On 16 May 2017 at 00:09, Jeff King <peff@xxxxxxxx> wrote: > On Mon, May 15, 2017 at 04:13:58PM +0200, Ævar Arnfjörð Bjarmason wrote: > >> On Mon, May 15, 2017 at 3:58 PM, Marc Stevens <marc@xxxxxxxxxxxxxxx> wrote: >> > Hi Aevar, >> > >> > Thank you for notifying us of this issue. >> > Big endianness is a tricky issue, also since I don't have access or accurate knowledge about all big endian systems. >> > Our github repo does check correct functioning, including an endianness mistake, with 'make test'. >> > But I guess this is not included for SHA1DC in Git. >> > >> > Anyway, we can easily add the _BIG_ENDIAN macrotest to the git repo and will do so soon. >> > >> > I don't think the segfault is caused by buffer overflow, inproper access, or the endianness issue. >> > But I did notice an unexpected issue: the message block pointer m=0x398ad5 is odd. >> > Can you confirm whether loading an uint32_t from an odd address triggers a hardware interrupt on your platform? >> > This is not problem for x86, but maybe for your platform it is? >> > If it is then we should always copy buffer contents to the sha1context to avoid this issue. >> >> I don't have access to the box in question, Michael was testing this >> code for me. But unaligned access is probably the cause, although >> according to some info I found online that should give a SIGBUS not a >> SIGSEGV, but that may have changed: > > Yeah, I would have expected SIGBUS there. If we have alignment issues, > though, I'd expect that ARM systems will experience problems. > > Block-sha1 uses a macro which allows unaligned loads on platforms that > support it, and otherwise does the endian conversion on the fly as we > load the bytes into a local variable (which presumably happens all > in-register). That may be faster than doing a mass copy of the buffer. I agree. It is fairly normal to use that kind of macro and not do a memcpy with hash functions. In fact many hash functions ONLY use that kind of macro, as decent compilers will automagically convert the macro into an unaligned load on platforms that support fast unaligned loads. The only reason to expose the direct unaligned load is to make sure that the hashing code is fast on such platforms even when compiled under -g. Yves -- perl -Mre=debug -e "/just|another|perl|hacker/"