Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIGSEGV in ffi callback preparation #3213

Closed
viraptor opened this issue Nov 3, 2016 · 2 comments
Closed

SIGSEGV in ffi callback preparation #3213

viraptor opened this issue Nov 3, 2016 · 2 comments

Comments

@viraptor
Copy link
Contributor

viraptor commented Nov 3, 2016

I'm not sure where actual issue is, but I'll start here. Maybe someone's got an idea.

I've got the following py-bt output from cpython 3.5.2 on arch linux when initializing the backend:

Traceback (most recent call first):
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 80, in wrapper
    callback = ffi.callback(signature, **kwargs)(func)
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 87, in <module>
    error=-1)
  <built-in method exec of module object at remote 0x3450f6c5c58>
  File "<frozen importlib._bootstrap>", line 222, in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 665, in exec_module
  File "<frozen importlib._bootstrap>", line 673, in _load_unlocked
  File "<frozen importlib._bootstrap>", line 958, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 969, in _find_and_load
  <built-in method __import__ of module object at remote 0x3450f6c5c58>
  File "<frozen importlib._bootstrap>", line 222, in _call_with_frames_removed
  File "<frozen importlib._bootstrap>", line 1016, in _handle_fromlist
  <built-in method __import__ of module object at remote 0x3450f6c5c58>
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 47, in <module>
    from cryptography.hazmat.bindings.openssl import binding
  <built-in method exec of module object at remote 0x3450f6c5c58>
  File "<frozen importlib._bootstrap>", line 222, in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 665, in exec_module
  File "<frozen importlib._bootstrap>", line 673, in _load_unlocked
  File "<frozen importlib._bootstrap>", line 958, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 969, in _find_and_load
  <built-in method __import__ of module object at remote 0x3450f6c5c58>
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/backends/openssl/__init__.py", line 7, in <module>
    from cryptography.hazmat.backends.openssl.backend import backend
  <built-in method exec of module object at remote 0x3450f6c5c58>
  File "<frozen importlib._bootstrap>", line 222, in _call_with_frames_removed
  File "<frozen importlib._bootstrap_external>", line 665, in exec_module
  File "<frozen importlib._bootstrap>", line 673, in _load_unlocked
  File "<frozen importlib._bootstrap>", line 958, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 969, in _find_and_load
  <built-in method __import__ of module object at remote 0x3450f6c5c58>
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/pkg_resources/__init__.py", line 2274, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/backends/__init__.py", line 27, in <listcomp>
    for ep in pkg_resources.iter_entry_points(
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/backends/__init__.py", line 28, in _available_backends
    "cryptography.backends"
  File "/home/viraptor/Projects/anchor/.tox/py35d/lib/python3.5/site-packages/cryptography/hazmat/backends/__init__.py", line 41, in default_backend
    _default_backend = MultiBackend(_available_backends())

and the top frames of actual bt:

#0  0x0000034505d23d9b in ffi_prep_closure_loc () from /usr/lib/libffi.so.6
#1  0x0000034505f4263f in b_callback (self=self@entry=0x0, args=args@entry=(<_cffi_backend.CTypeDescr at remote 0x345058e7418>, <function at remote 0x345058d5788>, -1, None)) at c/_cffi_backend.c:5284
#2  0x0000034505f42900 in _ffi_callback_decorator (outer_args=(<_cffi_backend.CTypeDescr at remote 0x345058e7418>, <function at remote 0x345058d5788>, -1, None), fn=<optimized out>) at c/ffi_obj.c:776
#3  0x000000000053909d in call_function (pp_stack=pp_stack@entry=0x384ea2ea018, oparg=oparg@entry=1) at Python/ceval.c:4690
#4  0x00000000005361f2 in PyEval_EvalFrameEx (

This didn't happen in python 3.4. The installed versions are as follows:

  • cffi (1.8.3)
  • cryptography (1.5.2)
  • cpython 3.5.2
  • openssl 1.0.2j

Happy to provide more details if there are any questions.
@viraptor
Copy link
Contributor Author

viraptor commented Nov 3, 2016

Let this be a warning to others I guess. cffi allocates RWX memory, which upsets grsec kernels. Use pax flags to allow it to work.

@viraptor viraptor closed this as completed Nov 3, 2016
@tiran
Copy link
Contributor

tiran commented Nov 3, 2016

Yes, libffi uses WX memory to create dynamic closures for its callbacks. I fixed it in #2481. Later the fix was undone for Python 3.5 because it caused segfaults in another place. #3201 or OpenSSL 1.1.0 will the root cause once and for all. #3201 is currently blocked by legal issues.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 13, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@viraptor @tiran