Bug#1056314: Acknowledgement (python3: double free when using PageUp in REPL)

[Val Lorentz]

reassign 1056314 readline 8.2-1.3
retitle 1056314 readline: double free when using PageDown

the same input causes bash to crash in the same way (see attachment), so 
I assume this is a bug in readline rather than Python
gdb bash
GNU gdb (Debian 13.1-3) 13.1
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from bash...
(No debugging symbols found in bash)
(gdb) run
Starting program: /usr/bin/bash 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Detaching after fork from child process 809178]
val@particle:~$ 2+2
[Detaching after fork from child process 809179]
bash: 2+2 : commande introuvable
val@particle:~$ 1234+5678
[Detaching after fork from child process 809184]
bash: 1234+5678 : commande introuvable
val@particle:~$ 2+2
[Detaching after fork from child process 809217]
bash: 2+2 : commande introuvable
val@particle:~$ 1000+5678
free(): double free detected in tcache 2

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (threadid=, signo=signo@entry=6, 
no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
44  ./nptl/pthread_kill.c: Aucun fichier ou dossier de ce type.
(gdb) bt
#0  __pthread_kill_implementation (threadid=, 
signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
#1  0x77e07d9f in __pthread_kill_internal (signo=6, threadid=) at ./nptl/pthread_kill.c:78
#2  0x77db8f32 in __GI_raise (sig=sig@entry=6) at 
../sysdeps/posix/raise.c:26
#3  0x77da3472 in __GI_abort () at ./stdlib/abort.c:79
#4  0x77dfc340 in __libc_message (action=action@entry=do_abort, 
fmt=fmt@entry=0x77f16459 "%s\n") at ../sysdeps/posix/libc_fatal.c:155
#5  0x77e116ba in malloc_printerr (str=str@entry=0x77f19098 
"free(): double free detected in tcache 2") at ./malloc/malloc.c:5660
#6  0x77e13946 in _int_free (av=0x77f4fc60 , 
p=0x556ccb00, have_lock=have_lock@entry=0) at ./malloc/malloc.c:4469
#7  0x77e15d9f in __GI___libc_free (mem=) at 
./malloc/malloc.c:3385
#8  0x55635ce5 in rl_do_undo ()
#9  0x556360b5 in rl_revert_line ()
#10 0x5561986d in readline_internal_teardown ()
#11 0x5561ac7c in readline ()
#12 0x55586fe2 in ?? ()
#13 0x55589ae1 in ?? ()
#14 0x5558bf5b in ?? ()
#15 0x555900bb in yyparse ()
#16 0x555865b6 in parse_command ()
#17 0x55586744 in read_command ()
#18 0x555868f6 in reader_loop ()
#19 0x555853d9 in main ()


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1056314: python3: double free when using PageUp in REPL

[Val Lorentz]

Package: python3
Version: 3.11.2-1

Dear maintainers,

I am getting a crash in the Python REPL in this scenario:

1. start "python3" in a terminal
2. type "2+2", enter
3. type (or copy-paste) "1234+5678", enter
4. arrow-up, remove "234", page-down, arrow-up, enter
5. arrow-up, arrow-up, add "000" (or whatever) after the 1, enter.

this results in:

free(): double free detected in tcache 2
 [1]2319820 IOT instruction  python3


gdb log and stack trace attached.


gdb python3
GNU gdb (Debian 13.1-3) 13.1
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from python3...
Reading symbols from 
/usr/lib/debug/.build-id/ac/175ec7666754cf818b271b4fdc2761ac6865f2.debug...
(gdb) run
Starting program: /usr/bin/python3 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Python 3.11.2 (main, Mar 13 2023, 12:18:29) [GCC 12.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> 2+2
4
>>> 1234+5678
6912
>>> 2+2
4
>>> 1000+5678
free(): double free detected in tcache 2

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (threadid=, signo=signo@entry=6, 
no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
44  ./nptl/pthread_kill.c: Aucun fichier ou dossier de ce type.
(gdb) bt
#0  __pthread_kill_implementation (threadid=, 
signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
#1  0x77d11d9f in __pthread_kill_internal (signo=6, threadid=) at ./nptl/pthread_kill.c:78
#2  0x77cc2f32 in __GI_raise (sig=sig@entry=6) at 
../sysdeps/posix/raise.c:26
#3  0x77cad472 in __GI_abort () at ./stdlib/abort.c:79
#4  0x77d06340 in __libc_message (action=action@entry=do_abort, 
fmt=fmt@entry=0x77e20459 "%s\n") at ../sysdeps/posix/libc_fatal.c:155
#5  0x77d1b6ba in malloc_printerr (str=str@entry=0x77e23098 
"free(): double free detected in tcache 2") at ./malloc/malloc.c:5660
#6  0x77d1d946 in _int_free (av=0x77e59c60 , 
p=0xe8e620, have_lock=have_lock@entry=0) at ./malloc/malloc.c:4469
#7  0x77d1fd9f in __GI___libc_free (mem=) at 
./malloc/malloc.c:3385
#8  0x776ab7cf in rl_do_undo () from 
/lib/x86_64-linux-gnu/libreadline.so.8
#9  0x776ab995 in rl_revert_line () from 
/lib/x86_64-linux-gnu/libreadline.so.8
#10 0x7768ef3d in readline_internal_teardown () from 
/lib/x86_64-linux-gnu/libreadline.so.8
#11 0x776ad432 in rl_callback_read_char () from 
/lib/x86_64-linux-gnu/libreadline.so.8
#12 0x77b1df18 in readline_until_enter_or_signal (signal=, prompt=) at ./Modules/readline.c:1352
#13 call_readline (sys_stdin=, sys_stdout=, 
prompt=) at ./Modules/readline.c:1398
#14 0x004748e0 in PyOS_Readline (sys_stdin=0x77e59a80 
<_IO_2_1_stdin_>, sys_stdout=0x77e5a760 <_IO_2_1_stdout_>, 
prompt=0x777a7ba0 ">>> ") at ../Parser/myreadline.c:392
#15 0x00538e87 in tok_underflow_interactive (tok=0xe8e740) at 
../Parser/tokenizer.c:880
#16 tok_nextc (tok=0xe8e740) at ../Parser/tokenizer.c:1064
#17 0x00529c76 in tok_get (tok=0xe8e740, p_start=0x7fffdc98, 
p_end=0x7fffdc90) at ../Parser/tokenizer.c:1419
#18 0x00527ee6 in _PyTokenizer_Get (p_end=0x7fffdc90, 
p_start=0x7fffdc98, tok=0xe8e740) at ../Parser/tokenizer.c:2121
#19 _PyPegen_fill_token (p=p@entry=0x77c20490) at ../Parser/pegen.c:213
#20 0x00633358 in statement_newline_rule (p=0x77c20490) at 
../Parser/parser.c:1407
#21 interactive_rule (p=0x77c20490) at ../Parser/parser.c:1108
#22 _PyPegen_parse (p=p@entry=0x77c20490) at ../Parser/parser.c:38924
#23 0x00632dfc in _PyPegen_run_parser (p=0x77c20490) at 
../Parser/pegen.c:837
#24 0x006510f7 in _PyPegen_run_parser_from_file_pointer 
(arena=0x77ba1bf0, errcode=0x7fffddfc, flags=0x7fffdf30, 
ps2=, ps1=0x777a7ba0 ">>> ", enc=0x77c79d60 "utf-8", 
filename_ob=, start_rule=256, fp=) at 
../Parser/pegen.c:910
#25 _PyParser_ASTFromFile (fp=, filename_ob=, 
enc=0x77c79d60 "utf-8", mode=256, ps1=0x777a7ba0 ">>> ", ps2=, flags=0x7fffdf30, errcode=0x7fffddfc, 
arena=0x77ba1bf0) at ../Parser/peg_api.c:26
#26 0x00483248 in PyRun_InteractiveOneObjectEx 
(fp=fp@entry=0x77e59a80 <_IO_2_1_stdin_>, 

Bug#1023989: pantalaimon: Does not support current versions of Synapse

[Val Lorentz]

Package: pantalaimon
Version: 0.9.1-1
Severity: grave

Dear maintainers,


The version of Pantalaimon currently in Bullseye crashes when trying to 
sync with any current version of Synapse.


