Raspbian

segmentation fault when initializing softhsm

Bug #1261241 reported by Leif Gustafsson on 2013-12-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Raspbian	Confirmed	Undecided	Unassigned

Bug Description

# softhsm --init-token --slot 0 --label "OpenDNSSEC"
The SO PIN must have a length between 4 and 255 characters.
Enter SO PIN:
The user PIN must have a length between 4 and 255 characters.
Enter user PIN:
Segmentation fault

installed latest code via apt-get install ...
# softhsm --version
1.3.3

# mysql --version
mysql Ver 14.14 Distrib 5.5.31, for debian-linux-gnu (armv7l) using readline 6.2

# openssl version
OpenSSL 1.0.1e 11 Feb 2013

I have run apt-get update and apt-get upgrade + reboot at 2013-12-15
I get the same problem on two different boxes with the same versions.
It does work on my Debian Weezy vmware box though.

Debian versions:
# softhsm --version
1.3.3

# mysql --version
mysql Ver 14.14 Distrib 5.5.31, for debian-linux-gnu (i686) using readline 6.2

# openssl version
OpenSSL 1.0.1e 11 Feb 2013

Tags:

Revision history for this message

peter green (plugwash) wrote on 2013-12-16:

I can reproduce this in raspbian wheezy but not in raspbian jessie.

Revision history for this message

Leif Gustafsson (leffeg65) wrote on 2015-05-14:

I had a gdb run:

Starting program: /usr/bin/softhsm --init-token --slot 0 --label test --so-pin 0987 --pin 1234 --force
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1".

Program received signal SIGILL, Illegal instruction.
0xb68e8600 in ?? () from /usr/lib/arm-linux-gnueabihf/libcrypto.so.1.0.0

I don't know what this means but it seems to be a problem in libcrypto..

/Leif

Revision history for this message

peter green (plugwash) wrote on 2015-05-14:

I'm pretty sure that sigill is not the problem you are looking for but merely startup code for libcrypto probing for CPU capabilities. You need to continue past it to find the real error.

Diederik (didi-debian) on 2016-01-12

Changed in raspbian:
status:	New → Confirmed

Revision history for this message

Diederik (didi-debian) wrote on 2016-01-12:

I can confirm this issue on wheezy too.
softhsm version 1.3.3-2
openssl version OpenSSL 1.0.1e 11 Feb 2013

plugwash (or anyone else): can you provide me with instructions how to get a proper backtrace?
I know how to install -dbg packages, but have no clue how to use gdb.

Revision history for this message

peter green (plugwash) wrote on 2016-02-06:

You start gdb with

gdb <program>

Theres three main commands you need to know

"run" is used to run the program initialy
"continue" is used to start the program running again after the debugger breaks (e.g. to get past the sigills in gdb ini openssl init)
"bt" is used to get a backtrace.

Revision history for this message

Diederik (didi-debian) wrote on 2016-02-14:

Thanks plugwash!

Here's the output I got, hopefully it's useful:
=============================================
root@rasppi-1b:/home/diederik# gdb /usr/bin/softhsm
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabihf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/softhsm...Reading symbols from /usr/lib/debug/usr/bin/softhsm...done.
done.
(gdb) run --init-token --slot 0 --label "OpenDNSSEC"
Starting program: /usr/bin/softhsm --init-token --slot 0 --label "OpenDNSSEC"
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1".

Program received signal SIGILL, Illegal instruction.
0xb6900600 in _armv7_neon_probe () from /usr/lib/arm-linux-gnueabihf/libcrypto.so.1.0.0
(gdb) bt
#0 0xb6900600 in _armv7_neon_probe () from /usr/lib/arm-linux-gnueabihf/libcrypto.so.1.0.0
#1 0xb68fcfe4 in OPENSSL_cpuid_setup () at armcap.c:69
#2 0xb6fe8254 in ?? () from /lib/ld-linux-armhf.so.3
#3 0xbefff8e6 in ?? ()
Cannot access memory at address 0x6e692d24
(gdb) continue
Continuing.

Program received signal SIGILL, Illegal instruction.
_armv7_tick () at armv4cpuid.S:17
17 armv4cpuid.S: No such file or directory.
(gdb) bt
#0 _armv7_tick () at armv4cpuid.S:17
#1 0xb68fd004 in OPENSSL_cpuid_setup () at armcap.c:74
#2 0xb6fe8254 in ?? () from /lib/ld-linux-armhf.so.3
#3 0xbefff8e6 in ?? ()
Cannot access memory at address 0x6e692d24
(gdb) continue
Continuing.
The SO PIN must have a length between 4 and 255 characters.
Enter SO PIN:
The user PIN must have a length between 4 and 255 characters.
Enter user PIN:

