New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SIGSEV at hashtable_find_pair #523
Comments
Could you install the debuginfo package for libnftables? This might provide more details. I'm not sure this is a bug in jansson, it could be that libnftables (or some other part of the process) has a buffer overrun and is breaking jansson data structures. I will point to https://coveralls.io/github/akheron/jansson - the coverage for jansson is very high, we even have "chaos" tests which perform brute force malloc failure testing. Also can you confirm you are running jansson v2.12? |
IIRC OpenMandriva enabled verity/cryptsetup support in util-linux/libmount a while ago. Can you check if this problem goes away with verity/cryptsetup disabled? |
fwiw, @zeha is referring to this downstream bug report in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963721#59 where we ran into "weird" issues, once libmount was compiled with cryptsetup/verity support. |
It turns out, this particular crash is caused by both jansson and json-c exporting a symbol named json_object_iter_next, obviously incompatible. In Debian, this is now tracked as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963932 (a clone of 963721, which was actually unrelated). |
Also see json-c/json-c#621 |
The possible ways to resolve this conflict go something like this:
Using versioned symbols would mean that:
None of these solutions are perfect: renaming symbols is an ABI break, while adding versioned symbols requires action from the maintainers of both libraries. If the upstream maintainers of these libraries don't take action, it is possible that downstream maintainers in Linux distributions will decide to add versioned symbols without coordination with upstream. This is usually a bad idea and leads to binary-compatibility problems in the future, and I would recommend that downstream maintainers shouldn't do that, but they might consider it to be a necessary evil to fix crashes. |
apparently, json-glib also uses the |
Helps workaround akheron/jansson#523
The easiest way to have versioned symbols is: on supported platforms (at least GNU/Linux) and with supported compilers (at least gcc and clang), link the shared library with This simple form of versioned symbols is more or less equivalent to
Either of those is enough to make newly-compiled libjansson-dependent objects find the libjansson version of a function in preference to other versions. It will not prevent json-glib-dependent or json-c-dependent objects from crashing when they find libjansson's version of a symbol instead of the one they wanted: to prevent that, json-glib and json-c would need to adopt versioned symbols as well. Adding versioned symbols is a compatible change and does not need a SONAME bump, but if you adopt versioned symbols, they will become part of the library's ABI: removing or changing them is an incompatible change which requires a SONAME bump. It is also possible to use more complicated version scripts that assign versions to individual symbols, as is done in projects like OpenSSL, util-linux/libmount/libblkid and libgcab. This requires maintaining or generating a detailed list of symbols, and can help downstream projects to track what the library's dependencies are, but is not necessary if all you want to achieve is to resolve the symbol clash between json-c, json-glib and libjansson. |
The --default-symver linker option attaches a default version definition (the SONAME) to every exported symbol. It is supported since at least GNU binutils 2.22 in 2011 (older versions not tested). With this version definition, newly-linked binaries that depend on the jansson shared library will refer to its symbols in a versioned form, preventing their references from being resolved to a symbol of the same name exported by json-c or json-glib if those libraries appear in dependency search order before jansson, which will usually result in a crash. This is necessary because ELF symbol resolution normally uses a single flat namespace, not a tree like Windows symbol resolution. At least one symbol (json_object_iter_next()) is exported by all three JSON libraries. Linking with -Bsymbolic is not enough to have this effect in all cases, because -Bsymbolic only affects symbol lookup within a shared object, for example when parse_json() calls json_decref(). It does not affect calls from external code into jansson, unless jansson was statically linked into the external caller. This change will also not prevent code that depends on json-c or json-glib from finding jansson's symbols and crashing; to prevent that, a corresponding change in json-c or json-glib would be needed. Adding a symbol-version is a backwards-compatible change, but once added, removing or changing the symbol-version would be an incompatible change that requires a SONAME bump. Resolves: akheron#523 (when combined with an equivalent change to json-c). Signed-off-by: Simon McVittie <smcv@collabora.com>
Supporting Versioned symbols sounds good to me. Problems with clashing symbol names between JSON libraries are reported every now and then, and this would seem to help with those problems. |
The --default-symver linker option attaches a default version definition (the SONAME) to every exported symbol. It is supported since at least GNU binutils 2.22 in 2011 (older versions not tested). With this version definition, newly-linked binaries that depend on the jansson shared library will refer to its symbols in a versioned form, preventing their references from being resolved to a symbol of the same name exported by json-c or json-glib if those libraries appear in dependency search order before jansson, which will usually result in a crash. This is necessary because ELF symbol resolution normally uses a single flat namespace, not a tree like Windows symbol resolution. At least one symbol (json_object_iter_next()) is exported by all three JSON libraries. Linking with -Bsymbolic is not enough to have this effect in all cases, because -Bsymbolic only affects symbol lookup within a shared object, for example when parse_json() calls json_decref(). It does not affect calls from external code into jansson, unless jansson was statically linked into the external caller. This change will also not prevent code that depends on json-c or json-glib from finding jansson's symbols and crashing; to prevent that, a corresponding change in json-c or json-glib would be needed. Adding a symbol-version is a backwards-compatible change, but once added, removing or changing the symbol-version would be an incompatible change that requires a SONAME bump. Resolves: akheron#523 (when combined with an equivalent change to json-c). Signed-off-by: Simon McVittie <smcv@collabora.com>
The --default-symver linker option attaches a default version definition (the SONAME) to every exported symbol. It is supported since at least GNU binutils 2.22 in 2011 (older versions not tested). With this version definition, newly-linked binaries that depend on the jansson shared library will refer to its symbols in a versioned form, preventing their references from being resolved to a symbol of the same name exported by json-c or json-glib if those libraries appear in dependency search order before jansson, which will usually result in a crash. This is necessary because ELF symbol resolution normally uses a single flat namespace, not a tree like Windows symbol resolution. At least one symbol (json_object_iter_next()) is exported by all three JSON libraries. Linking with -Bsymbolic is not enough to have this effect in all cases, because -Bsymbolic only affects symbol lookup within a shared object, for example when parse_json() calls json_decref(). It does not affect calls from external code into jansson, unless jansson was statically linked into the external caller. This change will also not prevent code that depends on json-c or json-glib from finding jansson's symbols and crashing; to prevent that, a corresponding change in json-c or json-glib would be needed. Adding a symbol-version is a backwards-compatible change, but once added, removing or changing the symbol-version would be an incompatible change that requires a SONAME bump. Resolves: akheron/jansson#523 (when combined with an equivalent change to json-c). Signed-off-by: Simon McVittie <smcv@collabora.com>
Hi,
i've noticed that firewalld-0.8.1 started to coredumps on OpenMandriva Linux distribution:
Here are the logs
The text was updated successfully, but these errors were encountered: