dotnet build intermittently crashes with segfault on Ubuntu 18.04
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Ubuntu Pro | Status tracked in 18.04 | |||||
18.04 |
Fix Released
|
Medium
|
Tom Moyer | |||
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | |||
Bionic |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Bionic's OpenSSL 1.1.1 package (https:/
The threading model in .NET has the possibility that background threads are still running when exit() is called, which can cause SIGSEGV if a background thread interacts with OpenSSL after/while it has unloaded. For that reason, we always initialize OpenSSL 1.1.1 with the OPENSSL_NO_ATEXIT flag (which, of all the distros we run on only has no effect on Bionic).
We feel that the stability of applications on Ubuntu 18.04 would be improved if the functionality of OPENSSL_NO_ATEXIT was merged into the bionic openssl 1.1.1 package, even if the constant isn't published into the header for the dev package.
Context: https:/
[Test Plan]
The described behavior can be reproduced by passing the OPENSSL_NO_ATEXIT to the OPENSSL_init_ssl() call. The application will terminate with a SEGFAULT. More concretely, a minimal reproducer is:
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#ifndef OPENSSL_
#define OPENSSL_
#endif
static void print_error_
{
printf(
printf(
}
int main(int argc, char* argv[])
{
// register this handler first, so it runs last.
atexit(
OPENSSL_
NULL);
print_
return 0;
}
Building
$ sudo apt install libssl-dev
$ gcc test.c -lssl -lcrypto
$ ./a.out
print_error_string:
ERR_reason_
print_error_string:
Segmentation fault (core dumped)
[Other Info]
All of these patches are included in upstream release 1.1.1b
- lp1983100-
Fixes the shlibloadtest that was updated as part of #0005
- lp1983100-
Patch adds the OPENSSL_
- lp1983100-
Additional fixes for shlibloadtest
- lp1983100-
Additional fixes for shlibloadtest
- lp1983100-
Adds test for OPENSSL_
- lp1983100-
This patch includes tests to ensure that if OPENSSL_
- lp1983100-
This patch ensures that atexit() is only called when on non-Windows systems as Windows uses _onexit() during library unloading
All seven patches are required to ensure the correct logic and operation of the OPENSSL_
[Where problems could occur]
The patches adds an option to the OPENSSL_
These changes have the potential for regressions and it is conceivable that they lead to incorrect behavior. However, I have also backported and included all new testing functions in the hope that the changed behavior will get appropriate testing.
description: | updated |
description: | updated |
tags: | added: se-sponsor-halves |
Changed in openssl (Ubuntu Bionic): | |
assignee: | Nicolas Bock (nicolasbock) → Tom Moyer (tom-tom) |
Changed in openssl (Ubuntu Bionic): | |
status: | Incomplete → In Progress |
Changed in ubuntu-pro: | |
assignee: | nobody → Tom Moyer (tom-tom) |
Changed in openssl (Ubuntu Bionic): | |
importance: | Medium → Undecided |
assignee: | Tom Moyer (tom-tom) → nobody |
I uploaded a patched package to https:/ /launchpad. net/~nicolasboc k/+archive/ ubuntu/ lp1983100