This means it is not usable with the large majority of Matrix servers, 
if not all.



According to https://github.com/matrix-org/pantalaimon/issues/109 , this 
was fixed in some later version (including the one in Bookworm).



Thanks in advance,
Val Lorentz


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1023971: pantalaimon: Missing dependency on python3-pydbus and python3-notify2

[Val Lorentz]

retitle 1023971 pantalaimon: Should depend on (rather than recommend) 
python3-pydbus and python3-notify2


I also just noticed notify2 is required by the main executable:

$ pantalaimon --log-level debug
Traceback (most recent call last):
  File "/usr/bin/pantalaimon", line 33, in 
sys.exit(load_entry_point('pantalaimon==0.9.1', 'console_scripts', 
'pantalaimon')())

  File "/usr/bin/pantalaimon", line 25, in importlib_load_entry_point
return next(matches).load()
  File "/usr/lib/python3.9/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
  File "/usr/lib/python3.9/importlib/__init__.py", line 127, in 
import_module

return _bootstrap._gcd_import(name[level:], package, level)
  File "", line 1030, in _gcd_import
  File "", line 1007, in _find_and_load
  File "", line 986, in 
_find_and_load_unlocked

  File "", line 680, in _load_unlocked
  File "", line 790, in exec_module
  File "", line 228, in 
_call_with_frames_removed
  File "/usr/lib/python3/dist-packages/pantalaimon/main.py", line 33, 
in 

from pantalaimon.ui import UI_ENABLED
  File "/usr/lib/python3/dist-packages/pantalaimon/ui.py", line 29, in 


import notify2
ModuleNotFoundError: No module named 'notify2'


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1023971: pantalaimon: Missing dependency on python3-pydbus

[Val Lorentz]

Package: pantalaimon
Version: 0.9.1-1

Dear maintainers,


When python3-pydbus is not installed, panctl errors with this traceback:

$ panctl
Traceback (most recent call last):
  File "/usr/bin/panctl", line 33, in 
sys.exit(load_entry_point('pantalaimon==0.9.1', 'console_scripts', 
'panctl')())

  File "/usr/bin/panctl", line 25, in importlib_load_entry_point
return next(matches).load()
  File "/usr/lib/python3.9/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
  File "/usr/lib/python3.9/importlib/__init__.py", line 127, in 
import_module

return _bootstrap._gcd_import(name[level:], package, level)
  File "", line 1030, in _gcd_import
  File "", line 1007, in _find_and_load
  File "", line 986, in 
_find_and_load_unlocked

  File "", line 680, in _load_unlocked
  File "", line 790, in exec_module
  File "", line 228, in 
_call_with_frames_removed
  File "/usr/lib/python3/dist-packages/pantalaimon/panctl.py", line 32, 
in 

from pydbus import SessionBus
ModuleNotFoundError: No module named 'pydbus'


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1022925: nheko: Version in bullseye(-backports) is vulnerable to DoS and secret poisoning

[Val Lorentz]

Package: nheko
Version: 0.9.3-2~bpo11+1
Severity: important

Dear maintainers,


Since version 0.9.3 (currently in bullseye-backports), Nheko fix at 
least two major issues:


1. Crash on events with oversized state key, when used with Synapse

https://github.com/Nheko-Reborn/nheko/issues/1172

In particular, because such an event was sent to Nheko's official 
support room (#nheko:nheko.im), it means Nheko is unusable with any 
account joined to that room, showing an endless spinner on startup.


This was fixed in v0.10.1:

* 
https://github.com/Nheko-Reborn/nheko/commit/47189240a219cfe0260463c82cc68aeaaae2f823
* 
https://github.com/Nheko-Reborn/mtxclient/commit/ce47f0b280c7e5241a556d63c518267d5e6b9c1c



2. Secret poisoning (CVE-2022-39264)

https://github.com/Nheko-Reborn/nheko/security/advisories/GHSA-8jcp-8jq4-5mm7

This was fixed in v0.10.2:

* 
https://github.com/Nheko-Reborn/nheko/commit/67bee15a389f9b8a9f6c3a340558d1e2319e7199




Thanks in advance,
Val Lorentz


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1020096: limnoria: FTBFS: AssertionError: True is not false : 'icalc factorial(20000)' errored: Error: ValueError: Exceeds the limit (4300) for integer string conversion

[Val Lorentz]

Hi,

I opened an issue on the upstream bug tracker:
https://github.com/progval/Limnoria/issues/1517


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1001988: webext-treestyletab: "High contrast" theme now has low contrast when using a dark theme

[Val Lorentz]

Package: webext-treestyletab
Version: 3.5.20-1
Severity: minor

Dear maintainers,

I recently upgraded the firefox-esr package from 78.15.0esr-1~deb11u1 to
91.4.1esr-1~deb11u1.

I use Firefox's "Dark" theme in all my Firefox instances. In Firefox
instances where I had treestyletab's "High contrast" theme enabled, the
upgrade changed the color of tab titles from white (on dark grey) to
black (on dark grey), causing the "High contrast" theme to be hard to read.

The other treestyletab themes, "Photon" and "Proton" correctly have text
in white (on dark grey), so this is only a minor issue.

Thank you,
Val Lorentz



OpenPGP_signature
Description: OpenPGP digital signature

Bug#979602: grub2: /boot/grub/i386-pc/ is left empty

[Val Lorentz]

I did install grub2, but the result with grub-pc is the same.

