Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable ASan, TSan, UBSan for aarch64-apple-darwin. #79883

Merged
merged 10 commits into from
Jan 2, 2021
Merged

Enable ASan, TSan, UBSan for aarch64-apple-darwin. #79883

merged 10 commits into from
Jan 2, 2021

Conversation

frewsxcv
Copy link
Member

@frewsxcv frewsxcv commented Dec 10, 2020
edited
Loading

I confirmed ASan, TSan, UBSan all work for me locally with clang on my new Macbook Air.

This requires rust-lang/llvm-project#86

@rust-highfive
Copy link
Collaborator

r? @lcnr

(rust-highfive has picked a reviewer for you, use r? to override)

@rust-highfive rust-highfive added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Dec 10, 2020
@frewsxcv frewsxcv requested a review from shepmaster December 10, 2020 04:56
@frewsxcv
Copy link
Member Author

I'm compiling Rust locally with these changes to confirm.

@frewsxcv
Copy link
Member Author 

/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/bin/rustc -Zsanitizer=address /Users/coreyf/dev/rust-lang/rust/src/test/ui/sanitize/new-llvm-pass-manager-thin-lto.rs
error: linking with `cc` failed: exit code: 1
  |
  = note: "cc" "-arch" "arm64" "-Wl,-rpath" "-Xlinker" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib" "-lrustc-dev_rt.asan" "-L" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.0.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.1.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.2.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.3.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.4.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.5.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.6.rcgu.o" "new-llvm-pass-manager-thin-lto.new_llvm_pass_manager_thin_lto.7rcbfp3g-cgu.7.rcgu.o" "-o" "new-llvm-pass-manager-thin-lto" "new-llvm-pass-manager-thin-lto.3s7blind72jn2fhm.rcgu.o" "-Wl,-dead_strip" "-nodefaultlibs" "-L" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libstd-65ab0e7d9cf0fb87.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libpanic_unwind-4c9cd63d6513f642.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libobject-a259f338f0b7b73d.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libaddr2line-df5c21a60c2d9580.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libgimli-912b769937cf57e6.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc_demangle-50dd149dc108cbb5.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libhashbrown-02799d7e76ed6237.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc_std_workspace_alloc-4896ae0049a4a17c.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libunwind-5cf7fb4e1b850582.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libcfg_if-44d6c655565382dd.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/liblibc-83d4eff421d392fe.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/liballoc-e50135f33201856a.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc_std_workspace_core-405f59a762fe09ad.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libcore-cd4ecd8429490fa9.rlib" "/Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/libcompiler_builtins-8f64d161accbb588.rlib" "-lSystem" "-lresolv" "-lc" "-lm"
  = note: ld: library not found for -lrustc-dev_rt.asan
          clang: error: linker command failed with exit code 1 (use -v to see invocation)
          

error: aborting due to previous error

I will investigate tomorrow

@lcnr
Copy link
Contributor

lcnr commented Dec 10, 2020

can't really review this, as you've already requested a review by @shepmaster

r? @shepmaster

@rust-highfive rust-highfive assigned shepmaster and unassigned lcnr Dec 10, 2020
@frewsxcv
Copy link
Member Author

Regarding my last comment, I forgot to enable sanitizers in my config.toml. I then had an issue where running a binary generated with -Zsanitizer=address would result in a sigkill. I then found this in the compiler build logs:

/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.asan.dylib (for architecture x86_64)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.asan.dylib (for architecture x86_64h)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.asan.dylib (for architecture arm64)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.lsan.dylib (for architecture x86_64)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.lsan.dylib (for architecture x86_64h)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.lsan.dylib (for architecture arm64)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.tsan.dylib (for architecture x86_64)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.tsan.dylib (for architecture x86_64h)
/Library/Developer/CommandLineTools/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.tsan.dylib (for architecture arm64)

These warning occur when we run install_name_tool (e.g. install_name_tool -id @rpath/librustc-dev_rt.asan.dylib /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.asan.dylib).

