Segmentation fault in pkcs11-tool

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Segmentation fault in pkcs11-tool

Anna Pavlova
Hello,

I am new to OpenSC but I was looking for a 3rd party tool with which I could test my self-developed pkcs11 library and I came across the OpenSC pkcs11-tool.

I installed OpenSC under Ubuntu11.10, following http://www.gooze.eu/howto/smartcard-quickstarter-guide/opensc-installation-under-gnu-linux
 everything went fine, but when I wanted to run the pkcs11-tool:

>  pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so -l -O

I got segmentation fault.

I was able to find the place where the code crashed. In pkcs11-tool.c the line (558):

rv = p11->C_Initialize(NULL);

seem to crash. The message is just "Segmentation fault"

The module loads apparently fine.
module = C_LoadModule(opt_module, &p11);  //no error here

The problem is, that in my pkcs11 library I put an error message at the very beginning of the C_Initialize function, but not even this is printed out. So I don't think the crash comes from my library. I turned on the creation of a log file in my pkcs11 library, but not even my pkcs11 library log file is created.


I tried to google this problem and found this old thread:
http://www.opensc-project.org/pipermail/opensc-devel/2003-April/000831.html

But it didn't really help me (rebuilding openssl didn't solve the problem..). Could anyone help?

Thanks for any help,
Anna

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Douglas E. Engert


On 12/17/2012 7:01 AM, Anna Pavlova wrote:
> Hello,
>
> I am new to OpenSC but I was looking for a 3rd party tool with which I could test my self-developed pkcs11 library and I came across the OpenSC pkcs11-tool.
>
> I installed OpenSC under Ubuntu11.10, following http://www.gooze.eu/howto/smartcard-quickstarter-guide/opensc-installation-under-gnu-linux
>   everything went fine, but when I wanted to run the pkcs11-tool:
>
>  >  pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so -l -O


>
> I got segmentation fault.
>
> I was able to find the place where the code crashed. In pkcs11-tool.c the line (558):
>
> rv = p11->C_Initialize(NULL);

Sounds like p11 == NULL, or p11->C_Initialize is NULL or not valid.
It should point at your C_Initialize routine.

Can you run this under gdb?

>
> seem to crash. The message is just "Segmentation fault"
>
> The module loads apparently fine.
> module = C_LoadModule(opt_module, &p11);  //no error here
>
> The problem is, that in my pkcs11 library I put an error message at the very beginning of the C_Initialize function, but not even this is printed out. So I don't think the crash comes from my library.
> I turned on the creation of a log file in my pkcs11 library, but not even my pkcs11 library log file is created.
>

Did you define a C_GetFunctionList in the module?

You must make sure the you module is linked as a module
and not just a shared library, so that functions returned by
  C_GetFunctionList  points at the functions in your module,
and not ones that may be defined by the caller.

Have a look at the pkcs11-spy too which is a PKCS#11 module that loads
a second PKCS#11 module.

>
> I tried to google this problem and found this old thread:
> http://www.opensc-project.org/pipermail/opensc-devel/2003-April/000831.html
>
> But it didn't really help me (rebuilding openssl didn't solve the problem..). Could anyone help?
>
> Thanks for any help,
> Anna
>
>
> _______________________________________________
> opensc-devel mailing list
> [hidden email]
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Anna Pavlova
Hello Douglas,


> Sounds like p11 == NULL, or p11->C_Initialize is NULL or not valid.

I did:

printf("p11 = 0x%0x, p11->C_Initialize = 0x%0x\n", p11, p11->C_Initialize);

in pkcs11-tool.c, just after C_LoadModule and before p11->C_Initialize(NULL)

and got:

p11 = 0xb7214060, p11->C_Initialize = 0x5810b6fa

so it is not null.


>Can you run this under gdb?

Unfortunately I'm not very good in gdb :-(

anna@anna:~/OpenSC/src/tools$ export LD_LIBRARY_PATH=`ls ../*/.libs -d | tr '\012' :`
anna@anna:~/OpenSC/src/tools$ cd .libs/
anna@anna:~/OpenSC/src/tools/.
libs$ gdb 'pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so'

the last command returns:
pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so: No such file or directory.