Here is the debug output of grub-install (this time on sdc instead of
sdd) as an attachement. /dev/vg-fluorine/lv-fluorine is the device
mounted on the directory I chroot to.
grub-install: info: executing modprobe efivars 2>/dev/null.
grub-install: info: Looking for /sys/firmware/efi ...
grub-install: info: ... not found.
grub-install: info: Looking for /proc/device-tree ...
grub-install: info: ... not found.
Installing for i386-pc platform.
grub-install: info: cannot open `/boot/grub/device.map': No such file or 
directory.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_rmd160.mod' -> 
`/boot/grub/i386-pc/gcry_rmd160.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_serpent.mod' -> 
`/boot/grub/i386-pc/gcry_serpent.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/probe.mod' -> 
`/boot/grub/i386-pc/probe.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_sha1.mod' -> 
`/boot/grub/i386-pc/gcry_sha1.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/video_bochs.mod' -> 
`/boot/grub/i386-pc/video_bochs.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/minix3_be.mod' -> 
`/boot/grub/i386-pc/minix3_be.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/cbfs.mod' -> 
`/boot/grub/i386-pc/cbfs.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/password_pbkdf2.mod' -> 
`/boot/grub/i386-pc/password_pbkdf2.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/png.mod' -> 
`/boot/grub/i386-pc/png.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/signature_test.mod' -> 
`/boot/grub/i386-pc/signature_test.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/crypto.mod' -> 
`/boot/grub/i386-pc/crypto.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/setpci.mod' -> 
`/boot/grub/i386-pc/setpci.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/minicmd.mod' -> 
`/boot/grub/i386-pc/minicmd.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/usb.mod' -> 
`/boot/grub/i386-pc/usb.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/usbtest.mod' -> 
`/boot/grub/i386-pc/usbtest.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/boot.mod' -> 
`/boot/grub/i386-pc/boot.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/rdmsr.mod' -> 
`/boot/grub/i386-pc/rdmsr.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/geli.mod' -> 
`/boot/grub/i386-pc/geli.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/tftp.mod' -> 
`/boot/grub/i386-pc/tftp.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/cmosdump.mod' -> 
`/boot/grub/i386-pc/cmosdump.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/zfscrypt.mod' -> 
`/boot/grub/i386-pc/zfscrypt.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/affs.mod' -> 
`/boot/grub/i386-pc/affs.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/at_keyboard.mod' -> 
`/boot/grub/i386-pc/at_keyboard.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/setjmp.mod' -> 
`/boot/grub/i386-pc/setjmp.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/usbserial_common.mod' -> 
`/boot/grub/i386-pc/usbserial_common.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_tiger.mod' -> 
`/boot/grub/i386-pc/gcry_tiger.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/macho.mod' -> 
`/boot/grub/i386-pc/macho.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_md5.mod' -> 
`/boot/grub/i386-pc/gcry_md5.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/bswap_test.mod' -> 
`/boot/grub/i386-pc/bswap_test.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_camellia.mod' -> 
`/boot/grub/i386-pc/gcry_camellia.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/lspci.mod' -> 
`/boot/grub/i386-pc/lspci.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/btrfs.mod' -> 
`/boot/grub/i386-pc/btrfs.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/backtrace.mod' -> 
`/boot/grub/i386-pc/backtrace.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/hwmatch.mod' -> 
`/boot/grub/i386-pc/hwmatch.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/memrw.mod' -> 
`/boot/grub/i386-pc/memrw.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/tar.mod' -> 
`/boot/grub/i386-pc/tar.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/part_dfly.mod' -> 
`/boot/grub/i386-pc/part_dfly.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/cbls.mod' -> 
`/boot/grub/i386-pc/cbls.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gcry_md4.mod' -> 
`/boot/grub/i386-pc/gcry_md4.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/cmostest.mod' -> 
`/boot/grub/i386-pc/cmostest.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gptsync.mod' -> 
`/boot/grub/i386-pc/gptsync.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/gfxmenu.mod' -> 
`/boot/grub/i386-pc/gfxmenu.mod'.
grub-install: info: copying `/usr/lib/grub/i386-pc/raid6rec.mod' -> 

Bug#979602: grub2: /boot/grub/i386-pc/ is left empty

[Val Lorentz]

Package: grub2
Version: 2.04-12


Dear maintainers,


I just tried to install a Bullseye system with these commands:

  debootstrap bullseye .
  mount --bind /dev dev
  mount --bind /proc proc
  mount --bind /sys sys
  chroot .

Then, inside the chroot:

  apt install grub2
  grub-install /dev/sdd
  update-grub


Then unmounting everything and booting on the disk just created, I get this:

  file /boot/grub/i386-pc/normal.mod not found

and /boot/grub/i386-pc/ is indeed empty.


Running the exact same commands with "buster" instead of "bullseye" on
the first line causes /boot/grub/i386-pc/ to be non-empty.


In both cases, the whole filesystem is on a single LVM logical volume on
/dev/sdd1 (no separate partition for /boot)


Val



OpenPGP_signature
Description: OpenPGP digital signature

Bug#971897: python3-gpiozero: Missing dependency/recommend on python3-pkg-resources

[Val Lorentz]

Package: python3-gpiozero
Version: 1.4.1-1.1


Dear maintainer,

python3-gpiozero contains a "pinout" script, that crashes if
python3-pkg-resources is not installed:

$ pinout
Traceback (most recent call last):
  File "/usr/bin/pinout", line 6, in 
from pkg_resources import load_entry_point
ModuleNotFoundError: No module named 'pkg_resources'


Best regards,
Val

Bug#961481: ceph: Protocol incompatibility between armhf and amd64

[Val Lorentz]

Thanks for the tip.

I just tried downgrading an OSD (armhf) and a monitor (amd64) to
14.2.7-1~bpo10+1 using http://snapshot.debian.org/ ; but they are still
unable to communicate ("failed decoding of frame header:
buffer::bad_alloc").

So this might be a different issue, although related.

Bug#961481: ceph: Protocol incompatibility between armhf and amd64

[Val Lorentz]

Package: ceph
Version: 14.2.9-1~bpo10+1

Dear maintainers,

I run a cluster made of armhf and amd64 OSDs, and amd64 monitors and
manager.

I recently updated my cluster from Luminous (12, in buster) to Nautilus
(14, in buster-backports), following the instructions here:
https://docs.ceph.com/docs/master/releases/nautilus/#upgrading-from-mimic-or-luminous

At some point (and after hot-fixing for #956293 on armhf machines), I
noticed something was off, as my OSDs kept flipping between up and down,
with all machines of one arch up and the others down.

Eventually, the armhf went down definitively down (in the monitors'
view). (This might be when I enabled msgr2, but I do not remember the
exact timing.)

Starting one of the armhf OSDs causes this kind of line to appear in
monitors' logs:

2020-05-25 02:07:55.681 7f142df5b700 -1 --2-
[v2:[fdfc:0:0:2::e]:3300/0,v1:[fdfc:0:0:2::e]:6789/0] >>
conn(0x55f003781a80 0x55f004589b80 unknown :-1 s=HELLO_ACCEPTING pgs=0
cs=0 l=0 rx=0 tx=0).run_continuation failed decoding of frame header:
buffer::bad_alloc


Moving the disk and config from an armhf to an arm64 machine fixes the
issue.

Bug#948467: python3-feedparser: Handling of invalid XHTML differs from upstream package

[Val Lorentz]

Package: python3-feedparser
Version: 5.2.1-1
Severity: normal


Dear maintainer(s),

The attached script uses feedparser to parse an invalid XHTML document.

If feedparser is installed from PyPI with pip, then the script succeeds
exists without error.

If feedparser is installed from Debian 10 repositories (or Archlinux, I
am told), it errors with: "TypeError: startswith first arg must be bytes
or a tuple of bytes, not str" (full traceback attached).

In all cases, feedparser 5.2.1 is used (5.2.1-1 on Debian).


I did not investigate further, but this might be caused by a different
version of sgmllib (bundled in Debian's python3-feedparser package)



-- System Information:
Debian Release: 10.2
  APT prefers oldstable-debug
  APT policy: (500, 'oldstable-debug'), (500, 'stable'), (500,
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: armhf

Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_DIE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-feedparser depends on:
ii  python3  3.7.3-1

python3-feedparser recommends no packages.

python3-feedparser suggests no packages.

