Created attachment 467802 [details] build.log.gz % egrep '(PASS|FAIL): .*-cert-key-exchange' sparc-build.log FAIL: tls1.2-cert-key-exchange FAIL: tls1.1-cert-key-exchange FAIL: tls1.0-cert-key-exchange PASS: ssl3.0-cert-key-exchange FAIL: dtls1.2-cert-key-exchange FAIL: dtls1.0-cert-key-exchange
Please attach *.log from build directory. Thanks!
Created attachment 467804 [details] logs.tar.gz
I do not like the "resources temporary unavailable", however, since it is always at same algo, something else may be related. I will ask help.
Always breaks when attempt to use: ecdhe x25519 rsa
@mattst88: can you please try to use latest non stable dev-libs/nettle?
On 27 March 2017 at 12:32, Nikos Mavrogiannopoulos <nmav@gnutls.org> wrote: > Does nettle's test suite succeed? Which version of nettle is it being used with?
Sorry, bender, our sparc development system lost a disk while I was testing. I won't be able to do anything else until it's fixed.
Hi, Any news about the disk? Anyway to test this? Thanks!
As far as I'm aware, no. I've pinged infra again.
Any news? I see sparc stabilizing other packages...
ago is using some private box. bender is still down.
HPPA fails on the same tests: xzgrep '^FAIL:' net-libs:gnutls-3.5.11:20170418-072740.log.xz FAIL: handshake-false-start FAIL: tls1.2-cert-key-exchange FAIL: tls1.1-cert-key-exchange FAIL: tls1.0-cert-key-exchange FAIL: dtls1.2-cert-key-exchange FAIL: dtls1.0-cert-key-exchange So that's a bigendian problem, perhaps? If only my PPC64 system still worked.
(In reply to Jeroen Roovers from comment #12) > HPPA fails on the same tests: Good to know! Can you please checkout the latest non stable nettle? And see if tests passes there? Can you please attach the log so I can confirm that problem is "ecdhe x25519 rsa"?
Created attachment 472492 [details] net-libs:gnutls-3.5.11:20170418-072740.log.xz (In reply to Alon Bar-Lev from comment #13) > (In reply to Jeroen Roovers from comment #12) > > HPPA fails on the same tests: > > Good to know! > > Can you please checkout the latest non stable nettle? And see if tests > passes there? =dev-libs/nettle-3.3-r1 is stable for all but IA64.
Created attachment 472496 [details] dev-libs:nettle-3.3-r1:20170513-120438.log [ebuild R ] dev-libs/nettle-3.3-r1:0/6.1::gentoo USE="doc gmp {test} (-neon) -static-libs" 0 KiB
(In reply to Jeroen Roovers from comment #15) > Created attachment 472496 [details] > dev-libs:nettle-3.3-r1:20170513-120438.log > > [ebuild R ] dev-libs/nettle-3.3-r1:0/6.1::gentoo USE="doc gmp {test} > (-neon) -static-libs" 0 KiB --- ===================== 11 of 89 tests failed ===================== make[1]: *** [Makefile:126: check] Error 1 make[1]: Leaving directory '/var/tmp/portage/dev-libs/nettle-3.3-r1/work/nettle-3.3-.hppa/testsuite' make: *** [Makefile:50: check] Error 1 --- interesting how it is installed... can you please attach *.log so I can have visibility? maybe I will install ppc64 in qemu so I can reproduce.
Hi, I tried to boot install cd in qemu for powerpc and sparc (hppa is unavailable), and failed to have a working environment, so I truly need your help. It seems like the nettle tests are failing, I am unsure. It may be common to all big-endian or not... If you have an environment I can access, it would be best. Thanks!
(In reply to Alon Bar-Lev from comment #17) > If you have an environment I can access, it would be best. My PPC64 workhorse is broken. I can probably transplant its disk and some of its memory in a spare, but I hardly have the time. I think xmw has a working 64-bit PowerPC system (as well as a 32-bit, or he's cheating and using a 32-bit chroot or something) as he's been keywording for both in the past few weeks. You might ask him.
