Build OpenSSL on ubuntu, compile failed in x86_32(providers/legacy.so)

[xkqian]

Get the latest OpenSSL code of master branch, "./config; make; make install_sw;". compile it on ubuntu. find that the builds on x86-64,aarch32,aarch64 are success but fails on x86-32. The error log as below:

rm -f test/dsa_no_digest_size_test
${LDCMD:-gcc} -pthread -m32 -Wa,--noexecstack -Wall -O3 -fomit-frame-pointer -Werror   \
	-o test/dsa_no_digest_size_test \
	test/dsa_no_digest_size_test-bin-dsa_no_digest_size_test.o \
	test/libtestutil.a libcrypto.a -ldl -pthread 
rm -f test/dsatest
${LDCMD:-gcc} -pthread -m32 -Wa,--noexecstack -Wall -O3 -fomit-frame-pointer -Werror   \
	-o test/dsatest \
	test/dsatest-bin-dsatest.o \
	test/libtestutil.a libcrypto.a -ldl -pthread 
collect2: error: ld returned 1 exit status
Makefile:21332: recipe for target 'providers/legacy.so' failed
make[1]: *** [providers/legacy.so] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/home/ent-user/ci-scripts/openssl-src'
Makefile:2899: recipe for target 'build_sw' failed
make: *** [build_sw] Error 2

[xkqian]

For x86-32, this is the config what we are using: "linux32 ./config -g3 -Werror no-deprecated --prefix=/home/ent-user/work/ci-scripts/openssl-install", with this configuration, then "make" openssl for x86-32 compiled failure. But strangely, once we remove the option "

no-deprecated

", it can compile successfully.
Is it one issue or just leave it there compile failure?

[levitte]

What is that "linux32"?

[xkqian]

What is that "linux32"?

This option "linux32" to make the code detect the arch of 32 bit. Before, we simply try -m32, but found many errors during compile, the linux32 can make it compile successfully.

[levitte]

Could you please do this, so I can see what the actual configuration is, in terms I understand?

Short version:

./configdata.pm -c

Long version:

./configdata.pm -d

[xkqian]

Could you please do this, so I can see what the actual configuration is, in terms I understand?

Short version:

./configdata.pm -c

---Short version result as below:

root@cdd56c00a8ca:/home/ent-user/work/ci-scripts/openssl# ./configdata.pm -c

Command line (with current working directory = .):

    /usr/bin/perl ./Configure linux-x86 -g3 -Werror no-deprecated --prefix=/home/ent-user/work/ci-scripts/openssl-install

Perl information:

    /usr/bin/perl
    5.26.1 for i686-linux-gnu-thread-multi-64int

Long version:

./configdata.pm -d

Long version result as below:

Command line (with current working directory = .):

    /usr/bin/perl ./Configure linux-x86 -g3 -Werror no-deprecated --prefix=/home/ent-user/work/ci-scripts/openssl-install

Perl information:

    /usr/bin/perl
    5.26.1 for i686-linux-gnu-thread-multi-64int

Enabled features:

    afalgeng
    aria
    asm
    async
    autoalginit
    autoerrinit
    autoload-config
    bf
    blake2
    camellia
    capieng
    cast
    chacha
    cmac
    cmp
    cms
    comp
    ct
    des
    dgram
    dh
    dsa
    dso
    dtls
    dynamic-engine
    ec
    ec2m
    ecdh
    ecdsa
    engine
    err
    filenames
    fips
    gost
    idea
    legacy
    makedepend
    md4
    mdc2
    module
    multiblock
    nextprotoneg
    pinshared
    ocb
    ocsp
    pic
    poly1305
    posix-io
    psk
    rc2
    rc4
    rdrand
    rfc3779
    rmd160
    scrypt
    seed
    shared
    siphash
    siv
    sm2
    sm3
    sm4
    sock
    srp
    srtp
    sse2
    ssl
    static-engine
    stdio
    tests
    threads
    tls
    ts
    ui-console
    whirlpool
    tls1
    tls1-method
    tls1_1
    tls1_1-method
    tls1_2
    tls1_2-method
    tls1_3
    dtls1
    dtls1-method
    dtls1_2
    dtls1_2-method

