Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

osx: _FORTIFY_SOURCE=1 is always enabled, which breaks asan #6932

Closed
steeve opened this issue Dec 14, 2018 · 8 comments
Closed

osx: _FORTIFY_SOURCE=1 is always enabled, which breaks asan #6932

steeve opened this issue Dec 14, 2018 · 8 comments
Labels
P3 We're not considering working on this, but happy to review a PR. (No assignee) team-Rules-CPP Issues for C++ rules z-team-Apple Deprecated. Send to rules_apple, or label team-Rules-CPP + platform:apple

Comments

@steeve
Copy link
Contributor

steeve commented Dec 14, 2018
edited
Loading

Description of the problem / feature request:

-D_FORTIFY_SOURCE=1 is enabled by default on OSX. This break when trying to use asan.

$ xcrun --sdk macosx clang -dM -E -fsanitize=address - < /dev/null | grep FORTIFY
#define _FORTIFY_SOURCE 0
$

When running a build with -fsanitize=address, the build outputs warnings with:

<command line>:1:9: warning: '_FORTIFY_SOURCE' macro redefined [-Wmacro-redefined]
#define _FORTIFY_SOURCE 1
        ^
<built-in>:386:9: note: previous definition is here
#define _FORTIFY_SOURCE 0

However, according to https://github.com/google/sanitizers/wiki/AddressSanitizer, _FORTIFY_SOURCE should be disabled when using asan.

A3: If _FORTIFY_SOURCE is enabled, ASan may have false positives, see next question.

Q: I've compiled my code with -D_FORTIFY_SOURCE flag and ASan, or -D_FORTIFY_SOURCE is enabled by default in my distribution (most modern distributions). Now ASan misbehaves (either produces false warnings, or does not find some bugs).

A: Currently ASan (and other sanitizers) doesn't support source fortification, see google/sanitizers#247. The fix should most likely be on the glibc side, see the (stalled) discussion here.

However, adding the following options doesn't help either since it's defined in the CROSSTOOL it seems:

build:asan --copt="-U_FORTIFY_SOURCE"

Feature requests: what underlying problem are you trying to solve with this feature?

Use asan on osx.

Bugs: what's the simplest, easiest way to reproduce this bug? Please provide a minimal example if possible.

Run a C++ build with the following arg:

--copt="-fsanitize=address"

What operating system are you running Bazel on?

osx

What's the output of bazel info release?

release 0.19.0

Have you found anything relevant by searching the web?

  1. https://github.com/znly/bazel/blob/master/tools/osx/crosstool/CROSSTOOL.tpl#L64 and throughout the file.
  2. Support source fortification google/sanitizers#247

I can submit a PR if everybody approves me of removing it by default.

I'm also noticing it is enabled by default on linux.

We managed to get around using the following configuration:

build:asan              --strip=never
build:asan              --copt="-Wno-macro-redefined"
build:asan              --copt="-D_FORTIFY_SOURCE=0"
build:asan              --copt="-O1"
build:asan              --copt="-fno-omit-frame-pointer"
build:asan              --copt="-fsanitize=address"
build:asan              --copt="-DADDRESS_SANITIZER"
build:asan              --linkopt="-fsanitize=address"
@steeve steeve changed the title osx: _FORTIFY_SOURCE should only be enabled on optimised builds osx: _FORTIFY_SOURCE=1 is always enabled, which break asan Dec 14, 2018
@steeve steeve changed the title osx: _FORTIFY_SOURCE=1 is always enabled, which break asan osx: _FORTIFY_SOURCE=1 is always enabled, which breaks asan Dec 14, 2018
@jgavris
Copy link
Contributor

jgavris commented Dec 14, 2018

+1, We're using the following config.

