Debian Bug report logs - #765738
eatmydata breaks GnuTLS: Failed to acquire random data

Toggle useless messages

Message #3 received at submit@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Fri, 17 Oct 2014 19:19:40 +0200

Package: eatmydata
Version: 82-2
Usertags: serious

$ eatmydata gnutls-cli jwilk.net
Error in GnuTLS initialization: Failed to acquire random data.
global_init: Failed to acquire random data.



-- System Information:
Debian Release: jessie/sid
 APT prefers unstable
 APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.16-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages eatmydata depends on:
ii  dpkg-dev       1.17.18
ii  libeatmydata1  82-2

-- 
Jakub Wilk

Message #6 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>

To: 765738@bugs.debian.org

Subject: Re: Bug#765738: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Sat, 18 Oct 2014 18:12:13 +0200

* Jakub Wilk <jwilk@debian.org>, 2014-10-17, 19:19:
>Package: eatmydata
>Version: 82-2
>Usertags: serious
>
>$ eatmydata gnutls-cli jwilk.net
>Error in GnuTLS initialization: Failed to acquire random data.
>global_init: Failed to acquire random data.

More information:
* I can reproduce it on i386, but not on amd64.
* Downgrading to 26-2.1 makes the bug go away.

-- 
Jakub Wilk

Message #11 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Petter Reinholdtsen <pere@hungry.com>

To: 765738@bugs.debian.org, Jakub Wilk <jwilk@debian.org>

Subject: Re: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Mon, 27 Oct 2014 15:37:48 +0100

This error is very similar to bug #762103 casued by #702711, which was
fixed in version 26-2.1.  The error message was the same.  But that
bug affected both amd64 and i386, as far as I remember.  Perhaps the
fix only worked for amd64?

-- 
Happy hacking
Petter Reinholdtsen

Message #14 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>

To: 765738@bugs.debian.org

Cc: Petter Reinholdtsen <pere@hungry.com>

Subject: Re: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Mon, 27 Oct 2014 18:21:43 +0100

* Petter Reinholdtsen <pere@hungry.com>, 2014-10-27, 15:37:
>This error is very similar to bug #762103 casued by #702711, which was 
>fixed in version 26-2.1.  The error message was the same. But that bug 
>affected both amd64 and i386, as far as I remember.  Perhaps the fix 
>only worked for amd64?

FWIW, I can't reproduce the bug on i386 with eatmydata_26-2 either.

-- 
Jakub Wilk

Message #19 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Petter Reinholdtsen <pere@hungry.com>

To: Jakub Wilk <jwilk@debian.org>, 765738@bugs.debian.org

Subject: Re: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Tue, 28 Oct 2014 10:55:56 +0100

Control: severity -1 important

[Jakub Wilk]
> FWIW, I can't reproduce the bug on i386 with eatmydata_26-2 either.

Good.  I'm raising the severity to important.  It might even be argued
that this is release critical, but I will not raise it that high yet.

I suggest the 'eatmydata gnutls-cli jwilk.net' test case is added to
the test suite to make sure this bug do not make it into the archive
in the future.  Did anyone talk to upstream about the problem?

I tried running 'gnutls-cli' on its own on i386, and this demonstrate
that no DNS name is needed to trigger the bug:

  % eatmydata gnutls-cli 
  sh: 1: gcc: not found
  dpkg-architecture: warning: couldn't determine gcc system type, falling back to default (native compilation)
  Error in GnuTLS initialization: Failed to acquire random data.
  No hostname specified
  % gnutls-cli 
  No hostname specified
  % 

After installing libgnutls28-dbg I tried running the program in gdb to
get a backtrace.  This is what I get for breaking on write(), used to
print the error message:

(gdb) bt
#0  write () at ../sysdeps/unix/syscall-template.S:81
#1  0xb7d22791 in _IO_new_file_write (f=0xb7e5b960 <_IO_2_1_stderr_>, data=0xbfffd030, n=63)
    at fileops.c:1253
#2  0xb7d219ef in new_do_write (fp=fp@entry=0xb7e5b960 <_IO_2_1_stderr_>, 
    data=data@entry=0xbfffd030 "Error in GnuTLS initialization: Failed to acquire random data.\n", 
    to_do=to_do@entry=63) at fileops.c:530
#3  0xb7d22e42 in _IO_new_file_xsputn (f=0xb7e5b960 <_IO_2_1_stderr_>, data=0xbfffd030, n=63)
    at fileops.c:1335
#4  0xb7cfbf3a in buffered_vfprintf (s=s@entry=0xb7e5b960 <_IO_2_1_stderr_>, 
    format=format@entry=0xb7f61484 "Error in GnuTLS initialization: %s\n", 
    args=args@entry=0xbffff5ac "\374\376\365\267\062\377\377\377@\311\373\267\001") at vfprintf.c:2333
#5  0xb7cf7335 in _IO_vfprintf_internal (s=s@entry=0xb7e5b960 <_IO_2_1_stderr_>, 
    format=format@entry=0xb7f61484 "Error in GnuTLS initialization: %s\n", 
    ap=ap@entry=0xbffff5ac "\374\376\365\267\062\377\377\377@\311\373\267\001") at vfprintf.c:1290
#6  0xb7dac5d8 in ___fprintf_chk (fp=0xb7e5b960 <_IO_2_1_stderr_>, flag=1, 
    format=0xb7f61484 "Error in GnuTLS initialization: %s\n") at fprintf_chk.c:35
#7  0xb7e9c11d in fprintf (__fmt=0xb7f61484 "Error in GnuTLS initialization: %s\n", 
    __stream=<optimized out>) at /usr/include/i386-linux-gnu/bits/stdio2.h:97
#8  lib_init () at gnutls_global.c:424
#9  0xb7fed86e in call_init (l=<optimized out>, argc=argc@entry=1, argv=argv@entry=0xbffff654, 
    env=env@entry=0xbffff65c) at dl-init.c:78
#10 0xb7fed964 in call_init (env=0xbffff65c, argv=0xbffff654, argc=1, l=<optimized out>) at dl-init.c:36
#11 _dl_init (main_map=0xb7fff930, argc=1, argv=0xbffff654, env=0xbffff65c) at dl-init.c:126
#12 0xb7fdfd3f in _dl_start_user () from /lib/ld-linux.so.2
(gdb)

I also tried to break on open() to see if something tried to open
/dev/random or similar, but did not see any such call.

-- 
Happy hacking
Petter Reinholdtsen

Message #26 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Mattia Rizzolo <mattia@mapreri.org>

To: 765738@bugs.debian.org

Cc: Jakub Wilk <jwilk@debian.org>, Petter Reinholdtsen <pere@hungry.com>

Subject: Re: Bug#765738: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Tue, 28 Oct 2014 11:44:34 +0100

On Tue, Oct 28, 2014 at 10:55 AM, Petter Reinholdtsen <pere@hungry.com> wrote:
> Control: severity -1 important
>
> [Jakub Wilk]
>> FWIW, I can't reproduce the bug on i386 with eatmydata_26-2 either.
>
> Good.  I'm raising the severity to important.  It might even be argued
> that this is release critical, but I will not raise it that high yet.

It's release critical for me, nevermind.

> I suggest the 'eatmydata gnutls-cli jwilk.net' test case is added to
> the test suite to make sure this bug do not make it into the archive
> in the future.

I guess it'd be better to write something equivalent directly in c.
If anyone want to write it, just do.
I'll write a test for the autopkgtest, when I'll do it.

> Did anyone talk to upstream about the problem?

There is a bug upstream, with the old patch.
https://bugs.launchpad.net/libeatmydata/+bug/1374862
I'll submit the corrected patch once it's ready.

This seems to work for me.
http://debomatic-i386.debian.net/distribution#unstable/libeatmydata/82-3/buildlog

the relevant change:

--- libeatmydata-82/debian/patches/bug-702711.patch
+++ libeatmydata-82/debian/patches/bug-702711.patch
@@ -41,3 +41,12 @@
  errno = EFAULT;
  return -1;
  }
+@@ -171,7 +174,7 @@
+
+ /* In pthread environments the dlsym() may call our open(). */
+ /* We simply ignore it because libc is already loaded       */
+- if (!libc_open64) {
++ if (initing) {
+ errno = EFAULT;
+ return -1;
+ }

If anyone else could test the resulting deb and confirm it works,
wuold be great.

-- 
regards,
Mattia Rizzolo

GPG Key: 4096R/B9444540 http://goo.gl/I8TMB
more about me: http://mapreri.org
Launchpad User: https://launchpad.net/~mapreri
Ubuntu Wiki page: https://wiki.ubuntu.com/MattiaRizzolo

Message #29 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>

To: 765738@bugs.debian.org

Subject: Re: Bug#765738: eatmydata breaks GnuTLS: Failed to acquire random data

Date: Tue, 28 Oct 2014 12:27:52 +0100

[Message part 1 (text/plain, inline)]

* Mattia Rizzolo <mattia@mapreri.org>, 2014-10-28, 11:44:
>I guess it'd be better to write something equivalent directly in c.
>If anyone want to write it, just do.

Here's a minimal reproducer:

$ gcc -O2 -Wall $(getconf LFS_CFLAGS) -fPIC -shared libopen.c -o libopen.so
$ gcc -O2 -Wall testopen.c ./libopen.so -o testopen
$ ./testopen && echo ok
ok
$ eatmydata ./testopen
Aborted

>If anyone else could test the resulting deb and confirm it works, wuold 
>be great.

It works for me, thanks!

-- 
Jakub Wilk

[testopen.c (text/x-csrc, attachment)]

[libopen.c (text/x-csrc, attachment)]

Message #34 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Adam Borowski <kilobyte@angband.pl>

To: 765738@bugs.debian.org

Subject: happens on armhf too

Date: Sun, 9 Nov 2014 16:59:15 +0100

Meow!
This bug is not restricted to i386: it happens on armhf as well, so probably
more architectures are affected.

(GnuTLS, Jakub's minimal reproducer)
-- 
// If you believe in so-called "intellectual property", please immediately
// cease using counterfeit alphabets.  Instead, contact the nearest temple
// of Amon, whose priests will provide you with scribal services for all
// your writing needs, for Reasonable and Non-Discriminatory prices.

Message #39 received at 765738@bugs.debian.org (full text, mbox, reply):

From: Mattia Rizzolo <mattia@mapreri.org>

To: Adam Borowski <kilobyte@angband.pl>, 765738@bugs.debian.org

Subject: Re: Bug#765738: happens on armhf too

Date: Sun, 9 Nov 2014 17:31:32 +0100

[Message part 1 (text/plain, inline)]

Control: tags -1 pending

On Nov 9, 2014 5:00 PM, "Adam Borowski" <kilobyte@angband.pl> wrote:
> This bug is not restricted to i386: it happens on armhf as well, so
probably
> more architectures are affected.

AFAIK, it affects all 32 bit arches.

An upload fixing it is on its way.

[Message part 2 (text/html, inline)]

Message #46 received at 765738-close@bugs.debian.org (full text, mbox, reply):

From: Mattia Rizzolo <mattia@mapreri.org>

To: 765738-close@bugs.debian.org

Subject: Bug#765738: fixed in libeatmydata 82-3

Date: Sun, 09 Nov 2014 21:49:29 +0000

Source: libeatmydata
Source-Version: 82-3

We believe that the bug you reported is fixed in the latest version of
libeatmydata, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 765738@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo <mattia@mapreri.org> (supplier of updated libeatmydata package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 09 Nov 2014 22:16:51 +0100
Source: libeatmydata
Binary: eatmydata libeatmydata1
Architecture: source all amd64
Version: 82-3
Distribution: unstable
Urgency: low
Maintainer: Modestas Vainius <modax@debian.org>
Changed-By: Mattia Rizzolo <mattia@mapreri.org>
Description:
 eatmydata  - Library and utilities designed to disable fsync and friends
 libeatmydata1 - Library and utilities to disable fsync and friends - shared libra
Closes: 765738
Changes:
 libeatmydata (82-3) unstable; urgency=low
 .
   * debian/patches/bug-702711.patch:
     + [c95e942] fix the bug #702711 also for 32 bit arches (Closes: #765738).
     + [0167220] update headers.
   * [3fabf6f] debian/control: build-depend on strace only on non hurd and non
     kfreebsd systems, where it is unavailable.
 .
   * Upload sponsored by Petter Reinholdtsen.
Checksums-Sha1:
 966184d5b3cfbaeff6abd0f0d95a4b9d7cb44536 1373 libeatmydata_82-3.dsc
 56b8b4177e4c0771d1c66feb39f52cb31094b82d 41720 libeatmydata_82-3.debian.tar.xz
 bced3698036cfe969b435a9c6825d8203d193d70 11018 eatmydata_82-3_all.deb
 dcb3ef1bb314f00f9f7dd959ae8ff7b7fa20673e 12104 libeatmydata1_82-3_amd64.deb
Checksums-Sha256:
 ac0f3cb77c68a7419b418f15a0f6659aed6ea21bfdccfdc9f8b22eb331484fa0 1373 libeatmydata_82-3.dsc
 82c12eb396e85db149e1c9a6add4a172ab80bf8b32bcbee478f4bbbbb21e6228 41720 libeatmydata_82-3.debian.tar.xz
 378de7e89c1428a95f261f3185b96173c5c7ca1f2ecead8f7bf9298f943677e2 11018 eatmydata_82-3_all.deb
 307d1c726c39c2f4893a95b35ae7083ab4af54ed291ac8408c3cb9a30492d531 12104 libeatmydata1_82-3_amd64.deb
Files:
 197a8cd7c29faf1df3fd4dc677e88ffe 1373 utils optional libeatmydata_82-3.dsc
 ea0d551228e7d67f176569e12e37ad25 41720 utils optional libeatmydata_82-3.debian.tar.xz
 a60aea303fc175bfdf17386b5e0d0bea 11018 utils optional eatmydata_82-3_all.deb
 eb40f313459b6536deaaff1411484cfa 12104 utils optional libeatmydata1_82-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFUX99F20zMSyow1ykRAoDIAKCIPNOQ9aso29er7TsbU1PXXXbBmQCePvW+
O3lqGCXW0qlAayICSZT1DfE=
=VzYC
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.