[PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[Richard Henderson]

With -fsanitize=undefined, which implies -fsanitize=function,
clang will add a "type signature" before functions.
It accesses funcptr-8 and funcptr-4 to do so.

The generated TCG prologue is directly on a page boundary,
so these accesses segfault.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---

Does anyone know why we're using --extra-cflags for the clang-user
and clang-system jobs, as opposed to --enable-sanitizers?  It
certainly seems like regular users who use the normal configure
flag are going to run into this as well.

Anyway, this is why the clang-user job is failing at the momemnt.
I can only assume that changes to our docker file, or upstream
distro updates have pulled in a new compiler version, because this
wasn't failing in this way last week.


r~

---
 .gitlab-ci.d/buildtest.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitlab-ci.d/buildtest.yml b/.gitlab-ci.d/buildtest.yml
index e3a0758bd9..aa32782405 100644
--- a/.gitlab-ci.d/buildtest.yml
+++ b/.gitlab-ci.d/buildtest.yml
@@ -444,6 +444,7 @@ clang-user:
     CONFIGURE_ARGS: --cc=clang --cxx=clang++ --disable-system
       --target-list-exclude=alpha-linux-user,microblazeel-linux-user,aarch64_be-linux-user,i386-linux-user,m68k-linux-user,mipsn32el-linux-user,xtensaeb-linux-user
       --extra-cflags=-fsanitize=undefined --extra-cflags=-fno-sanitize-recover=undefined
+      --extra-cflags=-fno-sanitize=function
     MAKE_CHECK_ARGS: check-unit check-tcg
 
 # Set LD_JOBS=1 because this requires LTO and ld consumes a large amount of memory.
-- 
2.43.0

Re: [PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[Thomas Huth]

On 24/07/2024 01.25, Richard Henderson wrote:
> With -fsanitize=undefined, which implies -fsanitize=function,
> clang will add a "type signature" before functions.
> It accesses funcptr-8 and funcptr-4 to do so.
> 
> The generated TCG prologue is directly on a page boundary,
> so these accesses segfault.
> 
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

What happend to Akihiko Odaki's more generic patch:

 
https://lore.kernel.org/qemu-devel/20240714-function-v1-1-cc2acb4171ba@daynix.com/

?

Paolo, you mentioned that you'd queue it, did this patch fell through the 
cracks?

> Does anyone know why we're using --extra-cflags for the clang-user
> and clang-system jobs, as opposed to --enable-sanitizers?

I don't remember, but it was likely the -fno-sanitize-recover=undefined I guess.

>  It
> certainly seems like regular users who use the normal configure
> flag are going to run into this as well.

Yes, we should merge Akihiko Odaki's patch for this reason.

  Thomas

Re: [PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[Richard Henderson]

On 7/24/24 16:08, Thomas Huth wrote:
> On 24/07/2024 01.25, Richard Henderson wrote:
>> With -fsanitize=undefined, which implies -fsanitize=function,
>> clang will add a "type signature" before functions.
>> It accesses funcptr-8 and funcptr-4 to do so.
>>
>> The generated TCG prologue is directly on a page boundary,
>> so these accesses segfault.
>>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> 
> What happend to Akihiko Odaki's more generic patch:
> 
> 
> https://lore.kernel.org/qemu-devel/20240714-function-v1-1-cc2acb4171ba@daynix.com/
> 
> ?

This patch does not work:

https://gitlab.com/qemu-project/qemu/-/jobs/7432239478/viewer#L4956

I presume this is an argument ordering issue vs --extra-cflags.


r~

Re: [PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[Thomas Huth]

On 26/07/2024 01.33, Richard Henderson wrote:
> On 7/24/24 16:08, Thomas Huth wrote:
>> On 24/07/2024 01.25, Richard Henderson wrote:
>>> With -fsanitize=undefined, which implies -fsanitize=function,
>>> clang will add a "type signature" before functions.
>>> It accesses funcptr-8 and funcptr-4 to do so.
>>>
>>> The generated TCG prologue is directly on a page boundary,
>>> so these accesses segfault.
>>>
>>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>>
>> What happend to Akihiko Odaki's more generic patch:
>>
>>
>> https://lore.kernel.org/qemu-devel/20240714-function-v1-1-cc2acb4171ba@daynix.com/
>>
>> ?
> 
> This patch does not work:
> 
> https://gitlab.com/qemu-project/qemu/-/jobs/7432239478/viewer#L4956
> 
> I presume this is an argument ordering issue vs --extra-cflags.

Ok, then we should definitely go with your patch to fix the job now. ... and 
I just saw that you already applied it 👍

  Thomas

Re: [PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[Daniel P. Berrangé]

On Wed, Jul 24, 2024 at 09:25:42AM +1000, Richard Henderson wrote:
> With -fsanitize=undefined, which implies -fsanitize=function,
> clang will add a "type signature" before functions.
> It accesses funcptr-8 and funcptr-4 to do so.
> 
> The generated TCG prologue is directly on a page boundary,
> so these accesses segfault.
> 
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> 
> Does anyone know why we're using --extra-cflags for the clang-user
> and clang-system jobs, as opposed to --enable-sanitizers?  It
> certainly seems like regular users who use the normal configure
> flag are going to run into this as well.
> 
> Anyway, this is why the clang-user job is failing at the momemnt.
> I can only assume that changes to our docker file, or upstream
> distro updates have pulled in a new compiler version, because this
> wasn't failing in this way last week.

Logs show the clang version didn't change, but it is possible the
libubsan.so package changed, but we can't see package versions.

I've sent a series that will make it easier to compare pacakge
versions between new & historical jobs in future situations like
this:

  https://lists.nongnu.org/archive/html/qemu-devel/2024-07/msg05749.html


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Re: [PATCH] gitlab-ci: Use -fno-sanitize=function in the clang-user job

[Richard Henderson]

On 7/24/24 20:52, Daniel P. Berrangé wrote:
> On Wed, Jul 24, 2024 at 09:25:42AM +1000, Richard Henderson wrote:
>> With -fsanitize=undefined, which implies -fsanitize=function,
>> clang will add a "type signature" before functions.
>> It accesses funcptr-8 and funcptr-4 to do so.
>>
>> The generated TCG prologue is directly on a page boundary,
>> so these accesses segfault.
>>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>> ---
>>
>> Does anyone know why we're using --extra-cflags for the clang-user
>> and clang-system jobs, as opposed to --enable-sanitizers?  It
>> certainly seems like regular users who use the normal configure
>> flag are going to run into this as well.
>>
>> Anyway, this is why the clang-user job is failing at the momemnt.
>> I can only assume that changes to our docker file, or upstream
>> distro updates have pulled in a new compiler version, because this
>> wasn't failing in this way last week.
> 
> Logs show the clang version didn't change, but it is possible the
> libubsan.so package changed, but we can't see package versions.

But the code generation definitely did -- the segv is right at the indirect function call 
to the (generated) tcg prologue.  The library is not involved at all.


> I've sent a series that will make it easier to compare pacakge
> versions between new & historical jobs in future situations like
> this:
> 
>    https://lists.nongnu.org/archive/html/qemu-devel/2024-07/msg05749.html

Nice.


r~