Of course, when I run only:
anna@anna:~/OpenSC/src/tools/.libs$ gdb pkcs11-tool

that one runs and I can run in debug mode, but I'm afraid that then I'm not loading my module.

Do you know how can I run gdb and also use my own library? Sorry, I'm not really used to work with gdb :-(


>Did you define a C_GetFunctionList in the module?

Yes I did. In fact when I printed out in pkcs11-tool.c

printf("%d \n",p11->version.major);
printf("%d \n",p11->version.minor);

it printed out the correct values. This is also the only thing that I can call with p11. But yes, C_GetFunctionList is defined in my library.



>You must make sure the you module is linked as a module
>and not just a shared library, so that functions returned by
>  C_GetFunctionList  points at the functions in your module,
>and not ones that may be defined by the caller.

This is an interesting point, thank you. Actually no, I have built and linked it just like a shared library. I thought  what's written as 'module' in the code and 'shared library' are the same things.

Thanks,
Anna


On Mon, Dec 17, 2012 at 4:18 PM, Douglas E. Engert <[hidden email]> wrote:


On 12/17/2012 7:01 AM, Anna Pavlova wrote:
> Hello,
>
> I am new to OpenSC but I was looking for a 3rd party tool with which I could test my self-developed pkcs11 library and I came across the OpenSC pkcs11-tool.
>
> I installed OpenSC under Ubuntu11.10, following http://www.gooze.eu/howto/smartcard-quickstarter-guide/opensc-installation-under-gnu-linux
>   everything went fine, but when I wanted to run the pkcs11-tool:
>
>  >  pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so -l -O


>
> I got segmentation fault.
>
> I was able to find the place where the code crashed. In pkcs11-tool.c the line (558):
>
> rv = p11->C_Initialize(NULL);

Sounds like p11 == NULL, or p11->C_Initialize is NULL or not valid.
It should point at your C_Initialize routine.

Can you run this under gdb?

>
> seem to crash. The message is just "Segmentation fault"
>
> The module loads apparently fine.
> module = C_LoadModule(opt_module, &p11);  //no error here
>
> The problem is, that in my pkcs11 library I put an error message at the very beginning of the C_Initialize function, but not even this is printed out. So I don't think the crash comes from my library.
> I turned on the creation of a log file in my pkcs11 library, but not even my pkcs11 library log file is created.
>

Did you define a C_GetFunctionList in the module?

You must make sure the you module is linked as a module
and not just a shared library, so that functions returned by
  C_GetFunctionList  points at the functions in your module,
and not ones that may be defined by the caller.

Have a look at the pkcs11-spy too which is a PKCS#11 module that loads
a second PKCS#11 module.

>
> I tried to google this problem and found this old thread:
> http://www.opensc-project.org/pipermail/opensc-devel/2003-April/000831.html
>
> But it didn't really help me (rebuilding openssl didn't solve the problem..). Could anyone help?
>
> Thanks for any help,
> Anna
>
>
> _______________________________________________
> opensc-devel mailing list
> [hidden email]
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  <a href="tel:%28630%29%20252-5444" value="+16302525444">(630) 252-5444
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel


_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Anthony Foiani
Anna, greetings --

On Mon, Dec 17, 2012 at 10:37 AM, Anna Pavlova
<[hidden email]> wrote:

> Unfortunately I'm not very good in gdb :-(
>
> anna@anna:~/OpenSC/src/tools$ export LD_LIBRARY_PATH=`ls ../*/.libs -d | tr '\012' :`
> anna@anna:~/OpenSC/src/tools$ cd .libs/
> anna@anna:~/OpenSC/src/tools/.
> libs$ gdb 'pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so'
>
> the last command returns:
> pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so: No such file or directory.
>
> Of course, when I run only:
> anna@anna:~/OpenSC/src/tools/.libs$ gdb pkcs11-tool
>
> that one runs and I can run in debug mode, but I'm afraid that then I'm not loading my module.
>
> Do you know how can I run gdb and also use my own library? Sorry, I'm not really used to work with gdb :-(