-- no debconf information
import feedparser

data = '''


 


 

 


 


'''

feedparser.parse(data)
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/feedparser_debian/sgmllib3.py", line 
352, in finish_endtag
method = getattr(self, 'end_' + tag)
AttributeError: '_LooseFeedParser' object has no attribute 'end_content'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "feedparser_invalid_xhtml.py", line 19, in 
feedparser.parse(data)
  File "/usr/lib/python3/dist-packages/feedparser.py", line 3972, in parse
feedparser.feed(data.decode('utf-8', 'replace'))
  File "/usr/lib/python3/dist-packages/feedparser.py", line 2131, in feed
sgmllib.SGMLParser.feed(self, data)
  File "/usr/lib/python3/dist-packages/feedparser_debian/sgmllib3.py", line 98, 
in feed
self.goahead(0)
  File "/usr/lib/python3/dist-packages/feedparser_debian/sgmllib3.py", line 
137, in goahead
k = self.parse_endtag(i)
  File "/usr/lib/python3/dist-packages/feedparser_debian/sgmllib3.py", line 
314, in parse_endtag
self.finish_endtag(tag)
  File "/usr/lib/python3/dist-packages/feedparser_debian/sgmllib3.py", line 
354, in finish_endtag
self.unknown_endtag(tag)
  File "/usr/lib/python3/dist-packages/feedparser.py", line 704, in 
unknown_endtag
method()
  File "/usr/lib/python3/dist-packages/feedparser.py", line 1840, in 
_end_content
value = self.popContent('content')
  File "/usr/lib/python3/dist-packages/feedparser.py", line 1011, in popContent
value = self.pop(tag)
  File "/usr/lib/python3/dist-packages/feedparser.py", line 863, in pop
if piece.startswith('

Bug#923715: ceph-osd: missing systemd service in package: ceph-volume@.service

[Val Lorentz]

Hi,

I usually use the debian packages provided by Ceph [1], but recently
tried the package provided by Debian in stretch-backports (because
upstream does not provide packages for armhf).

[1] http://docs.ceph.com/docs/master/install/get-packages/

I confirm that the ceph-osd package in Debian indeed lacks this systemd
unit, while the upstream package does not; and manually writing it fixes
the issue.

Best regards,
Val



signature.asc
Description: OpenPGP digital signature

Bug#896430: python3: pip3 segfaults when cffi is installed with pip while python3-openssl is installed

[Val Lorentz]

Package: python3
Version: 3.5.3-1

Dear maintainers,

Excuse me if I did not file this bug against the right package; but it
involves three different packages.


I noticed a segfault in pip while installing some program with a huge
set of dependencies. I managed to narrow it down to the cffi package.


Here is how to reproduce the bug on a computer with Stretch installed (I
did not try other Debian versions):

debootstrap stretch chroot/
mount --bind /dev chroot/dev/ # for networking
chroot chroot/
apt install python3 python3-pip python3-openssl
adduser tmp
su tmp
pip3 install --user cffi
pip3 install --user cffi

This causes the *second* call to pip3 to segfault while it is shutting
down (I found other instances of that segfault while a program is
running, but it is harder to reproduce).
You may note that if python3-openssl is not installed, then there is no
segfault.

Here is the valgrind output corresponding to that segfault (this output
is sometimes a bit different):

==25001== Invalid read of size 1
==25001==at 0x25F194: visit_decref (gcmodule.c:373)
==25001==by 0x2E1464: dict_traverse.lto_priv.170 (dictobject.c:2570)
==25001==by 0x264012: subtract_refs (gcmodule.c:398)
==25001==by 0x264012: collect (gcmodule.c:951)
==25001==by 0x35A03C: collect_with_callback (gcmodule.c:1119)
==25001==by 0x35A0A0: PyGC_Collect (gcmodule.c:1583)
==25001==by 0x35D11B: Py_Finalize (pylifecycle.c:567)
==25001==by 0x35D217: Py_Exit (pylifecycle.c:1465)
==25001==by 0x35D2FD: handle_system_exit (pythonrun.c:602)
==25001==by 0x35D365: PyErr_PrintEx (pythonrun.c:612)
==25001==by 0x38BE79: RunModule (main.c:210)
==25001==by 0x38C71E: Py_Main (main.c:709)
==25001==by 0x21CC00: main (python.c:65)
==25001==  Address 0xa9 is not stack'd, malloc'd or (recently) free'd

I did some debugging with gdb, and the "op" object in visit_decref
(gcmodule.c:373) has an ob_type set to NULL.

Unfortunately, because of the compilation optimizations, I was unable to
get more information.

Best regards,
Val



signature.asc
Description: OpenPGP digital signature

Bug#858572: [Pkg-raspi-maintainers] Bug#858572: raspi3-firmware: Typo in config.txt's initramfs directive prevents boot

[Val Lorentz]

Nevermind.
Any combination of {.deb's firmware,
https://github.com/Hexxeh/rpi-firmware} and {space, equal sign} work; I
must have messed up somewhere when doing my tests yesterday.

Could you close this bug report?



signature.asc
Description: OpenPGP digital signature

Bug#858572: [Pkg-raspi-maintainers] Bug#858572: raspi3-firmware: Typo in config.txt's initramfs directive prevents boot

[Val Lorentz]

On 23/03/2017 23:14, Michael Stapelberg wrote:
> Not sure I understand the reasoning. You’re maintaining a build script
> (which isn’t packaged in Debian, I assume) so that you don’t have to use
> the result of our build script (which aims to be packaged in Debian
> eventually)?

Yes, because your build script was not public when I started working on
mine.

> Most of the files in
> https://people.debian.org/~stapelberg/raspberrypi3/2017-03-22/ are not yet
> packaged (but will eventually be), so yes.

Oh, that's new. I did not know about that subdir when I opened the bug.
And it has a build script now, so I will likely use yours from now on.

> The package hasn’t been built yet, if I interpret
> https://buildd.debian.org/status/package.php?p=raspi3-firmware=experimental
> correctly. You can get a pre-built version from
> https://people.debian.org/~stapelberg/raspberrypi3/2017-03-22/, or build
> one yourself (the source is in experimental).

Cool, thanks.



signature.asc
Description: OpenPGP digital signature

Bug#858572: [Pkg-raspi-maintainers] Bug#858572: raspi3-firmware: Typo in config.txt's initramfs directive prevents boot

[Val Lorentz]

On 23/03/2017 22:42, Michael Stapelberg wrote:
> • The space is intentional. This is how the option is parsed.

Why is it an equal sign for other options, but not for this one?

> • The preview image referenced at https://wiki.debian.org/RaspberryPi3 boots
> for me. Are you using the preview image?

No, because I prefer to limit the number of binary downloads outside
Debian's repo.
So instead I'm writing my own build script based on
https://github.com/niklasf/build-raspbian-image

> Are you using it on a Raspberry Pi 3 (no other version is supported)?

Yes.

> The raspi3-firmware package is supposed to be used with the preview image.

Is there anything in the preview image that is not available in a Debian
package in the official repos?

> • You’re reporting a bug against an older version of the firmware package.
> Why? The latest 2017-03-22 preview image uses the 1.20170317-3 firmware
> package.