> ... I think xmw has a working > 64-bit PowerPC system (as well as a 32-bit, or he's cheating and using a > 32-bit chroot or something) as he's been keywording for both in the past few > weeks. You might ask him. I have a working PowerMac G4 Silver and a DP PowerMac G5. My older Xserve G4 has a broken psu. The Nvidia Tegra TK1, Odroid C2 and Pine64 on [1] aren't mine but setup for arch testing as well. [0] http://xmw.de/tmp/IMG_20170306_142340.jpg Alon asked me to run FEATURE=test =dev-libs/nettle-3.3-r1::gentoo and =net-libs/gnutls-3.5.10, I report later.
(In reply to Michael Weber from comment #19) It failed on both ppc and ppc64, see uploads of the PORTAGE_TMPDIR at http://xmw.de/tmp/build/
(In reply to Michael Weber from comment #20) > (In reply to Michael Weber from comment #19) > > It failed on both ppc and ppc64, see uploads of the PORTAGE_TMPDIR at > http://xmw.de/tmp/build/ thanks! you have seccomp USE enabled while no support in kernel. please disable. I would like also to see nettle build with FEATURES=test, we suspect problem bight be there.
(In reply to Alon Bar-Lev from comment #21) > (In reply to Michael Weber from comment #20) > > (In reply to Michael Weber from comment #19) > > > > It failed on both ppc and ppc64, see uploads of the PORTAGE_TMPDIR at > > http://xmw.de/tmp/build/ > > thanks! > you have seccomp USE enabled while no support in kernel. > please disable. > > I would like also to see nettle build with FEATURES=test, we suspect problem > bight be there. I rerun with gnutls[-seccomp], and both compiled fine?! http://xmw.de/tmp/build/bug-613418/ppc64-2017-05-25/ http://xmw.de/tmp/build/bug-613418/ppc-2017-05-25/
(In reply to Michael Weber from comment #22) > (In reply to Alon Bar-Lev from comment #21) > > (In reply to Michael Weber from comment #20) > > > (In reply to Michael Weber from comment #19) > > > > > > It failed on both ppc and ppc64, see uploads of the PORTAGE_TMPDIR at > > > http://xmw.de/tmp/build/ > > > > thanks! > > you have seccomp USE enabled while no support in kernel. > > please disable. > > > > I would like also to see nettle build with FEATURES=test, we suspect problem > > bight be there. > > I rerun with gnutls[-seccomp], and both compiled fine?! > > http://xmw.de/tmp/build/bug-613418/ppc64-2017-05-25/ > http://xmw.de/tmp/build/bug-613418/ppc-2017-05-25/ Good! Thanks! So nettle is ok. However, many tests were skipped in gnutls. Can you please run with additional USE: USE="-guile -seccomp pkcs11 openpgp openssl idn tools zlib" FEATURES="test" emerge --oneshot =net-misc/gnutls-3.5.12
Hi, This is not big-endian issue... both ppc, ppc64 are stable. Please help me to resolve the issue on hppa and solaris. If I can access a machine to reproduce it will be great. Thanks!
hppa/sparc, I would appreciate if someone can work with me on this, these are the only arch that had issue, it is not bigendian issue as ppc/ppc64 is stable, so we need to find something else. Can you please help me? Moving to gnugls-3.5 is required before gnutls-3.3 becomes obsolete. Thanks!
I was able to reproduce the same failure locally using qemu-sparc32plus-user: ... PASS: crt_apis PASS: set_x509_pkcs12_key FAIL: tls1.2-cert-key-exchange PASS: rehandshake-switch-srp-id FAIL: tls1.1-cert-key-exchange FAIL: tls1.0-cert-key-exchange PASS: ssl3.0-cert-key-exchange FAIL: dtls1.2-cert-key-exchange PASS: x509-cert-callback-legacy ... Superficially looks the same as in original report. sf /tmp/portage-tmpdir/portage/net-libs/gnutls-3.5.13/work/gnutls-3.5.13-.sparc32/tests # cat dtls1.2-cert-key-exchange.log ERROR: ld.so: object 'libsandbox.