Re: RAnd_Poll crashes in Vista
We were using OpenSSL in our product, but lately after testing on Vista,
our application was was crashing (only in Vista) in SSL_Connect(). (It
worked fine in XP)
After debugging through OpenSSL we found that within RAND_poll() it was
crashing in a win32 api function snap(TH32CS_SNAPALL,0).
...
Has anyone else faced such RAND_poll() related crash before ?
There was another report about RAND_poll in Vista, but trouble is that
it's irreproducible in simple test applications.
Is there anyway I can bypass that RAND_poll() call (as described in the
last paragraph of
http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html).
Can you test if below code makes your application work by appending it
to crypto/rand/md_rand.c? Idea here is to call RAND_poll from code which
is [believed to be] serialized by Windows. A.
#if defined(_WIN32)
#if defined(__GNUC__) __GNUC__=2
static int premain(void) __attribute__((constructor));
#endif
static int premain(void)
{
if (!initialized)
{
RAND_poll();
initialized = 1;
}
return 0;
}
#if defined(_MSC_VER)
# if defined(_WIN64)
# pragma section(.CRT$XCU,read)
__declspec(allocate(.CRT$XCU))
# else
# pragma data_seg(.CRT$XCU)
# endif
static int (*p)(void) = premain;
# pragma data_seg()
#endif
#endif
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: RAnd_Poll crashes in Vista
Shobhit Gupta wrote: Hi, We were using OpenSSL in our product, but lately after testing on Vista, our application was was crashing (only in Vista) in SSL_Connect(). (It worked fine in XP) After debugging through OpenSSL we found that within RAND_poll() it was crashing in a win32 api function snap(TH32CS_SNAPALL,0). I would like to see a minidump with heap for an instance of an application crashing in this circumstance. I will require the source code to the test application, the matching binary and symbols. With reference to the RAND_poll() issue described in http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html we came to know that RAND_poll() crash occurs especially during a multithreaded environment. The purpose of the CreateToolhelp32Snapshot function is to permit walking data structures that are constantly changing by creating a read-only copy that will not change. The returned HANDLE points to a unique snapshot. Walking the contents of the data structures in this snapshot is thread safe. Getting more info from an MSDN page http://msdn2.microsoft.com/en-us/library/ms682489.aspx we got to know that : TH32CS_SNAPALL copies process + thread information while TH32CS_SNAPPROCESS copies just the process information. That is not the crucial item. SNAPALL includes the HEAPLIST whereas SNAPPROCESS by itself does not. So we tried changing from *snap(TH32CS_SNAPALL,0)* to *snap(TH32CS_SNAPPROCESS ,0)* And then it worked and did not crash. The important question is where is the crash? Is the crash occurring within the CreateToolhelp32Snapshot function call? If so, is your application running in an environment which does not support COM (or in Vista perhaps WMI)? Can anyone confirm if these changes are good (safe)? Making the change reduces the amount of data that is obtained for use in initializing the random number generator. Has anyone else faced such RAND_poll() related crash before ? Yes. Is there anyway I can bypass that RAND_poll() call (as described in the last paragraph of http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html). Your application can all RAND_add() and provide an alternate source of random data. If there is sufficient random data available, RAND_poll() will not be called. Thanks in advance, Regards, Shobhit Gupta smime.p7s Description: S/MIME Cryptographic Signature
Re: RAnd_Poll crashes in Vista
The purpose of the CreateToolhelp32Snapshot function is to permit walking data structures that are constantly changing by creating a read-only copy that will not change. The returned HANDLE points to a unique snapshot. Walking the contents of the data structures in this snapshot is thread safe. Has anyone else faced such RAND_poll() related crash before ? Yes. Where was it then? Point is that if above (with snapshot being read-only copy) held true, then we wouldn't have this discussion, would we? Or at least switching to TH32CS_SNAPPROCESS wouldn't make difference... I see no other option then to assume that either snapshot is not really a snapshot or CreateToolhelp32Snapshot itself is not thread-safe. Is there anyway I can bypass that RAND_poll() call (as described in the last paragraph of http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html). Your application can all RAND_add() and provide an alternate source of random data. If there is sufficient random data available, RAND_poll() will not be called. I can't see how prior RAND_add would prevent RAND_poll from being invoked... At least not in HEAD or 0.9.8... A. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RAnd_Poll crashes in Vista
Andy Polyakov wrote: The purpose of the CreateToolhelp32Snapshot function is to permit walking data structures that are constantly changing by creating a read-only copy that will not change. The returned HANDLE points to a unique snapshot. Walking the contents of the data structures in this snapshot is thread safe. Has anyone else faced such RAND_poll() related crash before ? Yes. Where was it then? Point is that if above (with snapshot being read-only copy) held true, then we wouldn't have this discussion, would we? Or at least switching to TH32CS_SNAPPROCESS wouldn't make difference... I see no other option then to assume that either snapshot is not really a snapshot or CreateToolhelp32Snapshot itself is not thread-safe. I don't have enough information to perform the analysis. As documented, CreateToolhelp32Snapshot is supposed to create a read-only snapshot. Hence the reason I asked for the minidump. Unless someone collects data and places in inquiry with Microsoft to find out what is really going on, everything is just going to be speculation. smime.p7s Description: S/MIME Cryptographic Signature
