Opened 4 months ago

Last modified 6 hours ago

#25485 needs_revision defect

Browser/TorBrowser/Tor/libstdc++.so.6: version `CXXABI_1.3.11' not found (required by /usr/lib/x86_64-linux-gnu/libmirclient.so.9)

Reported by: cypherpunks Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: ff60-esr, TorBrowserTeam201807
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I noticed that clicking on the Open Directory button in the Profile Directory entry in about:support fails with the following error:

nautilus: /home/systemdsucks/Desktop/tor-browser_en-US/Browser/TorBrowser/Tor/libstdc++.so.6: version `CXXABI_1.3.11' not found (required by /usr/lib/x86_64-linux-gnu/libmirclient.so.9)
nautilus: /home/systemdsucks/Desktop/tor-browser_en-US/Browser/TorBrowser/Tor/libstdc++.so.6: version `GLIBCXX_3.4.22' not found (required by /usr/lib/x86_64-linux-gnu/libmircommon.so.7)

Child Tickets

Change History (22)

comment:1 Changed 4 months ago by gk

Status: assignedneeds_information

I wonder where the libmir* requirement is coming from. Cyperpunk: What Linux system is that and how are you extracting/starting Tor Browser?

comment:2 in reply to:  1 Changed 4 months ago by yawning

Replying to gk:

I wonder where the libmir* requirement is coming from.

Stuff on the user's system (in this case nautlius) is compiled against it. My bet here would be Gtk 3 and or Mesa, but it doesn't really matter.

If Tor Browser forks/execs things that are not part of the browser bundle (such as, oh, the file manager), it should clear LD_LIBRARY_PATH.

comment:3 in reply to:  1 Changed 4 months ago by cypherpunks

Status: needs_informationnew

Replying to gk:

I wonder where the libmir* requirement is coming from. Cyperpunk: What Linux system is that and how are you extracting/starting Tor Browser?

Ubuntu 17.10. For that case I did cd Browser && ./start-tor-browser --debug.

comment:4 Changed 3 weeks ago by igt0

I am having the same problem with one of my Ubuntu machines.

LD_LIBRARY_PATH=<PathToTor>/tor-browser_en-US/Browser/TorBrowser/Tor/ ./firefox --class 'Tor Browser' -profile TorBrowser/Data/Browser/profile.default

XPCOMGlueLoad error for file <PATH>/tor-browser_en-US/Browser/libmozgtk.so:
<PATH>/tor-browser_en-US/Browser/TorBrowser/Tor/libstdc++.so.6: version `CXXABI_1.3.11' not found (required by /usr/lib/x86_64-linux-gnu/libmirclient.so.9)
Couldn't load XPCOM.

The libmozgtk has as dependency libmirclient.

ldd <PATH>/tor-browser_en-US/Browser/libmozgtk.so
	linux-vdso.so.1 =>  (0x00007fff46484000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f109d710000)
	libgtk-3.so.0 => /usr/lib/x86_64-linux-gnu/libgtk-3.so.0 (0x00007f109cdfc000)
	libgdk-3.so.0 => /usr/lib/x86_64-linux-gnu/libgdk-3.so.0 (0x00007f109caf1000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f109c711000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f109c50d000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f109d92f000)
	libgmodule-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x00007f109c309000)
	libpangocairo-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0 (0x00007f109c0fc000)
	libX11.so.6 => /usr/lib/x86_64-linux-gnu/libX11.so.6 (0x00007f109bdc3000)
	libXi.so.6 => /usr/lib/x86_64-linux-gnu/libXi.so.6 (0x00007f109bbb3000)
	libXfixes.so.3 => /usr/lib/x86_64-linux-gnu/libXfixes.so.3 (0x00007f109b9ad000)
	libcairo-gobject.so.2 => /usr/lib/x86_64-linux-gnu/libcairo-gobject.so.2 (0x00007f109b7a4000)
	libcairo.so.2 => /usr/lib/x86_64-linux-gnu/libcairo.so.2 (0x00007f109b493000)
	libgdk_pixbuf-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0 (0x00007f109b26f000)
	libatk-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libatk-1.0.so.0 (0x00007f109b049000)
	libatk-bridge-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0 (0x00007f109ae1a000)
	libepoxy.so.0 => /usr/lib/x86_64-linux-gnu/libepoxy.so.0 (0x00007f109ab24000)
	libpangoft2-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0 (0x00007f109a90e000)
	libpango-1.0.so.0 => /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0 (0x00007f109a6c0000)
	libfontconfig.so.1 => /usr/lib/x86_64-linux-gnu/libfontconfig.so.1 (0x00007f109a47d000)
	libgio-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0 (0x00007f109a0e2000)
	libgobject-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x00007f1099e8e000)
	libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007f1099b7a000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f1099824000)
	libXinerama.so.1 => /usr/lib/x86_64-linux-gnu/libXinerama.so.1 (0x00007f1099621000)
	libXrandr.so.2 => /usr/lib/x86_64-linux-gnu/libXrandr.so.2 (0x00007f1099416000)
	libXcursor.so.1 => /usr/lib/x86_64-linux-gnu/libXcursor.so.1 (0x00007f109920c000)
	libXcomposite.so.1 => /usr/lib/x86_64-linux-gnu/libXcomposite.so.1 (0x00007f1099009000)
	libXdamage.so.1 => /usr/lib/x86_64-linux-gnu/libXdamage.so.1 (0x00007f1098e06000)
	libxkbcommon.so.0 => /usr/lib/x86_64-linux-gnu/libxkbcommon.so.0 (0x00007f1098bc7000)
	libwayland-cursor.so.0 => /usr/lib/x86_64-linux-gnu/libwayland-cursor.so.0 (0x00007f10989bf000)
	libwayland-egl.so.1 => /usr/lib/x86_64-linux-gnu/libwayland-egl.so.1 (0x00007f10987bd000)
	libwayland-client.so.0 => /usr/lib/x86_64-linux-gnu/libwayland-client.so.0 (0x00007f10985ae000)
	libmirclient.so.9 => /usr/lib/x86_64-linux-gnu/libmirclient.so.9 (0x00007f1098306000)
	libXext.so.6 => /usr/lib/x86_64-linux-gnu/libXext.so.6 (0x00007f10980f4000)
	librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f1097eec000)
	libfreetype.so.6 => /usr/lib/x86_64-linux-gnu/libfreetype.so.6 (0x00007f1097c39000)
	libxcb.so.1 => /usr/lib/x86_64-linux-gnu/libxcb.so.1 (0x00007f1097a12000)
	libpixman-1.so.0 => /usr/lib/x86_64-linux-gnu/libpixman-1.so.0 (0x00007f109776c000)
	libpng16.so.16 => /usr/lib/x86_64-linux-gnu/libpng16.so.16 (0x00007f109753a000)
	libxcb-shm.so.0 => /usr/lib/x86_64-linux-gnu/libxcb-shm.so.0 (0x00007f1097337000)
	libxcb-render.so.0 => /usr/lib/x86_64-linux-gnu/libxcb-render.so.0 (0x00007f109712a000)
	libXrender.so.1 => /usr/lib/x86_64-linux-gnu/libXrender.so.1 (0x00007f1096f20000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f1096d03000)
	libatspi.so.0 => /usr/lib/x86_64-linux-gnu/libatspi.so.0 (0x00007f1096ad3000)
	libdbus-1.so.3 => /lib/x86_64-linux-gnu/libdbus-1.so.3 (0x00007f1096887000)
	libharfbuzz.so.0 => /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0 (0x00007f10965f3000)
	libthai.so.0 => /usr/lib/x86_64-linux-gnu/libthai.so.0 (0x00007f10963ea000)
	libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f10961bf000)
	libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x00007f1095f97000)
	libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007f1095d7d000)
	libmount.so.1 => /lib/x86_64-linux-gnu/libmount.so.1 (0x00007f1095b2b000)
	libffi.so.6 => /usr/lib/x86_64-linux-gnu/libffi.so.6 (0x00007f1095923000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f10956b1000)
	libmircommon.so.7 => /usr/lib/x86_64-linux-gnu/libmircommon.so.7 (0x00007f1095475000)
	libmirprotobuf.so.3 => /usr/lib/x86_64-linux-gnu/libmirprotobuf.so.3 (0x00007f10951f1000)
	libcapnp-0.5.3.so => /usr/lib/x86_64-linux-gnu/libcapnp-0.5.3.so (0x00007f1094f6c000)
	libmircore.so.1 => /usr/lib/x86_64-linux-gnu/libmircore.so.1 (0x00007f1094d5f000)
	libboost_system.so.1.62.0 => /usr/lib/x86_64-linux-gnu/libboost_system.so.1.62.0 (0x00007f1094b5b000)
	libprotobuf-lite.so.10 => /usr/lib/x86_64-linux-gnu/libprotobuf-lite.so.10 (0x00007f109490b000)
	libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f1094585000)
	libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f109436e000)
	libXau.so.6 => /usr/lib/x86_64-linux-gnu/libXau.so.6 (0x00007f109416a000)
	libXdmcp.so.6 => /usr/lib/x86_64-linux-gnu/libXdmcp.so.6 (0x00007f1093f64000)
	libsystemd.so.0 => /lib/x86_64-linux-gnu/libsystemd.so.0 (0x00007f1093cdf000)
	libgraphite2.so.3 => /usr/lib/x86_64-linux-gnu/libgraphite2.so.3 (0x00007f1093ab2000)
	libdatrie.so.1 => /usr/lib/x86_64-linux-gnu/libdatrie.so.1 (0x00007f10938ab000)
	libblkid.so.1 => /lib/x86_64-linux-gnu/libblkid.so.1 (0x00007f1093661000)
	libboost_filesystem.so.1.62.0 => /usr/lib/x86_64-linux-gnu/libboost_filesystem.so.1.62.0 (0x00007f1093448000)
	libkj-0.5.3.so => /usr/lib/x86_64-linux-gnu/libkj-0.5.3.so (0x00007f1093221000)
	libbsd.so.0 => /lib/x86_64-linux-gnu/libbsd.so.0 (0x00007f109300c000)
	libgcrypt.so.20 => /lib/x86_64-linux-gnu/libgcrypt.so.20 (0x00007f1092cfe000)
	liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f1092ad8000)
	liblz4.so.1 => /usr/lib/x86_64-linux-gnu/liblz4.so.1 (0x00007f10928c0000)
	libuuid.so.1 => /lib/x86_64-linux-gnu/libuuid.so.1 (0x00007f10926bb000)
	libgpg-error.so.0 => /lib/x86_64-linux-gnu/libgpg-error.so.0 (0x00007f10924a6000)



comment:5 Changed 3 weeks ago by gk

Keywords: ff60-esr added
Priority: MediumHigh

comment:6 Changed 3 weeks ago by gk

Keywords: TorBrowserTeam201806 added
Priority: HighVery High

#26589 is a duplicate.

comment:7 Changed 3 weeks ago by gk

Resolution: worksforme
Status: newclosed

privacy.donottrackheader.enabled is set to false in my Tor Browser. Thus, it seems you messed with your settings and have it enabled now.

comment:8 Changed 3 weeks ago by gk

Resolution: worksforme
Status: closedreopened

Ugh, wrong ticket.

comment:9 Changed 2 weeks ago by boklm

It seems that the issue is that libgdk-3.so.0 on Ubuntu is linked to libmirclient.so.9, which is linked to a newer version of libstdc++.so.6 than the one we ship.

Some (probably not good) solutions could be:

  • building and shipping a libgdk-3.so.0 (and maybe libgtk3?) that is not linked to libmirclient.so.9. However this will increase the complexity, build time, and size of our bundles.
  • building and shipping a libmirclient.so.9 that is linked to our version of libstdc++.so.6.

I think a better option might be to avoid having our version of libstdc++.so.6 in LD_LIBRARY_PATH when the version installed on the system is newer. Maybe the start-tor-browser script could detect which version of libstdc++.so.6 is available and only add our version to LD_LIBRARY_PATH when needed.

comment:10 Changed 2 weeks ago by gk

Do we actually still need to ship that lib?

comment:11 in reply to:  10 Changed 2 weeks ago by boklm

Replying to gk:

Do we actually still need to ship that lib?

I think we need to ship libstdc++.so.6 for the systems where the installed version is too old. As we are building using gcc 6.4.0, it seems our binaries will require CXXABI_1.3.10 added with gcc 6.1.0:
https://gcc.gnu.org/onlinedocs/libstdc++/manual/abi.html

Some of the distributions built using a gcc older than 6.1.0 are:

  • Ubuntu 16.04LTS (gcc 5.3.1)
  • Centos 7 (gcc 4.8.5)

comment:12 Changed 2 weeks ago by gk

Keywords: TorBrowserTeam201807 added; TorBrowserTeam201806 removed

Moving first batch of tickets to July 2018

comment:13 Changed 2 weeks ago by yawning

For what it's worth, this also is the root cause of #20866.

comment:14 Changed 2 days ago by Hello71

what's wrong with rpath?

comment:15 Changed 12 hours ago by sukhbir

Status: reopenedneeds_revision

For review:

https://github.com/azadi/tor-browser-build-1/tree/bug-25485

This is tested on Ubuntu 17.04 (gcc 7; newer) as well as Ubuntu 16.04 (gcc 5.3.1; older). To initiate the ABI check, we compare the installed gcc version with the bundled Tor Browser version 6.4.0. If the installed version is more recent, we remove the bundled libstdc++.so.6 from Browser/TorBrowser/Tor, which removes it from LD_LIBRARY_PATH.

I am guessing this should suffice, or should we follow the symlink for libstdc++.so.6 and then compare the CXXABI, like for Ubuntu 17.04:

$ strings /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.24  | grep CXXABI_[[:digit:]] | sort -Vr | head -1
CXXABI_1.3.11

and then compare it with the Tor Browser version:

$ strings Browser/TorBrowser/Tor/libstdc++.so.6  | grep CXXABI_[[:digit:]] | sort -Vr | head -1
CXXABI_1.3.10

which tells us the same thing and instead of comparing the version strings, we can compare this but I thought the gcc version is more direct.

(As indicated in comment:14, we should consider using rpath as discussed in #13373 but I am not focusing on that for now.)

comment:16 Changed 12 hours ago by sukhbir

Status: needs_revisionneeds_review

comment:17 Changed 10 hours ago by Hello71

I don't think this is correct. the gcc version has no particular relation to the glibc version. moreover, it may not even be installed. removing libraries is not a good idea, as the user may want to move their installation to another machine (or share it between two OSes on the same machine). additionally, grepping the versions is not a reliable way of checking ABI compatibility, as there may be missing symbols as well. the right-er way to do this is to build an old binary and a new binary, try to run the new binary on the system, and if it fails, use our library. this doesn't quite account for missing symbols though.

comment:18 Changed 10 hours ago by gk

Status: needs_reviewneeds_revision

Replying to sukhbir:

For review:

https://github.com/azadi/tor-browser-build-1/tree/bug-25485

This is tested on Ubuntu 17.04 (gcc 7; newer) as well as Ubuntu 16.04 (gcc 5.3.1; older). To initiate the ABI check, we compare the installed gcc version with the bundled Tor Browser version 6.4.0. If the installed version is more recent, we remove the bundled libstdc++.so.6 from Browser/TorBrowser/Tor, which removes it from LD_LIBRARY_PATH.

That makes me nervous. It is not unusual (at least for me) to have different compiler versions around on my Linux box and use them. If I happen to use a newer version than usual your patch my blow away my libstdc++ which Tor Browser ships but switching back to my regular compiler suddenly breaks Tor Browser now.

I think trying to figure out the installed libstdc++ version and comparing it to the one we ship and not using the latter if the former is newer seems like a more plausible idea to me. However, there might be pitfalls we'd like to avoid in this scenario as well.

comment:19 Changed 10 hours ago by sukhbir

So the question then is that if it's not strings, then what would be a good way of finding out the installed version of libstdc++ to compare with the bundled version? Would parsing the readelf output be a better fit?

comment:20 Changed 10 hours ago by Hello71

not really. it still doesn't fix the symbols issue, and worse, binutils is also not necessarily installed.

comment:21 Changed 10 hours ago by Hello71

how does standard firefox fix this?

comment:22 in reply to:  21 Changed 6 hours ago by sukhbir

Replying to Hello71:

how does standard firefox fix this?

They don't have this issue; see comment:9.

Note: See TracTickets for help on using tickets.