tag:gpgtools.tenderapp.com,2011-11-04:/discussions/problems/127546-patch-gmplib-to-not-use-reserved-x18-registers-on-darwin-apple-siliconGPGTools: Discussion 2023-03-07T17:11:32Ztag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-23T15:15:58Z2022-11-23T15:16:05ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p><strong>Which of our tools is giving you problems?</strong></p>
<p>GPG Suite, but more specifically, the gmplib.</p>
<p><strong>Attach a screenshot of the version info for all installed components (how to: <a href="https://gpgtools.tenderapp.com/kb/faq/where-can-i-find-version-info-of-the-installed-tools">https://gpgtools.tenderapp.com/kb/faq/where-can-i-find-version-info...</a>):</strong></p>
<p>Attached below</p>
<p><strong>Describe your problem. Add as much detail as possible.</strong></p>
<p>We are seeing the gpg client crash when trying to send keys and search keys on Apple Silicon machines running macOS Ventura (snippet of crash below):<br></p>
<pre>
<code>Thread 1 Crashed:
0 libgmp.10.dylib 0x10140baf0 __gmpn_sub_n + 136
1 libhogweed.6.1.dylib 0x101146e0c _nettle_ecc_mod_random + 296
2 libhogweed.6.1.dylib 0x101147aac nettle_ecdsa_generate_keypair + 144
3 ??? 0x650167415a24 ???</code>
</pre>
<p>After some investigation, per <a href="https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms">https://developer.apple.com/documentation/xcode/writing-arm64-code-...</a>, Apple is reserving register x18 and explicitly says "don’t use this register".</p>
<p>We've also seen this (and similar) issues in other repos:</p>
<ul>
<li>
<p><a href="https://github.com/iina/iina/issues/3503">https://github.com/iina/iina/issues/3503</a></p>
</li>
<li>
<p><a href="https://gitlab.haskell.org/ghc/ghc/-/issues/22497">https://gitlab.haskell.org/ghc/ghc/-/issues/22497</a></p>
</li>
</ul>
<p>It appears the ECC crypto operations are using a reserved register that wasn’t previously in use, but now that Apple is using it, it's showing up as a segfault.</p>
<p>It looks like gmplib fixed this upstream in <a href="https://gmplib.org/repo/gmp/rev/5f32dbc41afc">https://gmplib.org/repo/gmp/rev/5f32dbc41afc</a> but GPG Suite 2022.2 doesn't have this?</p>
<p>gmplib version on my machine:<br></p>
<pre>
<code>❯ strings /usr/local/MacGPG2/lib/libgmp.10.dylib | grep 6.2
6.2.1
6.2.1</code>
</pre>
<p><strong>What did you expect instead</strong></p>
<p>I expect gpg --send-key and gpg --search-keys to not crash</p>
<p><strong>Describe steps leading to the problem.</strong></p>
<p>Commands that trigger the crash:<br></p>
<pre>
<code>❯ gpg --send-keys FCBF72EF81BD9F1D0D86C1C50E5BB12345678910
gpg: sending key 0E5BB68982375825 to hkps://keymaster.company.com
gpg: keyserver send failed: End of file
gpg: keyserver send failed: End of file</code>
</pre>
<pre>
<code>❯ gpg --search-keys 7884711ADFA0E21D473C15F5EDD012345678910
gpg: error searching keyserver: End of file
gpg: keyserver search failed: End of file</code>
</pre>
<p><strong>Are you using any other Mail.app plugins?</strong></p>
<p>No, we aren't using Mail.app plugins.</p></div>brandonfriesstag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-23T17:51:46Z2022-11-23T17:51:46ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hi Brandon,</p>
<p>thanks for getting in touch and taking the time to report this crash. Your analysis is spot on.</p>
<p>The crash is caused by an error in the bignum library libgmp used by gnutls, which is used for tls connections in dirmngr. The error only happens on M1/M2 and only when a certain register is written to which is reserved by M1/M2.</p>
<p>Currently you can workaround this by retrying to show the email or to import the key when a key lookup caused the crash (depending on what triggered the error in the first place).</p>
<p>We are looking into a solution to this problem and will inform you as soon as we have a fix available.</p>
<p>Best,<br>
Steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-23T18:39:27Z2022-11-23T18:39:27ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hi Steve,</p>
<p>Thanks for the response and confirmation. Unfortunately, retrying the raw gpg cli commands hasn't been successful for us. If you know of any other work arounds or additional steps, do let us know!</p>
<p>Thanks,<br>
Brandon</p></div>brandonfriesstag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-23T18:43:28Z2022-11-23T18:43:28ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hi Brandon,</p>
<p>what else might help is killing the dirmngr process.</p>
<p>Lukas</p></div>Luke Letag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-23T19:43:35Z2022-11-23T19:43:35ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hi Lukas,</p>
<p>Thanks for help!</p>
<p>I've tried killing the drmngr process via <code>kill -9</code> and <code>gpgconf --kill dirmngr</code> but each time I try to run <code>gpg --search-keys</code> it ends up spawning dirmngr and subsequently crashes.</p>
<pre>
<code>Process: dirmngr [80516]
Path: /usr/local/MacGPG2/bin/dirmngr
Identifier: dirmngr
Version: ???
