Segfault on construction of class using json in a multi threaded application

[Levi-Armstrong]

Describe the bug
Segfault on construction of class using json in a multi threaded application.

gdb output:

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x00007fffe99a535f in ?? () from /usr/lib/x86_64-linux-gnu/libjsoncpp.so.1
(gdb) bt
#0  0x00007fffe99a535f in ?? () from /usr/lib/x86_64-linux-gnu/libjsoncpp.so.1
#1  0x00007ffff7de5733 in call_init (env=0x7fffffffd3e8, argv=0x7fffffffd3d8, argc=1, l=<optimized out>) at dl-init.c:72
#2  _dl_init (main_map=0x7ffff7ffe170, argc=1, argv=0x7fffffffd3d8, env=0x7fffffffd3e8) at dl-init.c:119
#3  0x00007ffff7dd60ca in _dl_start_user () from /lib64/ld-linux-x86-64.so.2
#4  0x0000000000000001 in ?? ()
#5  0x00007fffffffd7eb in ?? ()
#6  0x0000000000000000 in ?? ()

If I remove the following lines of code the issue goes away.

#if JSON_USE_NULLREF
// for backwards compatibility, we'll leave these global references around, but
// DO NOT use them in JSONCPP library code any more!
// static
Value const& Value::null = Value::nullSingleton();

// static
Value const& Value::nullRef = Value::nullSingleton();
#endif

To Reproduce
Steps to reproduce the behavior:

1. I will work on a test case but I have been able to reproduce on multiple machines.

Desktop (please complete the following information):

• Ubuntu 18.04.3 LTS
• Intel® Core™ i7-4700MQ CPU @ 2.40GHz × 8
• Quadro K1100M/PCIe/SSE2
• GNOME 3.28.2
• 64-bit

[BillyDonahue]

I can't reproduce this.

( Attempted at https://github.com/BillyDonahue/jsoncpp/tree/issue_1107 )

Is your __cxa_guard_acquire not working right?

You had the debugger open, what memory location was being accessed by the instruction that threw the SIGSEGV? Would love to see exactly what happened, at a lower level.

[Levi-Armstrong]

Thank you for looking into it. I will get the information on the memory location being accessed.

[warisb]

I just ran into this myself almost exactly as described. I am curious why the bug was closed?

My stack trace is as follows (I got a bit more symbols than OP):

Program received signal SIGSEGV, Segmentation fault. 
0x00007f91c6a62008 in __static_initialization_and_destruction_0 (__initialize_p=__initialize_p@entry=1, __priority=__priority@entry=65535) at /home/wboonyasiriwat/dev/aktualizr/build/jsoncpp/jsoncpp.cc:2487
2487    Value const& Value::null = Value::nullSingleton();
(gdb) bt
#0  0x00007f91c6a62008 in __static_initialization_and_destruction_0 (__initialize_p=__initialize_p@entry=1, __priority=__priority@entry=65535) at /home/wboonyasiriwat/dev/aktualizr/build/jsoncpp/jsoncpp.cc:2487
#1  0x00007f91c6a761da in _GLOBAL__sub_I_jsoncpp.cc(void) () at /home/wboonyasiriwat/dev/aktualizr/build/jsoncpp/jsoncpp.cc:5314
#2  0x00007f91c7b838d3 in call_init (env=0x7ffd3fb94048, argv=0x7ffd3fb94038, argc=1, l=<optimized out>) at dl-init.c:72
#3  _dl_init (main_map=0x7f91c7d9e170, argc=1, argv=0x7ffd3fb94038, env=0x7ffd3fb94048) at dl-init.c:119
#4  0x00007f91c7b740ca in _dl_start_user () from /lib64/ld-linux-x86-64.so.2
#5  0x0000000000000001 in ?? ()
#6  0x00007ffd3fb950ad in ?? ()
#7  0x0000000000000000 in ?? (

a similar workaround to the OP, compiling with JSON_USE_NULLREF=0 will get rid of the segfault. I believe this is related to an old bug #488, which posits that the variable Value::null is being accessed before it is properly initialized. However, neither my program nor jsoncpp refers to the offending variable anymore, so there's no "access". It segfaults simply by being initialized. I'm puzzled as to why, but I don't think this issue is quite figured out. Can this be reopened?

[BillyDonahue]

I agree this hasn't been figured out.