What should work is:

1. start gdb with just the executable name:

$ gdb pkcs11-tool

2. Use the "run" command to start your program with the desired arguments.

(gdb) run --module /home/anna/PKCS11_Project/libPkcs11.so

More info: http://sourceware.org/gdb/current/onlinedocs/gdb/Starting.html#Starting

Example:

$ gdb /bin/echo
GNU gdb (GDB) Fedora (7.4.50.20120120-52.fc17)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/echo...(no debugging symbols found)...done.
Missing separate debuginfos, use: debuginfo-install coreutils-8.15-8.fc17.x86_64
(gdb) run foo bar baz
Starting program: /usr/bin/echo foo bar baz
foo bar baz
[Inferior 1 (process 9980) exited normally]
(gdb)

Hope this helps.

Best regards,
Anthony Foiani
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Douglas E. Engert
In reply to this post by Anna Pavlova


On 12/17/2012 11:37 AM, Anna Pavlova wrote:

> Hello Douglas,
>
>
>  > Sounds like p11 == NULL, or p11->C_Initialize is NULL or not valid.
>
> I did:
>
> printf("p11 = 0x%0x, p11->C_Initialize = 0x%0x\n", p11, p11->C_Initialize);
>
> in pkcs11-tool.c, just after C_LoadModule and before p11->C_Initialize(NULL)
>
> and got:
>
> p11 = 0xb7214060, p11->C_Initialize = 0x5810b6fa

OK, but is 0x5810b6fa in your module?

What version of OpenSC are you running?
On what OS?

>
> so it is not null.
>
>
>  >Can you run this under gdb?
>
> Unfortunately I'm not very good in gdb :-(
>
> anna@anna:~/OpenSC/src/tools$ export LD_LIBRARY_PATH=`ls ../*/.libs -d | tr '\012' :`
> anna@anna:~/OpenSC/src/tools$ cd .libs/
> anna@anna:~/OpenSC/src/tools/.
> libs$ gdb 'pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so'
>
> the last command returns:
> pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so: No such file or directory.


One way is to use the --args

    gdb --args pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so -l -O

    break  pkcs11-tool.c:558
    run

If it crashes, It should show a back trace.
If it does not then to print out the p11 structure:

  p *p11


I will ask again, does your module define the C_GetFunctionList, and does it
return a valid function list?

How did you link it?





