-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AddressSanitizer: SEGV mbedtls/library/bignum.c:1165 mpi_mul_hlp #1550
Comments
@LaszloLango Thank you for raising this issue! |
@LaszloLango I believe #814 fixes this issue |
@RonEld It just disables the relevant assembly, though, not identifying the underlying problem. |
@hanno-arm yes, it's a workaround. |
@RonEld There is definitely added value -- it's not acceptable to have assembly which is broken for unknown reasons in our library. |
@hanno-arm let me rephrase. |
@RonEld Is it? The workaround adds a |
@hanno-arm correct, it was supposed to be for |
@hanno-arm I fixed the workaround, to avoid |
ARM Internal Ref: IOTSSL-2206 |
ARM Internal Ref: IOTSSL-1139 , as 2206 is a duplicate |
This fix adds the ebx register to the clobber list for the i386 inline assembly for the multiply helper function. ebx was used but not listed, so when the compiler chose to also use it, ebx was getting corrupted. I'm surprised this wasn't spotted sooner. Fixes Github issues Mbed-TLS#1550.
This fix adds the ebx register to the clobber list for the i386 inline assembly for the multiply helper function. ebx was used but not listed, so when the compiler chose to also use it, ebx was getting corrupted. I'm surprised this wasn't spotted sooner. Fixes Github issues Mbed-TLS#1550.
I've just posted a fix as PR #1778 . |
This fix adds the ebx register to the clobber list for the i386 inline assembly for the multiply helper function. ebx was used but not listed, so when the compiler chose to also use it, ebx was getting corrupted. I'm surprised this wasn't spotted sooner. Fixes Github issues Mbed-TLS#1550.
This fix adds the ebx register to the clobber list for the i386 inline assembly for the multiply helper function. ebx was used but not listed, so when the compiler chose to also use it, ebx was getting corrupted. I'm surprised this wasn't spotted sooner. Fixes Github issues Mbed-TLS#1550.
Will this fix be in the next release? |
@LaszloLango the fix has been merged and backported, so it should be in the next release |
Fixes Mbed-TLS#1910 With ebx added to the MULADDC_STOP clobber list to fix Mbed-TLS#1550, the inline assembly fails to build with GCC<5 in PIC mode with the following error: bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’ This is because older GCC versions treated the x86 ebx register (which is used for the GOT) as a fixed reserved register when building as PIC. This is fixed by an improved register allocator in GCC 5+. From the release notes: Register allocation improvements: Reuse of the PIC hard register, instead of using a fixed register, was implemented on x86/x86-64 targets. This improves generated PIC code performance as more hard registers can be used. https://www.gnu.org/software/gcc/gcc-5/changes.html As a workaround, detect this situation and disable the inline assembly, similar to the MULADDC_CANNOT_USE_R7 logic. Signed-off-by: Peter Korsgaard <[email protected]>
Fixes Mbed-TLS#1910 With ebx added to the MULADDC_STOP clobber list to fix Mbed-TLS#1550, the inline assembly fails to build with GCC < 5 in PIC mode with the following error: include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’ This is because older GCC versions treated the x86 ebx register (which is used for the GOT) as a fixed reserved register when building as PIC. This is fixed by an improved register allocator in GCC 5+. From the release notes: Register allocation improvements: Reuse of the PIC hard register, instead of using a fixed register, was implemented on x86/x86-64 targets. This improves generated PIC code performance as more hard registers can be used. https://www.gnu.org/software/gcc/gcc-5/changes.html As a workaround, detect this situation and disable the inline assembly, similar to the MULADDC_CANNOT_USE_R7 logic. Signed-off-by: Peter Korsgaard <[email protected]>
Fixes Mbed-TLS#1910 With ebx added to the MULADDC_STOP clobber list to fix Mbed-TLS#1550, the inline assembly fails to build with GCC < 5 in PIC mode with the following error: include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’ This is because older GCC versions treated the x86 ebx register (which is used for the GOT) as a fixed reserved register when building as PIC. This is fixed by an improved register allocator in GCC 5+. From the release notes: Register allocation improvements: Reuse of the PIC hard register, instead of using a fixed register, was implemented on x86/x86-64 targets. This improves generated PIC code performance as more hard registers can be used. https://www.gnu.org/software/gcc/gcc-5/changes.html As a workaround, detect this situation and disable the inline assembly, similar to the MULADDC_CANNOT_USE_R7 logic. Signed-off-by: Peter Korsgaard <[email protected]>
Fixes #1910 With ebx added to the MULADDC_STOP clobber list to fix #1550, the inline assembly fails to build with GCC < 5 in PIC mode with the following error: include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’ This is because older GCC versions treated the x86 ebx register (which is used for the GOT) as a fixed reserved register when building as PIC. This is fixed by an improved register allocator in GCC 5+. From the release notes: Register allocation improvements: Reuse of the PIC hard register, instead of using a fixed register, was implemented on x86/x86-64 targets. This improves generated PIC code performance as more hard registers can be used. https://www.gnu.org/software/gcc/gcc-5/changes.html As a workaround, detect this situation and disable the inline assembly, similar to the MULADDC_CANNOT_USE_R7 logic. Signed-off-by: Peter Korsgaard <[email protected]>
Description
Bug
OS
linux
mbed TLS build:
Version: 2.8.0 (8be0e6d)
OS version: Ubuntu 16.04.9
Configuration: default configuration
Compiler:
gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
Options:
CFLAGS="-fsanitize=address -m32 -g"
Expected behavior
Returns 0
Actual behavior
Steps to reproduce
cd $MBEDTLS_HOME
make clean
CFLAGS="-fsanitize=address -m32 -g" make lib
cd $HOME
gcc mbedtls-asan-error.c -o mbedtls-asan-error -O2 -fsanitize=address -m32 -g -I$MBEDTLS_HOME/include -L$MBEDTLS_HOME/library -lmbedcrypto
Code:
Additional information:
The error happens with every generated key (both openssl and mbedtls), e.g:
openssl genrsa -out ryans-key.pem 2048
or
programs/pkey/gen_key type=rsa rsa_keysize=4096 filename=our_key.key
The text was updated successfully, but these errors were encountered: