Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto: curve25519.ladderstep runs into segmentation fault when invoked under emulation of qemu-x86_64 on an ARMv6 host #44572

Open
HouzuoGuo opened this issue Feb 24, 2021 · 2 comments

Comments

@HouzuoGuo
Copy link

@HouzuoGuo HouzuoGuo commented Feb 24, 2021

What version of Go are you using (go version)?

On the compiler host:

$ go version
go version go1.16 linux/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

The compiler runs on linux/amd64, target host is linux/arm, emulator on the target host is qemu-x86_64.

What did you do?

Compile the following code with env CGO_ENABLED=0 go build -o main-go16 ./main.go:

package main

import (
        "crypto/tls"
        "log"
)

func main() {
        _, err := tls.Dial("tcp", "google.com:443", &tls.Config{InsecureSkipVerify: true})
        if err != nil {
                log.Panic(err)
        }
}

Then copy the compiled program (which is an x86-64 ELF executable) onto an ARMv6 host (Raspberry Pi Zero W), and run it using QEMU:

howard@hzgl-rpi ~> cat /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"
NAME="Raspbian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs

howard@hzgl-rpi ~> dpkg -s qemu-user
Package: qemu-user
...
Maintainer: Debian QEMU Team 
Architecture: armhf
Multi-Arch: foreign
Source: qemu
Version: 1:3.1+dfsg-8+deb10u8
...

howard@hzgl-rpi ~> qemu-x86_64 ./main-go16
unexpected fault address 0xe58d209c
fatal error: fault
[signal SIGSEGV: segmentation violation code=0x1 addr=0xe58d209c pc=0x5794fd]

goroutine 1 [running]:
runtime.throw(0x607d62, 0x5)
        /root/sdk/go1.16/src/runtime/panic.go:1117 +0x72 fp=0x9003f478 sp=0x9003f448 pc=0x435512
runtime.sigpanic()
        /root/sdk/go1.16/src/runtime/signal_unix.go:741 +0x268 fp=0x9003f4b0 sp=0x9003f478 pc=0x44bb08
vendor/golang.org/x/crypto/curve25519.ladderstep(0x9003f610)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519_amd64.s:101 +0x5d fp=0x9003f5e8 sp=0x9003f4b0 pc=0x5794fd
vendor/golang.org/x/crypto/curve25519.mladder(0x9003f748, 0x9003f720, 0x9003f700)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519_amd64.go:52 +0x136 fp=0x9003f6e8 sp=0x9003f5e8 pc=0x5788d6
vendor/golang.org/x/crypto/curve25519.scalarMult(0x900182c0, 0x9003f7d8, 0x71f3a0)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519_amd64.go:71 +0xe7 fp=0x9003f780 sp=0x9003f6e8 pc=0x578a67
vendor/golang.org/x/crypto/curve25519.ScalarMult(...)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519.go:21
vendor/golang.org/x/crypto/curve25519.ScalarBaseMult(...)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519.go:30
vendor/golang.org/x/crypto/curve25519.x25519(0x900182c0, 0x900182a0, 0x20, 0x20, 0x71f3a0, 0x20, 0x20, 0x0, 0x0, 0x9003f8f8, ...)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519.go:85 +0x22d fp=0x9003f848 sp=0x9003f780 pc=0x5785ed
vendor/golang.org/x/crypto/curve25519.X25519(...)
        /root/sdk/go1.16/src/vendor/golang.org/x/crypto/curve25519/curve25519.go:71
crypto/tls.generateECDHEParameters(0x645e20, 0x9005e180, 0x1d, 0x0, 0x13, 0x90020140, 0x10)
        /root/sdk/go1.16/src/crypto/tls/key_schedule.go:118 +0x153 fp=0x9003f908 sp=0x9003f848 pc=0x5a0353
crypto/tls.(*Conn).makeClientHello(0x90064e00, 0x0, 0x9003f9d0, 0x532325, 0x0, 0x0)
        /root/sdk/go1.16/src/crypto/tls/handshake_client.go:127 +0x828 fp=0x9003fa20 sp=0x9003f908 pc=0x588928
crypto/tls.(*Conn).clientHandshake(0x90064e00, 0x0, 0x0)
        /root/sdk/go1.16/src/crypto/tls/handshake_client.go:146 +0x7d fp=0x9003fca8 sp=0x9003fa20 pc=0x5890bd
crypto/tls.(*Conn).clientHandshake-fm(0x40803108, 0x10)
        /root/sdk/go1.16/src/crypto/tls/handshake_client.go:137 +0x33 fp=0x9003fcd0 sp=0x9003fca8 pc=0x5b4a13
crypto/tls.(*Conn).Handshake(0x90064e00, 0x0, 0x0)
        /root/sdk/go1.16/src/crypto/tls/conn.go:1391 +0xc9 fp=0x9003fd40 sp=0x9003fcd0 pc=0x587cc9
crypto/tls.dial(0x648390, 0x90016128, 0x9003feb8, 0x607acc, 0x3, 0x609b00, 0xe, 0x90000f00, 0x0, 0x0, ...)
        /root/sdk/go1.16/src/crypto/tls/tls.go:169 +0x59c fp=0x9003fe60 sp=0x9003fd40 pc=0x5a2efc
crypto/tls.DialWithDialer(...)
        /root/sdk/go1.16/src/crypto/tls/tls.go:115
crypto/tls.Dial(0x607acc, 0x3, 0x609b00, 0xe, 0x90000f00, 0x41a101, 0x0, 0x0)
        /root/sdk/go1.16/src/crypto/tls/tls.go:205 +0xba fp=0x9003ff28 sp=0x9003fe60 pc=0x5a31ba
main.main()
        /root/repro/main.go:9 +0x70 fp=0x9003ff88 sp=0x9003ff28 pc=0x5b72d0
runtime.main()
        /root/sdk/go1.16/src/runtime/proc.go:225 +0x256 fp=0x9003ffe0 sp=0x9003ff88 pc=0x437d56
runtime.goexit()
        /root/sdk/go1.16/src/runtime/asm_amd64.s:1371 +0x1 fp=0x9003ffe8 sp=0x9003ffe0 pc=0x469981

I am unsure if it indicates a problem in golang or the qemu emulator.

@gopherbot gopherbot added this to the Unreleased milestone Feb 24, 2021
@HouzuoGuo
Copy link
Author

@HouzuoGuo HouzuoGuo commented Feb 24, 2021

P.S. actually, go 1.16 is doing much better than go 1.15. The identical program when compiled by go 1.15 won't even go that far in qemu-x86_64.

Even though emulated platforms provided by qemu probably don't enjoy an official support status, the function curve25519.ladderstep is rather rich in x86 assembly and may help uncovering a potential defect in qemu.

@ALTree
Copy link
Member

@ALTree ALTree commented Feb 24, 2021

As you noted qemu-user is not a supported platform; and qemu-arm for example is often broken (not a surprise since we don't have builders). In general I wouldn't count on any nontrivial program to work on qemu-user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants