VC 1.26.7 Mint Ubuntu critical error(s) and crash(es)
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hello,
I have been using VC for years. Thank you all for your hard work. I recently downloaded VC 1.26.7 for Linux from the official site and verified its hash. I tested it on two computers: Linux Mint Cinnamon 21.2 (Ubuntu 22.04 base) and Linux Mint Cinnamon 21.1 (Ubuntu 22.04 base). The crash is not related to older containers, removed hashes, or TC backwards compatibility. On both computers, VC crashes in the following scenario:
"Veracrypt has encountered a critical error and needs to close"
Note:
When uninstalling 1.26.7 by shell on these machines and putting back 1.25.9, the new test container can be opened.
@rolsan87: Thank you for the report. To better understand, does the crash occur after asking for the administrator password or before? Pinpointing the timing will help identify the location of the crash.
Additionally, could you specify the CPU models of both computers? Knowing this will assist in identifying the instruction set features utilized by the crypto operations, in case they influence the issue.
For reference, I tested your scenario on Ubuntu 22.04, and no crash occurred.
Additional question: Does the crash occur only when you select "Autodetection", or does it also happen if you explicitly select "HMAC-SHA-512" as PKCS5-PRF?
Thanks Mounir for your time.
I downloaded a fresh copy. Hashes were identical and the result the same. The crash occurs immediately after entering the container pwd (before admin pwd). Changing from 'autodetect' to 'HMAC-SHA-512' in preferences (and/or in the mount pwd popup screen) does not eliminate the crash. I've let it 'send a report' several times (browser opens).
Computer 1 = Ryzen 7 3700X (32 GB RAM, Kernel: 5.15.0-86-generic x86_64)
Computer 2 = Celeron 6305 (8 GB RAM)
{ BTW, is there a way to get in touch with you privately? I have a ChaCha20 project that I would like to invite your participation in, and I have some suggestions that could really benefit VC. }
Last edit: Reilly Sourcfge 2023-10-17
Thank you for the details.
Actually, the automatic crash report isn't functioning at the moment. I have disabled it until I establish an adequate method of collecting crash information, which I haven't had the opportunity to do yet.
Based on your description, it appears the crash occurs when we query the "sudo" authentication status. This helps us determine whether we should request the admin password or not, and a crash there is quite strange.
To verify this hypothesis, could you please open a Terminal and launch VeraCrypt using sudo (
sudo veracrypt)? Does the crash also occur?Another test, conducted from the Terminal, involves launching VeraCrypt through gdb. You can do this by typing:
gdb -ex=r veracryptand then reproducing the issue. Normally, when the issue happens, gdb will catch it first, meaning you won't see the VeraCrypt crash report dialog. Instead, gdb will indicate that a signal occurred. At this point, typing "bt" and hitting enter will display the crash's stack trace. Could you share the details of this trace with me?In the meantime, I'll be look into the crash report functionality. At a minimum, it should be able to save the report as a text file that can be manually opened and submitted.
If you need to contact me, you can either send me a private message on Sourceforge or email me at mounir (at) idrix dot fr. I'm always open to discussing new ideas and proposals.
Thank you.
'sudo veracypt' ran smoothly with no errors mounting the container.
'gdb -ex=r veracrypt' did hang with the following output:
Thank you for sharing the results.
Regrettably, the gdb trace isn't offering the clues we need. Therefore, a dedicated debug version is essential to gather more detailed information.
As I had suspected, it's now evident that the issue lies within the sections of the code responsible for handling 'sudo'.
Would you be willing to build a debug version of VeraCrypt if I provide the build instructions? This would help us gather more comprehensive data.
In the meantime, I'll be analyzing the differences between versions 1.25.9 and 1.26.7 to pinpoint the problematic code changes.
I'd be happy to help (debug version) if the instructions are within my technical level to understand.
Also, if you want to try things on your end, here is a link for the exact operating system I'm using:
https://linuxmint.com/edition.php?id=305
Thank you for your help.
The instructions to build VeraCrypt in debug mode should be easy to follow. The following should be run under Terminal:
gdb -ex=r veracryptThat's it. Now, we should have a more detailed stack trace when the crash occurs.
Hi Mounir,
Your instructions were perfect and easy to follow. I did the build and ran it. Guess what? No errors at all! I couldn’t believe it, so I uninstalled the test build and put VC back using my installer. The error returned. Then I did your build again. The error was gone again.
I think I downloaded the Linux/generic installer (not Deb, not Ubuntu) as I always have done with success. Just to be clear, the:
SHA256 of installer script ‘veracrypt-1.26.7-setup-gui-x64’ (~10.6 MB) ends with dccd9eb25
Hope that helps. Since the automated error reports aren’t working, I’m concerned quite a few people might be seeing the error and thinking they’ve reported it. Strange that this seems to affect Linux Mint Veracrypt, not Ubuntu.
Thank you, @rolsan87, for all the details. I now actually understand the cause of the crash!
When I read that you used 'veracrypt-1.26.7-setup-gui-x64' to install VeraCrypt, I immediately knew that this was the problem. In the generic installer archive, there are two GUI installers:
The first installer is for the legacy GTK2, while the second installer is for the newer GTK3 (as indicated in its name).
Linux Mint 21 is based on GTK3, and therefore, you should be using the GTK3 installer. All modern Linux distributions now use GTK3, so the GTK2 installer is reserved for legacy systems.
The crash you observed occurs due to an issue affecting GTK2 calls on GTK3 systems. This use case isn't part of VeraCrypt's official testing, which is why I never detected it.
So, the solution is simple: just use the GTK3 installer, and the crash will be resolved.
On my end, I will change the naming of the installers in the future. The default installer, veracrypt-1.XX-setup-gui-x64, will be for GTK3, and the GTK2 installer will be labeled as veracrypt-1.XX-setup-gtk2-gui-x64.
In the meantime, I will add a note to the download page to inform Linux users to choose the GTK3 version if they're using the generic installer on modern Linux distributions.
Thank you again for your patience and your help.
Suggestion:
Add the word legacy to the GTK2.
veracrypt-1.XX-setup-legacy-gtk2-gui-x64
Thank you for your help! I apologize. I'm pretty techie, but I didn't recognize the right installer based on OS GUI. In fact, with the previous release a few years back, the installer seems to be agnostic (no errors). Mentally, when I go for installers I usually go for the most boring name (not 'legacy', 'xfce', '32-bit', etc.), thinking that complicated names are usually exceptions (non-mainstream). Looks like another lesson in how diverse the ecosystems are now. Thanks again for maintaining this project.
@rolsan87: You don't have to apologize. Your approach to selecting the correct installer was a good one, but the issue lies in that VeraCrypt's generic installer naming did not follow this logical approach. The Linux UI world has moved to GTK3 for some time now, and the default installer should have followed suit, instead of sticking with GTK2. So, this has been a lesson for me as well!