Two jdk8 security tests consistently failed on test-osuosl-centos74-ppc64le-1 #2625
Comments
|
Rerunning on test-osuosl-centos74-ppc64le-1 sun/security/pkcs11/fips/TestTLS12.java sun/tools/jinfo/Basic.sh |
|
Both tests also fail on test-osuosl-centos74-ppc64le-2 |
|
For the sun/tools/jinfo/Basic.sh failure, the following line causes the test to fail Edit: The test failure is caused by that Using |
|
Testing this in a command line environment on a failing machine, test-osuosl-centos74-ppc64le-1: While If I use one of the working options: |
|
I think I've got it. These failing tests are not supposed to run on this machine. For example, on a passing machine, test-skytap-ubuntu2004-ppc64le-1, the On test-skytap-ubuntu2004-ppc64le-1, the command |
|
Setting |
|
Rerunning sun/tools/jinfo/Basic.sh centos-1 |
|
Ref sun/security/pkcs11/fips/TestTLS12.java On a passing machine, test-skytap-ubuntu2004-ppc64le-1, this test is skipped due to Need to find why it isnt skipped on the failing machine, or whether it should be skipped |
|
On a passing machine, the value for sunPKCS11NSSProvider is null, causing the test to skip. While on our 2 failing machines, this value is |
|
Of the passing machines in #2625 (comment), the test skips |
|
The test skips on passing machine because https://github.com/adoptium/jdk8u/blob/3dca446d440e55cbb7dc3555392f4520ec9ff3bc/jdk/test/sun/security/pkcs11/SecmodTest.java#L45 returns false due to not being able to find |
|
Bumping this to October milestone as it's a dependency of #2662 which is in there too |
|
I believe the root cause of this is that the version of SunPKCS11 being used on Centos 7.4 does not support TLS1.2, and as such the test should be skipped as per Ubuntu, not sure what a fix might be, but I'll keep digging.. |
|
In order to get the test to pass on Centos7.4, this parameter is required -Djdk.tls.ephemeralDHKeySize=2048 |
|
Is this specific to ppc64le? That would seem quite strange if true. Also does the same fix allow the test to pass on Ubuntu systems? |
|
The fix is specific to centos, on Ubuntu & Fedora, the test gets skipped... I've had this feedback from the OpenJDK team.. I think the permanent fix should go on the RHEL 9 build of OpenJDK, where It seems Andrew Hughes is aware of this, by the conversations from the However, this is likely to have low priority in a tight backlog. Also, RH1974274: https://bugzilla.redhat.com/show_bug.cgi?id=1974274 |
|
|
Yes, given that its skipped on Ubuntu & Fedora in aqa-tests, is excluding the test on Linux/ppc64le an appropriate solution ? |
|
I think it is appropriate to exclude it ProblemList_openjdk8.txt with reference to https://bugs.openjdk.org/browse/JDK-8029661 (or whichever bug notes that there is not an intention to fix in JDK8). If only seen on ppc64le, is it because our CentOS nodes for x64 Linux are different version of CentOS or have different configuration? |
|
After further discussions with @smlambert , and applying the required option would apply it too liberally to a number of tests, the decision has been made to exclude this test, so as to have the minimum impact. as this is deemed a low priority to fix upstream. |
I've been wondering this too, although ppc64le is the only platform where we have active CentOS7 test systems as far as I can tell (https://ci.adoptium.net/manage/computer/test%2Daws%2Drhel76%2Darmv8%2D1/ exists but is currently not labelled for test - perhaps we could force a Grinder to it anyway to verify?) We have a few CentOS/RHEL8 (e.g. https://ci.adoptium.net/manage/computer/test%2Ddocker%2Dcentos8%2Darmv8%2D1/) if we wanted to compare 7 vs 8 directly. |
|
Tested on Centos 8 ( x64 & Arm64 ) without error, am just looking into whether it skips. |
|
Suggest doing a test on the AWS aarch64 RHEL7 one too if possible. |
|
@sxa It has run ok on the AWS rhel 7.6 machine, however I've managed to replicate the failure ( and the fix ) in Grinder on the AWS rhel 8 (x64) machine , Grinders 7316 & 7317... |
|
In lieu of the upstream bug, this test has now been excluded in aqa PR ( adoptium/aqa-tests#4652 ) Excluding this test from JDK8. ( see https://bugs.openjdk.org/browse/JDK-8029661 ) |
github-project-automation
bot
moved this from In Progress
to Done
in Adoptium 2Q 2023 Plan
Recent builds run shows that JDK8 security tests:
sun/tools/jinfo/Basic.sh
sun/security/pkcs11/fips/TestTLS12.java
consistently failed on test-osuosl-centos74-ppc64le-1.
Any other details:
Grinder on test-osuosl-ubuntu1804-ppc64le-1: https://ci.adoptopenjdk.net/view/Test_grinder/job/Grinder/5017/, https://ci.adoptopenjdk.net/view/Test_grinder/job/Grinder/5016
Grinder on test-osuosl-centos74-ppc64le-1: https://ci.adoptopenjdk.net/view/Test_grinder/job/Grinder/5015, https://ci.adoptopenjdk.net/view/Test_grinder/job/Grinder/5014
The text was updated successfully, but these errors were encountered: