Ran
|
Jobs
1
|
Files
1194
|
Run time
2min
|
Badge
Embed ▾
README BADGES
|
push
github
Fix race for X509 store found by thread sanitizer The following issue was found in automatic tests with thread sanitizer builds in ClickHouse (which uses OpenSSL 3.2.1) [0]. The first stack [1] does proper locking (function 'x509_store_add', x509_lu.c) but in the second stack [2], function 'get_cert_by_subject_ex' (by_dir.b) forgets to lock when calling 'sk_X509_OBJECT_is_sorted'. [0] https://github.com/ClickHouse/ClickHouse/issues/63049 [1] WARNING: ThreadSanitizer: data race (pid=1870) Write of size 4 at 0x7b08003d6810 by thread T552 (mutexes: write M0, write M1, write M2, write M3): #0 OPENSSL_sk_insert build_docker/./contrib/openssl/crypto/stack/stack.c:280:16 (clickhouse+0x203ad7e4) (BuildId: <a class=hub.com/openssl/openssl/commit/<a class="double-link" href="https://git"><a class=hub.com/openssl/openssl/commit/<a class="double-link" href="https://git"><a class=hub.com/openssl/openssl/commit/<a class="double-link" href="https://git"><a class=hub.com/openssl/openssl/commit/<a class="double-link" href="https://git"><a class=hub.com/openssl/openssl/commit/<a class="double-link" href="https://git"><a class=hub.com/openssl/openssl/commit/3ceefd39df36d762f06bf9aab19cfc3467e4558b">3ceefd39d) #1 OPENSSL_sk_push build_docker/./contrib/openssl/crypto/stack/stack.c:401:12 (clickhouse+0x203ad7e4) #2 x509_store_add build_docker/./contrib/openssl/crypto/x509/x509_lu.c:419:17 (clickhouse+0x203d4a52) (BuildId: 3ceefd39df36d762f06bf9aab19cfc3467e4558b) #3 X509_STORE_add_cert build_docker/./contrib/openssl/crypto/x509/x509_lu.c:432:10 (clickhouse+0x203d48a2) (BuildId: 3ceefd39df36d762f06bf9aab19cfc3467e4558b) #4 X509_load_cert_file_ex build_docker/./contrib/openssl/crypto/x509/by_file.c:127:18 (clickhouse+0x203b74e6) (BuildId: 3ceefd39df36d762f06bf9aab19cfc3467e4558b) #5 get_cert_by_subject_ex build_docker/./contrib/openssl/crypto/x509/by_dir.c:333:22 (clickhouse+0x203b684c) (BuildId: 3ceefd39df36d762f06bf9aab19cfc3467e4558b) #6 X509_LOOKUP_by_subject_ex build_docker/./contrib/openssl/crypto/x509/x509_lu.c:105:16 (clickhouse+0x203d46ec) (BuildId: 3ceefd39df36d762f06bf9aab19cfc3467e4558b) #7 ossl_x509_store_ctx_get_by_subject build_docker/./contrib/openssl/crypto/x509/x509_lu.c:360:17 (clickhouse+0x203d46ec) #8 X509_STORE_CTX_get1_issuer build_docker/./contrib/openssl/crypto/x509/x509_lu.c:782:10 (clickhouse+0x203d56cb) (BuildId: 3ceefd39df36d762f06bf9aab19cfc3467e4558b) ... (continued)
3 of 3 new or added lines in 1 file covered. (100.0%)
14 existing lines in 8 files now uncovered.144263 of 215139 relevant lines covered (67.06%)
2413935.96 hits per line
Lines | Coverage | ∆ | File |
---|---|---|---|
1 |
85.9 |
-1.28% | crypto/err/err_save.c |
1 |
85.84 |
-0.29% | ssl/quic/qlog_event_helpers.c |
1 |
77.97 |
-0.34% | crypto/bn/bn_prime.c |
1 |
88.73 |
-0.18% | ssl/quic/quic_ackm.c |
1 |
78.16 |
-0.49% | ssl/quic/cc_newreno.c |
2 |
63.95 |
-0.63% | crypto/bio/bio_addr.c |
3 |
81.09 |
-0.26% | ssl/quic/quic_txp.c |
4 |
64.86 |
-5.41% | crypto/thread/arch.c |
ID | Job ID | Ran | Files | Coverage | |
---|---|---|---|---|---|
1 | 8903865682.1 | 1194 |
67.06 |
GitHub Action Run |
Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line |
---|