The version in Debian's repos is 1.20161123-2, and I can't find
1.20170317-3 anywhere
(https://packages.debian.org/experimental/raspi3-firmware is a 404).

However, bootcode.bin, fixup*.dat, and start*.elf are installed using
https://github.com/Hexxeh/rpi-update after raspi3-firmware, so the issue
may come from them being are newer than those in raspi3-firmware.

I will try soon to build an image without rpi-update and tell you what
happens.



signature.asc
Description: OpenPGP digital signature

Bug#845058: [Pkg-fonts-devel] Bug#845058: fonts-noto: Installing the package freezes all graphical applications.

[Val Lorentz]

Running `fc-cache -fs` before installing fonts-noto took only a few seconds.

Installing fonts-noto while not being logged in worked, thanks.

On 20/11/2016 00:10, Norbert Preining wrote:
> On Sat, 19 Nov 2016, Valentin Lorentz wrote:
>> killall fc-cache
> 
> fc-cache might run for quite some time and occupy lots of resources.
> I suggest updating the cache once before installing the fonts with
>   fc-cache -fs
> (as root!), and then installing the font while not being logged in,
> or mousepad has been closed.
> 
> Norbert
> 
> --
> PREINING Norbert + TeX Live & Debian Developer + http://www.preining.info
> GPG: 0x860CDC13fp: F7D8 A928 26E3 16A1 9FA0  ACF0 6CAC A448 860C DC13
> 



signature.asc
Description: OpenPGP digital signature

Bug#835629: [pkg-gnupg-maint] Bug#835629: gnupg2: “unsafe ownership” is based on uid instead of euid

[Val Lorentz]

On 30/08/2016 10:16, Daniel Kahn Gillmor wrote:
> Is the goal to allow the use of specific secret keys?  if so, maybe what
> you really want is a forwarded gpg-agent or something?

Yes, that's what I am trying to do, but I can't find any way that fits
my needs (no ssh, and an X11 dialog to ask for confirmation)

The keywords “forwarded gpg-agent” brings more relevant results in my
search engine, I'll look at them, thanks.

Bug#834950: limnoria: FTBFS when using eatmydata

[Val Lorentz]

On 20/08/2016 22:45, Santiago Vila wrote:
> AFAIK, it's the dynamic linker (ld.so) who shows the error, not ping
> itself.

Probably because ping uses setuid.
http://stackoverflow.com/a/11148167/539465

> Could maybe the test suite discard all lines from stderr containing
> the string "libeatmydata.so" before checking if it's empty o not?

Actually, it's the main code which raises the error, and I don't like
the idea of adding a special case for this.

However, this would fix your problem if it gets merged:
https://sourceware.org/bugzilla/show_bug.cgi?id=20172
And Limnoria would not even need to be patched, as environment variables
for the subprocess are inherited.


An other possibility would be to add an option to tell the test suite to
skip tests which use setuid binaries.
This feature could also be useful in some other contexts, for instance
on environment which forbid setuid executables (like Travis CI, although
it whitelisted ping since)



signature.asc
Description: OpenPGP digital signature

Bug#831359: opendkim: Starting OpenDKIM: install: invalid group ‘’

[Val Lorentz]

Indeed, I made a mistake when upgrading /etc/default/opendkim.
Everything works fine now, sorry for the inconvenience.

On 15/07/2016 03:02, Scott Kitterman wrote:
> On Friday, July 15, 2016 12:09:46 AM Valentin Lorentz wrote:
>> Package: opendkim
>> Version: 2.10.3-5
>> Severity: grave
>>
>> Dear maintainer,
>>
>> After a recent upgrade of my system, I get this whenever I try to start
>> opendkim (including when run by dpkg while configuring it):
>>
>> root@Hydrogen:~# LANG=C /etc/init.d/opendkim start
>> Starting OpenDKIM: install: invalid group ‘’
>>
>> I believe the issue lies in the init script: if $RUNDIR does not exist,
>> then this command is run:
>>
>> install -o "$USER" -g "$GROUP" -m 755 -d "$RUNDIR"
>>
>> with $GROUP defined like this:
>>
>> GROUP=$GROUP
>>
>> But $GROUP does not exist prior to the line.
> 
> First, downgrading to important since this does not apply to users of the 
> default Debian init system.
> 
> Second, /etc/default/opendkim is sourced before that line in the init script 
> and the current version of the defaults file has GROUP defined, so it does.
> 
> Please check the contents of /etc/default/opendkim.  The last part of it 
> should look like:
> 
> USER=opendkim
> GROUP=opendkim
> PIDFILE=$RUNDIR/$NAME.pid
> EXTRAAFTER=
> 
> If it's not there, when the package was upgraded your system (either manually 
> or automatically, depending on how it is configured), kept the old version.  
> If you add those at the bottom of the file and restart, it should work.
> 
> If it is there, then there's a bug that needs investigating.  I don't have 
> any 
> Testing/Unstable systems using the init script, so I may need help with 
> testing.
> 
> Scott K
> 



signature.asc
Description: OpenPGP digital signature

Bug#813340: rhythmbox-ampache: KeyError when selecting the tab

[Val Lorentz]

Package: rhythmbox-ampache
Version: 0.11.1+svn43-1
Severity: grave
Tags: upstream

Dear maintainer,

rhythmbox-ampache crashes with this error:

Traceback (most recent call last):
  File "/usr/lib/rhythmbox/plugins/ampache/AmpacheBrowser.py", line 542,
in handshake_cb
handshake['update'][0:18],
KeyError: 'update'

I added some print statement, and here is the content of “handshake”:
{'error': 'Unauthorized access attempt to API - ACL Error',
 'root': 'Unauthorized access attempt to API - ACL Error\n'}

Steps to reproduce:

1. load rhythmbox-ampache from the plugins dialog
2. configure a server's URL and login
3. click the “ampache” tab of Rhythmbox

I checked my login and password, they are correct; and the server allows
stream access (I left the default config).

Server version: 3.6-rzb2752+dfsg-5 (in Jessie)


Regards,
Val




signature.asc
Description: OpenPGP digital signature

Bug#795976: sphinx: please make the build reproducible (timestamps, randomness)

[Val Lorentz]

Hi,

I can't reproduce the unreproducibility on my computer.

However, reading debian/rules, I think setting PYTHONHASHSEED=0 when
calling dh_sphinxdoc should work. Actually, modifying dh_sphinxdoc to
set this variable may be better (in case someone copy-pastes it to their
own package).

If it does not work, try the attached package.


On 25/08/2015 14:13, Dmitry Shachnev wrote:
 Hi Val,
 
 Looks like my latest upload is still not reproducible: the debbindiff [1]
 reports differing contents of searchindex.js.
 
 Do you know if this can be fixed by yet another PYTHONHASHSEED=0 setting,
 or this is more complicate?
 
