Do you set any of the locking functions and/or do you configure with no-locking?
CRYPTO_set_locking_callback() CRYPTO_set_add_lock_callback() see: https://www.openssl.org/docs/manmaster/crypto/threads.html -- -Todd Short // [email protected]<mailto:[email protected]> // "One if by land, two if by sea, three if by the Internet." On Nov 5, 2015, at 8:42 PM, Dmitry Sobinov <[email protected]<mailto:[email protected]>> wrote: We use OpenSSL for DTLS and for general random numbers generation. While checking our app with Clang Thread Sanitizer, we discovered following data race: WARNING: ThreadSanitizer: data race (pid=20055) Read of size 4 at 0x7f14adbb7f98 by thread T18: #0 ssleay_rand_add /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:220 (test_client+0x000000dd242a) #1 RAND_add /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/rand_lib.c:152 (test_client+0x000000c795be) #2 dtls1_connect /home/dmitry.sobinov/builds/openssl-1.0.2d/ssl/d1_clnt.c:174 (test_client+0x000000f4850a) #3 SSL_do_handshake /home/dmitry.sobinov/builds/openssl-1.0.2d/ssl/ssl_lib.c:2768 (test_client+0x000000f701ec) #4 DtlsSrtpTransport::handshakeIteration() /home/dmitry.sobinov/__/src/DtlsSrtpTransport.cpp:328 (test_client+0x00000079ef88) Previous write of size 4 at 0x7f14adbb7f98 by thread T41 (mutexes: write M869): #0 ssleay_rand_bytes /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:392 (test_client+0x000000dd2e1f) #1 ssleay_rand_nopseudo_bytes /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/md_rand.c:536 (test_client+0x000000dd22cb) #2 RAND_bytes /home/dmitry.sobinov/builds/openssl-1.0.2d/crypto/rand/rand_lib.c:159 (test_client+0x000000c7965a) #3 utils::generateRandomBytes(unsigned char*, unsigned long) /home/dmitry.sobinov/__/src/OpenSSLHelpers.cpp:45 (test_client+0x00000078a697) #4 unsigned short utils::random<unsigned short>() /home/dmitry.sobinov/__/include/utils/OpenSSLHelpers.h:42 (test_client+0x0000005a4bff) Static global variable crypto_lock_rand is not protected by mutex or set as atomic. AFAIK it's undefined behaviour in c/c++. OpenSSL was built with TSan instrumentation. Thanks, Dmitry Sobinov _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
