1402:7 (libcrypto.so.3+0x37c293)
#2 evp_pkey_downgrade /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1975:9 (libcrypto.so.3+0x375812)
#3 EVP_PKEY_get0 /home/matt/dev/openssl-write/crypto/evp/p_lib.c:736:10 (libcrypto.so.3+0x379970)
#4 thread_downgrade_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:411:9 (threadstest+0x4b5e8b)
#5 thread_run /home/matt/dev/openssl-write/test/threadstest.c:74:5 (threadstest+0x4b562a)
Previous read of size 8 at 0x7b4400000a60 by main thread:
#0 evp_pkey_export_to_provider /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1721:26 (libcrypto.so.3+0x376072)
#1 evp_pkey_asym_cipher_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:49:15 (libcrypto.so.3+0x2fd990)
#2 EVP_PKEY_encrypt_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:171:12 (libcrypto.so.3+0x2fd6fd)
#3 thread_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:377:14 (threadstest+0x4b6034)
#4 test_multi /home/matt/dev/openssl-write/test/threadstest.c:486:5 (threadstest+0x4b52e5)
#5 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#6 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Location is heap block of size 296 at 0x7b4400000a00 allocated by main thread:
#0 malloc <null> (threadstest+0x425874)
#1 CRYPTO_malloc /home/matt/dev/openssl-write/crypto/mem.c:184:12 (libcrypto.so.3+0x3bfc59)
#2 CRYPTO_zalloc /home/matt/dev/openssl-write/crypto/mem.c:191:11 (libcrypto.so.3+0x3bfcc4)
#3 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1418:21 (libcrypto.so.3+0x37c016)
#4 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#5 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#6 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#7 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#8 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#9 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#10 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#11 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#12 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#13 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#14 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#15 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#16 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#17 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#18 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#19 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#20 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#21 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#22 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#23 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#24 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#25 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#26 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#27 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Mutex M2751 (0x7b1000008980) created at:
#0 pthread_rwlock_init <null> (threadstest+0x429279)
#1 CRYPTO_THREAD_lock_new /home/matt/dev/openssl-write/crypto/threads_pthread.c:41:9 (libcrypto.so.3+0x3dd191)
#2 EVP_PKEY_new /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1428:17 (libcrypto.so.3+0x37c080)
#3 evp_keymgmt_util_make_pkey /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:72:20 (libcrypto.so.3+0x3659be)
#4 decoder_construct_EVP_PKEY /home/matt/dev/openssl-write/crypto/encode_decode/decoder_pkey.c:144:24 (libcrypto.so.3+0x2dfc28)
#5 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#6 der2key_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_der2key.c:385:14 (libcrypto.so.3+0x5c8f76)
#7 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#8 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#9 OSSL_DECODER_from_data /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:93:9 (libcrypto.so.3+0x2da8da)
#10 try_key_value /home/matt/dev/openssl-write/crypto/store/store_result.c:282:11 (libcrypto.so.3+0x4ed32a)
#11 try_key /home/matt/dev/openssl-write/crypto/store/store_result.c:401:18 (libcrypto.so.3+0x4ec06f)
#12 ossl_store_handle_load_result /home/matt/dev/openssl-write/crypto/store/store_result.c:147:10 (libcrypto.so.3+0x4eb8eb)
#13 file_load_construct /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:528:12 (libcrypto.so.3+0x60e69e)