So it seems that by changing the dynamic libraries' names, we invalidate the signature. If I manually re-sign via:

codesign -f -s - ./build/aarch64-apple-darwin/stage1/lib/rustlib/aarch64-apple-darwin/lib/librustc-dev_rt.asan.dylib

Then ASAN seems to work:

% cat badfree.rs
// needs-sanitizer-support
// needs-sanitizer-address
//
// compile-flags: -Z sanitizer=address -O
//
// run-fail
// error-pattern: AddressSanitizer: SEGV

use std::ffi::c_void;

extern "C" {
    fn free(ptr: *mut c_void);
}

fn main() {
    unsafe {
        free(1 as *mut c_void);
    }
}

% /Users/coreyf/dev/rust-lang/rust/build/aarch64-apple-darwin/stage1/bin/rustc -Zsanitizer=address badfree.rs    

% ./badfree
==21477==ERROR: AddressSanitizer failed to allocate 0x200004000 (8589950976) bytes at address fffffc000 (errno: 12)
==21477==ReserveShadowMemoryRange failed while trying to map 0x200004000 bytes. Perhaps you're using ulimit -v
zsh: abort      ./badfree

@alex
Copy link
Member

alex commented Dec 10, 2020

That's not really the ASAN error I'd expect from that code, FWIW -- what I get on x86 looks way more sensible.

@frewsxcv
Copy link
Member Author

That's not really the ASAN error I'd expect from that code, FWIW -- what I get on x86 looks way more sensible.

I was just wondering about this. It seems like ASan is failing to allocate memory for itself and this is just the error log? Hm

@frewsxcv
Copy link
Member Author

Here's the LLDB output, which maybe confirms that:

(lldb) target create "./badfree"
Current executable set to '/Users/coreyf/dev/rust-lang/rust/badfree' (arm64).

(lldb) run
Process 21550 launched: '/Users/coreyf/dev/rust-lang/rust/badfree' (arm64)
==21550==ERROR: AddressSanitizer failed to allocate 0x200004000 (8589950976) bytes at address fffffc000 (errno: 12)
==21550==ReserveShadowMemoryRange failed while trying to map 0x200004000 bytes. Perhaps you're using ulimit -v
Process 21550 stopped
* thread #1, stop reason = signal SIGABRT
    frame #0: 0x000000018be3fcec libsystem_kernel.dylib`__pthread_kill + 8
libsystem_kernel.dylib`__pthread_kill:
->  0x18be3fcec <+8>:  b.lo   0x18be3fd0c               ; <+40>
    0x18be3fcf0 <+12>: pacibsp 
    0x18be3fcf4 <+16>: stp    x29, x30, [sp, #-0x10]!
    0x18be3fcf8 <+20>: mov    x29, sp
Target 0: (badfree) stopped.