Program received signal SIGSEGV, Segmentation fault.
0xb6e7d560 in Botan::SHA_256::clear() () from /usr/lib/libbotan-1.10.so.0
(gdb) bt
#0 0xb6e7d560 in Botan::SHA_256::clear() () from /usr/lib/libbotan-1.10.so.0
#1 0xb67a02f0 in SHA_256 (this=0x2a037c28) at /usr/include/botan-1.10/botan/sha2_32.h:50
#2 digestPIN (pPin=0xbefff37c "1234", ulPinLen=4) at userhandling.cpp:113
#3 0xb67a04c0 in softInitToken (currentSlot=0x2a0138a8, pPin=<optimized out>, ulPinLen=<optimized out>,
    pLabel=0xbefff57c "OpenDNSSEC", ' ' <repeats 22 times>) at tokenhandling.cpp:89
#4 0xb67a127c in SoftHSMInternal::initToken (this=<optimized out>, slotID=0, pPin=0xbefff37c "1234", ulPinLen=4,
    pLabel=0xbefff57c "OpenDNSSEC", ' ' <repeats 22 times>) at SoftHSMInternal.cpp:417
#5 0xb6799d18 in C_InitToken (slotID=0, pPin=0xbefff37c "1234", ulPinLen=4, pLabel=0xbefff57c "OpenDNSSEC", ' ' <repeats 22 times>)
    at main.cpp:499
#6 0x2a003a10 in initToken (slot=0xb6fe3280 "", label=0xbefff8f7 "OpenDNSSEC", soPIN=<optimized out>, userPIN=<optimized out>)
    at softhsm.cpp:506
#7 0x2a0032a0 in main (argc=6, argv=0xbefff7a4) at softhsm.cpp:329
(gdb)
=============================================

Thanks plugwash!

Here's the output I got, hopefully it's useful:
=============================================
root@rasppi-1b:/home/diederik# gdb /usr/bin/softhsm                       
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabihf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/softhsm...Reading symbols from /usr/lib/debug/usr/bin/softhsm...done.
done.
(gdb) run --init-token --slot 0 --label "OpenDNSSEC"
Starting program: /usr/bin/softhsm --init-token --slot 0 --label "OpenDNSSEC"
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1".

Program received signal SIGILL, Illegal instruction.
0xb6900600 in _armv7_neon_probe () from /usr/lib/arm-linux-gnueabihf/libcrypto.so.1.0.0
(gdb) bt
#0  0xb6900600 in _armv7_neon_probe () from /usr/lib/arm-linux-gnueabihf/libcrypto.so.1.0.0
#1  0xb68fcfe4 in OPENSSL_cpuid_setup () at armcap.c:69
#2  0xb6fe8254 in ?? () from /lib/ld-linux-armhf.so.3
#3  0xbefff8e6 in ?? ()
Cannot access memory at address 0x6e692d24
(gdb) continue
Continuing.

Program received signal SIGILL, Illegal instruction.
_armv7_tick () at armv4cpuid.S:17
17      armv4cpuid.S: No such file or directory.
(gdb) bt
#0  _armv7_tick () at armv4cpuid.S:17
#1  0xb68fd004 in OPENSSL_cpuid_setup () at armcap.c:74
#2  0xb6fe8254 in ?? () from /lib/ld-linux-armhf.so.3
#3  0xbefff8e6 in ?? ()
Cannot access memory at address 0x6e692d24
(gdb) continue
Continuing.
The SO PIN must have a length between 4 and 255 characters.
Enter SO PIN: 
The user PIN must have a length between 4 and 255 characters.
Enter user PIN:

Program received signal SIGSEGV, Segmentation fault.
0xb6e7d560 in Botan::SHA_256::clear() () from /usr/lib/libbotan-1.10.so.0
(gdb) bt
#0  0xb6e7d560 in Botan::SHA_256::clear() () from /usr/lib/libbotan-1.10.so.0
#1  0xb67a02f0 in SHA_256 (this=0x2a037c28) at /usr/include/botan-1.10/botan/sha2_32.h:50
#2  digestPIN (pPin=0xbefff37c "1234", ulPinLen=4) at userhandling.cpp:113
#3  0xb67a04c0 in softInitToken (currentSlot=0x2a0138a8, pPin=<optimized out>, ulPinLen=<optimized out>, 
    pLabel=0xbefff57c "OpenDNSSEC", ' ' <repeats 22 times>) at tokenhandling.cpp:89
#4  0xb67a127c in SoftHSMInternal::initToken (this=<optimized out>, slotID=0, pPin=0xbefff37c "1234", ulPinLen=4, 
    pLabel=0xbefff57c "OpenDNSSEC", ' ' <repeats 22 times>) at SoftHSMInternal.cpp:417
#5  0xb6799d18 in C_InitToken (slotID=0, pPin=0xbefff37c "1234", ulPinLen=4, pLabel=0xbefff57c "OpenDNSSEC", ' ' <repeats 22 times>)
    at main.cpp:499
#6  0x2a003a10 in initToken (slot=0xb6fe3280 "", label=0xbefff8f7 "OpenDNSSEC", soPIN=<optimized out>, userPIN=<optimized out>)
    at softhsm.cpp:506
#7  0x2a0032a0 in main (argc=6, argv=0xbefff7a4) at softhsm.cpp:329
(gdb)
=============================================

Revision history for this message

Diederik (didi-debian) wrote on 2016-02-14: