[openssl-dev] [openssl.org #3931] OpenSSL 1.0.2(c, d) hangs on Sun T3 in OPENSSL_cpuid_setup()

Andy Polyakov via RT rt at openssl.org
Tue Jul 14 21:43:20 UTC 2015 

Hi,

Misaki.Miyashita wrote:
> Hi Rick,
> 
> Can you run the truss(1) command when you run "openssl version" as follows?
> 
> i.e.
> % truss -lf -u libcrypto:: -u libpkcs11:: -o /tmp/truss.out openssl version
> 
> The output will tell you more information about the function calls made
> by the openssl(1) application.
> 
> Thank you,
> 
> -- misaki

Misaki,

There were couple of private reports that make me think that there is
what can be classified as kernel bug. When processor hits unimplemented
instruction an exception is risen and it's either handled by in-kernel
emulator or passed down to application as SIGILL. Consider
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3caeef94bd045608af03b061643992e3afd9c445.
Problem there was that emulator was failing to handle 16-bit load in
delay slot. This was on T1 (as commit message suggests) where 16-bit
load is emulated. Another example (not reflected in history) is T4
detection that had to be guarded by VIS3 flag. Trouble there is that rd
%asr26,%o0 sends application into endless uninterruptible loop.
"Uninterruptible" means that you can't terminate application with ctrl-c
or even suspend it with ctrl-z. The only thing that works is to kill
-KILL from another window (never tried to kill -ILL or -BUG as OP
suggested). Note that all these probes was developed and verified to
work on Linux, which handles both cases gracefully. Which is basically
why one can argue that it's Solaris kernel bug.

Rick,

You are likely to suffer from second part of above problem description.
At least it's coherent with private report, and the fact that T3 is
first processor to implement VIS3, when T4 detection probe (above
mentioned rd %asr26,%o0) is guarded by VIS3 capability. If you can
confirm that neither ctrl-c or ctrl-z work with hung program, then
that's more than likely it. As for what to do. If running with
OPENSSL_sparcv9cap set system-wide to appropriate value (0x20 would be
right for T3) is not an option, then you'd have to modify
OPENSSL_cpuid_setup. If your Solaris version running on T3 is new enough
attached patch should do the trick. Can you verify it?

> On 07/09/15 16:34, Puckett, Rick via RT wrote:
>> Request: Bug Report
>>
>> Hello,
>>
>> I recently compiled OpenSSL 1.0.2(c,d) for Solaris 5.10 using GCC
>> 4.8.2 on an UltraSPARC 45 and our group tested it on several different
>> types of other systems (V245, T4, T3, etc...) and it runs as expected
>> on all systems except the T3 where it hangs - even for a simple call
>> like "openssl version".  The process continues normally when sent
>> either a SIGBUS or SIGILL.
>>
>> I believe I've tracked it down to the function "OPENSSL_cpuid_setup"
>> in the file "crypto/sparcv9cap.c" after the initial sigaction calls to
>> set the signal handlers for SIGILL and SIGBUS and before the trailing
>> sigaction calls to reset the handlers for SIGILL and SIGBUS.  There's
>> a partial dtrace listing below, generated by my colleague Carolyn,
>> with the last output lines showing the sigaction calls for SIGILL then
>> SIGBUS (the trailing sigaction calls are in the reverse order in the
>> code).
>>
>> The "OPENSSL_cpuid_setup" function supports reading the environment
>> variable "OPENSSL_sparcv9cap" to skip further processing and setting
>> this variable (to anything) prevents the process from hanging, so I'm
>> also encouraged that the issue resides within this function, but am,
>> obviously, hesitant to rely on this as an operational solution ...
>>
>> Is there any other information I can provide you and/or anything I can
>> do on my side to investigate and resolve this.
>>
>> Thank you,
>> - Rick
>>
>>
>> 4503:   lwp_sigmask(SIG_SETMASK, 0xFFBFF827, 0x0000FFF7) = 0xFFBFFEFF
>> [0x0000FFFF]
>>
>> 4503:   sigaction(SIGILL, 0xFFBFEC10, 0xFFBFECF0)       = 0
>>
>> 4503:       new: hand = 0xFEF4F824 mask = 0xFFBFFEFF 0x0000FFFF 0 0
>> flags = 0x0000
>>
>> 4503:       old: hand = 0x00000000 mask = 0 0 0 0 flags = 0x0000
>>
>> 4503:   sigaction(SIGBUS, 0xFFBFEC10, 0xFFBFED10)       = 0
>>
>> 4503:       new: hand = 0xFEF4F824 mask = 0xFFBFFEFF 0x0000FFFF 0 0
>> flags = 0x0000
>>
>> 4503:       old: hand = 0x00000000 mask = 0 0 0 0 flags = 0x0000
>>
>>
>>
>>
>>
>> _______________________________________________
>> openssl-bugs-mod mailing list
>> openssl-bugs-mod at openssl.org
>> https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
>>
>>
>> _______________________________________________
>> openssl-dev mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> 
> 