>
> Of course, when I run only:
> anna@anna:~/OpenSC/src/tools/.libs$ gdb pkcs11-tool
>
> that one runs and I can run in debug mode, but I'm afraid that then I'm not loading my module.
>
> Do you know how can I run gdb and also use my own library? Sorry, I'm not really used to work with gdb :-(
>
>
>  >Did you define a C_GetFunctionList in the module?
>
> Yes I did. In fact when I printed out in pkcs11-tool.c
>
> printf("%d \n",p11->version.major);
> printf("%d \n",p11->version.minor);
>
> it printed out the correct values. This is also the only thing that I can call with p11. But yes, C_GetFunctionList is defined in my library.
>
>
>
>  >You must make sure the you module is linked as a module
>  >and not just a shared library, so that functions returned by
>  >  C_GetFunctionList  points at the functions in your module,
>  >and not ones that may be defined by the caller.
>
> This is an interesting point, thank you. Actually no, I have built and linked it just like a shared library. I thought  what's written as 'module' in the code and 'shared library' are the same things.
>
> Thanks,
> Anna
>
>
> On Mon, Dec 17, 2012 at 4:18 PM, Douglas E. Engert <[hidden email] <mailto:[hidden email]>> wrote:
>
>
>
>     On 12/17/2012 7:01 AM, Anna Pavlova wrote:
>      > Hello,
>      >
>      > I am new to OpenSC but I was looking for a 3rd party tool with which I could test my self-developed pkcs11 library and I came across the OpenSC pkcs11-tool.
>      >
>      > I installed OpenSC under Ubuntu11.10, following http://www.gooze.eu/howto/smartcard-quickstarter-guide/opensc-installation-under-gnu-linux
>      >   everything went fine, but when I wanted to run the pkcs11-tool:
>      >
>      >  >  pkcs11-tool --module /home/anna/PKCS11_Project/libPkcs11.so -l -O
>
>
>      >
>      > I got segmentation fault.
>      >
>      > I was able to find the place where the code crashed. In pkcs11-tool.c the line (558):
>      >
>      > rv = p11->C_Initialize(NULL);
>
>     Sounds like p11 == NULL, or p11->C_Initialize is NULL or not valid.
>     It should point at your C_Initialize routine.
>
>     Can you run this under gdb?
>
>      >
>      > seem to crash. The message is just "Segmentation fault"
>      >
>      > The module loads apparently fine.
>      > module = C_LoadModule(opt_module, &p11);  //no error here
>      >
>      > The problem is, that in my pkcs11 library I put an error message at the very beginning of the C_Initialize function, but not even this is printed out. So I don't think the crash comes from my
>     library.
>      > I turned on the creation of a log file in my pkcs11 library, but not even my pkcs11 library log file is created.
>      >
>
>     Did you define a C_GetFunctionList in the module?
>
>     You must make sure the you module is linked as a module
>     and not just a shared library, so that functions returned by
>        C_GetFunctionList  points at the functions in your module,
>     and not ones that may be defined by the caller.
>
>     Have a look at the pkcs11-spy too which is a PKCS#11 module that loads
>     a second PKCS#11 module.
>
>      >
>      > I tried to google this problem and found this old thread:
>      > http://www.opensc-project.org/pipermail/opensc-devel/2003-April/000831.html
>      >
>      > But it didn't really help me (rebuilding openssl didn't solve the problem..). Could anyone help?
>      >
>      > Thanks for any help,
>      > Anna
>      >
>      >
>      > _______________________________________________
>      > opensc-devel mailing list
>      > [hidden email] <mailto:[hidden email]>
>      > http://www.opensc-project.org/mailman/listinfo/opensc-devel
>      >
>
>     --
>
>        Douglas E. Engert  <[hidden email] <mailto:[hidden email]>>
>        Argonne National Laboratory
>        9700 South Cass Avenue
>        Argonne, Illinois  60439
>     (630) 252-5444 <tel:%28630%29%20252-5444>
>     _______________________________________________
>     opensc-devel mailing list
>     [hidden email] <mailto:[hidden email]>
>     http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Anna Pavlova
Hello Douglas and Anthony,

sorry for late reply and cool, thanks you for helping me with gdb :-).

Thanks to you help I was able to run with my loaded library in debug mode.
Anyway, the crash (in the debug mode) looks as follows:

Program received signal SIGSEGV, Segmentation fault.
0xd810b787 in ?? ()

where 0xd810b787 is p11->C_Initialize (checked with  printf("p11 = 0x%0x, p11->C_Initialize = 0x%0x\n", p11, p11->C_Initialize);)

>OK, but is 0x5810b6fa in your module?

This I am not completely sure about. But I don't really know how can I find out if this is in my module or not.
I suspect that there is C_Initialize defined also somewhere else and the pkcs11-tool picks it from somewhere else and not from my library.


>I will ask again, does your module define the C_GetFunctionList, and does it
>return a valid function list?

Yes it has - in the upper layer of the library I defined it as

CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList)
(
  CK_FUNCTION_LIST_PTR_PTR ppFunctionList  // receives pointer to function list
)
{
    try
    {
        API_ENTRY();
        API_PARAM_PTR_EX("ppFunctionList", ppFunctionList);

        if (ppFunctionList == NULL)
            API_EXIT(CKR_ARGUMENTS_BAD);
       
        *ppFunctionList = &functionList;

        API_EXIT(CKR_OK);
    }
    catch(...)
    {
        TRACE_ERROR("Catching top-level exception", "");
        API_EXIT(CKR_FUNCTION_FAILED);
    }
}

And it should return a valid function list. In fact I have my own small test tool that uses dlopen(libname, RTLD_NOW) to open the library and GetFuncList = (C_GetFunctionListPtr)dlsym(lib, "C_GetFunctionList") to get the correct address of the functions.