# Address sanitizer config.
# Add --config=asan to your bazel command.
build:asan --strip=never
build:asan --copt -Wno-macro-redefined # Asan sets _FORTIFY_SOURCE=0
build:asan --copt -DADDRESS_SANITIZER
build:asan --copt -D_LIBCPP_HAS_NO_ASAN
build:asan --copt -g
build:asan --copt -fno-omit-frame-pointer
build:asan --copt -fno-optimize-sibling-calls
build:asan --copt -fsanitize=address
build:asan --linkopt -fsanitize=address

@steeve
Copy link
Contributor Author

steeve commented Dec 14, 2018

@jgavris from what I could read online, you might want to redefine _FORTIFY_SOURCE to 0, see google/sanitizers#247 as to why

@jin jin added z-team-Apple Deprecated. Send to rules_apple, or label team-Rules-CPP + platform:apple untriaged labels Dec 14, 2018
@tetromino tetromino added team-Rules-CPP Issues for C++ rules P3 We're not considering working on this, but happy to review a PR. (No assignee) type: bug and removed untriaged labels Dec 17, 2018
@tetromino
Copy link
Contributor

Makes sense. I don't understand why we force _FORTIFY_SOURCE=1 in the public osx CROSSTOOL given that we don't do this in the internal one.

I think we should keep _FORTIFY_SOURCE=1 only in opt mode.

@mhlopko - you have looked at the osx CROSSTOOL before, what do you think?

@steeve
Copy link
Contributor Author

steeve commented Dec 17, 2018
edited
Loading

@tetromino actually I'm guessing the problem also exists on every OS, doesn't it ?

also, what is the status on using sanitizers + blaze inside google ?

@tetromino
Copy link
Contributor

On second thought, I think this is working as intended.

Please try bazel build --features=asan //my:target - that should set a working combination of cflags.

@tetromino
Copy link
Contributor

tetromino commented Dec 17, 2018
edited
Loading

It seems that --features=asan isn't working for cc_binary on osx, but ideally, that's how we would want to support sanitizers, while still keeping a secure default.

Duplicate of #4984.

@tetromino
Copy link
Contributor

Duplicate of #4984

@tetromino tetromino marked this as a duplicate of #4984 Dec 17, 2018
@thibault-martinez thibault-martinez mentioned this issue Dec 26, 2018
Merged
This was referenced Jul 16, 2019
Closed
Merged
@yongtang yongtang mentioned this issue Dec 17, 2019
Closed
@keith keith mentioned this issue Jan 5, 2021
Closed
keith added a commit to keith/bazel that referenced this issue Jan 5, 2021
@keith
Add sanitizer support to Apple platforms
e5d712c 
This adds support for asan, tsan, and ubsan on Apple platforms.

Fixes bazelbuild#4984 and bazelbuild#6932
@keith
Copy link
Member

keith commented Jan 5, 2021

#12772

keith added a commit to keith/bazel that referenced this issue Jan 6, 2021
@keith
Add sanitizer support to Apple platforms
8e51fdf 
This adds support for asan, tsan, and ubsan on Apple platforms.

Fixes bazelbuild#4984 and bazelbuild#6932
jesec added a commit to jesec/rtorrent that referenced this issue Jan 16, 2021
@jesec
bazel: set D_FORTIFY_SOURCE to 0 when asan is enabled
60be0d4 
Bug: bazelbuild/bazel#6932, google/sanitizers#247
bazel-io pushed a commit that referenced this issue Jan 19, 2021
@keith @copybara-github
Add sanitizer support to Apple platforms
8959dff 
This adds support for asan, tsan, and ubsan on Apple platforms.

Fixes #4984 and #6932

Closes #12772.

PiperOrigin-RevId: 352489421
philwo pushed a commit that referenced this issue Apr 19, 2021
@keith @philwo
Add sanitizer support to Apple platforms
6ab161e 
This adds support for asan, tsan, and ubsan on Apple platforms.

Fixes #4984 and #6932

Closes #12772.

PiperOrigin-RevId: 352489421
@benh benh mentioned this issue Feb 21, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
P3 We're not considering working on this, but happy to review a PR. (No assignee) team-Rules-CPP Issues for C++ rules z-team-Apple Deprecated. Send to rules_apple, or label team-Rules-CPP + platform:apple
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@tetromino @steeve @jgavris @keith @jin