I just tried the openssl s_client command with the same CA certificate, and it also dumped core. I will be really glad if someone could tell me what might be going wrong here. Following is the information about the system, gcc / make versions, tusc output and the backtrace of the core file.
bash-2.05b$ uname -a HP-UX ia64-bld B.11.23 U ia64 3226910008 unlimited-user license bash-2.05b$ gcc -v Reading specs from /usr/local/lib/gcc/ia64-hp-hpux11.23/3.4.3/specs Configured with: /scratch/zack/pkgbuild/3.3.1/hpux-11/gcc-3.4.3/configure --enable-languages=c,c++ --enable-threads=posix --with-gnu-as --without-gnu-ld --with-as=/usr/local/bin/as --prefix=/usr/local Thread model: posix gcc version 3.4.3 bash-2.05b$ make -v GNU Make 3.80 Copyright (C) 2002 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. bash-2.05b$ ./Configure hpux-ia64-gcc bash-2.05b$ make bash-2.05b$ ldd apps/openssl libdl.so.1 => /usr/lib/hpux32/libdl.so.1 libc.so.1 => /usr/lib/hpux32/libc.so.1 libdl.so.1 => /usr/lib/hpux32/libdl.so.1 bash-2.05b$ file apps/openssl apps/openssl: ELF-32 executable object file - IA64 bash-2.05b$ tusc ./apps/openssl s_client -ssl3 -connect swdev8:4000 -CAfile /tmp/cacert.pem -debug <snip> open("/tmp/cacert.pem", O_RDONLY|0x800, 0666) .................................................................. = 3 brk(0x40084000) ................................................................................................ = 0 ioctl(3, TCGETA, 0x7fffeca0) ................................................................................... ERR#25 ENOTTY read(3, "- - - - - B E G I N C E R T I ".., 8192) ............................................................ = 1184 brk(0x4008c000) ................................................................................................ = 0 brk(0x4008d000) ................................................................................................ = 0 brk(0x40091000) ................................................................................................ = 0 Received signal 11, SIGSEGV, in user mode, [SIG_DFL], partial siginfo Siginfo: si_code: SEGV_ACCERR, faulting address: 0x8, si_errno: 0 PC: 00000001000000a0.0 break.m 0x16000 exit(11) [implicit] ............................................................................................ WIFSIGNALED(SIGSEGV)|WCOREDUMP <snip> Here is the backtrace of the core file: bash-2.05b$ gdb apps/openssl HP gdb 5.2.03 for HP Itanium (32 or 64 bit) and target HP-UX 11.2x. Copyright 1986 - 2001 Free Software Foundation, Inc. Hewlett-Packard Wildebeest 5.2.03 (based on GDB) is covered by the GNU General Public License. Type "show copying" to see the conditions to change it and/or distribute copies. Type "show warranty" for warranty/support. .. (gdb) core-file core Core was generated by `openssl'. Program terminated with signal 11, Segmentation fault. SEGV_ACCERR - Invalid Permissions for object #0 0x41c3550:1 in BUF_MEM_grow+0x131 () (gdb) bt #0 0x41c3550:1 in BUF_MEM_grow+0x131 () #1 0x4205a50:0 in x509_name_ex_d2i+0x290 () #2 0x42191b0:0 in ASN1_item_ex_d2i+0x980 () #3 0x42180f0:0 in asn1_template_noexp_d2i+0x580 () #4 0x42186a0:0 in asn1_template_ex_d2i+0x2e0 () #5 0x4218d00:0 in ASN1_item_ex_d2i+0x4d0 () #6 0x42180f0:0 in asn1_template_noexp_d2i+0x580 () #7 0x42186a0:0 in asn1_template_ex_d2i+0x2e0 () #8 0x4218d00:0 in ASN1_item_ex_d2i+0x4d0 () #9 0x4219be0:0 in ASN1_item_d2i+0x70 () #10 0x42066e0:0 in d2i_X509+0x40 () #11 0x4228480:0 in PEM_X509_INFO_read_bio+0x500 () #12 0x4246d50:0 in X509_load_cert_crl_file+0xc0 () #13 0x4247000:0 in by_file_ctrl+0xe0 () #14 0x42406d0:0 in X509_LOOKUP_ctrl+0xc0 () #15 0x42312a0:0 in X509_STORE_load_locations+0x90 () #16 0x4143e50:0 in SSL_CTX_load_verify_locations+0x40 () #17 0x40c8d00:0 in s_client_main+0x9a0 () #18 0x408c0e0:0 in do_cmd+0x130 () #19 0x408d620:0 in main+0xcf0 () ----- Original Message ----- From: Urjit Gokhale (Gmail) To: openssl-dev@openssl.org Sent: Thursday, October 04, 2007 3:13 PM Subject: SIGSEGV in SSL_CTX_load_verify_locations() on HP itanium ia64 (32 bit mode) Hello everyone, I have facing a SIGSEGV in