I believe this is the same thing as done with pkcs11-tool, but somehow it works in my small test tool, I can do C_Initialize and other pkcs11 functions and in pkcs11-tool it crashes.

I have Ubuntu11.10, 32bit and the OpenSC version is very recent -
opensc    0.12.1-1ubuntu1
I took it from here: http://apt.gooze.eu/ubuntu/dists/oneiric/


Cheers,
Anna


On Mon, Dec 17, 2012 at 8:59 PM, Douglas E. Engert <[hidden email]> wrote:
gdb --args pkcs11-tool


_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Douglas E. Engert


On 12/18/2012 8:01 AM, Anna Pavlova wrote:

> Hello Douglas and Anthony,
>
> sorry for late reply and cool, thanks you for helping me with gdb :-).
>
> Thanks to you help I was able to run with my loaded library in debug mode.
> Anyway, the crash (in the debug mode) looks as follows:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xd810b787 in ?? ()
>
> where 0xd810b787 is p11->C_Initialize (checked with  printf("p11 = 0x%0x, p11->C_Initialize = 0x%0x\n", p11, p11->C_Initialize);)
>
>  >OK, but is 0x5810b6fa in your module?
>
> This I am not completely sure about. But I don't really know how can I find out if this is in my module or not.
> I suspect that there is C_Initialize defined also somewhere else and the pkcs11-tool picks it from somewhere else and not from my library.
>
>
>  >I will ask again, does your module define the C_GetFunctionList, and does it
>  >return a valid function list?
>
> Yes it has - in the upper layer of the library I defined it as
>
> CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList)
> (
>    CK_FUNCTION_LIST_PTR_PTR ppFunctionList  // receives pointer to function list
> )
> {
>      try
>      {
>          API_ENTRY();
>          API_PARAM_PTR_EX("ppFunctionList", ppFunctionList);
>
>          if (ppFunctionList == NULL)
>              API_EXIT(CKR_ARGUMENTS_BAD);
>
>          *ppFunctionList = &functionList;
>
>          API_EXIT(CKR_OK);
>      }
>      catch(...)
>      {
>          TRACE_ERROR("Catching top-level exception", "");
>          API_EXIT(CKR_FUNCTION_FAILED);
>      }
> }
>
> And it should return a valid function list. In fact I have my own small test tool that uses dlopen(libname, RTLD_NOW) to open the library and GetFuncList = (C_GetFunctionListPtr)dlsym(lib,
> "C_GetFunctionList") to get the correct address of the functions.

The OpenSC  ./common/libscdl.c uses dlopen(filename, RTLD_LAZY)
and dlsym(handle, symbol)


I suspect that it has something to do with how your module is linked,
and your use of RLTD_NOW vs RTLD_LAZY.

In the OpenSC ./src/pkcs11/Makefile.am has:

     opensc_pkcs11_la_LDFLAGS = $(AM_LDFLAGS) \
           -export-symbols "$(srcdir)/opensc-pkcs11.exports" \
           -module -shared -avoid-version -no-undefined

Libtool uses the -module  and -no-undefined to make sure that your module
will only reference symbols from itself and its dependent libraries,
and in effect does what RTLD_NOW would do, but does it when creating
the module rather then when it is being loaded.

>
> I believe this is the same thing as done with pkcs11-tool, but somehow it works in my small test tool, I can do C_Initialize and other pkcs11 functions and in pkcs11-tool it crashes.
>
> I have Ubuntu11.10, 32bit and the OpenSC version is very recent -
> opensc    0.12.1-1ubuntu1
> I took it from here: http://apt.gooze.eu/ubuntu/dists/oneiric/


Actually that is not that new but should work.

