[gnutls-devel] GnuTLS | p11-kit / p11tool hang on clang (#965)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Apr 2 17:26:38 CEST 2020



Andreas Fuchs created an issue: https://gitlab.com/gnutls/gnutls/-/issues/965



## Description of problem:
Calling `p11tool --list-tokens` hangs indefinitely; but only when compiled using clang using gcc succeeds as expected.

## Version of gnutls used:
3.6.10-1.fc30.x86_64

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Fedora 30 Docker

## How reproducible:
This branch introduces a p11tool based test to our CI system:
https://github.com/AndreasFuchsSIT/tpm2-pkcs11/tree/p11tool_tests

This is the build by travis:
https://travis-ci.org/github/AndreasFuchsSIT/tpm2-pkcs11/builds/669628934

To test locally:
```sh
cd tpm2-pkcs11 #and switch to branch
docker run --cap-add=SYS_PTRACE -it --env-file "$PWD/.ci/docker.env" \
    -v "$PWD:/workspace/tpm2-pkcs11" "tpm2software/tpm2-tss:fedora-30" \
    /bin/bash
#inside docker
export CC=clang
./.ci/docker.run
```
Note: if you `export CC=gcc` the p11tool tests succeed

## Actual results:
Program hangs indefinitely.

Calltrace:
```c
$ gdb -p $(pidof p11tool | cut -d " " -f 1)
[... a bunch of symbol resolutions ...]
(gdb) bt
#0  futex_abstimed_wait (private=0, abstime=0x0, expected=2, futex_word=<optimized out>) at ../sysdeps/unix/sysv/linux/futex-internal.h:172
#1  __pthread_rwlock_wrlock_full (abstime=0x0, rwlock=0x7f0f026779a0 <__libc_setlocale_lock>) at pthread_rwlock_common.c:807
#2  __GI___pthread_rwlock_wrlock (rwlock=0x7f0f026779a0 <__libc_setlocale_lock>) at pthread_rwlock_wrlock.c:27
#3  0x00007f0f024e5ab7 in __newlocale (category_mask=<optimized out>, category_mask at entry=8127, locale=locale at entry=0x7f0eff1bfd61 "POSIX", base=<optimized out>, base at entry=0x0) at newlocale.c:163
#4  0x00007f0eff1b66a1 in p11_library_init_impl () at ../common/library.c:160
#5  0x00007f0f03344f4a in call_init (l=<optimized out>, argc=argc at entry=4, argv=argv at entry=0x7ffc034f5cb8, env=env at entry=0x7ffc034f5ce0) at dl-init.c:72
#6  0x00007f0f03345051 in call_init (env=0x7ffc034f5ce0, argv=0x7ffc034f5cb8, argc=4, l=<optimized out>) at dl-init.c:30
#7  _dl_init (main_map=main_map at entry=0x61a000000080, argc=4, argv=0x7ffc034f5cb8, env=0x7ffc034f5ce0) at dl-init.c:119
#8  0x00007f0f03348fae in dl_open_worker (a=a at entry=0x7ffc034f4dc0) at dl-open.c:510
#9  0x00007f0f025ece09 in __GI__dl_catch_exception (exception=exception at entry=0x7ffc034f4da0, operate=operate at entry=0x7f0f03348bc0 <dl_open_worker>, args=args at entry=0x7ffc034f4dc0) at dl-error-skeleton.c:196
#10 0x00007f0f0334882e in _dl_open (file=0x604000000510 "/usr/lib64/pkcs11/p11-kit-trust.so", mode=-2147483646, caller_dlopen=0x7f0f02910c74 <__interceptor_dlopen(char const*, int)+244>, nsid=-2, argc=4, 
    argv=<optimized out>, env=0x7ffc034f5ce0) at dl-open.c:592
#11 0x00007f0f0229b39c in dlopen_doit (a=a at entry=0x7ffc034f4fe0) at dlopen.c:66
#12 0x00007f0f025ece09 in __GI__dl_catch_exception (exception=exception at entry=0x7ffc034f4f80, operate=operate at entry=0x7f0f0229b340 <dlopen_doit>, args=args at entry=0x7ffc034f4fe0) at dl-error-skeleton.c:196
#13 0x00007f0f025ecea3 in __GI__dl_catch_error (objname=objname at entry=0x7f0f032aedb0 <alloc_memory_for_dlsym+16>, errstring=errstring at entry=0x7f0f032aedb8 <alloc_memory_for_dlsym+24>, 
    mallocedp=mallocedp at entry=0x7f0f032aeda8 <alloc_memory_for_dlsym+8>, operate=operate at entry=0x7f0f0229b340 <dlopen_doit>, args=args at entry=0x7ffc034f4fe0) at dl-error-skeleton.c:215
#14 0x00007f0f0229bb09 in _dlerror_run (operate=operate at entry=0x7f0f0229b340 <dlopen_doit>, args=args at entry=0x7ffc034f4fe0) at dlerror.c:170
#15 0x00007f0f0229b42a in __dlopen (file=<optimized out>, mode=<optimized out>) at dlopen.c:87
#16 0x00007f0f02910c74 in __interceptor_dlopen (filename=0x604000000510 "/usr/lib64/pkcs11/p11-kit-trust.so", flag=2)
    at /usr/src/debug/compiler-rt-8.0.0-1.fc30.x86_64/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:5969
#17 0x00007f0f0202b4fc in dlopen_and_get_function_list (funcs=0x7ffc034f58a0, path=0x604000000510 "/usr/lib64/pkcs11/p11-kit-trust.so", mod=0x617000000080) at ../p11-kit/modules.c:429
#18 load_module_from_file_inlock (path=0x604000000510 "/usr/lib64/pkcs11/p11-kit-trust.so", result=result at entry=0x7ffc034f5928, name=<optimized out>) at ../p11-kit/modules.c:429
#19 0x00007f0f0202baa7 in take_config_and_load_module_inlock (verbose=false, critical=false, config=0x7ffc034f5920, name=0x7ffc034f5918) at ../p11-kit/modules.c:597
#20 load_registered_modules_unlocked (flags=flags at entry=0) at ../p11-kit/modules.c:682
#21 0x00007f0f0202c89f in load_registered_modules_unlocked (flags=0) at ../p11-kit/modules.c:2032
#22 p11_modules_load_inlock_reentrant (flags=0, results=0x7ffc034f5a20) at ../p11-kit/modules.c:1987
#23 0x00007f0f0202c927 in p11_kit_modules_load (reserved=0x0, flags=0) at ../p11-kit/modules.c:2092
#24 0x00007f0f0202ccb2 in p11_kit_modules_load_and_initialize (flags=flags at entry=0) at ../p11-kit/modules.c:2216
#25 0x00007f0f0274c3ca in auto_load (trusted=trusted at entry=0) at pkcs11.c:933
#26 0x00007f0f0274de37 in gnutls_pkcs11_init (flags=1, deprecated_config_file=0x0) at pkcs11.c:1006
#27 0x0000557d8b3c3bf3 in cmd_parser (argv=<optimized out>, argc=8) at p11tool.c:187
#28 main (argc=<optimized out>, argv=<optimized out>) at p11tool.c:75
```

## Expected results:
Modules are loaded and tokens listed

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/965
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200402/4b54655e/attachment-0001.html>


More information about the Gnutls-devel mailing list