Skip to content
This repository has been archived by the owner on Nov 6, 2022. It is now read-only.

2.9.3 breaks ABI compatibility with 2.9.2 with no corresponding SONAME change #502

Closed
maxcrees opened this issue Mar 22, 2020 · 6 comments
Closed

2.9.3 breaks ABI compatibility with 2.9.2 with no corresponding SONAME change #502

maxcrees opened this issue Mar 22, 2020 · 6 comments

Comments

@maxcrees
Copy link

Hello,

After spending quite some time debugging quassel-webserver breaking on my latest system update, I traced the issue back to the upgrade of http-parser from 2.9.2 to 2.9.3 without a corresponding rebuild of node itself. Node wasn't rebuilt because the SONAME of http-parser didn't change.

However, it is clear that the changes introduced in 7d5c99d horribly broke the ABI of libhttp_parser.so. This is due to the changes made to enum http_errno and struct http_parser (the changes made to enum header_states are also breaking but I'm assuming this is not ABI). The abi-laboratory report gives a nice summary of this.

The problem I encountered was any request to the app would immediately return a Bad Request, but I figure this can manifest in any number of ways - for example, the Fedora people saw that it made libgit2 segfault.

Please consider cutting a new release with an updated SONAME or otherwise making the changes ABI compatible.

Thanks,

Max
@bnoordhuis
Copy link
Member

Paging @indutny and also @jasnell, @mcollina and @sam-github.

It seems like a pretty obvious oversight (I caught it immediately while looking at the diff so I'm pretty disappointed no one else did...) so please figure out how to fix this.

@mcollina
Copy link
Member

Sigh :(.

@indutny
Copy link
Member

indutny commented Mar 22, 2020

FWIW, I've marked relevant PR as an ABI change. Looks like the details went missing somewhere in the process. Should we cut 2.9.4 with the revert and then 2.10.0?

Sorry!

@jasnell
Copy link
Member

jasnell commented Mar 22, 2020

As @indutny mentions, this was clearly an abi breaking change. Unfortunate that that was missed in the release process. A revert plus new 2.10.0 should work I think.

bnoordhuis added a commit to bnoordhuis/http-parser that referenced this issue Mar 23, 2020
@bnoordhuis
Fix ABI breakage
9f078fe 
Fix ABI breakage introduced in commit 7d5c99d ("Support multi-coding
Transfer-Encoding") by undoing the change in `sizeof(http_parser)`.

Restore the size of the `flags` field and shrink the `index` field from
7 to 5 bits. It track strings up to `strlen("Transfer-Encoding")` bytes
in size so 2^5 == 32 is wide enough.

Fixes: nodejs#502
@bnoordhuis bnoordhuis mentioned this issue Mar 23, 2020
Closed
@bnoordhuis
Copy link
Member

Should we cut 2.9.4 with the revert and then 2.10.0?

Just to be clear, 2.10.0 would contain the ABI change again? With a SONAME bump? What happens when a security vulnerability is found that affects 2.9.4?

I think the change from 7d5c99d can be done in a backwards compatible way. PTAL y'all at #503.

@bnoordhuis
Copy link
Member

Fixed in 714cbb2 and released as v2.9.4.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix ABI breakage bnoordhuis/http-parser
5 participants
@mcollina @maxcrees @indutny @bnoordhuis @jasnell