i686-unknown-linux-gnu/bin/cargo: error while loading shared libraries: libatomic.so.1 #13546
Comments
This comment was marked as resolved.
This comment was marked as resolved.
|
That is an old year in the image name. What's the glibc version? We only support kernel 3.2+, glibc 2.17+ as listed in https://doc.rust-lang.org/nightly/rustc/platform-support.html |
|
It's a CentOS 7 which has glibc 2.17, since it's running in Docker on Ubuntu 22.04, it should have a newer kernel version than 3.2. # uname -a
Linux 2d9d45df5509 5.19.0-1029-aws rust-lang/rust#30~22.04.1-Ubuntu SMP Thu Jul 13 17:17:32 UTC 2023 i686 i686 i386 GNU/Linux
# rustc -vV
rustc 1.78.0-nightly (d18480b84 2024-03-04)
binary: rustc
commit-hash: d18480b84fdbf1efc34f62070951334aa833d761
commit-date: 2024-03-04
host: i686-unknown-linux-gnu
release: 1.78.0-nightly
LLVM version: 18.1.0
# # cargo
/root/.rustup/toolchains/nightly-i686-unknown-linux-gnu/bin/cargo: error while loading shared libraries: libatomic.so.1: cannot open shared object file: No such file or directory
# # ldd /root/.rustup/toolchains/nightly-i686-unknown-linux-gnu/bin/cargo
linux-gate.so.1 => (0xf7f0e000)
libdl.so.2 => /lib/libdl.so.2 (0xf621c000)
libatomic.so.1 => not found
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xf6201000)
librt.so.1 => /lib/librt.so.1 (0xf61f7000)
libpthread.so.0 => /lib/libpthread.so.0 (0xf61dc000)
libm.so.6 => /lib/libm.so.6 (0xf619a000)
libc.so.6 => /lib/libc.so.6 (0xf5fcf000)
/lib/ld-linux.so.2 (0xf7f10000)
# ldd --version
ldd (GNU libc) 2.17 |
|
cc @weihanglo in case you know something about this. |
|
For comparison, Rust stable (1.76.0 ATM) works fine: # ~/.rustup/toolchains/stable-i686-unknown-linux-gnu/bin/cargo -vV
cargo 1.76.0 (c84b36747 2024-01-18)
release: 1.76.0
commit-hash: c84b367471a2db61d2c2c6aab605b14130b8a31b
commit-date: 2024-01-18
host: i686-unknown-linux-gnu
libgit2: 1.7.1 (sys:0.18.1 vendored)
libcurl: 8.5.0-DEV (sys:0.4.70+curl-8.5.0 vendored ssl:OpenSSL/1.1.1w)
ssl: OpenSSL 1.1.1w 11 Sep 2023
os: CentOS 7.0.0 [32-bit]
# ldd ~/.rustup/toolchains/stable-i686-unknown-linux-gnu/bin/cargo
linux-gate.so.1 => (0xf7f2a000)
libdl.so.2 => /lib/libdl.so.2 (0xf6156000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xf613b000)
librt.so.1 => /lib/librt.so.1 (0xf6132000)
libpthread.so.0 => /lib/libpthread.so.0 (0xf6116000)
libm.so.6 => /lib/libm.so.6 (0xf60d4000)
libc.so.6 => /lib/libc.so.6 (0xf5f09000)
/lib/ld-linux.so.2 (0xf7f2c000) |
|
This is the bad Cargo submodule update rust-lang/rust#121214. It is very likely that OpenSSL v3 did something differently than v1. |
|
Probably this openssl/openssl#23376? |
|
sfackler/rust-openssl#2163 and I mentioned it earlier in #13449 (comment) |
|
This seems to happen again in |
chore: downgrade to openssl v1.1.1 (again) Accidentally updated by <#13674> See #13546 (comment)
|
Seems like this is happening again in See PyO3/maturin-action#283 and https://github.com/Warthunder-Open-Source-Foundation/wt_blk/actions/runs/10321002590/job/28572852583#step:4:196 |
|
That was me overlooking it again: #14299 |
chore: downgrade to openssl v1.1.1 (again) It happened again in <#14299>. See <#13546 (comment)> and <#13731>.
|
@messense should have been fixed via #14391 and rust-lang/rust#129066. |
|
is it possible to temporarily pin openssl to 1.0.66? openssl has a vulnerability prior to 1.0.66, i don't know if this affect the cargo code base. |
I don't think so. In Cargo we only call |
* feat: init a repo for default use_case template * fix: pr suggestions * feat: create repo after cloning template & commit after tests * chore: remove x86 support (rust-lang/cargo#13546) * ci: uselibgit2-dev only * fix: remove commit * chore: cleanup & test ci without ssl feature * fix: remove openssl and warm user if we can't set a git repo
|
Note that this is happening again on rustc 1.87.0-nightly (794c12416 2025-02-21): https://github.com/PyO3/maturin-action/actions/runs/13468372295/job/37638469231 |
|
This was an overlook in #15166 and apparently we forgot to actually add openssl-sys to The bad news is that #15166 is now in beta toolchain already. If we're going to fix this again we might need to revert it in beta as well. |
|
Better get it reverted before it reaches stable I think? |
|
The OpenSSL v1 has been EOL for more than a year. Unsure the potential security implications of continuing with v1. I wonder how common an i686-unknown-linux-gnu image lacks for libatomic. I assume it is fairly common since some 32-bit CPUs don't have built-in atomic operations, and usually libatomic is packaged separately on those distros, right? |
### What does this PR try to resolve? From #13546 (comment) > This was an overlook in <#15166> and apparently we forgot to actually add openssl-sys to `cargo` package. The pinned version is [under `workspace.dependencies`](#15166) so it never really affect the dependency resolution. > > The bad news is that <#15166> is now in beta toolchain already. If we're going to fix this again we might need to revert it in beta as well. This PR fixes it. However, I think we should find a way to unpin the version. ### How should we test and review this PR? If we're going to merge this, we might want to backport to beta
|
Well, because of that I maintain my own openssl-1.1.1 feature branch with all necessary CVE fixes here: |
|
The Cargo team has discussed this issue in today's meeting. The root cause is convoluted, but can be seen as a bad interaction between Clang not providing built-in libatomic, and a bug in OpenSSL v3 that it doesn't use aligned intergers on 32-bit platforms. Folks on Zulip have evaluated some possible solutions, and agree with that the most straightforward solution is requiring libatomic on 32-bit platforms when running Cargo. libatomic is generally available in major Linux distributions. If you're seeing an error like this: i686-unknown-linux-gnu/bin/cargo: error while loading shared libraries: libatomic.so.1You could install libatomic through your system package manager. |
### What does this PR try to resolve? After this, Cargo in the official Rust distribution will have a hard dependency on libatomic on 32-bit platforms, until upstream issues get resolved. See <#13546 (comment)> for more details. Fixes #13546 ### How should we test and review this PR? I leave the version requirements in Cargo.toml to inclue old v1 versions, in case people really want to build cargo with the EOL OpenSSL v1. Also, I am not going to pull back <rust-lang/rust#137507>, unless someone thinks it is needed.
Maintainer's note:
In Rust 1.87, Cargo in the official Rust distribution will have a hard dependency on libatomic on 32-bit platforms.
For more, see
When running
cargoin aquay.io/pypa/manylinux2014_i686:latestDocker container, it gives the following errorIs
libatomic.so.1a hard requirement for cargo now?Meta
rustc --version --verbose:The text was updated successfully, but these errors were encountered: