-
Notifications
You must be signed in to change notification settings - Fork 464
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
random_device: rdrand failed - Crashes host application #3151
Comments
If I remember correctly LibSass only gets a cryptographically secure random number to seed the pseudo random number generator (PRNG) and from than on only uses PRNG. This is IMO best practice and I don't see LibSass doing anything not allowed by the C++11 APIs. So to me this clearly indicates some problem with the underlying library. Are you sure it also errors if you compile LibSass and the implementor on the same Machine? The error in node-sass kinda sounds to me like a linking issue, but that is really just a blatant assumption. Anyway, will try to research a bit on my own to see if we really need to abandon this way of initializing the PRNG. Btw. if you make a patch, please make it opt-in via a compile define or even better catch the error by the C++ call and then have a compile define to either error out or continue without true PRNG initialization. |
So after a short research I'm pretty sure this is the issue we're talking about (sorry it's in german): It seems systemd fixed this issue via systemd/systemd@1c53d4a. Problem for LibSass is that the call to This is not something we should have to do, but well, reality. This is something for AMD, the firmware, the kernel or the C++ libs to fix/work-around. I'll try to find if any of them already include something in this regard in a recent version. |
libsass doesn't handle the error, and throws it up to the caller, instead of handling the error and doing a fallback. That's the bug. The caller has no way to handle this error, causing the segfault. Random number sources can fail for any number of reasons, and are notoriously unreliable, so errors needs to be handled in any case, independent from the AMD bug.
Sure, nothing forbids that. But that doesn't answer my question: What does a SASS need cryptographically secure random numbers for? Why are pseudo-random numbers not sufficient?
I have made a patch that is verified to fix the problem, and I took the time to describe the problem and attach the patch, and I'm trying to help you out in fixing this serious issue, but you'll have to take it from here on. If you insist on the strong seeding, you need a try/catch around I hope I have provided the key information of: what is going wrong, why, and a patch that is verified to fix the problem. |
FWIW, this is a AMD Ryzen 5 5600X, stepping 0. And everything else on my system seems to function normally, as far as I can see. Only hugo fails, in libsass. I think the issue here is very simple: You don't need strong cryptographically secure random numbers, so you can just use Alternatively, you need to handle the fact that random number sources can fail, for any number of reasons, and have a fallback. |
Are you running your latest BIOS for your MB? It seems that's how AMD is intending to fix the root cause. Also They way you patched it you can also just return a static number instead of calling |
I'd have a few more questions here @benbucksch, hope you're willing to help me out here.
If you are on windows, I would love to know how the mingw implementation would work on other compilers (I think we added this case explicitly to avoid an issue with older MinGW). You could simply replace |
Is this randomness needed to generate CSS class names and similar code?
Unixtime in ms makes sense as seed, yes, depending on what you use it for.
Yes. It's 100% reproducible for me.
The problem is that I am extremely limited in time. This issue has already cost me far more time than I could afford, even until now. So, unfortunately, I'm not able to test patches. Good news is that the problem is clearly identified, and the symptions recorded here, and the solution does not depend on me or my machine anymore. All you need to know is that
I'm on Ubuntu 20.04 LTS (see initial description). I appreciate that you understood that I'm very limited in terms of time. I hope you can find a good solution for this that you're happy with! |
Sure, I can understand, just means I have no clue what would happen in your case if you'd compile with MinGW ¯\(ツ)/¯ |
Ah, I see. I see the Thanks a lot for having taken this seriously, having improved my patch and merged it! Appreciated. Enjoy your other work on libsass! :-) |
All I can do is look up the MS docs for CryptGenRandom, which say: "If the function fails, the return value is zero", which suggests the fix would be very similar to what you do on Unix. |
I've already refactors the code for upcoming new major release in that regard. The "mingw" part will no longer be used by default on mingw and needs to be enabled explicitly if users know they have a (now very) old mingw version with that issue. So it's ok for me ATM. Btw. can you confirm that my patch solves your problem, just to be sure ;) |
I've applied your PR #3153 that was merged. Yes, I can confirm that it fixes the bug for me.
Thank you! |
Danke fürs testen! |
When using an application that uses libsass, the application crashes (segfaults) with
random_device: rdrand failed
.Reproduction
hugo
.Actual results
Expected result
Hugo works
Version
This happens on the latest version of libsass1 in Ubuntu, currently libsass version 3.6.3. However, the problem also exists on current libsass master, because the relevant code has not changed.
Cause
std:random_device
throws an exception.The underlying root cause is that libsass is using cryptographically secure random numbers. Why? I don't see why CSS would need that. I would think that pseudo-random is sufficient.
Fix
Simply use pseudo-random numbers, from
rand()
, instead oflibsass/src/fn_numbers.cpp
Lines 44 to 45 in 288610a
I've tested that, and that fixes the bug. PR will follow.
The text was updated successfully, but these errors were encountered: