[openssl-dev] [openssl.org #4509] ECC key generation under valgrind reports: impossible has happened
Short, Todd via RT
rt at openssl.org
Wed Apr 13 19:22:52 UTC 2016
Valgrind does not necessarily support all instructions, if there’s any optimized assembly, you might run into problems.
Are you able to compile a non-assembly version of the OpenSSL library?
Are you able to update to a newer Valgrind?
You also seem to have a version discrepancy in OpenSSL: 1.0.2d-fips and 1.0.2g?
--
-Todd Short
// tshort at akamai.com<mailto:tshort at akamai.com>
// "One if by land, two if by sea, three if by the Internet."
On Apr 12, 2016, at 9:41 AM, Nikos Mavrogiannopoulos via RT <rt at openssl.org<mailto:rt at openssl.org>> wrote:
A part of the gnutls test suite runs under valgrind, and in fedora 23
it occasionally fails, something that I have traced it to softhsm
library and particular hardware.
The failures are due to the softhsm library which uses openssl
underneath and in particular EC key generation. This can be reproduced
using only the openssl tools:
$ openssl version
OpenSSL 1.0.2d-fips 9 Jul 2015
$ valgrind openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256
vex: the `impossible' happened:
isZeroU
vex storage: T total 270175784 bytes allocated
vex storage: P total 640 bytes allocated
valgrind: the 'impossible' happened:
LibVEX called failure_exit().
[...]
sched status:
running_tid=1
Thread 1: status = VgTs_Runnable (lwpid 28037)
==28037== at 0x5B14C80: ecp_nistz256_avx2_select_w7 (in /usr/lib64/libcrypto.so.1.0.2g)
==28037== by 0x5AFA92F: EC_POINT_mul (in /usr/lib64/libcrypto.so.1.0.2g)
==28037== by 0x5AF9876: EC_POINT_new (in /usr/lib64/libcrypto.so.1.0.2g)
==28037== by 0x5B02835: EC_KEY_generate_key (in /usr/lib64/libcrypto.so.1.0.2g)
==28037== by 0x5B51B82: EVP_PKEY_keygen (in /usr/lib64/libcrypto.so.1.0.2g)
==28037== by 0x436A29: ??? (in /usr/bin/openssl)
==28037== by 0x41A457: ??? (in /usr/bin/openssl)
==28037== by 0x41A0D6: ??? (in /usr/bin/openssl)
==28037== by 0x62B357F: (below main) (libc-start.c:289)
This may be a bug in valgrind, or according to some valgrind posts,
caused by an illegal instruction. Thus reported here.
The failed system is:
model name : Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch ida arat epb pln pts dtherm intel_pt tpr_shadow vnmi flexpriority ept vpid fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt
originally at: https://bugzilla.redhat.com/show_bug.cgi?id=1326024
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4509
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4509
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list