 [1]: 
 https://reproducible.debian.net/dbd/unstable/amd64/sphinx_1.3.1-5.debbindiff.html
 
 --
 Dmitry Shachnev
 
diff -u -r sphinx-1.3.1.old/sphinx/search/__init__.py sphinx-1.3.1/sphinx/search/__init__.py
--- sphinx-1.3.1.old/sphinx/search/__init__.py	2015-08-25 12:52:11.119163557 +
+++ sphinx-1.3.1/sphinx/search/__init__.py	2015-08-25 13:11:28.671207670 +
@@ -259,9 +259,9 @@
 rv = {}
 otypes = self._objtypes
 onames = self._objnames
-for domainname, domain in iteritems(self.env.domains):
+for domainname, domain in sorted(iteritems(self.env.domains)):
 for fullname, dispname, type, docname, anchor, prio in \
-domain.get_objects():
+sorted(domain.get_objects()):
 # XXX use dispname?
 if docname not in fn2index:
 continue



signature.asc
Description: OpenPGP digital signature

Bug#796335: nasm: please make the build reproducible (timestamps)

[Val Lorentz]

Source: nasm
Version: 2.11.06-1really2.11.05-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that nasm could not be built reproducibly.

The attached patch removes extra timestamps from the build system.
Once applied, and after an issue with Ghostscript [2] is fixed, nasm can
be built reproducibly in our current experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds
 [2]: https://wiki.debian.org/ReproducibleBuilds/PdfGeneratedByGhostscript

Regards,
Valentin
--- nasm-2.11.06-1really2.11.05.orig/nasm.c
+++ nasm-2.11.06-1really2.11.05/nasm.c
@@ -637,8 +637,8 @@ struct textargs textopts[] = {
 
 static void show_version(void)
 {
-printf(NASM version %s compiled on %s%s\n,
-   nasm_version, nasm_date, nasm_compile_options);
+printf(NASM version %s%s\n,
+   nasm_version, nasm_compile_options);
 exit(0);
 }
 
--- nasm-2.11.06-1really2.11.05.orig/nasm.h
+++ nasm-2.11.06-1really2.11.05/nasm.h
@@ -1183,7 +1183,6 @@ extern int maxbits; /* max b
  * NASM version strings, defined in ver.c
  */
 extern const char nasm_version[];
-extern const char nasm_date[];
 extern const char nasm_compile_options[];
 extern const char nasm_comment[];
 extern const char nasm_signature[];
--- nasm-2.11.06-1really2.11.05.orig/ndisasm.c
+++ nasm-2.11.06-1really2.11.05/ndisasm.c
@@ -118,8 +118,8 @@ int main(int argc, char **argv)
 case 'r':
 case 'v':
 fprintf(stderr,
-NDISASM version %s compiled on %s\n,
-			nasm_version, nasm_date);
+NDISASM version %s\n,
+			nasm_version);
 return 0;
 case 'u':	/* -u for -b 32, -uu for -b 64 */
 		if (bits  64)
--- nasm-2.11.06-1really2.11.05.orig/ver.c
+++ nasm-2.11.06-1really2.11.05/ver.c
@@ -36,7 +36,6 @@
 
 /* This is printed when entering nasm -v */
 const char nasm_version[] = NASM_VER;
-const char nasm_date[] = __DATE__;
 const char nasm_compile_options[] = 
 #ifdef DEBUG
  with -DDEBUG


signature.asc
Description: OpenPGP digital signature

Bug#795976: sphinx: please make the build reproducible (timestamps, randomness)

[Val Lorentz]

On 19/08/2015 20:07, Dmitry Shachnev wrote:
 * Will you forward the upstream part to upstream, or should I do that?
   It is a simple as a pull request to https://github.com/sphinx-doc/sphinx.

I will do it.

 * The PYTHONHASHSEED setting in debian/rules was there for purpose
   (needed to make sure tests pass with it, as there was a bug in earlier
   versions when they didn't). Is it possible to keep the old value?
   Maybe you can use something else than builtin hash()?

   If it's impossible, then debian/rules should set PYTHONHASHSEED=random
   explicitly when running tests.

I haven't tried, and I wouldn't rely on a hash function written myself.

Another solution would be to keep PYTHONHASHSEED=random globally and set
PYTHONHASHSEED=0 only when generating the grammar.



signature.asc
Description: OpenPGP digital signature

Bug#795976: sphinx: please make the build reproducible (timestamps, randomness)

[Val Lorentz]

Source: sphinx
Version: 1.3.1-4
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps randomness
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that sphinx could not be built reproducibly.

The attached patch removes build timestamp from the output
documentation, makes domains sorted in HTML documentation, and makes
generated automata (and their pickle dump) deterministic. Once applied,
sphinx (and packages using sphinx) can be built reproducibly in our
current experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds

Regards,
Val
diff -ru sphinx-1.3.1.old/debian/rules sphinx-1.3.1/debian/rules
--- sphinx-1.3.1.old/debian/rules	2015-08-17 17:41:44.55734 +
+++ sphinx-1.3.1/debian/rules	2015-08-18 12:26:01.040804815 +
@@ -3,11 +3,14 @@
 
 include /usr/share/python/python.mk
 
+export SOURCE_DATE_EPOCH = $(shell date -d $$(dpkg-parsechangelog --count 1 -SDate) +%s)
 export NO_PKG_MANGLE=1
 export PYTHONWARNINGS=d
-export PYTHONHASHSEED=random
 export http_proxy=http://127.0.0.1:9/
 
+# For deterministic pickling
+export PYTHONHASHSEED=0
+
 here = $(dir $(firstword $(MAKEFILE_LIST)))/..
 debian_version = $(word 2,$(shell cd $(here)  dpkg-parsechangelog | grep ^Version:))
 upstream_version = $(subst ~,,$(firstword $(subst -, ,$(debian_version
diff -ru sphinx-1.3.1.old/setup.py sphinx-1.3.1/setup.py
--- sphinx-1.3.1.old/setup.py	2015-08-17 17:41:44.55734 +
+++ sphinx-1.3.1/setup.py	2015-08-18 11:41:20.0 +
@@ -162,7 +162,7 @@
 messages=jscatalog,
 plural_expr=catalog.plural_expr,
 locale=str(catalog.locale)
-), outfile)
+), outfile, sort_keys=True)
 outfile.write(');')
 finally:
 outfile.close()
diff -ru sphinx-1.3.1.old/sphinx/builders/html.py sphinx-1.3.1/sphinx/builders/html.py
--- sphinx-1.3.1.old/sphinx/builders/html.py	2015-08-17 17:41:44.56534 +
+++ sphinx-1.3.1/sphinx/builders/html.py	2015-08-17 19:46:48.0 +
@@ -824,7 +824,7 @@
  u'# The remainder of this file is compressed using zlib.\n'
  % (self.config.project, self.config.version)).encode('utf-8'))
 compressor = zlib.compressobj(9)
-for domainname, domain in iteritems(self.env.domains):
+for domainname, domain in sorted(self.env.domains.items()):
 for name, dispname, type, docname, anchor, prio in \
 sorted(domain.get_objects()):
 if anchor.endswith(name):
diff -ru sphinx-1.3.1.old/sphinx/pycode/pgen2/pgen.py sphinx-1.3.1/sphinx/pycode/pgen2/pgen.py
--- sphinx-1.3.1.old/sphinx/pycode/pgen2/pgen.py	2015-08-17 17:41:44.56134 +
+++ sphinx-1.3.1/sphinx/pycode/pgen2/pgen.py	2015-08-18 12:06:30.0 +
@@ -4,6 +4,7 @@
 from __future__ import print_function
 
 from six import iteritems
+from collections import OrderedDict
 
 # Pgen imports
 
@@ -57,7 +58,7 @@
 def make_first(self, c, name):
 rawfirst = self.first[name]
 first = {}
-for label in rawfirst:
+for label in sorted(rawfirst):
 ilabel = self.make_label(c, label)
 ##assert ilabel not in first # X X X failed on  ... !=
 first[ilabel] = 1
@@ -138,8 +139,8 @@
 totalset[label] = 1
 overlapcheck[label] = {label: 1}
 inverse = {}
-for label, itsfirst in iteritems(overlapcheck):
-for symbol in itsfirst:
+for label, itsfirst in sorted(overlapcheck.items()):
+for symbol in sorted(itsfirst):
 if symbol in inverse:
 raise ValueError(rule %s is ambiguous; %s is in the
   first sets of %s as well as %s %
@@ -349,6 +350,9 @@
 assert isinstance(next, NFAState)
 self.arcs.append((label, next))
 
