[Bug 1983100] Re: dotnet build intermittently crashes with segfault on Ubuntu 18.04
Tom Moyer
1983100 at bugs.launchpad.net
Wed May 3 16:27:00 UTC 2023
This updated debdiff (openssl-atexit-v2.debdiff) includes the DEP-3
headers, cleans up the patch names by prepending lp1983100- to each
patch, and is rebased on the latest release in bionic-security.
** Description changed:
[Impact]
Bionic's OpenSSL 1.1.1 package
(https://launchpad.net/ubuntu/bionic/+source/openssl) is the only
version of openssl 1.1.1 on any distro that we've encountered that does
not have support for the OPENSSL_NO_ATEXIT functionality from 1.1.1b
(openssl/openssl at c2b3db2).
The threading model in .NET has the possibility that background threads
are still running when exit() is called, which can cause SIGSEGV if a
background thread interacts with OpenSSL after/while it has unloaded.
For that reason, we always initialize OpenSSL 1.1.1 with the
OPENSSL_NO_ATEXIT flag (which, of all the distros we run on only has no
effect on Bionic).
We feel that the stability of applications on Ubuntu 18.04 would be
improved if the functionality of OPENSSL_NO_ATEXIT was merged into the
bionic openssl 1.1.1 package, even if the constant isn't published into
the header for the dev package.
Context:
https://github.com/dotnet/runtime/issues/48411#issuecomment-1178405101
[Test Plan]
The described behavior can be reproduced by passing the
OPENSSL_NO_ATEXIT to the OPENSSL_init_ssl() call. The application will
terminate with a SEGFAULT. More concretely, a minimal reproducer is:
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_INIT_NO_ATEXIT
#define OPENSSL_INIT_NO_ATEXIT 0x00080000L
#endif
static void print_error_string()
{
printf("print_error_string:\n");
printf("ERR_reason_error_string(0) => %s\n", ERR_reason_error_string(0));
}
int main(int argc, char* argv[])
{
// register this handler first, so it runs last.
atexit(print_error_string);
OPENSSL_init_ssl(
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG |
OPENSSL_INIT_NO_ATEXIT |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_LOAD_SSL_STRINGS,
NULL);
print_error_string();
return 0;
}
Building
$ sudo apt install libssl-dev
$ gcc test.c -lssl -lcrypto
$ ./a.out
print_error_string:
ERR_reason_error_string(0) => (null)
print_error_string:
Segmentation fault (core dumped)
+ [Other Info]
+ All of these patches are included in upstream release 1.1.1b
+ - lp1983100-0001-Fix-shlibloadtest-to-properly-execute-the-dso_ref-te.patch
+ Fixes the shlibloadtest that was updated as part of #0005
+
+ - lp1983100-0002-Implement-OPENSSL_INIT_NO_ATEXIT.patch
+ Patch adds the OPENSSL_INIT_NO_ATEXIT option
+
+ - lp1983100-0003-Don-t-link-shlibloadtest-against-libcrypto.patch
+ Additional fixes for shlibloadtest
+
+ - lp1983100-0004-Fix-rpath-related-Linux-test_shlibload-failure.patch
+ Additional fixes for shlibloadtest
+
+ - lp1983100-0005-Test-atexit-handlers.patch
+ Adds test for OPENSSL_INIT_NO_ATEXIT option and updates the shlibloadtest
+
+ - lp1983100-0006-Introduce-a-no-pinshared-option.patch
+ This patch includes tests to ensure that if OPENSSL_INIT_NO_ATEXIT is not defined then the atexit() handler is run
+
+ - lp1983100-0007-Support-_onexit-in-preference-to-atexit-on-Windows.patch
+ This patch ensures that atexit() is only called when on non-Windows systems as Windows uses _onexit() during library unloading
+
+ All seven patches are required to ensure the correct logic and operation
+ of the OPENSSL_INIT_NO_ATEXIT option.
+
[Where problems could occur]
The patches adds an option to the OPENSSL_init_crypto() function to
disable the default behavior of calling of a cleanup function on
application exit. The patch also includes a few bug fixes around various
initializations that were supposed to happen once when running threaded
but were not.
These changes have the potential for regressions and it is conceivable
that they lead to incorrect behavior. However, I have also backported
and included all new testing functions in the hope that the changed
behavior will get appropriate testing.
