Add full-cycle speed test

[baentsch]

Running ./tests/speed_sig Falcon-1024 with this new code reliably reproduces #1390 and could unearth similar such errors in the future -- when now added to CI: Feedback as to whether we should do this welcome: Would complete this PR with KEM-equivalent and github CI tests then.

• [no] Does this PR change the input/output behaviour of a cryptographic algorithm (i.e., does it change known answer test values)? (If so, a version bump will be required from x.y.z to x.(y+1).0.)
• [no] Does this PR change the the list of algorithms available -- either adding, removing, or renaming? Does this PR otherwise change an API? (If so, PRs in oqs-provider, OQS-OpenSSL, OQS-BoringSSL, and OQS-OpenSSH will also need to be ready for review and merge by the time this is merged.)

[baentsch]

Failures mostly "as expected" (triggered by the Falcon-1024 bug). @Martyrshot : Can you see a reason why this code SIGSEGVs on the ARM emulator? It works perfectly on the M1 (??).

[Martyrshot]

My first thought is that maybe an optimized implementation is being used when it shouldn't be. I wonder if the new falcon implementation checks feature support differently than the previous version did.

[baentsch]

@Martyrshot Sorry, I wasn't clear in my question: It's only the new "fullcycletest" (keygen-sign-verify) that fails on ARM emulator -- and that for all algorithms (see test log), not just falcon.

[Martyrshot]

@baentsch Can I get access to that environment? Do these happen only when fullcycle is true? Or do these illegal instructions happen regardless?

[baentsch]

@baentsch Can I get access to that environment?

Most definitely: It's "simply" a set of docker images. All code is visible here. I'm right now trying to reproduce myself:
Edit/Add: First results: After further simplifying things (now also building the code in the armhf emulation container docker run --rm -v pwd:/projects/liboqs -it openquantumsafe/ci-debian-buster-armhf:latest /bin/bash), it is definitely the code generated for "speed testing" that causes the problem: KAT tests work just fine:

root@456df10ca3d1:/projects/liboqs/build# ./tests/speed_kem Kyber768
Configuration info
==================
Target platform:  armv7l-Linux-5.16.14-051614-generic
Compiler:         gcc (8.3.0)
Compile options:  [-Wa,--noexecstack;-O3;-fomit-frame-pointer;-fdata-sections;-ffunction-sections;-Wl,--gc-sections;-Wbad-function-cast]
OQS version:      0.8.0-dev
Git commit:       b61585893dbc9147e4647ac6335ad91212ff40cc
OpenSSL enabled:  Yes (OpenSSL 1.1.1d  10 Sep 2019)
AES:              OpenSSL
SHA-2:            OpenSSL
SHA-3:            C
OQS build flags:  OQS_OPT_TARGET=auto CMAKE_BUILD_TYPE=Release 
CPU exts compile-time: 

Speed test
==========
Started at 2023-02-16 16:20:17
Operation                            | Iterations | Total time (s) | Time (us): mean | pop. stdev | CPU cycles: mean          | pop. stdev
------------------------------------ | ----------:| --------------:| ---------------:| ----------:| -------------------------:| ----------:
Kyber768                             |            |                |                 |            |                           |           
Illegal instruction (core dumped)
root@456df10ca3d1:/projects/liboqs/build# arch
armv7l

Ideas welcome...

[thomwiggers]

See also PQClean/PQClean#477

[Martyrshot]

So I guess the first thing to point out is the emulator is using armv7, where as the m1 is armv8. I wonder if there is some data width issues somewhere that doesn't happen on armv8 since it's 64 bit, but does happen on armv7 because it's 32 bit?

[baentsch]

if there is some data width issues somewhere

Maybe -- but definitely not in the code added as part of this PR: Just confirmed that the speed_kem/sig programs always crash on this platform -- in other words, it seems like repeated API calls fail there. Created #1393 to track -- in case anyone has a keen interest in that old platform.