Re: RAnd_Poll crashes in Vista
Jeffrey, The purpose of the CreateToolhelp32Snapshot function is to permit walking data structures that are constantly changing by creating a read-only copy that will not change. The returned HANDLE points to a unique snapshot. Walking the contents of the data structures in this snapshot is thread safe. Has anyone else faced such RAND_poll() related crash before ? Yes. Where was it then? Point is that if above (with snapshot being read-only copy) held true, then we wouldn't have this discussion, would we? Or at least switching to TH32CS_SNAPPROCESS wouldn't make difference... I see no other option then to assume that either snapshot is not really a snapshot or CreateToolhelp32Snapshot itself is not thread-safe. I don't have enough information to perform the analysis. As documented, CreateToolhelp32Snapshot is supposed to create a read-only snapshot. Hence the reason I asked for the minidump. Yes, of course. It's just that as you answered yes to question has anyone else had problem I assumed that you ran into it at some point too. I mean my where was it targeted you as potential somebody else:-) A. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RAnd_Poll crashes in Vista
Andy Polyakov wrote: Yes, of course. It's just that as you answered yes to question has anyone else had problem I assumed that you ran into it at some point too. I mean my where was it targeted you as potential somebody else:-) A. The 'yes' applies to the complaints that have been reported on openssl-info and openssl-dev going back more than seven years. My applications never experience this problem because they all execute in user mode on the user's desktop. The applications that have experienced the problem that I am aware of are services that either execute before other dependencies have started OR have called OpenSSL from within DllMain(). smime.p7s Description: S/MIME Cryptographic Signature
Re: RAnd_Poll crashes in Vista
Thanks all for responses.
Andy::I will try appending your piece of code in the end of md_rand.c
--
I would like to see a minidump with heap for an instance of an
application crashing in this circumstance. I will require the source
code to the test application, the matching binary and symbols.
How do we create a minidump ?
--
The applications that have experienced the problem that I am aware of
are services that either execute before other dependencies have started
OR have called OpenSSL from within DllMain().
Yes. Even in our case there is an executable (slbroker.exe) which calls a
function within a DLL (logevent.dll). We are calling SSL_connect() from
within the DLL function all SSL related work is done by the DLL only.
The executable is a separate product which is using our DLL.
--
The important question is where is the crash? Is the crash occurring
within the CreateToolhelp32Snapshot function call?
Yes. But to be precise, the DLL doesn't return from the SSL_connect() due to
snap(TH32CS_SNAPALL,0).
as a result, the EXE is crashing.
--
Your application can all RAND_add() and provide an alternate source of
random data. If there is sufficient random data available, RAND_poll()
will not be called.
Ok. Lets say I call RAND_add() much before calling SSL_connect(), but how do
I make sure there is sufficient amount of random data available ?
I see there is a KERNEL code block in RAND_poll()
if(kernel)
{
.
}
Since we will already be having a lot of randomness with the seeding done by
USER EVENTs... Would it not be okay if I totally comment out the KERNEL
code block ?
--
One more question...
I am new to OpenSSL. Can someone suggest me what is the recommended way of
debugging (or logging) through OpenSSL ?
I made my own functions to log my debug statements in a file. But is
there anything
already available ?
Thanks again for all the help.
Regards,
Shobhit
On 10/7/07, Andy Polyakov [EMAIL PROTECTED] wrote:
We were using OpenSSL in our product, but lately after testing on Vista,
our application was was crashing (only in Vista) in SSL_Connect(). (It
worked fine in XP)
After debugging through OpenSSL we found that within RAND_poll() it was
crashing in a win32 api function snap(TH32CS_SNAPALL,0).
...
Has anyone else faced such RAND_poll() related crash before ?
There was another report about RAND_poll in Vista, but trouble is that
it's irreproducible in simple test applications.
Is there anyway I can bypass that RAND_poll() call (as described in the
last paragraph of
http://www.mail-archive.com/openssl-dev@openssl.org/msg18900.html).
Can you test if below code makes your application work by appending it
to crypto/rand/md_rand.c? Idea here is to call RAND_poll from code which
is [believed to be] serialized by Windows. A.
#if defined(_WIN32)
#if defined(__GNUC__) __GNUC__=2
static int premain(void) __attribute__((constructor));
#endif
static int premain(void)
{
if (!initialized)
{
RAND_poll();
initialized = 1;
}
return 0;
}
#if defined(_MSC_VER)
# if defined(_WIN64)
# pragma section(.CRT$XCU,read)
__declspec(allocate(.CRT$XCU))
# else
# pragma data_seg(.CRT$XCU)
# endif
static int (*p)(void) = premain;
# pragma data_seg()
#endif
#endif
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: RAnd_Poll crashes in Vista
Shobhit Gupta wrote: Thanks all for responses. Andy::I will try appending your piece of code in the end of md_rand.c -- I would like to see a minidump with heap for an instance of an application crashing in this circumstance. I will require the source code to the test application, the matching binary and symbols. How do we create a minidump ? The easiest way is to reproduce the problem with a debugger attached and then after the crash occurs ask the debugger to write the minidump. Using Debugging Tools for Windows, http://www.microsoft.com/whdc/devtools/debugging/default.mspx, you can use the .dump command. See the debugger's online help. smime.p7s Description: S/MIME Cryptographic Signature