SSL_CTX_load_verify_locations() on HP itanium machine. I am building two different applications and the openssl libraries in 32 bit. The ssl libraries are statically linked with my applications. When build in 64 bit mode, the applications works fine (openssl is also built in 64 bit mode). I wonder how the same source works with the same cacert.pem when build in 64 bit, and fails in 32 bit. Are there any compiler flags I need to use while building openssl / my applications in 32 bit? Can I use any APIs that will give me more diagnostic information / errors ? I build openssl in 32 bit mode with the following command: $ ./Configure hpux-ia64-gcc tusc output: ~~~~~~~~~~~~~~~~~~~~~~~~ Application 1: <snip> stat("prngseed.dat", 0x7fffb780) ............................................................................... = 0 open("prngseed.dat", O_WRONLY|O_CREAT|O_TRUNC, 0666) ........................................................... ERR#13 EACCES stat("prngseed.dat", 0x7fffb780) ............................................................................... = 0 open("prngseed.dat", O_RDONLY, 0666) ........................................................................... ERR#13 EACCES brk(0x40080000) ................................................................................................ = 0 open("/tmp/cacert.pem", O_RDONLY|0x800, 0666) .................................................................. = 6 ioctl(6, TCGETA, 0x7fffb5f0) ................................................................................... ERR#25 ENOTTY read(6, "- - - - - B E G I N C E R T I ".., 8192) ............................................................ = 1184 Received signal 11, SIGSEGV, in user mode, [SIG_DFL], partial siginfo Siginfo: si_code: SEGV_ACCERR, faulting address: 0x8, si_errno: 0 PC: 00000001000000a0.0 break.m 0x16000 exit(11) [implicit] ............................................................................................ WIFSIGNALED(SIGSEGV)|WCOREDUMP </snip> Application 2: <snip> stat64("prngseed.dat", 0x7fffe360) ............................................................................. = 0 open("prngseed.dat", O_WRONLY|O_CREAT|O_TRUNC|0x800, 0666) ..................................................... ERR#13 EACCES stat64("prngseed.dat", 0x7fffe360) ............................................................................. = 0 open("prngseed.dat", O_RDONLY|0x800, 0666) ..................................................................... ERR#13 EACCES open("/tmp/cacert.pem", O_RDONLY|0x800, 0666) .................................................................. = 6 ioctl(6, TCGETA, 0x7fffe1d0) ................................................................................... ERR#25 ENOTTY read(6, "- - - - - B E G I N C E R T I ".., 8192) ............................................................ = 1184 brk(0x400e0000) ................................................................................................ = 0 Received signal 11, SIGSEGV, in user mode, [caught], partial siginfo Siginfo: si_code: SEGV_ACCERR, faulting address: 0x8, si_errno: 0 PC: 00000001000000a0.0 break.m 0x16000 getpid() ....................................................................................................... = 21617 (21616) (write(2, "( ", 1) .............................................................................................. = 1 21617write(2, "2 1 6 1 7 ", 5) ...................................................................................... = 5 ) write(2, ") ", 2) ............................................................................................ = 2 SIGSEGV/11 (segmentation violation)write(2, "S I G S E G V / 1 1 ( s e g m ".., 35) ............................................................. = 35 received, exiting.write(2, " r e c e i v e d , e x i t i ".., 19) ............................................................. = 19 write(2, "\n", 1) .............................................................................................. = 1 </snip> I will really appriciate any help I could get. Thank you, ~ Urjit