#14 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:536:16 (libcrypto.so.3+0x2da162)
#15 pem2der_decode /home/matt/dev/openssl-write/providers/implementations/encode_decode/decode_pem2der.c:205:14 (libcrypto.so.3+0x5cd4fb)
#16 decoder_process /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:627:14 (libcrypto.so.3+0x2da5c6)
#17 OSSL_DECODER_from_bio /home/matt/dev/openssl-write/crypto/encode_decode/decoder_lib.c:47:10 (libcrypto.so.3+0x2d9e8f)
#18 file_load_file /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:648:12 (libcrypto.so.3+0x60db8e)
#19 file_load /home/matt/dev/openssl-write/providers/implementations/storemgmt/file_store.c:808:16 (libcrypto.so.3+0x60d142)
#20 OSSL_STORE_load /home/matt/dev/openssl-write/crypto/store/store_lib.c:385:18 (libcrypto.so.3+0x4e51eb)
#21 pem_read_bio_key /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:74:23 (libcrypto.so.3+0x41c5d3)
#22 PEM_read_bio_PrivateKey_ex /home/matt/dev/openssl-write/crypto/pem/pem_pkey.c:144:12 (libcrypto.so.3+0x41c9ea)
#23 load_pkey_pem /home/matt/dev/openssl-write/test/testutil/load.c:80:15 (threadstest+0x4bc481)
#24 test_multi /home/matt/dev/openssl-write/test/threadstest.c:471:14 (threadstest+0x4b51c1)
#25 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#26 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
Thread T10 (tid=408199, running) created by main thread at:
#0 pthread_create <null> (threadstest+0x42713b)
#1 run_thread /home/matt/dev/openssl-write/test/threadstest.c:80:12 (threadstest+0x4b54f6)
#2 test_multi /home/matt/dev/openssl-write/test/threadstest.c:483:17 (threadstest+0x4b52aa)
#3 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#4 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
SUMMARY: ThreadSanitizer: data race (/home/matt/dev/openssl-write/test/threadstest+0x430bd2) in memset
==================
ThreadSanitizer:DEADLYSIGNAL
==408166==ERROR: ThreadSanitizer: SEGV on unknown address 0x0000000000b8 (pc 0x7f6cbb791d1c bp 0x7ffc90653f20 sp 0x7ffc90653e20 T408166)
==408166==The signal is caused by a READ memory access.
==408166==Hint: address points to the zero page.
ThreadSanitizer:DEADLYSIGNAL
#0 evp_keymgmt_util_export_to_provider /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:121:29 (libcrypto.so.3+0x365d1c)
#1 evp_pkey_export_to_provider /home/matt/dev/openssl-write/crypto/evp/p_lib.c:1847:15 (libcrypto.so.3+0x376a19)
#2 evp_pkey_asym_cipher_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:49:15 (libcrypto.so.3+0x2fd990)
#3 EVP_PKEY_encrypt_init /home/matt/dev/openssl-write/crypto/evp/asymcipher.c:171:12 (libcrypto.so.3+0x2fd6fd)
#4 thread_shared_evp_pkey /home/matt/dev/openssl-write/test/threadstest.c:377:14 (threadstest+0x4b6034)
#5 test_multi /home/matt/dev/openssl-write/test/threadstest.c:486:5 (threadstest+0x4b52e5)
#6 run_tests /home/matt/dev/openssl-write/test/testutil/driver.c:357:21 (threadstest+0x4bb041)
#7 main /home/matt/dev/openssl-write/test/testutil/main.c:30:15 (threadstest+0x4bc689)
#8 __libc_start_main /build/glibc-ZN95T4/glibc-2.31/csu/../csu/libc-start.c:308:16 (libc.so.6+0x270b2)
#9 _start <null> (threadstest+0x41f9bd)
ThreadSanitizer can not provide additional info.
SUMMARY: ThreadSanitizer: SEGV /home/matt/dev/openssl-write/crypto/evp/keymgmt_lib.c:121:29 in evp_keymgmt_util_export_to_provider
==408166==ABORTING
../../util/wrap.pl ../../test/threadstest -fips ../../test/recipes/90-test_threads_data => 66
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 28 (28 by maintainers)
No - I don’t think so. Currently the downgrade code goes to great pains to ensure that the EVP_PKEY lock is held during a downgrade. Unfortunately it is no sufficient. The downgrade code wipes the entire EVP_PKEY - with the exception of the lock - and recreates it all. However, even though the lock is held, many of the fields in an EVP_PKEY are considered to be immutable once the key is created and are accessed locklessly by lots of functions. So, holding the EVP_PKEY lock doesn’t solve the problem. Having a global or per library context lock doesn’t really resolve this problem. Also, converting everywhere that accesses one of these fields to first acquire a lock isn’t particularly desirable due to lock contention.