Bug 1639531

Summary: test_ssl fails on ppc64le
Product: Red Hat Enterprise Linux 8 Reporter: Charalampos Stratakis <cstratak>
Component: python3Assignee: Python Maintainers <python-maint>
Status: CLOSED ERRATA QA Contact: Lukáš Zachar <lzachar>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.0CC: jkejda, lbalhar, mhroncok, pviktori, vstinner
Target Milestone: rc   
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: python3-3.6.8-2.el8 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 22:03:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1679646    
Bug Blocks:    

Description Charalampos Stratakis 2018-10-16 01:31:54 UTC 
One test case from test_ssl fails in brew on ppc64le:

ERROR: test_connect_cadata (test.test_ssl.SimpleBackgroundTests)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/builddir/build/BUILD/Python-3.6.6/Lib/test/test_ssl.py", line 1628, in test_connect_cadata
    s.connect(self.server_addr)
  File "/builddir/build/BUILD/Python-3.6.6/Lib/ssl.py", line 1065, in connect
    self._real_connect(addr, False)
  File "/builddir/build/BUILD/Python-3.6.6/Lib/ssl.py", line 1052, in _real_connect
    socket.connect(self, addr)
ConnectionRefusedError: [Errno 111] Connection refused
----------------------------------------------------------------------
Comment 1 Charalampos Stratakis 2018-10-17 10:04:31 UTC 
The same failure is observed sporadically at the s390x arch
Comment 2 Petr Viktorin (pviktori) 2018-11-01 15:08:14 UTC 
*** Bug 1644304 has been marked as a duplicate of this bug. ***
Comment 3 Victor Stinner 2019-01-18 16:16:13 UTC 
I can reproduce the issue in the 3.6 development branch of Python upstream:

$ ./python -m test -u all -F -m test_connect_cadata  test_ssl 
Run tests sequentially
0:00:00 load avg: 0.65 [  1] test_ssl
0:00:00 load avg: 0.65 [  2] test_ssl
test test_ssl failed -- Traceback (most recent call last):
  File "/home/vstinner/prog/python/3.6/Lib/test/test_ssl.py", line 1642, in test_connect_cadata
    s.connect(self.server_addr)
  File "/home/vstinner/prog/python/3.6/Lib/ssl.py", line 1109, in connect
    self._real_connect(addr, False)
  File "/home/vstinner/prog/python/3.6/Lib/ssl.py", line 1100, in _real_connect
    self.do_handshake()
  File "/home/vstinner/prog/python/3.6/Lib/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/home/vstinner/prog/python/3.6/Lib/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ConnectionResetError: [Errno 104] Connection reset by peer

test_ssl failed

== Tests result: FAILURE ==

1 test OK.

1 test failed:
    test_ssl

Total duration: 191 ms
Tests result: FAILURE


The test fails randomly.

The test is reliable in the 3.7 and master development branches of Python upstream. I identified that the commit 529525fb5a8fd9b96ab4021311a598c77588b918 of https://bugs.python.org/issue33618 added the following code to test_ssl which prevents the failure (diff adapted to the 3.6 branch):


diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
index 0aeabc10f2..72b7a94a21 100644
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -2029,6 +2029,16 @@ if _have_threads:
                                 sys.stdout.write(" server: read %r (%s), sending back %r (%s)...\n"
                                                  % (msg, ctype, msg.lower(), ctype))
                             self.write(msg.lower())
+                    except ConnectionResetError:
+                        # XXX: OpenSSL 1.1.1 sometimes raises ConnectionResetError
+                        # when connection is not shut down gracefully.
+                        if self.server.chatty and support.verbose:
+                            sys.stdout.write(
+                                " Connection reset by peer: {}\n".format(
+                                    self.addr)
+                            )
+                        self.close()
+                        self.running = False
                     except OSError:
                         if self.server.chatty:
                             handle_error("Test server failure:\n")


With this change on 3.6, the test no longer fails randomly.
Comment 4 Victor Stinner 2019-01-18 16:50:52 UTC 
I proposed an upstream 3.6 backport for the fix: https://github.com/python/cpython/pull/11612
Comment 7 Victor Stinner 2019-02-01 17:04:25 UTC 
I wrote a PR for python36 in Fedora Rawhide:
https://src.fedoraproject.org/rpms/python36/pull-request/22
Comment 9 Victor Stinner 2019-02-20 15:17:35 UTC 
> I wrote a PR for python36 in Fedora Rawhide:
> https://src.fedoraproject.org/rpms/python36/pull-request/22

Merged: https://src.fedoraproject.org/rpms/python36/c/23f39952f5c5d824a7e55b2a035311d74d275a26?branch=master
Comment 11 Petr Viktorin (pviktori) 2019-03-11 13:22:38 UTC 
This is fixed upstream, let's backport the fix.
Comment 12 Victor Stinner 2019-03-12 13:41:28 UTC 
python3-3.6.8-2.el8 is ready for testing.

The test is to run "python3 -m test -u all -F -m test_connect_cadata  test_ssl". Without the fix, it failed after a few iterations. With the test, it should not fail anymore (wait at least 25 iterations). You might also run "python3 -m test -u all -F test_ssl" and wait a few iterations (at least 10), just in case.
Comment 16 errata-xmlrpc 2019-11-05 22:03:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3520