Segfault when using X509Store and not waiting for threads to finish

[misos1]

In rust should be safe to not wait for threads to finish.

use openssl::x509::store::X509StoreBuilder;

fn main()
{
  for _ in 0..100
  {
    std::thread::spawn(move ||
    {
      X509StoreBuilder::new().unwrap().set_default_paths().unwrap();
    });
  }
}

* thread #2, stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
  * frame #0: 0x00007fff6f488dde libsystem_pthread.dylib`pthread_rwlock_unlock + 1
    frame #1: 0x00000001003120f7 libcrypto.1.1.dylib`CRYPTO_THREAD_unlock + 9
    frame #2: 0x00000001002c5190 libcrypto.1.1.dylib`OPENSSL_init_crypto + 640
    frame #3: 0x000000010019341c libssl.1.1.dylib`OPENSSL_init_ssl + 104
    frame #4: 0x000000010000d506 openssl_sys::init::_$u7b$$u7b$closure$u7d$$u7d$::hf3dca76fa6caed25((null)=closure-0 @ 0x000070000fc4cb08) at lib.rs:105:9
    frame #5: 0x000000010000d86b std::sync::once::Once::call_once::_$u7b$$u7b$closure$u7d$$u7d$::h23b9973b98f37cd1((null)=false) at once.rs:264:41
    frame #6: 0x0000000100032114 std::sync::once::Once::call_inner::h638f254fcca36049 at once.rs:416:21 [opt]
    frame #7: 0x000000010000d7fc std::sync::once::Once::call_once::h4894d7500c9c8446(self=0x0000000100039580, f=closure-0 @ 0x000070000fc4cbf8) at once.rs:264:9
    frame #8: 0x000000010000d4e3 openssl_sys::init::h2f222efa8d39d786 at lib.rs:104:5
    frame #9: 0x0000000100009eb8 openssl::x509::store::X509StoreBuilder::new::hf8fa69cd0c36c6b0 at store.rs:68:13
    frame #10: 0x0000000100003011 main::_$u7b$$u7b$closure$u7d$$u7d$::hf9f263d01f3172c4((null)=closure-0 @ 0x000070000fc4ccc8) at main.rs:9:7

Following code is attempting to initialise openssl before running threads. Now it sometimes panics on unwrap in these threads what is how it should be. But sometimes it causes segfault.

use openssl::x509::store::X509StoreBuilder;

fn main()
{
  X509StoreBuilder::new().unwrap().set_default_paths().unwrap();
  for _ in 0..100
  {
    std::thread::spawn(move ||
    {
      X509StoreBuilder::new().unwrap().set_default_paths().unwrap();
    });
  }
}

* thread #32, stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
  * frame #0: 0x00007fff6f488dde libsystem_pthread.dylib`pthread_rwlock_unlock + 1
    frame #1: 0x00000001003120f7 libcrypto.1.1.dylib`CRYPTO_THREAD_unlock + 9
    frame #2: 0x00000001002c2827 libcrypto.1.1.dylib`CRYPTO_new_ex_data + 179
    frame #3: 0x000000010021ab7a libcrypto.1.1.dylib`BIO_new + 80
    frame #4: 0x00000001002d8a5c libcrypto.1.1.dylib`PEM_read_bio_ex + 231
    frame #5: 0x00000001002d6dbb libcrypto.1.1.dylib`PEM_X509_INFO_read_bio + 140
    frame #6: 0x000000010031ca0e libcrypto.1.1.dylib`X509_load_cert_crl_file + 78
    frame #7: 0x000000010031cb69 libcrypto.1.1.dylib`by_file_ctrl + 65
    frame #8: 0x000000010031f407 libcrypto.1.1.dylib`X509_STORE_set_default_paths + 57
    frame #9: 0x0000000100009eec openssl::x509::store::X509StoreBuilderRef::set_default_paths::hdb561cfe1601dd70(self=0x0000000101080ca0) at store.rs:95:22
    frame #10: 0x0000000100002f91 main::_$u7b$$u7b$closure$u7d$$u7d$::hf9f263d01f3172c4((null)=closure-0 @ 0x00007000136a2cc8) at main.rs:10:7

This is probably because openssl already de-initialised and freed its mutexes.

[sfackler]

This is due to a "feature" of OpenSSL: openssl/openssl#6214. Unfortunately, I do not believe it is possible for rust-openssl to work around this.

[misos1]

Seems in openssl 1.1.1 is already possible to disable cleanup at exit by passing OPENSSL_INIT_NO_ATEXIT to OPENSSL_init_crypto or OPENSSL_init_ssl:
https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html

[orium]

@sfackler Can this issue be solved by simply OPENSSL_INIT_NO_ATEXIT like @misos1 suggested?

Edit: PR: #1324