-------------- next part --------------
diff --git a/crypto/sparcv9cap.c b/crypto/sparcv9cap.c
index 8bf2846..a36e461 100644
--- a/crypto/sparcv9cap.c
+++ b/crypto/sparcv9cap.c
@@ -237,6 +237,17 @@ static void common_handler(int sig)
     siglongjmp(common_jmp, sig);
 }
 
+#if defined(__sun) && defined(__SVR4)
+# if defined(__GNUC__) && __GNUC__>=2
+extern unsigned int getisax(unsigned int vec[], unsigned int sz) __attribute__ ((weak));
+# elif defined(__SUNPRO_C)
+#pragma weak getisax
+extern unsigned int getisax(unsigned int vec[], unsigned int sz);
+# else
+static unsigned int (*getisax) (unsigned int vec[], unsigned int sz) = NULL;
+# endif
+#endif
+
 void OPENSSL_cpuid_setup(void)
 {
     char *e;
@@ -255,6 +266,42 @@ void OPENSSL_cpuid_setup(void)
         return;
     }
 
+#if defined(__sun) && defined(__SVR4)
+    if (getisax != NULL) {
+        unsigned int vec[1];
+
+        if (getisax (vec,1)) {
+            if (vec[0]&0x0020) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1;
+            if (vec[0]&0x0040) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
+            if (vec[0]&0x0080) OPENSSL_sparcv9cap_P[0] |= SPARCV9_BLK;
+            if (vec[0]&0x0100) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FMADD;
+            if (vec[0]&0x0400) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
+
+            /* reconstruct %cfr copy */
+            OPENSSL_sparcv9cap_P[1] = (vec[0]>>17)&0x3ff;
+            OPENSSL_sparcv9cap_P[1] |= (OPENSSL_sparcv9cap_P[1]&CFR_MONTMUL)<<1;
+            if (vec[0]&0x20000000) OPENSSL_sparcv9cap_P[1] |= CFR_CRC32C;
+
+            /* Some heuristics */
+            /* all known VIS2-capable CPUs have unprivileged tick counter */
+            if (OPENSSL_sparcv9cap_P[0]&SPARCV9_VIS2)
+                OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
+
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU;
+
+            /* detect UltraSPARC-Tx, see sparccpud.S for details... */
+            if ((OPENSSL_sparcv9cap_P[0]&SPARCV9_VIS1) &&
+                _sparcv9_vis1_instrument() >= 12)
+                OPENSSL_sparcv9cap_P[0] &= ~(SPARCV9_VIS1 | SPARCV9_PREFER_FPU);
+        }
+
+        if (sizeof(size_t) == 8)
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_64BIT_STACK;
+
+        return;
+    }
+#endif
+
     /* Initial value, fits UltraSPARC-I&II... */
     OPENSSL_sparcv9cap_P[0] = SPARCV9_PREFER_FPU | SPARCV9_TICK_PRIVILEGED;

More information about the openssl-dev mailing list