Prepare for ubuntu-latest switching to 24.04 #26269
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
severity: fips change
bernd-edlinger
force-pushed
the
fix_upcoming_sanitizer_issues
branch
from
62f425a to
1136f5f
Compare
github-actions
bot
removed
the
severity: fips change
bernd-edlinger
force-pushed
the
fix_upcoming_sanitizer_issues
branch
3 times, most recently
from
0807b19 to
064e2f6
Compare
bernd-edlinger
force-pushed
the
fix_upcoming_sanitizer_issues
branch
from
46a9489 to
63bf7ff
Compare
t8m
reviewed
Dec 30, 2024
test/evp_extra_test.c
Outdated
| @@ -5935,6 +5935,7 @@ static int test_evp_cipher_pipeline(void) | |||
| unsigned char *ciphertext, *exp_plaintext, *tag; | |||
| size_t numpipes, plaintextlen, i; | |||
|
|
|||
| EVP_CIPHER_free(EVP_CIPHER_fetch(testctx, "AES-256-GCM", NULL)); | |||
There was a problem hiding this comment.
Probably a better fix would be to use "provider!=fake-pipeline" instead of testpropq at line 5942.
There was a problem hiding this comment.
Ok, that works as well, with all 3 reproducers from #26276
bernd-edlinger
force-pushed
the
fix_upcoming_sanitizer_issues
branch
from
806b38c to
998a94b
Compare
t8m
added
branch: master
|
@bernd-edlinger what's remaining to take this out of WIP? |
|
At the moment everything looks good. |
|
Note: One thing I had to do is to make the memory sanitizer test run use the no-shared option, |
Here the undefined value "npa" passed to a function
WPACKET_sub_memcpy_u16(pkt, npa, npalen).
However the value is not really used, because "npalen" is zero,
but the call statememt itself is considered an invalid operation
by the new sanitizer.
The original sanitizer error report was:
==49175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55a276b29d6f in tls_construct_stoc_next_proto_neg /home/runner/work/openssl/openssl/ssl/statem/extensions_srvr.c:1518:21
openssl#1 0x55a276b15d7d in tls_construct_extensions /home/runner/work/openssl/openssl/ssl/statem/extensions.c:909:15
openssl#2 0x55a276b513dc in tls_construct_server_hello /home/runner/work/openssl/openssl/ssl/statem/statem_srvr.c:2471:10
openssl#3 0x55a276b2e160 in write_state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:896:26
openssl#4 0x55a276b2e160 in state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:490:21
openssl#5 0x55a276b2f562 in ossl_statem_accept /home/runner/work/openssl/openssl/ssl/statem/statem.c:309:12
openssl#6 0x55a276a9f867 in SSL_do_handshake /home/runner/work/openssl/openssl/ssl/ssl_lib.c:4890:19
openssl#7 0x55a276a9f605 in SSL_accept /home/runner/work/openssl/openssl/ssl/ssl_lib.c:2169:12
openssl#8 0x55a276a3d4db in create_bare_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1281:24
openssl#9 0x55a276a3d7cb in create_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1350:10
openssl#10 0x55a276a64c0b in test_npn /home/runner/work/openssl/openssl/test/sslapitest.c:12266:14
openssl#11 0x55a276b9fc20 in run_tests /home/runner/work/openssl/openssl/test/testutil/driver.c:377:21
openssl#12 0x55a276ba0b10 in main /home/runner/work/openssl/openssl/test/testutil/main.c:31:15
bernd-edlinger
force-pushed
the
fix_upcoming_sanitizer_issues
branch
from
998a94b to
e9c563f
Compare
recent gcc versions can optimize the memory leak away, avoid that by declaring the lost variable to be volatile.
Fix missing afl++-clang package Use clang-18 Configure ubsan with -fno-sanitize=function
|
One thing I totally forgot, the new ubuntu-latest comes with exactly the gcc version that |
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
in test/wpackettest.c:593:18: runtime error: load of misaligned address for type 'uint64_t', which requires 8 byte alignment. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 94f95ef)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 5f0dab5)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit ada0265)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 01e657c)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Here the undefined value "npa" passed to a function
WPACKET_sub_memcpy_u16(pkt, npa, npalen).
However the value is not really used, because "npalen" is zero,
but the call statememt itself is considered an invalid operation
by the new sanitizer.
The original sanitizer error report was:
==49175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55a276b29d6f in tls_construct_stoc_next_proto_neg /home/runner/work/openssl/openssl/ssl/statem/extensions_srvr.c:1518:21
#1 0x55a276b15d7d in tls_construct_extensions /home/runner/work/openssl/openssl/ssl/statem/extensions.c:909:15
#2 0x55a276b513dc in tls_construct_server_hello /home/runner/work/openssl/openssl/ssl/statem/statem_srvr.c:2471:10
#3 0x55a276b2e160 in write_state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:896:26
#4 0x55a276b2e160 in state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:490:21
#5 0x55a276b2f562 in ossl_statem_accept /home/runner/work/openssl/openssl/ssl/statem/statem.c:309:12
#6 0x55a276a9f867 in SSL_do_handshake /home/runner/work/openssl/openssl/ssl/ssl_lib.c:4890:19
#7 0x55a276a9f605 in SSL_accept /home/runner/work/openssl/openssl/ssl/ssl_lib.c:2169:12
#8 0x55a276a3d4db in create_bare_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1281:24
#9 0x55a276a3d7cb in create_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1350:10
#10 0x55a276a64c0b in test_npn /home/runner/work/openssl/openssl/test/sslapitest.c:12266:14
#11 0x55a276b9fc20 in run_tests /home/runner/work/openssl/openssl/test/testutil/driver.c:377:21
#12 0x55a276ba0b10 in main /home/runner/work/openssl/openssl/test/testutil/main.c:31:15
Reviewed-by: Saša Nedvědický <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #26269)
(cherry picked from commit e63e889)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Fixes #26277 Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 9861be4)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
recent gcc versions can optimize the memory leak away, avoid that by declaring the lost variable to be volatile. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit eeb3266)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Fix missing afl++-clang package Use clang-18 Configure ubsan with -fno-sanitize=function Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit c45fddd)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
in test/wpackettest.c:593:18: runtime error: load of misaligned address for type 'uint64_t', which requires 8 byte alignment. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 94f95ef)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 5f0dab5)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 01e657c)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Here the undefined value "npa" passed to a function
WPACKET_sub_memcpy_u16(pkt, npa, npalen).
However the value is not really used, because "npalen" is zero,
but the call statememt itself is considered an invalid operation
by the new sanitizer.
The original sanitizer error report was:
==49175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55a276b29d6f in tls_construct_stoc_next_proto_neg /home/runner/work/openssl/openssl/ssl/statem/extensions_srvr.c:1518:21
#1 0x55a276b15d7d in tls_construct_extensions /home/runner/work/openssl/openssl/ssl/statem/extensions.c:909:15
#2 0x55a276b513dc in tls_construct_server_hello /home/runner/work/openssl/openssl/ssl/statem/statem_srvr.c:2471:10
#3 0x55a276b2e160 in write_state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:896:26
#4 0x55a276b2e160 in state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:490:21
#5 0x55a276b2f562 in ossl_statem_accept /home/runner/work/openssl/openssl/ssl/statem/statem.c:309:12
#6 0x55a276a9f867 in SSL_do_handshake /home/runner/work/openssl/openssl/ssl/ssl_lib.c:4890:19
#7 0x55a276a9f605 in SSL_accept /home/runner/work/openssl/openssl/ssl/ssl_lib.c:2169:12
#8 0x55a276a3d4db in create_bare_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1281:24
#9 0x55a276a3d7cb in create_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1350:10
#10 0x55a276a64c0b in test_npn /home/runner/work/openssl/openssl/test/sslapitest.c:12266:14
#11 0x55a276b9fc20 in run_tests /home/runner/work/openssl/openssl/test/testutil/driver.c:377:21
#12 0x55a276ba0b10 in main /home/runner/work/openssl/openssl/test/testutil/main.c:31:15
Reviewed-by: Saša Nedvědický <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #26269)
(cherry picked from commit e63e889)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Fixes #26277 Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 9861be4)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
recent gcc versions can optimize the memory leak away, avoid that by declaring the lost variable to be volatile. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit eeb3266)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Fix missing afl++-clang package Use clang-18 Configure ubsan with -fno-sanitize=function Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit c45fddd)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
in test/wpackettest.c:593:18: runtime error: load of misaligned address for type 'uint64_t', which requires 8 byte alignment. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 94f95ef)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 5f0dab5)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 01e657c)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Here the undefined value "npa" passed to a function
WPACKET_sub_memcpy_u16(pkt, npa, npalen).
However the value is not really used, because "npalen" is zero,
but the call statememt itself is considered an invalid operation
by the new sanitizer.
The original sanitizer error report was:
==49175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55a276b29d6f in tls_construct_stoc_next_proto_neg /home/runner/work/openssl/openssl/ssl/statem/extensions_srvr.c:1518:21
#1 0x55a276b15d7d in tls_construct_extensions /home/runner/work/openssl/openssl/ssl/statem/extensions.c:909:15
#2 0x55a276b513dc in tls_construct_server_hello /home/runner/work/openssl/openssl/ssl/statem/statem_srvr.c:2471:10
#3 0x55a276b2e160 in write_state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:896:26
#4 0x55a276b2e160 in state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:490:21
#5 0x55a276b2f562 in ossl_statem_accept /home/runner/work/openssl/openssl/ssl/statem/statem.c:309:12
#6 0x55a276a9f867 in SSL_do_handshake /home/runner/work/openssl/openssl/ssl/ssl_lib.c:4890:19
#7 0x55a276a9f605 in SSL_accept /home/runner/work/openssl/openssl/ssl/ssl_lib.c:2169:12
#8 0x55a276a3d4db in create_bare_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1281:24
#9 0x55a276a3d7cb in create_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1350:10
#10 0x55a276a64c0b in test_npn /home/runner/work/openssl/openssl/test/sslapitest.c:12266:14
#11 0x55a276b9fc20 in run_tests /home/runner/work/openssl/openssl/test/testutil/driver.c:377:21
#12 0x55a276ba0b10 in main /home/runner/work/openssl/openssl/test/testutil/main.c:31:15
Reviewed-by: Saša Nedvědický <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #26269)
(cherry picked from commit e63e889)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
recent gcc versions can optimize the memory leak away, avoid that by declaring the lost variable to be volatile. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit eeb3266)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Fix missing afl++-clang package Use clang-18 Configure ubsan with -fno-sanitize=function Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit c45fddd)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 5f0dab5)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit 01e657c)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Here the undefined value "npa" passed to a function
WPACKET_sub_memcpy_u16(pkt, npa, npalen).
However the value is not really used, because "npalen" is zero,
but the call statememt itself is considered an invalid operation
by the new sanitizer.