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored. negotiating DTLS 1.2 with anon-ecdh negotiating DTLS 1.2 with anon-dh negotiating DTLS 1.2 with dhe-rsa no cert negotiating DTLS 1.2 with ecdhe x25519 rsa no cert server|<1>| Discarded message[0] due to invalid decryption server|<1>| Discarded message[3] due to invalid decryption server|<1>| Discarded message[4] due to invalid decryption server|<1>| Discarded message[1] due to invalid decryption server|<1>| Discarded message[5] due to invalid decryption server|<1>| Discarded message[6] due to invalid decryption server|<1>| Discarded message[2] due to invalid decryption server|<1>| Discarded message[7] due to invalid decryption server|<1>| Discarded message[8] due to invalid decryption server|<1>| Discarded message[3] due to invalid decryption server|<1>| Discarded message[9] due to invalid decryption server|<1>| Discarded message[10] due to invalid decryption server|<1>| Discarded message[4] due to invalid decryption server|<1>| Discarded message[11] due to invalid decryption server|<1>| Discarded message[12] due to invalid decryption server|<1>| Discarded message[5] due to invalid decryption client: Resource temporarily unavailable, try again. server: The operation timed out dtls_try:313: dtls_try:313: Handshake failed FAIL dtls1.2-cert-key-exchange (exit status: 1) How I created the environment (rough steps): Tl;DR: 1. setup sparc crossdev; 2. install qemu and refister binfmt loader; 3. run emerge - 1. crossdev: # CFLAGS=-mcpu=v9 crossdev sparc-unknown-linux-gnu # PORTAGE_CONFIGROOT=/usr/sparc-unknown-linux-gnu eselect profile set default/linux/sparc/13.0 - 2. qemu: # QEMU_USER_TARGETS=sparc32plus emerge app-emulation/qemu # cat /qemu-sparc32plus #!/bin/bash # I have it slightly patched, vanilla qemu should also do exec /home/slyfox/dev/git/qemu-sparc32plus/sparc32plus-linux-user/qemu-sparc32plus -L /usr/sparc-unknown-linux-gnu/ "$@" # echo ':sparc32plus:M::\x7fELF\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x12:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/qemu-sparc32plus:' > /proc/sys/fs/binfmt_misc/register - 3. test itself: # FEATURES="test" emerge-sparc-unknown-linux-gnu -1 =gnutls-3.5.13 --quiet-build=n
Thank you Sergei! Interesting setup, I will check this out, didn't think of using user target as I need lots of dependencies in order to full test it. Can you please confirm that nettle tests are a pass?
(In reply to Alon Bar-Lev from comment #27) > Thank you Sergei! > Interesting setup, I will check this out, didn't think of using user target > as I need lots of dependencies in order to full test it. > > Can you please confirm that nettle tests are a pass? Ran test as FEATURES="test" emerge-sparc-unknown-linux-gnu -1 nettle --quiet-build=n Not all tests are passing (some are working thus things are not completely fried): PASS: rsa-encrypt PASS: rsa-keygen PASS: dsa PASS: dsa-keygen ... curve25519_mul_g failure: s = 77076d0a7318a57d 3c16c17251b26645 df4c2f87ebc0992a b177fba51db92c2a p = 64c0a74d12813fe7 e7d4656aed95c515 088ad23749174865 7dc7df325859d114 (bad) r = 8520f0098930a754 748b7ddcb43ef75a 0dbf3a0d26381af4 eba4a98eaa9b4e6a (expected) FAIL: curve25519-dh (same cipher used at least in one of the tests)
Created attachment 484932 [details] dev-libs:nettle-3.3-r1:20170715-211953.log-qemu-sparc32plus-user
I've found the bug in nettle. Tl;DR: =dev-libs/nettle-3.3-r1 uses gmp API incorrectly, namely mpn_mul_n: https://gmplib.org/manual/Low_002dlevel-Functions.html#Low_002dlevel-Functions Function: void mpn_mul_n (mp_limb_t *rp, const mp_limb_t *s1p, const mp_limb_t *s2p, mp_size_t n) Multiply {s1p, n} and {s2p, n}, and write the 2*n-limb result to rp. The destination has to have space for 2*n limbs, even if the product’s most significant limb is zero. No overlap is permitted between the destination and either source. The easiest way to get overlapping call on x86 is to add the following assert: nettle-3.3 $ git diff ecc-mod-arith.c diff --git a/nettle-3.3/ecc-mod-arith.c b/nettle-3.3/ecc-mod-arith.c index f2e47f6..7789aca 100644 --- a/nettle-3.3/ecc-mod-arith.c +++ b/nettle-3.3/ecc-mod-arith.c @@ -109,11 +109,21 @@ ecc_mod_submul_1 (const struct ecc_modulo *m, mp_limb_t *rp, assert (hi == 0); } +static int does_not_overlap (const mp_limb_t *a, unsigned long la, + const mp_limb_t *b, unsigned long lb) +{ + if (a < b) + return a + la < b; + return b + lb < a; +} + /* NOTE: mul and sqr needs 2*m->size limbs at rp */ void ecc_mod_mul (const struct ecc_modulo *m, mp_limb_t *rp, const mp_limb_t *ap, const mp_limb_t *bp) { + assert (does_not_overlap (rp, 2*m->size, ap, m->size)); + assert (does_not_overlap (rp, 2*m->size, bp, m->size)); mpn_mul_n (rp, ap, bp, m->size); m->reduce (m, rp); } Where overlap happens: https://git.lysator.liu.se/nettle/nettle/blob/master/ecc-add-eh.c#L42 In ecc-add-eh.c there is a complex layout of local variables: |x1|y1|z1|........