Comments (11)
I made yet anbother experiment with latrest gcc 12.0.0 and looks like recompiling libargon2 using that compiler solved the issue and I'm no longer see that kind of issues in any test suite which is usind argon2-cffi
.
Closing.
from argon2-cffi.
#3 0x00007f86ca16d8ff blake2b_init (libargon2.so.1 + 0x38ff)
#4 0x00007f86ca16eb0e argon2_ctx.part.0 (libargon2.so.1 + 0x4b0e)
#5 0x00007f86ca16fa9f argon2_hash (libargon2.so.1 + 0x5a9f)
#6 0x00007f86ca4caf16 _cffi_f_argon2_hash (_ffi.abi3.so + 0x2f16)
Indicates as if you're mixing a system-wide libargon2 with argon2-cffi-binding's lib. Try uninstalling libargon2 to verify.
from argon2-cffi.
Do you suggest that it is some bug in system libargon2 and I should not be building argon2-cffi
with ARGON2_CFFI_USE_SYSTEM=1 env vriable?
from argon2-cffi.
Just checked and I'm building both argon2-cffi
and argon2-cffi-binding
with ARGON2_CFFI_USE_SYSTEM=1
from argon2-cffi.
That means your libargon2 is crashing. I can only assume it's compiled wrong or something.
from argon2-cffi.
I told you last year that the problem is caused by your build of libargon2. Your build of the library is broken, likely caused by a compiler bug or invalid or unsupported combination of compiler flags.
The C stack suggests that your copy of libargon2 is the root cause.
from argon2-cffi.
I told you last year that the problem is caused by your build of libargon2. Your build of the library is broken, likely caused by a compiler bug or invalid or unsupported combination of compiler flags.
OK. If that is true .. can you point on possible flags which are usied to compile libargon2
?
I'm using everywhere the same base set of flags passed over env variables.
Here it is that set:
[tkloczko@ss-desktop SPECS]$ rpm -E %set_build_flags
CFLAGS="-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fdata-sections -ffunction-sections -flto=auto -flto-partition=none";
CXXFLAGS="-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fdata-sections -ffunction-sections -flto=auto -flto-partition=none";
FFLAGS="-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fdata-sections -ffunction-sections -flto=auto -flto-partition=none -I/usr/lib64/gfortran/modules";
FCFLAGS="-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fdata-sections -ffunction-sections -flto=auto -flto-partition=none -I/usr/lib64/gfortran/modules";
LDFLAGS="-Wl,-z,relro -Wl,--as-needed -Wl,--gc-sections -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -flto=auto -flto-partition=none -fuse-linker-plugin -Wl,--build-id=sha1";
CC="/usr/bin/gcc"; CXX="/usr/bin/g++"; FC="/usr/bin/gfortran";
AR="/usr/bin/gcc-ar"; NM="/usr/bin/gcc-nm"; RANLIB="/usr/bin/gcc-ranlib";
export CFLAGS CXXFLAGS FFLAGS FCFLAGS LDFLAGS CC CXX FC AR NM RANLIB;
So libargon2 is build with LTO.
Additionally:
[tkloczko@ss-desktop SPECS]$ cat /usr/lib/rpm/redhat/redhat-hardened-cc1
*cc1_options:
+ %{!r:%{!fpie:%{!fPIE:%{!fpic:%{!fPIC:%{!fno-pic:-fPIE}}}}}}
[tkloczko@ss-desktop SPECS]$ cat /usr/lib/rpm/redhat/redhat-annobin-cc1
*cc1_options:
+ %{!-fno-use-annobin:%{!iplugindir*:%:find-plugindir()} -fplugin=annobin}
So those two files passed as -sepec
param are causing that all code by default is build as PIE and linker is usig annobin plugin.
I would be really surprised if any of those flags could be source of the proble .. nevertheless it is some non-zero possibility :/
Sorry for asking but I'm really opened on any suggestions of what I can try to do to diagnose that issue :/
from argon2-cffi.
@kloczek My suggestions would be to disable LTO and simplify the CFLAGS, for example by starting with a fairly minimal default and adding additional compiler flags as needed. Gentoo suggests -O2 -pipe -march=native
as safe defaults.
If I had to guess, I'd point at -D_FORTIFY_SOURCE=2
causing problems. From man 7 feature_test_macros:
_FORTIFY_SOURCE set to 2, some more checking is added, but conforming programs might fail.
This is just a wild guess, though.
from argon2-cffi.
Will try to check those secenarios ASP and back with reults.
Thank you for suggestions.
from argon2-cffi.
So far compile without -D_FORTIFY_SOURCE=2
did not help.
May I ask which one version of argon2 you are using?
I'm using version from master (20190702 + 15 patches from git repo added after last release)
from argon2-cffi.
@kloczek argon2-cffi-bindings
vendors P-H-C/phc-winner-argon2@f57e61e. That version is definitely known to work.
When I tested my PR for the ARGON2_CFFI_USE_SYSTEM
switch I remember that the argon2-cffi
build failed when trying to build against an incompatible version of argon2
. I assume this is still the case with argon2-cffi-bindings
. That means: I don't think your version choice of argon2 is causing issues.
from argon2-cffi.
Related Issues (20)
- RFC is no longer a draft (RFC9106); default parameter choice out of date HOT 4
- 21.2.0: pep517 does not build cython modules HOT 6
- Inconsistent advice for key derivation HOT 5
- How to avoid timing attacks? HOT 1
- hash function return + / verify issue with sqlite HOT 3
- Question: Can output from argon2.low_level.hash_secret_raw() → bytes directly used to derive aes key? HOT 3
- Associated data cannot be specified in the low_level functions HOT 10
- Support password verification without sending the password from client to server HOT 5
- Make hash verification return True or False HOT 4
- ModuleNotFoundError: No module named 'argon2' HOT 2
- Document versioning: Argon2 version 1.3 (v=19) from 2017
- would a python-3.9 wheel be possible ? HOT 13
- seems missing _ffi.abi3.so when pip installing in docker HOT 7
- Failed Source Build on Apple Silicon HOT 9
- Wheel support for linux aarch64 HOT 4
- Unable to install on Xavier NX HOT 1
- Fail to install by pip on macOS 11.0.1 Big Sur HOT 11
- 20.1.0: sphinx warnings HOT 4
- 20.1.0: pytest warnings HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from argon2-cffi.