[openssl-project] travis builds failing with aligment errors?

Richard Levitte levitte at openssl.org
Tue Jan 30 15:57:29 UTC 2018

In message <d0917fdf-4af5-c5b0-83d0-5271f146cbf1 at openssl.org> on Tue, 30 Jan 2018 14:32:33 +0000, Matt Caswell <matt at openssl.org> said:

matt> On 30/01/18 14:30, Matt Caswell wrote:
matt> > 
matt> > 
matt> > On 30/01/18 14:27, Benjamin Kaduk wrote:
matt> >> It seems that we've started getting issues with a single build
matt> >> configuration, e.g.,
matt> >> https://travis-ci.org/openssl/openssl/jobs/335110257
matt> >>
matt> >> Lots of complaints about alignment, like:
matt> >>
matt> >> crypto/modes/gcm128.c:1090:36: runtime error: load of misaligned
matt> >> address 0x000002350ce5 for type 'const size_t' (aka 'const unsigned
matt> >> long'), which requires 8 byte alignment
matt> >> 0x000002350ce5: note: pointer points here
matt> >>  68 1f ea 3b 14 00 00  0c 00 02 00 00 00 00 00  0c a3 35 89 7d a7 5e 9e  87 fa d7 fd 8b c7 34 8a  8d
matt> >>              ^ 
matt> >> I didn't see anything particularly special about that configuration
matt> >> on a quick once-over; any ideas?
matt> > 
matt> > I raised an issue on this with some of my thoughts and investigation:
matt> > 
matt> > https://github.com/openssl/openssl/issues/5203
matt> > 
matt> > 
matt> > The error message about unsigned int requiring 8 byte alignment seems
matt> > suspicious to me. Shouldn't it be 4?
matt> Oh...sorry just realised this is a slightly different but very similar
matt> error. In my issue it is complaining about an unsigned int requiring 8
matt> byte alignment. This issue is for an unsigned long.

So, err, ubsan isn't my forte, so I have to ask, shouldn't the
-fno-sanitize=alignment that's added in both cases have us avoid
this kind of message?  I.e. we know that we break alignment in some
cases, but that happens to be fine on those machines?

(for crypto/modes/gcm128.c, alignment should depend very much on |in|
and |out|, and if you look, you'll see that there are some checks if
STRICT_ALIGNMENT is defined, and you'll find in crypto/modes/modes_lcl.h
that it's undefined, so we obviously think we know what we're doing)


Hmmm, I think I know!  The configuration line is (if shortened to an
absolute minimum):

    ./config enable-ubsan -fno-sanitize-alignment

In 1.1.0 (and in master about a week ago), we got these flags among
the CFLAGS, in this order (actually, the last one is absolutely last):

    -fsanitize=undefined -fno-sanitize-recover=all
    -fno-omit-frame-pointer -fno-sanitize=alignment

In master now, we get this:

    -fno-sanitize=alignment -fsanitize=undefined
    -fno-sanitize-recover=all -fno-omit-frame-pointer

I just tried a fresh master and hacked reordered CFLAGS in Makefile to
-fno-sanitize=alignment last, and suddenly, the tests work.

So, err, I screwed up with the recent changes in Configure, in adding
the user added flags much too early to $config{cflags} and so on.

I'm on it, you should see a PR show up soon.


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-project mailing list