(lldb) thread backtrace
* thread #1, stop reason = signal SIGABRT
  * frame #0: 0x000000018be3fcec libsystem_kernel.dylib`__pthread_kill + 8
    frame #1: 0x000000018be70c24 libsystem_pthread.dylib`pthread_kill + 292
    frame #2: 0x000000018bdb8864 libsystem_c.dylib`abort + 104
    frame #3: 0x00000001001bf054 librustc-dev_rt.asan.dylib`::Abort() at sanitizer_posix_libcdep.cpp:155:3 [opt]
    frame #4: 0x00000001001ab200 librustc-dev_rt.asan.dylib`::ReserveShadowMemoryRange() at asan_shadow_setup.cpp:38:5 [opt]
    frame #5: 0x00000001001ab27c librustc-dev_rt.asan.dylib`::InitializeShadowMemory() at asan_shadow_setup.cpp:129:7 [opt]
    frame #6: 0x00000001001aa6f0 librustc-dev_rt.asan.dylib`::AsanInitInternal() at asan_rtl.cpp:463:3 [opt]
    frame #7: 0x00000001001aa5a0 librustc-dev_rt.asan.dylib`::AsanInitFromRtl() at asan_rtl.cpp:537:3 [opt] [artificial]
    frame #8: 0x00000001001a1fa0 librustc-dev_rt.asan.dylib`::wrap_malloc_default_zone() at sanitizer_malloc_mac.inc:86:3 [opt]
    frame #9: 0x000000018bca48c0 libsystem_malloc.dylib`__malloc_init + 896
    frame #10: 0x00000001954c27c4 libSystem.B.dylib`libSystem_initializer + 184
    frame #11: 0x000000010007f90c dyld`ImageLoaderMachO::doModInitFunctions(ImageLoader::LinkContext const&) + 868
    frame #12: 0x000000010007fb94 dyld`ImageLoaderMachO::doInitialization(ImageLoader::LinkContext const&) + 56
    frame #13: 0x000000010007984c dyld`ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&, unsigned int, char const*, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 620
    frame #14: 0x0000000100079794 dyld`ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&, unsigned int, char const*, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 436
    frame #15: 0x0000000100079794 dyld`ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&, unsigned int, char const*, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 436
    frame #16: 0x0000000100079794 dyld`ImageLoader::recursiveInitialization(ImageLoader::LinkContext const&, unsigned int, char const*, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 436
    frame #17: 0x0000000100077300 dyld`ImageLoader::processInitializers(ImageLoader::LinkContext const&, unsigned int, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 192
    frame #18: 0x00000001000773cc dyld`ImageLoader::runInitializers(ImageLoader::LinkContext const&, ImageLoader::InitializerTimingList&) + 96
    frame #19: 0x000000010006284c dyld`dyld::initializeMainExecutable() + 220
    frame #20: 0x0000000100068b98 dyld`dyld::_main(macho_header const*, unsigned long, int, char const**, char const**, char const**, unsigned long*) + 7388
    frame #21: 0x0000000100061258 dyld`dyldbootstrap::start(dyld3::MachOLoaded const*, int, char const**, dyld3::MachOLoaded const*, unsigned long*) + 476
    frame #22: 0x0000000100061038 dyld`_dyld_start + 56

@alex
Copy link
Member

alex commented Dec 10, 2020

I agree that it looks like ASAN is failing to set itself up.

@frewsxcv
Copy link
Member Author

frewsxcv commented Dec 10, 2020
edited
Loading

@saleemrashid pointed me to llvm/llvm-project@176a6e7 which I cherry-picked on top of Rust's current LLVM commit and it fixes the previous issue! d517333

@frewsxcv frewsxcv mentioned this pull request Dec 10, 2020
Merged
@frewsxcv frewsxcv added the A-sanitizers Area: Sanitizers for correctness and code quality label Dec 11, 2020
@frewsxcv frewsxcv mentioned this pull request Dec 11, 2020
Closed
31 tasks
@frewsxcv
Copy link
Member Author

This is ready for review! Note that this pull request is blocked on rust-lang/llvm-project#86

@frewsxcv
Copy link
Member Author

rust-lang/llvm-project#86 has merged so it's now just waiting for a review

@frewsxcv frewsxcv added the O-macos Operating system: macOS label Dec 18, 2020
@bors
Copy link
Contributor

bors commented Jan 1, 2021

☔ The latest upstream changes (presumably #80566) made this pull request unmergeable. Please resolve the merge conflicts.