To get the most out of gdb, you need to compile and link with the -g option
It sounds like opensc is compiled with the -g but not your module.
You may also want to try the OpenSC-0.13.0


> The next release is tagged on the github OpenSC/OpenSC project,
> thanks to all of you for your contributions.
>
> Tarball and MSI installers can be found on github, sourceforge or the CI server:
> https://github.com/OpenSC/OpenSC/tags
> https://sourceforge.net/projects/opensc/files/OpenSC/
> https://opensc.fr/jenkins/
> The packages for the other OSs will be added.


>
>
> Cheers,
> Anna
>
>
> On Mon, Dec 17, 2012 at 8:59 PM, Douglas E. Engert <[hidden email] <mailto:[hidden email]>> wrote:
>
>     gdb --args pkcs11-tool
>
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Anna Pavlova
Hello Douglas,

>It sounds like opensc is compiled with the -g but not your module.

you're right I didn't use the -g option while compiling my module, I added the -g option into my project and now when I compile my module I do (simplified):

gcc -fpermissive -Wall -g   -c -O2 -I../foo/includes -fPIC  -MMD -MP -MF build/Release/GNU-Linux-x86/source/foox.o.d -o build/Release/GNU-Linux-x86/source/foox.o source/foox.cpp

gcc -fpermissive -Wall -g -shared -o ../../../libPkcs11.so -fPIC build/Release/GNU-Linux-x86/source/foos.o -L../../../ -lbase -lboost_date_time -lboost_serialization -lboost_system -lboost_thread -lpkcs11crypto -lpcsclite -lstdc++ -lrt


When I try to debug the p11->C_Initialize(NULL) line it doesn't allow me to go into the call. I used

(gdb) break pkcs11-tool.c:670
(gdb) run
Breakpoint 1, main (argc=5, argv=0xbffff294) at pkcs11-tool.c:670
670        rv = p11->C_Initialize(NULL);
(gdb) step

which immediately returns:

Program received signal SIGSEGV, Segmentation fault.
0xd810b787 in ?? ()


I can give OpenSC-0.13.0 a try but I don't think with a newer version my problem disappears...


>In the OpenSC ./src/pkcs11/Makefile.am has:
>
>    opensc_pkcs11_la_LDFLAGS = $(AM_LDFLAGS) \
>          -export-symbols "$(srcdir)/opensc-pkcs11.exports" \
>          -module -shared -avoid-version -no-undefined

I'm sorry, but I don't really know what the -module and -no-undefined options are :-(. Are these gcc options?

Cheers,
Anna

On Tue, Dec 18, 2012 at 4:38 PM, Douglas E. Engert <[hidden email]> wrote:
module


_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Douglas E. Engert


On 12/19/2012 3:59 AM, Anna Pavlova wrote:
> Hello Douglas,
>

Something completely different to try is to test use your libPkcs11.so
module with FireFox or Thunderbird:

FireFox:
Tools-> Options-> Advanced -> Security Devices -> Load
Then give it a name, and the /path/to/libPkcs11.so.

The if it loads, it will show up in the left hand column,
and list the readers it can see. If you put a card in the reader
it will show some info about it.

If that fails, then the problem is in your module for sure
and not OpenSC, and the problem may be in the way you link
the module.


I also see you module is C++. I don't think this is a problem
but could be.

Can you do a ldd pkcs11-tool
and ldd libPkcs11.so

There might be some share lib that both use but different versions.


