Errored: openssl/openssl#38717 (master - 8dc34b1)

Travis CI builds at
Thu Nov 26 20:06:28 UTC 2020

Build Update for openssl/openssl

Build: #38717
Status: Errored

Duration: 1 hr, 0 mins, and 46 secs
Commit: 8dc34b1 (master)
Author: Daniel Bevenius
Message: EVP: don't touch the lock for evp_pkey_downgrade

This commit tries to address a locking issue in evp_pkey_reset_unlocked
which can occur when it is called from evp_pkey_downgrade.

evp_pkey_downgrade will acquire a lock for pk->lock and if successful
then call evp_pkey_reset_unlocked. evp_pkey_reset_unlocked will call
memset on pk, and then create a new lock and set pk->lock to point to
that new lock. I believe there are two problems with this.

The first is that after the call to memset, another thread would try to
acquire a lock for NULL as that is what the value of pk->lock would be
at that point.

The second issue is that after the new lock has been assigned to
pk->lock, that lock is different from the one currently locked so
another thread trying to acquire the lock will succeed which can lead to
strange behaviour. More details and a reproducer can be found in the
Refs link below.

This changes the evp_pkey_reset_unlocked to not touch the lock
and the creation of a new lock is done in EVP_PKEY_new.


Reviewed-by: Richard Levitte <levitte at>
Reviewed-by: Tomas Mraz <tmraz at>
(Merged from

View the changeset:

View the full build log and details:


You can unsubscribe from build emails from the openssl/openssl repository going to
Or unsubscribe from *all* email updating your settings at
Or configure specific recipients for build notifications in your .travis.yml file. See

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-commits mailing list