AWS C++ Lambda - segmentation fault

Question

I have successfully installed an AWS CLI on WSL. In addition I did follow these instructions: https://aws.amazon.com/blogs/compute/introducing-the-c-lambda-runtime/

Now, the first example works and when I run a testcase all is functioning properly and the test succeeds. However, when I run the example from the link above with the encoder with a test, the execution fails.

This is the error log:

s2n_init() failed: 402653268 (Failed to load or unload an openssl provider)
Fatal error condition occurred in /home/username/aws-sdk-cpp/crt/aws-crt-cpp/crt/aws-c-io/source/s2n/s2n_tls_channel_handler.c:197: 0 && "s2n_init() failed"
Exiting Application
No call stack information available
START RequestId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Version: $LATEST
2022-11-21T09:02:07.642Z xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Task timed out after 1.02 seconds

END RequestId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
REPORT RequestId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx  Duration: 1015.50 ms    Billed Duration: 1000 ms    Memory Size: 128 MB Max Memory Used: 16 MB

Now, there are two hints in here:

failed to load or unload an openssl provider
something with certificates seen the location where the error occured. This location is my local machine which I Find odd since the (binary) code is uploaded to AWS and running there, not on my local machine I'd assume?

Have I missed an installation step somewhere or is my configuration incorrect? What can I do to provide more information for myself and / or solve the issue?

If by #2 you are referring to the error message from s2n_tls_channel_handler.c, that's because C and C++ are compiled languages. That was the source file at the time of compilation. Also, what does awscli have to do with this? — jarmod, Nov 21 '22 at 16:06
comment about #2 makes sense, would that indicate that the compiler was not able of finding the certificate? Because there is a certificate in that path the example provides. "/etc/pki/tls/certs/ca-bundle.crt" although I'm not quite sure if the file is correct or how to ge the correct file at that location. What AWSCLI has to do with it? I honestly wouldn't know but all kinds of commands (see example) require the AWS CLI so since I don't know the cause of this issue, I could not determine if AWS CLI was involved in the solution — Mart, Nov 21 '22 at 16:29

score 2 · Accepted Answer · answered Nov 24 '22 at 18:48

2

This solution worked - https://www.mail-archive.com/openssl-users@openssl.org/msg91357.html. (Disabling S2N_LIBCRYPTO_SUPPORTS_EVP_RC4 in aws-sdk-cpp)

answered Nov 24 '22 at 18:48

barath

76
1
3

I would like to try either of those, but I am clueless in where to either set no-module (what file, what command?) or where to disable S2N_LIBCRYPTO_SUPPORTS_EVP_RC4 (file / command) – Mart Nov 28 '22 at 09:05
1

I followed the 2nd method where I disabled S2N_LIBCRYPTO_SUPPORTS_EVP_RC4 in crt/aws-crt-cpp/crt/s2n/CMakeLists.txt and crt/aws-crt-cpp/crt/s2n/s2n.mk. You can grep for S2N_LIBCRYPTO_SUPPORTS_EVP_RC4 and you will get the exact line numbers. I recompiled the aws-sdk-cpp after disabling it. Hope it helps. – barath Nov 29 '22 at 07:40

score 0 · Answer 2 · answered Nov 29 '22 at 09:30

With the help of @barath I succeeded. I'd like to form a complete answer because two issues are to be addressed here:

1)There is a bug in the "beyond hello" example's main.cpp code

S3::S3Client client(credentialsProvider, config);

must be:

S3::S3Client client(config);

2)to get rid of the s2n_init() error, one needs to do as barath explained:

nano ~/aws-sdk-cpp/crt/aws-crt-cpp/crt/s2n/CMakeLists.txt -l

Comment line 414 to look like this from line 413 to 415

if (LIBCRYPTO_SUPPORTS_EVP_RC4)
     #target_compile_options(${PROJECT_NAME} PUBLIC -DS2N_LIBCRYPTO_SUPPORTS_EVP_RC4)
endif()

save the file.

nano ~/aws-sdk-cpp/crt/aws-crt-cpp/crt/s2n/s2n.mk -l

add a comment on line ~223 such that, from line ~222 the code looks like:

ifeq ($(TRY_EVP_RC4), 0)
        #DEFAULT_CFLAGS += -DS2N_LIBCRYPTO_SUPPORTS_EVP_RC4
endif

Now you can continue the example on https://aws.amazon.com/blogs/compute/introducing-the-c-lambda-runtime/ with

$ cmake .. -DCMAKE_BUILD_TYPE=Release -DCMAKE_PREFIX_PATH=~/out
$ make
$ make aws-lambda-package-encoder

Steve meyer · Answer 3 · 2023-06-22T11:38:43.543

0

This error has occurred when the lambda function was built in a docker image different from the lambda runtime image.

For example:

Docker image where code is built - AmazonLinux (no tag, latest version)
Lambda Runtime OS - AmazonLinux:2

edited Jun 22 '23 at 11:38

answered Jun 14 '23 at 15:20

Steve meyer

1
2

This does not really answer the question. If you have a different question, you can ask it by clicking [Ask Question](https://stackoverflow.com/questions/ask). To get notified when this question gets new answers, you can [follow this question](https://meta.stackexchange.com/q/345661). Once you have enough [reputation](https://stackoverflow.com/help/whats-reputation), you can also [add a bounty](https://stackoverflow.com/help/privileges/set-bounties) to draw more attention to this question. - [From Review](/review/late-answers/34546608) – user12256545 Jun 20 '23 at 17:07
If the error is occurring because of their development setup, then the best fix is to correct the development setup. This specific error has been been seen to occur when building in a different Amazon linux version than the Lambda OS where the code executes. – Steve meyer Jun 22 '23 at 11:37
I have seen this error and fixed it by changing the base image for the Docker container where the Lambda code was being built. – Steve meyer Jun 22 '23 at 11:46

AWS C++ Lambda - segmentation fault

3 Answers3