>  >It sounds like opensc is compiled with the -g but not your module.
>
> you're right I didn't use the -g option while compiling my module, I added the -g option into my project and now when I compile my module I do (simplified):
>
> gcc -fpermissive -Wall -g   -c -O2 -I../foo/includes -fPIC  -MMD -MP -MF build/Release/GNU-Linux-x86/source/foox.o.d -o build/Release/GNU-Linux-x86/source/foox.o source/foox.cpp
>
> gcc -fpermissive -Wall -g -shared -o ../../../libPkcs11.so -fPIC build/Release/GNU-Linux-x86/source/foos.o -L../../../ -lbase -lboost_date_time -lboost_serialization -lboost_system -lboost_thread
> -lpkcs11crypto -lpcsclite -lstdc++ -lrt
>
>
> When I try to debug the p11->C_Initialize(NULL) line it doesn't allow me to go into the call. I used
>
> (gdb) break pkcs11-tool.c:670
> (gdb) run
> Breakpoint 1, main (argc=5, argv=0xbffff294) at pkcs11-tool.c:670
> 670        rv = p11->C_Initialize(NULL);
> (gdb) step
>
> which immediately returns:
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xd810b787 in ?? ()

OK, then lets step back a bit,
and set a breakpoint at C_LoadModule
Its in OpenSC ./common/libpkcs11.c

step through it (using s command)
step into the sc_dlopen, sc_dlsym
function (using n command)

Then step into the line:
rv = sc_get_function_list(func)
This should be the C_GetFunctionList command in your module.
Then print out the funcs:

  p *funcs

>
>
> I can give OpenSC-0.13.0 a try but I don't think with a newer version my problem disappears...
>
>
>  >In the OpenSC ./src/pkcs11/Makefile.am has:
>  >
>  >    opensc_pkcs11_la_LDFLAGS = $(AM_LDFLAGS) \
>  >          -export-symbols "$(srcdir)/opensc-pkcs11.exports" \
>  >          -module -shared -avoid-version -no-undefined
>
> I'm sorry, but I don't really know what the -module and -no-undefined options are :-(. Are these gcc options?

No they are libtool options, and it looks like on Ubuntu -module -no-undefined
are not required. But the -export-symbols tells the linker to only export
the functions as listed in opensc-pkcs11.exports which is one function
C_GetFunctionList.

Consider using libtool to build your module.


>
> Cheers,
> Anna
>
> On Tue, Dec 18, 2012 at 4:38 PM, Douglas E. Engert <[hidden email] <mailto:[hidden email]>> wrote:
>
>     module
>
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Anna Pavlova
Hi Douglas,

>Something completely different to try is to test use your libPkcs11.so
>module with FireFox or Thunderbird:

it runs fine under Firefox - it shows the slots and the slotInfo. Thunderbird I don't have so I didn't try it.

>Can you do a ldd pkcs11-tool
>and ldd libPkcs11.so

yes, for some strange reason I get

anna@anna:~/OpenSC/src/tools$ ldd pkcs11-tool
    not a dynamic executable

That doesn't seem right. I try to find out what's going on.

With my module:

anna@anna:~/PKCS11_Project$ ldd libPkcs11.so

linux-gate.so.1 =>  (0xb76f1000)
    libpcsclite.so.1 => /usr/local/lib/libpcsclite.so.1 (0xb73bd000)
    libstdc++.so.6 => /usr/lib/i386-linux-gnu/libstdc++.so.6 (0xb72d2000)
    librt.so.1 => /lib/i386-linux-gnu/librt.so.1 (0xb72c8000)
    libgcc_s.so.1 => /lib/i386-linux-gnu/libgcc_s.so.1 (0xb72aa000)
    libc.so.6 => /lib/i386-linux-gnu/libc.so.6 (0xb7128000)
    libpthread.so.0 => /lib/i386-linux-gnu/libpthread.so.0 (0xb710d000)
    libm.so.6 => /lib/i386-linux-gnu/libm.so.6 (0xb70e3000)
    /lib/ld-linux.so.2 (0xb76f2000)


>OK, then lets step back a bit,
>and set a breakpoint at C_LoadModule
>Its in OpenSC ./common/libpkcs11.c


I made a debug log to show the steps I've done - it's in the attached file (I left some printouts in the code of a type "Test text" - please ignore that). So to summarize, I can access C_GetFunctionList and it appears I get the correct function list. The address of p11 in openSC is identical with the one in my module. C_Initialize in OpenSC and in my module are also identical.

But I agree it could be a linking problem in my module, i just can't put my finger on it what am I dong wrong :-(. I'm getting kind of deperate on this. Thanks for staying in this with me!

