Crash in ssl_parge_client_hello
On a threaded server ( ~24-48 threads on 24 core server ), I'm getting an infrequent crash under heavy load in:
libpthread.so.0 ?? __restore_rt ssl_tls.c:2389 mbedtls_ssl_fetch_input ssl_srv.c:1109 ssl_parse_client_hello ssl_srv.c:3841 mbedtls_ssl_handshake_server_step
Or less frequent:
libpthread.so.0 ?? __restore_rt debug.c:89 mbedtls_debug_print_msg ssl_tls.c:2391 mbedtls_ssl_fetch_input ssl_srv.c:1109 ssl_parse_client_hello ssl_srv.c:3841 mbedtls_ssl_handshake_server_step
This is version 2.4.2
I don't think its a bug in mbedtls - but probably something like mutexes not being set up right. Does anyone have experience with a crash like this, and have a solution?
I built mbedtls with the following defined:
Every thread uses its own
The following structures are shared globally:
mbedtls_ssl_config mbedtls_entropy_context mbedtls_ctr_drbg_context mbedtls_ssl_cache_context mbedtls_ssl_ticket_context
The following are shared among all connections that use the same certificate:
There are many versions of the documentation - but as far as I can tell all the most recent documents say you don't have to mutex protect any of these things if the treading option is turned on.
Without having more information, I believe that the crash might be in the
mbedtls_ssl_context that is sent to the function
Is it possible it gets overriden on your platform? Or is it possible that due to many threads, it gets corrupted?
mbed TLS Team member