|B| |x3|y3|z3| x1/x3,y1/y3,z1/z3 pairs both point to the same memory region. Overlap happens at a call of ecc_modp_mul (ecc, y3, B, z1); which is basically mpn_mul_n (y3, B, z1, m->size), see https://git.lysator.liu.se/nettle/nettle/blob/master/ecc-mod-arith.c#L114 Note how y3 overwrites z1 when result is stored. Scary type of aliasing. I've found the bug by adding printf() and comparing exact output of scratch space on x86 versus sparc. mpn_mul_n on the same sources works differently in this case. My guess is the difference is caused by the way how registers are spilled when loop unrolling happens.
> +static int does_not_overlap (const mp_limb_t *a, unsigned long la, > + const mp_limb_t *b, unsigned long lb) > +{ > + if (a < b) > + return a + la < b; > + return b + lb < a; > +} All above stands but this code is wrong (should be '<=' comparison and maybe more).
(In reply to Alon Bar-Lev from comment #25) > hppa/sparc, > I would appreciate if someone can work with me on this, these are the only > arch that had issue, it is not bigendian issue as ppc/ppc64 is stable, so we > need to find something else. > Can you please help me? > Moving to gnugls-3.5 is required before gnutls-3.3 becomes obsolete. > Thanks! I have SPARC and HPPA machines. I do have a little bit of time, I'd be happy to test things for you if that helps?
Sent a bug report upstream in form of added assert() as: http://lists.lysator.liu.se/pipermail/nettle-bugs/2017/003287.html
(In reply to Sergei Trofimovich from comment #33) > Sent a bug report upstream in form of added assert() as: > http://lists.lysator.liu.se/pipermail/nettle-bugs/2017/003287.html Thank you Sergei!!! Just to confirm... with this patch all gnutls tests are passing? Please try to use the test-full USE if you can.
Alas no the tests are still failing in dev-libs/nettle I just ran the test set again with Sergei's patch. It just causes the tests to fail with an assert rather than failing mysteriously. Since this does not fix the problem, I am hoping upstream will come up with a fixed var layout that will prevent the assert from triggering, I am guessing it was making a assumption that depends on structure layout, endianess, and/or padding. So hopefully, upstream will have a fix in the not too distant future.
Created attachment 485160 [details, diff] nettle-3.3-noclobber.patch nettle-3.3-noclobber.patch is a real fix for at least sparc. Please give it a try on hppa and sparc with FEATURES=test on both nettle and gnutls. I've superficially ran nettle test suite and things don't crash anymore. Will run gnutls testsuite overnight.
nettle-3.3-noclobber.patch has nettle passing all 89 tests on sparc without failure. USE="-guile -seccomp pkcs11 openpgp openssl idn tools zlib" FEATURES="test" emerge --oneshot =net-libs/gnutls-3.5.12 Is being compiled now.
With the nettle-3.3-r1 built with the nettle-3.3-noclobber.patch USE="-guile -seccomp pkcs11 openpgp openssl idn tools zlib" FEATURES="test" emerge --oneshot =net-libs/gnutls-3.5.12 Ran to completion. Oddly I had to turn off FEATURE test in order to build dev-scheme/guile-1.8.8-r3 even though "-guile" was in the USE var apparently sys-devel/autogen-5.18.4 unconditionally requires >=dev-scheme/guile-1.8 per --depclean
Upstream committed less invasive patch that also works in qemu-user as: https://git.lysator.liu.se/nettle/nettle/commit/dcda81d796de2f4a16fd7e9e7a5d07baa288f147
Thanks for everyone! Fixed in dev-libs/nettle-3.3-r2