I try it with libtool as you suggested and let's see what happens.

And tomorrow has to be the end of the world.. *sigh*.. this week is pretty bad :-(.

Cheers,
Anna

On Wed, Dec 19, 2012 at 4:27 PM, Douglas E. Engert <[hidden email]> wrote:
ldd pkcs11


_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel

pkcs11_debug.log (15K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Segmentation fault in pkcs11-tool

Douglas E. Engert


On 12/20/2012 8:04 AM, Anna Pavlova wrote:

> Hi Douglas,
>
>  >Something completely different to try is to test use your libPkcs11.so
>  >module with FireFox or Thunderbird:
>
> it runs fine under Firefox - it shows the slots and the slotInfo. Thunderbird I don't have so I didn't try it.
>
>  >Can you do a ldd pkcs11-tool
>  >and ldd libPkcs11.so
>
> yes, for some strange reason I get
>
> anna@anna:~/OpenSC/src/tools$ ldd pkcs11-tool
>      not a dynamic executable


You are running it out of the build directory?
That may be a shell script.
The install will get the real pkcs11-tool from
  src/tools/.libs/pkcs11-tool

If you are building, can you use the OpenSC-0.13.0

On Wed, Dec 5, 2012 at 6:23 PM, Greg Troxel <[hidden email]> wrote:


       https://github.com/OpenSC/OpenSC/tags
       https://sourceforge.net/projects/opensc/files/OpenSC/
       https://opensc.fr/jenkins/


>
> That doesn't seem right. I try to find out what's going on.
>
> With my module:
>
> anna@anna:~/PKCS11_Project$ ldd libPkcs11.so
>
> linux-gate.so.1 =>  (0xb76f1000)
>      libpcsclite.so.1 => /usr/local/lib/libpcsclite.so.1 (0xb73bd000)
>      libstdc++.so.6 => /usr/lib/i386-linux-gnu/libstdc++.so.6 (0xb72d2000)
>      librt.so.1 => /lib/i386-linux-gnu/librt.so.1 (0xb72c8000)
>      libgcc_s.so.1 => /lib/i386-linux-gnu/libgcc_s.so.1 (0xb72aa000)
>      libc.so.6 => /lib/i386-linux-gnu/libc.so.6 (0xb7128000)
>      libpthread.so.0 => /lib/i386-linux-gnu/libpthread.so.0 (0xb710d000)
>      libm.so.6 => /lib/i386-linux-gnu/libm.so.6 (0xb70e3000)
>      /lib/ld-linux.so.2 (0xb76f2000)
>
>
>  >OK, then lets step back a bit,
>  >and set a breakpoint at C_LoadModule
>  >Its in OpenSC ./common/libpkcs11.c
>
>
> I made a debug log to show the steps I've done - it's in the attached file (I left some printouts in the code of a type "Test text" - please ignore that). So to summarize, I can access
> C_GetFunctionList and it appears I get the correct function list. The address of p11 in openSC is identical with the one in my module. C_Initialize in OpenSC and in my module are also identical.
>
> But I agree it could be a linking problem in my module, i just can't put my finger on it what am I dong wrong :-(. I'm getting kind of deperate on this. Thanks for staying in this with me!
>

You are using C++, are your functions declared as C?

I use of the RTLD_LAZY vs RTLD_NOW may make a difference.
Your C_GetFunctionList may be picking up something in the pkcs11-tool or
one of its libraries, when it should be picking up the version in your
library.



> I try it with libtool as you suggested and let's see what happens.
>
> And tomorrow has to be the end of the world.. *sigh*.. this week is pretty bad :-(.
>
> Cheers,
> Anna
>
> On Wed, Dec 19, 2012 at 4:27 PM, Douglas E. Engert <[hidden email] <mailto:[hidden email]>> wrote:
>
>     ldd pkcs11
>
>

--

  Douglas E. Engert  <[hidden email]>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc-project.org/mailman/listinfo/opensc-devel