@frewsxcv
Copy link
Member Author

frewsxcv commented Jan 1, 2021

Merge conflicts resolved

alex
alex reviewed Jan 1, 2021
View reviewed changes
Copy link
Member

@alex alex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One question, otherwise looks good to me (with the caveat that I'm far from a rustc expert!)

compiler/rustc_session/src/session.rs
"aarch64-unknown-linux-gnu",
"x86_64-apple-darwin",
"x86_64-unknown-linux-gnu",
];
const MSAN_SUPPORTED_TARGETS: &[&str] =
&["aarch64-unknown-linux-gnu", "x86_64-unknown-freebsd", "x86_64-unknown-linux-gnu"];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not MSAN :-)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I returned my new Macbook Air (need more memory and waiting for the new one to ship), so I can't easily confirm, but I recall there being an error message saying macOS is not supported by MSan, which is maybe why x86_64-apple-darwin is also not listed here. These docs also back up this claim

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I clearly have the reading comprehension of a goldfish, I totally missed that no macOS platforms were there.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/~https://github.com/llvm/llvm-project/blob/62ec4ac90738a5f2d209ed28c822223e58aaaeb7/compiler-rt/cmake/config-ix.cmake#L696-L701

if (COMPILER_RT_HAS_SANITIZER_COMMON AND MSAN_SUPPORTED_ARCH AND
    OS_NAME MATCHES "Linux|FreeBSD|NetBSD")
  set(COMPILER_RT_HAS_MSAN TRUE)
else()
  set(COMPILER_RT_HAS_MSAN FALSE)
endif()

shepmaster
shepmaster reviewed Jan 1, 2021
View reviewed changes
src/bootstrap/compile.rs
Comment on lines +362 to +363
// Upon renaming the install name, the code signature of the file will invalidate,
// so we will sign it again.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't follow this. Renaming other signed files doesn't cause problems; why does this?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Renaming the file with mv doesn't invalidate the signature, but renaming the install name (within the contents of the file) with install_name_tool does invalidate.

Searching for "install_name_tool invalidate signature" on Google returns other projects that have hit this. For example: https://community.intel.com/t5/Intel-oneAPI-Threading-Building/Mac-install-location-conflicts-with-code-signing/m-p/1008483/highlight/true#M12505

@shepmaster
Copy link
Member

@bors r+ rollup

My understanding is that these tools aren't critical so if we realize that this breaks them somehow, it won't be a big thing until we can fix them.

@bors
Copy link
Contributor

bors commented Jan 1, 2021

📌 Commit d482de3 has been approved by shepmaster

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Jan 1, 2021
@frewsxcv
Copy link
Member Author

frewsxcv commented Jan 1, 2021

@bors r+ rollup

My understanding is that these tools aren't critical so if we realize that this breaks them somehow, it won't be a big thing until we can fix them.

Thanks for the review! What you said sounds right. The only functionality I'm changing for existing platforms is the addition of that extra code signing step for macOS machines. So if we saw an regressions on other platforms, I'd expect it to be just limited to macOS, and that code addition in particular.

@bors
Copy link
Contributor

bors commented Jan 2, 2021

⌛ Testing commit d482de3 with merge 5986dd8...

@bors
Copy link
Contributor

bors commented Jan 2, 2021

☀️ Test successful - checks-actions
Approved by: shepmaster
Pushing 5986dd8 to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Jan 2, 2021
@bors bors merged commit 5986dd8 into rust-lang:master Jan 2, 2021
@rustbot rustbot added this to the 1.51.0 milestone Jan 2, 2021
@frewsxcv frewsxcv deleted the frewsxcv-san branch January 2, 2021 14:51
@petrochenkov petrochenkov mentioned this pull request Sep 22, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shepmaster shepmaster shepmaster left review comments

@tmiasko tmiasko tmiasko approved these changes

@alex alex alex approved these changes

Assignees

@shepmaster shepmaster

Labels
A-sanitizers Area: Sanitizers for correctness and code quality merged-by-bors This PR was explicitly merged by bors. O-macos Operating system: macOS S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion.
Projects
None yet
Milestone
1.51.0
Development

Successfully merging this pull request may close these issues.
8 participants
@frewsxcv @rust-highfive @lcnr @alex @bors @shepmaster @tmiasko @rustbot