Disabled features:

    asan                [default]        OPENSSL_NO_ASAN
    buildtest-c++       [default]
    crypto-mdebug       [default]        OPENSSL_NO_CRYPTO_MDEBUG
    deprecated          [option]         OPENSSL_NO_DEPRECATED
    devcryptoeng        [default]        OPENSSL_NO_DEVCRYPTOENG
    ec_nistp_64_gcc_128 [default]        OPENSSL_NO_EC_NISTP_64_GCC_128
    egd                 [default]        OPENSSL_NO_EGD
    external-tests      [default]        OPENSSL_NO_EXTERNAL_TESTS
    fuzz-libfuzzer      [default]        OPENSSL_NO_FUZZ_LIBFUZZER
    fuzz-afl            [default]        OPENSSL_NO_FUZZ_AFL
    ktls                [default]        OPENSSL_NO_KTLS
    md2                 [default]        OPENSSL_NO_MD2 (skip crypto/md2)
    msan                [default]        OPENSSL_NO_MSAN
    padlockeng          [cascade]        OPENSSL_NO_PADLOCKENG
    rc5                 [default]        OPENSSL_NO_RC5 (skip crypto/rc5)
    sctp                [default]        OPENSSL_NO_SCTP
    ssl-trace           [default]        OPENSSL_NO_SSL_TRACE
    trace               [default]        OPENSSL_NO_TRACE
    ubsan               [default]        OPENSSL_NO_UBSAN
    unit-test           [default]        OPENSSL_NO_UNIT_TEST
    uplink              [no uplink_arch] OPENSSL_NO_UPLINK
    weak-ssl-ciphers    [default]        OPENSSL_NO_WEAK_SSL_CIPHERS
    zlib                [default]
    zlib-dynamic        [default]
    ssl3                [default]        OPENSSL_NO_SSL3
    ssl3-method         [default]        OPENSSL_NO_SSL3_METHOD

Config target attributes:

    AR => "ar",
    ARFLAGS => "r",
    CC => "gcc",
    CFLAGS => "-Wall -O3 -fomit-frame-pointer",
    CXX => "g++",
    CXXFLAGS => "-Wall -O3",
    HASHBANGPERL => "/usr/bin/env perl",
    RANLIB => "ranlib",
    RC => "windres",
    asm_arch => "x86",
    bn_ops => "BN_LLONG",
    build_file => "Makefile",
    build_scheme => [ "unified", "unix" ],
    cflags => "-pthread -m32",
    cppflags => "",
    cxxflags => "-std=c++11 -pthread -m32",
    defines => [  ],
    disable => [  ],
    dso_ldflags => "-z defs",
    dso_scheme => "dlfcn",
    enable => [ "afalgeng" ],
    ex_libs => "-ldl -pthread",
    includes => [  ],
    lflags => "",
    lib_cflags => "",
    lib_cppflags => "-DOPENSSL_USE_NODELETE -DL_ENDIAN",
    lib_defines => [ "OPENSSL_BUILDING_OPENSSL" ],
    module_cflags => "-fPIC",
    module_cxxflags => undef,
    module_ldflags => "-Wl,-znodelete -shared -Wl,-Bsymbolic",
    perl_platform => "Unix",
    perlasm_scheme => "elf",
    shared_cflag => "-fPIC",
    shared_defflag => "-Wl,--version-script=",
    shared_defines => [  ],
    shared_ldflag => "-Wl,-znodelete -shared -Wl,-Bsymbolic",
    shared_rcflag => "",
    shared_sonameflag => "-Wl,-soname=",
    shared_target => "linux-shared",
    thread_defines => [  ],
    thread_scheme => "pthreads",
    unistd => "<unistd.h>",

Recorded environment:

    AR =
    BUILDFILE =
    CC =
    CFLAGS =
    CPPFLAGS =
    CROSS_COMPILE =
    CXX =
    CXXFLAGS =
    HASHBANGPERL =
    LDFLAGS =
    LDLIBS =
    OPENSSL_LOCAL_CONFIG_DIR =
    PERL =
    RANLIB =
    RC =
    RCFLAGS =
    WINDRES =
    __CNF_CFLAGS =
    __CNF_CPPDEFINES =
    __CNF_CPPFLAGS =
    __CNF_CPPINCLUDES =
    __CNF_CXXFLAGS =
    __CNF_LDFLAGS =
    __CNF_LDLIBS =

Makevars:

    AR              = ar
    ARFLAGS         = r
    CC              = gcc
    CFLAGS          = -Wall -O3 -fomit-frame-pointer -g3 -Werror
    CPPDEFINES      =
    CPPFLAGS        =
    CPPINCLUDES     =
    CXX             = g++
    CXXFLAGS        = -Wall -O3 -g3 -Werror
    HASHBANGPERL    = /usr/bin/env perl
    LDFLAGS         =
    LDLIBS          =
    PERL            = /usr/bin/perl
    RANLIB          = ranlib
    RC              = windres
    RCFLAGS         =

NOTE: These variables only represent the configuration view.  The build file
template may have processed these variables further, please have a look at the
build file for more exact data:
    Makefile

build file:

    Makefile

build file templates:

    Configurations/common0.tmpl
    Configurations/unix-Makefile.tmpl
    Configurations/common.tmpl

[levitte]

Ok, thanks. From my testing, it seems that no-deprecated is what causes the issue, which is this, btw (why wasn't that included in your error report, @xkqian?):

gcc -fPIC -pthread -m32 -Wa,--noexecstack -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -L. -z defs -Wl,-znodelete -shared -Wl,-Bsymbolic   \
	-o providers/legacy.so -Wl,--version-script=providers/legacy.ld \
	providers/legacy-dso-legacyprov.o \
	providers/liblegacy.a providers/libcommon.a providers/libnonfips.a -lcrypto -ldl -pthread 
/usr/bin/ld: providers/liblegacy.a(liblegacy-lib-wp_block.o): in function `whirlpool_block':
/home/levitte/gitwrk/openssl.net/official/_build-32/../master/crypto/whrlpool/wp_block.c:495: undefined reference to `OPENSSL_ia32cap_P'
collect2: error: ld returned 1 exit status

[xkqian]

BUG_

Maybe I compiled it with multi threads, the log be flooded...

[xkqian]

If I build it with simple command "make", I can get the same error report with you.@levitte

[levitte]

No need at this point, I'm doing the same build and can confirm your report

[levitte]

Having looked and compared a build with and without no-deprecated, I haven't the foggiest idea why that option matters. To make things worse, I can't understand how a providers/legacy.so linked with libcrypto.so can access OPENSSL_ia32cap_P in any case, considering it's never exported!

[levitte]

I'll try and adjust crypto/build.info to make this work the way it should

[levitte]

Please try with #11311, and see if that makes things work a bit better. It does on my machine...

[xkqian]

With PR #11311, it also works on my local, thanks for the fix.

[levitte]

#11311 hasn't been merged yet, and when I try a fresh master now, it looks like this issue has disappeared.

@xkqian, can you confirm?

[xkqian]

#11311 hasn't been merged yet, and when I try a fresh master now, it looks like this issue has disappeared.

@xkqian, can you confirm?

I verified it locally with the openssl master branch commit: daa86f9. Seems the issue has been gone.
(BTY: with the latest commit code, the command ./config; make -j64; run successfully, but it will fail when make install_sw, reported the error about 'install_dev')

[levitte]

(BTY: with the latest commit code, the command ./config; make -j64; run successfully, but it will fail when make install_sw, reported the error about 'install_dev')

The install targets don't lend themselves well for parallelism. This is known, and yet unresolved. Different issue, though.

[levitte]

I verified it locally with the openssl master branch commit: daa86f9. Seems the issue has been gone.

Thanks. Closing