** Patch added: "openssl-atexit-v2.debdiff"
https://bugs.launchpad.net/ubuntu/bionic/+source/openssl/+bug/1983100/+attachment/5670692/+files/openssl-atexit-v2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1983100
Title:
dotnet build intermittently crashes with segfault on Ubuntu 18.04
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Bionic:
Incomplete
Bug description:
[Impact]
Bionic's OpenSSL 1.1.1 package
(https://launchpad.net/ubuntu/bionic/+source/openssl) is the only
version of openssl 1.1.1 on any distro that we've encountered that
does not have support for the OPENSSL_NO_ATEXIT functionality from
1.1.1b (openssl/openssl at c2b3db2).
The threading model in .NET has the possibility that background
threads are still running when exit() is called, which can cause
SIGSEGV if a background thread interacts with OpenSSL after/while it
has unloaded. For that reason, we always initialize OpenSSL 1.1.1 with
the OPENSSL_NO_ATEXIT flag (which, of all the distros we run on only
has no effect on Bionic).
We feel that the stability of applications on Ubuntu 18.04 would be
improved if the functionality of OPENSSL_NO_ATEXIT was merged into the
bionic openssl 1.1.1 package, even if the constant isn't published
into the header for the dev package.
Context:
https://github.com/dotnet/runtime/issues/48411#issuecomment-1178405101
[Test Plan]
The described behavior can be reproduced by passing the
OPENSSL_NO_ATEXIT to the OPENSSL_init_ssl() call. The application will
terminate with a SEGFAULT. More concretely, a minimal reproducer is:
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_INIT_NO_ATEXIT
#define OPENSSL_INIT_NO_ATEXIT 0x00080000L
#endif
static void print_error_string()
{
printf("print_error_string:\n");
printf("ERR_reason_error_string(0) => %s\n", ERR_reason_error_string(0));
}
int main(int argc, char* argv[])
{
// register this handler first, so it runs last.
atexit(print_error_string);
OPENSSL_init_ssl(
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG |
OPENSSL_INIT_NO_ATEXIT |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_LOAD_SSL_STRINGS,
NULL);
print_error_string();
return 0;
}
Building
$ sudo apt install libssl-dev
$ gcc test.c -lssl -lcrypto
$ ./a.out
print_error_string:
ERR_reason_error_string(0) => (null)
print_error_string:
Segmentation fault (core dumped)
[Other Info]
All of these patches are included in upstream release 1.1.1b
- lp1983100-0001-Fix-shlibloadtest-to-properly-execute-the-dso_ref-te.patch
Fixes the shlibloadtest that was updated as part of #0005
- lp1983100-0002-Implement-OPENSSL_INIT_NO_ATEXIT.patch
Patch adds the OPENSSL_INIT_NO_ATEXIT option
- lp1983100-0003-Don-t-link-shlibloadtest-against-libcrypto.patch
Additional fixes for shlibloadtest
- lp1983100-0004-Fix-rpath-related-Linux-test_shlibload-failure.patch
Additional fixes for shlibloadtest
- lp1983100-0005-Test-atexit-handlers.patch
Adds test for OPENSSL_INIT_NO_ATEXIT option and updates the shlibloadtest
- lp1983100-0006-Introduce-a-no-pinshared-option.patch
This patch includes tests to ensure that if OPENSSL_INIT_NO_ATEXIT is not defined then the atexit() handler is run
- lp1983100-0007-Support-_onexit-in-preference-to-atexit-on-Windows.patch
This patch ensures that atexit() is only called when on non-Windows systems as Windows uses _onexit() during library unloading
All seven patches are required to ensure the correct logic and
operation of the OPENSSL_INIT_NO_ATEXIT option.
[Where problems could occur]
The patches adds an option to the OPENSSL_init_crypto() function to
disable the default behavior of calling of a cleanup function on
application exit. The patch also includes a few bug fixes around
various initializations that were supposed to happen once when running
threaded but were not.
These changes have the potential for regressions and it is conceivable
that they lead to incorrect behavior. However, I have also backported
and included all new testing functions in the hope that the changed
behavior will get appropriate testing.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1983100/+subscriptions
More information about the foundations-bugs
mailing list