The original sanitizer error report was:
==49175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55a276b29d6f in tls_construct_stoc_next_proto_neg /home/runner/work/openssl/openssl/ssl/statem/extensions_srvr.c:1518:21
#1 0x55a276b15d7d in tls_construct_extensions /home/runner/work/openssl/openssl/ssl/statem/extensions.c:909:15
#2 0x55a276b513dc in tls_construct_server_hello /home/runner/work/openssl/openssl/ssl/statem/statem_srvr.c:2471:10
#3 0x55a276b2e160 in write_state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:896:26
#4 0x55a276b2e160 in state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:490:21
#5 0x55a276b2f562 in ossl_statem_accept /home/runner/work/openssl/openssl/ssl/statem/statem.c:309:12
#6 0x55a276a9f867 in SSL_do_handshake /home/runner/work/openssl/openssl/ssl/ssl_lib.c:4890:19
#7 0x55a276a9f605 in SSL_accept /home/runner/work/openssl/openssl/ssl/ssl_lib.c:2169:12
#8 0x55a276a3d4db in create_bare_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1281:24
#9 0x55a276a3d7cb in create_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1350:10
#10 0x55a276a64c0b in test_npn /home/runner/work/openssl/openssl/test/sslapitest.c:12266:14
#11 0x55a276b9fc20 in run_tests /home/runner/work/openssl/openssl/test/testutil/driver.c:377:21
#12 0x55a276ba0b10 in main /home/runner/work/openssl/openssl/test/testutil/main.c:31:15
Reviewed-by: Saša Nedvědický <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #26269)
(cherry picked from commit e63e889)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
recent gcc versions can optimize the memory leak away, avoid that by declaring the lost variable to be volatile. Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit eeb3266)
openssl-machine
pushed a commit
that referenced
this pull request
Jan 6, 2025
Fix missing afl++-clang package Use clang-18 Configure ubsan with -fno-sanitize=function Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from #26269) (cherry picked from commit c45fddd)
|
Merged to all the active branches. Thank you for your contribution. |
bernd-edlinger
added a commit
to bernd-edlinger/openssl
that referenced
this pull request
Jan 8, 2025
Here the undefined value "npa" was passed to a function
WPACKET_sub_memcpy_u16(pkt, npa, npalen).
However the value is not really used, because "npalen" is zero,
but the call statememt itself is considered an invalid operation
by the new sanitizer.
The original sanitizer error report was:
==49175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55a276b29d6f in tls_construct_stoc_next_proto_neg /home/runner/work/openssl/openssl/ssl/statem/extensions_srvr.c:1518:21
openssl#1 0x55a276b15d7d in tls_construct_extensions /home/runner/work/openssl/openssl/ssl/statem/extensions.c:909:15
openssl#2 0x55a276b513dc in tls_construct_server_hello /home/runner/work/openssl/openssl/ssl/statem/statem_srvr.c:2471:10
openssl#3 0x55a276b2e160 in write_state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:896:26
openssl#4 0x55a276b2e160 in state_machine /home/runner/work/openssl/openssl/ssl/statem/statem.c:490:21
openssl#5 0x55a276b2f562 in ossl_statem_accept /home/runner/work/openssl/openssl/ssl/statem/statem.c:309:12
openssl#6 0x55a276a9f867 in SSL_do_handshake /home/runner/work/openssl/openssl/ssl/ssl_lib.c:4890:19
openssl#7 0x55a276a9f605 in SSL_accept /home/runner/work/openssl/openssl/ssl/ssl_lib.c:2169:12
openssl#8 0x55a276a3d4db in create_bare_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1281:24
openssl#9 0x55a276a3d7cb in create_ssl_connection /home/runner/work/openssl/openssl/test/helpers/ssltestlib.c:1350:10
openssl#10 0x55a276a64c0b in test_npn /home/runner/work/openssl/openssl/test/sslapitest.c:12266:14
openssl#11 0x55a276b9fc20 in run_tests /home/runner/work/openssl/openssl/test/testutil/driver.c:377:21
openssl#12 0x55a276ba0b10 in main /home/runner/work/openssl/openssl/test/testutil/main.c:31:15
Reviewed-by: Saša Nedvědický <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from openssl#26269)
(cherry picked from commit e63e889)
beldmit
pushed a commit
to beldmit/openssl
that referenced
this pull request
Jan 9, 2025
Reviewed-by: Saša Nedvědický <[email protected]> Reviewed-by: Tomas Mraz <[email protected]> (Merged from openssl#26269)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see actions/runner-images#10636