Code Type: ARM-64 (Native)
Parent Process: launchd [1]
Responsible: iTerm2 [61083]
User ID: 501
Date/Time: 2022-11-23 13:38:52.5269 -0600
OS Version: macOS 13.0.1 (22A400)
Report Version: 12
Anonymous UUID: E8DA786F-C425-6ABC-06A2-0B4DD910E50E
Sleep/Wake UUID: 38968505-E6C8-4F0F-B798-47590D29C1AF
Time Awake Since Boot: 640000 seconds
Time Since Wake: 852 seconds
System Integrity Protection: enabled
Crashed Thread: 1
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x000000016dc7c000
Exception Codes: 0x0000000000000001, 0x000000016dc7c000
Termination Reason: Namespace SIGNAL, Code 11 Segmentation fault: 11
Terminating Process: exc handler [80516]
VM Region Info: 0x16dc7c000 is not in any region. Bytes after previous region: 1 Bytes before following region: 567820288
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
Stack 16dbf4000-16dc7c000 [ 544K] rw-/rwx SM=PRV thread 1
---> GAP OF 0x21d84000 BYTES
unused __TEXT 18fa00000-18fa58000 [ 352K] r-x/r-x SM=COW ...ed lib __TEXT
Application Specific Information:
*** multi-threaded process forked ***
crashed on child side of fork pre-exec
Thread 0:: Dispatch queue: com.apple.main-thread
0 libsystem_kernel.dylib 0x18fd95024 __pselect + 8
1 libsystem_kernel.dylib 0x18fda7b34 pselect + 112
2 libnpth.0.dylib 0x1025976ac npth_pselect + 96
3 dirmngr 0x102446544 handle_connections + 504
4 dirmngr 0x102444c1c main + 2736
5 dyld 0x18faa3e50 start + 2544
Thread 1 Crashed:
0 libgmp.10.dylib 0x1027b29f0 __gmpn_sub_n + 136
1 libhogweed.6.4.dylib 0x1026befac _nettle_ecc_mod_random + 340
2 libhogweed.6.4.dylib 0x1026bfc64 nettle_ecdsa_generate_keypair + 140
3 ??? 0x650167415a24 ???</code>
</pre>
<p>Cheers,<br>
Brandon</p></div>brandonfriesstag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-29T12:03:16Z2022-11-29T12:03:16ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hi Brandon,</p>
<p>could you please download and install our <a href="https://releases.gpgtools.org/nightlies/">latest hotfix GPG Suite</a> and see if that solves your problem.</p>
<p>All the best,<br>
Steve</p>
<p>Disclaimer: Hotfixes are GPG Suite builds containing our latest source code, so bugs and crashes may occur.</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-11-29T15:52:08Z2022-11-29T15:52:08ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hi Steve,</p>
<p>Good news, the latest hotfix is working for me!</p>
<p>Both the <code>gpg --send-keys</code> and <code>gpg --search-keys</code> commands that were previously failing are working for me.</p></div>brandonfriesstag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-12-01T23:11:59Z2022-12-01T23:11:59ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Glad this is solved for you. I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.</p>
<p>Best,<br>
Steve</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-12-02T14:37:06Z2022-12-02T14:37:06ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Thanks for all the help!</p>
<p>Out of curiosity, about how long until this fix lands into a stable release?</p>
<p>Cheers,<br>
Brandon</p></div>brandonfriesstag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-12-04T19:39:41Z2022-12-04T19:39:41ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>We don't give ETAs but I don't see a release happening in the next few weeks. We are currently working on some internal changes on our infrastructure and are still investigating some problems with GPG Mail that should be part of the next release.</p>
<p>Are you using GPG Mail more broadly at stripe and did you get many reports about this specific issue?</p></div>Stevetag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-12-04T23:45:21Z2022-12-04T23:45:23ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>FWIW I’ve been monitoring this issue after having the same problem, so it’s not just Brandon.</p></div>Mark Gardnertag:gpgtools.tenderapp.com,2011-11-04:Comment/568819522022-12-05T19:25:32Z2022-12-05T19:25:32ZPatch gmplib to not use reserved x18 registers on darwin (Apple Silicon)<div><p>Hey Steve,</p>
<p>We don't use GPG Mail. Rather, we have a number of internal tools that make calls to the gpg binary. As we've rolled out more and more Apple Silicon machines, I've started to get reports of the errors outlined in this thread.</p>
<p>Understandable on not providing ETAs. My motivation for asking was so that I could level set my expectations and plan internally.</p>
<p>Thanks,<br>
Brandon</p></div>brandonfriess