+def __hash__(self):
+return hash(tuple(x[0] for x in self.arcs))
+
 class DFAState(object):
 
 def __init__(self, nfaset, final):
@@ -357,7 +361,10 @@
 assert isinstance(final, NFAState)
 self.nfaset = nfaset
 self.isfinal = final in nfaset
-self.arcs = {} # map from label to DFAState
+self.arcs = OrderedDict() # map from label to DFAState
+
+def __hash__(self):
+return hash(tuple(self.arcs))
 
 def addarc(self, next, label):
 assert isinstance(label, str)


signature.asc
Description: OpenPGP digital signature

Bug#795997: python-babel: please make the build reproducible (timestamps, locale)

[Val Lorentz]

Source: python-babel
Version: 1.3+dfsg.1-5
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps locale
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that python-babel could not be built reproducibly.

The attached patch makes build timestamp independent from the timezone
and remove the name of the build system locale from the documentation.
It also fixes the documentation, which claims the default value of some
function parameters are the build system locale, whereas it is the
locale of the user running python-babel.

Once applied, python-babel can be built reproducibly in our current
experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds

Regards,
Val
diff -ru python-babel-1.3+dfsg.1.old/debian/rules python-babel-1.3+dfsg.1/debian/rules
--- python-babel-1.3+dfsg.1.old/debian/rules	2015-08-17 16:11:42.085139669 +
+++ python-babel-1.3+dfsg.1/debian/rules	2015-08-18 14:08:43.901039679 +
@@ -1,5 +1,8 @@
 #!/usr/bin/make -f
 
+export LC_TIME=C
+export LANGUAGE=C
+
 PYTHONS:=$(shell pyversions -vr)
 PYTHON3S:=$(shell py3versions -vr)
 
@@ -57,6 +60,7 @@
 	sphinx-build docs docs/_build
 	dh_installdocs -O--buildsystem=python_distutils
 	mkdir -p debian/python-babel-doc/usr/share/doc/python-babel-doc/html
+	sed -i s/locale='en_US_POSIX'/locale=[system locale]/g docs/_build/*/*.html
 	cp -auxf docs/_build/* debian/python-babel-doc/usr/share/doc/python-babel-doc/html
 
 override_dh_sphinxdoc:


signature.asc
Description: OpenPGP digital signature

Bug#795826: epydoc: Please hide memory references in the output

[Val Lorentz]

Source: epydoc
Version: 3.0.1+dfsg-11
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that epydoc uses repr() on objects that don't always override the
default one. As a consequence, the documentation shows memory references
on the build system, eg. module.Foo instance at 0x7f3aff4299e0

The attached patch detects objects with no overriding of __repr__ and
provides a fallback that does not show the reference. Once applied, more
packages using epydoc will be buildable reproducibly in our current
experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds

Regards,
Val
diff -u -r epydoc-3.0.1+dfsg.old/epydoc/markup/pyval_repr.py epydoc-3.0.1+dfsg/epydoc/markup/pyval_repr.py
--- epydoc-3.0.1+dfsg.old/epydoc/markup/pyval_repr.py	2015-08-16 18:57:38.152484836 +
+++ epydoc-3.0.1+dfsg/epydoc/markup/pyval_repr.py	2015-08-16 21:11:09.520790145 +
@@ -207,9 +207,17 @@
 self._colorize_re(pyval, state)
 else:
 try:
-pyval_repr = repr(pyval)
-if not isinstance(pyval_repr, (str, unicode)):
-pyval_repr = unicode(pyval_repr)
+pyval_class = pyval.__class__
+if hasattr(pyval, '__repr__') and \
+pyval_class.__repr__ is not object.__repr__:
+pyval_repr = repr(pyval)
+if not isinstance(pyval_repr, (str, unicode)):
+pyval_repr = unicode(pyval_repr)
+else:
+# pyval has a default repr(), which would leak
+# a reference to the object
+pyval_repr = '%s.%s object' % (
+pyval_class.__module__, pyval_class.__name__)
 pyval_repr_ok = True
 except KeyboardInterrupt:
 raise


signature.asc
Description: OpenPGP digital signature

Bug#795826: [Reproducible-builds] Bug#795826: epydoc: Please hide memory references in the output

[Val Lorentz]

Updated patch, which also takes care of not calling default __repr__ on
functions.
diff -u -r epydoc-3.0.1+dfsg.old/epydoc/markup/pyval_repr.py epydoc-3.0.1+dfsg/epydoc/markup/pyval_repr.py
--- epydoc-3.0.1+dfsg.old/epydoc/markup/pyval_repr.py	2015-08-16 18:57:38.152484836 +
+++ epydoc-3.0.1+dfsg/epydoc/markup/pyval_repr.py	2015-08-17 09:31:08.384223756 +
@@ -207,9 +207,18 @@
 self._colorize_re(pyval, state)
 else:
 try:
-pyval_repr = repr(pyval)
-if not isinstance(pyval_repr, (str, unicode)):
-pyval_repr = unicode(pyval_repr)
+pyval_class = pyval.__class__
+if hasattr(pyval, '__repr__') and \
+pyval_class.__repr__ is not object.__repr__ and \
+pyval_class.__repr__ is not types.FunctionType.__repr__:
+pyval_repr = repr(pyval)
+if not isinstance(pyval_repr, (str, unicode)):
+pyval_repr = unicode(pyval_repr)
+else:
+# pyval has a default repr(), which would leak
+# a reference to the object
+pyval_repr = '%s.%s object' % (
+pyval_class.__module__, pyval_class.__name__)
 pyval_repr_ok = True
 except KeyboardInterrupt:
 raise


signature.asc
Description: OpenPGP digital signature

Bug#795835: epydoc: Please use (deterministic) sorting for module and class trees

[Val Lorentz]

Source: epydoc
Version: 3.0.1+dfsg-11
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that class trees written by epydoc list classes in an order that varies
across builds.

The attached patch uses a total order on classes (orders on class name,
then module, then package, then parent package, etc.) instead of a
partial one (only class name).
It also added ordering for modules.

Once applied, more packages using epydoc can be built reproducibly in
our current experimental framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds

Regards,
Val
diff -u -r epydoc-3.0.1+dfsg.old/epydoc/docwriter/html.py epydoc-3.0.1+dfsg/epydoc/docwriter/html.py
--- epydoc-3.0.1+dfsg.old/epydoc/docwriter/html.py	2015-08-16 18:57:38.152484836 +
+++ epydoc-3.0.1+dfsg/epydoc/docwriter/html.py	2015-08-17 09:59:14.756288022 +
@@ -404,6 +404,7 @@
 imports=False, packages=False, bases=False, submodules=False, 
 subclasses=False, private=self._show_private))
 self.module_list = [d for d in valdocs if isinstance(d, ModuleDoc)]
+self.module_list.sort(key=lambda x:(x.filename, x.path))
 The list of L{ModuleDoc}s for the documented modules.
 self.module_set = set(self.module_list)
 The set of L{ModuleDoc}s for the documented modules.
@@ -1012,7 +1013,8 @@
 #class_set.add(base)
  
 out('ul class=nomargin-top\n')
-for doc in sorted(class_set, key=lambda c:c.canonical_name[-1]):
+sort_key = lambda c:tuple(reversed(c.canonical_name))
+for doc in sorted(class_set, key=sort_key):
 if doc.bases != UNKNOWN and len(doc.bases)==0:
 self.write_class_tree_item(out, doc, class_set)
 out('/ul\n')
@@ -2817,7 +2819,8 @@
  # endif
  if doc.subclasses:
 ul
-   for subclass in sorted(set(doc.subclasses), key=lambda c:c.canonical_name[-1]):
+   sort_key = lambda c:tuple(reversed(c.canonical_name))
+   for subclass in sorted(set(doc.subclasses), key=sort_key):
  if subclass in class_set:
self.write_class_tree_item(out, subclass, class_set)
  #endif



signature.asc
Description: OpenPGP digital signature

Bug#795861: fakeroot: please make the build reproducible (timestamps, fileordering)

[Val Lorentz]

Source: fakeroot
Version: 1.20.2-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps fileordering
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that fakeroot could not be built reproducibly.

The attached patch removes build time from the output package by setting
the mtime of all files to the time of the last changelog entry. Once
applied, fakeroot can be built reproducibly in our current experimental
framework.

 [1]: https://wiki.debian.org/ReproducibleBuilds

Regards,
Val
diff -ru fakeroot-1.20.2.old/debian/rules fakeroot-1.20.2/debian/rules
--- fakeroot-1.20.2.old/debian/rules	2014-10-05 15:16:07.0 +
+++ fakeroot-1.20.2/debian/rules	2015-08-17 13:26:00.484760799 +
@@ -1,5 +1,6 @@
 #!/usr/bin/make -f
 
+BUILD_DATE = $(shell dpkg-parsechangelog -SDate)
 DEB_BUILD_GNU_TYPE = $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
 DEB_HOST_GNU_TYPE = $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
 ifeq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
@@ -150,6 +151,7 @@
 	chown root:root debian/fakeroot/DEBIAN/control debian/libfakeroot/DEBIAN/control
 	cd debian/fakeroot  find * -type f ! -regex '^DEBIAN/.*' -print0 | xargs -r0 md5sum  DEBIAN/md5sums
 	cd debian/libfakeroot  find * -type f ! -regex '^DEBIAN/.*' -print0 | xargs -r0 md5sum  DEBIAN/md5sums
+	find debian/ -depth -newermt '$(BUILD_DATE)' -print0 | xargs -0r touch --no-dereference --date='$(BUILD_DATE)'
 	dpkg-deb --build debian/fakeroot ..
 	dpkg-deb --build debian/libfakeroot ..
 



signature.asc
Description: OpenPGP digital signature

Bug#794603: Acknowledgement (xchat: please make the build reproducible (timestamps, randomness))

[Val Lorentz]

I have been told that dh_strip_nondeterminism should be called even with
with “nostrip” because it does not strip symbols.

So here is an updated patch (to apply in replacement of the first one).
diff -ru xchat-2.8.8.orig/debian/control xchat-2.8.8/debian/control
--- xchat-2.8.8.orig/debian/control	2015-08-04 18:38:25.271425177 +
+++ xchat-2.8.8/debian/control	2015-08-04 19:20:18.931512526 +
@@ -4,7 +4,7 @@
 Maintainer: Davide Puricelli (evo) e...@debian.org
 Uploaders: Bart Martens ba...@debian.org
 Standards-Version: 3.8.4.0
-Build-Depends: debhelper (= 5), bison, libssl-dev, libglib2.0-dev, libgtk2.0-dev (= 2.0.6), libperl-dev, gettext (= 0.10.37), libtool, zlib1g-dev, perl (= 5.8), python-dev, tcl-dev, autotools-dev, libdbus-glib-1-dev, libgtkspell-dev, gconf2, dpkg-dev (= 1.13.19), libsexy-dev, chrpath, imagemagick, autoconf
+Build-Depends: debhelper (= 5), bison, libssl-dev, libglib2.0-dev, libgtk2.0-dev (= 2.0.6), libperl-dev, gettext (= 0.10.37), libtool, zlib1g-dev, perl (= 5.8), python-dev, tcl-dev, autotools-dev, libdbus-glib-1-dev, libgtkspell-dev, gconf2, dpkg-dev (= 1.13.19), libsexy-dev, chrpath, imagemagick, autoconf, dh-strip-nondeterminism
 Homepage: http://www.xchat.org/
 
 Package: xchat
--- xchat-2.8.8.orig/debian/rules	2015-08-04 18:38:25.271425177 +
+++ xchat-2.8.8/debian/rules	2015-08-04 20:22:48.147642811 +
@@ -90,6 +90,7 @@
 ifeq $(findstring nostrip,$(DEB_BUILD_OPTIONS)) 
 	dh_strip -pxchat
 endif	
+	dh_strip_nondeterminism -pxchat
 	dh_compress -pxchat
 	dh_fixperms -pxchat
 	dh_installdeb -pxchat
diff -ru xchat-2.8.8.orig/src/fe-gtk/about.c xchat-2.8.8/src/fe-gtk/about.c
--- xchat-2.8.8.orig/src/fe-gtk/about.c	2015-08-04 18:38:25.267425176 +
+++ xchat-2.8.8/src/fe-gtk/about.c	2015-08-04 19:28:08.0 +
@@ -55,7 +55,6 @@
 
 	(snprintf) (buf, sizeof (buf),
  An IRC Client for UNIX.\n\n
- This binary was compiled on __DATE__\n
  Using GTK %d.%d.%d X %d\n
  Running on %s,
  gtk_major_version, gtk_minor_version, gtk_micro_version,
@@ -126,7 +125,7 @@
 #else
 bRenderer/b: %s\n
 #endif
-bCompiled/b: __DATE__\n\n
+\n
 small\302\251 1998-2010 Peter \305\275elezn\303\275 lt;z...@xchat.org/small,
 	_(A multiplatform IRC Client),
 	get_cpu_str(),
diff -ru xchat-2.8.8.orig/src/fe-text/fe-text.c xchat-2.8.8/src/fe-text/fe-text.c
--- xchat-2.8.8.orig/src/fe-text/fe-text.c	2015-08-04 18:38:25.267425176 +
+++ xchat-2.8.8/src/fe-text/fe-text.c	2015-08-04 19:28:08.0 +
@@ -103,7 +103,6 @@
 \n
  \017xchat \00310PACKAGE_VERSION\n
  \017Running on \00310%s \017glib \00310%d.%d.%d\n
- \017This binary compiled \00310__DATE__\017\n,
 get_cpu_str(),
 glib_major_version, glib_minor_version, glib_micro_version);
 	fe_print_text (sess, buf, 0);