SIGBUS on uninstall after nixpkgs bump

[grahamc]

After bumping nixpkgs, the uninstaller is crashing with a SIGBUS.

• Good: =0.1.698755+rev-807e9154dcb16384b1b765ebe9cd2bba2ac287fd
• Bad: >=0.1.702572+rev-7ffd9ae656aec493492b44d0ddfb28e79a1ea25d

The most glaringly notable change between these two versions is the introduction of how Apple SDKs are packaged: https://github.com/NixOS/nixpkgs/pull/346043.

The issue can be reproduced on:

• MacOS 13.7
• MacOS 14.6.1
• MacOS 14.7.1
• MacOS 15.1

by:

1. Build nix-installer using a version of Nixpkgs newer than 0.1.698755+rev-807e9154dcb16384b1b765ebe9cd2bba2ac287fd.
2. Install Nix: ./nix-installer install --no-confirm
3. Run nix run nixpkgs#hello -- Note: this step is, surprisingly, load bearing!
4. Uninstall Nix /nix/nix-installer uninstall --no-confirm
5. Observe the removal pretty much completes, but fails with SIGBUS

Using lldb's bt all, we can see the main thread is using security_framework and rustls_native_certs to get certificates:

  thread #1, name = 'main', queue = 'com.apple.main-thread'
    frame #0: 0x000000019d256bac libsystem_kernel.dylib`__ulock_wait + 8
    frame #1: 0x000000019d0e5dd8 libdispatch.dylib`_dlock_wait + 56
    frame #2: 0x000000019d0e5ad4 libdispatch.dylib`_dispatch_wait_on_address + 140
    frame #3: 0x000000019d0e61a4 libdispatch.dylib`_dispatch_group_wait_slow + 56
    frame #4: 0x000000019d0e9394 libdispatch.dylib`dispatch_block_wait + 284
    frame #5: 0x00000001a02deb3c Security`SecTrustSettingsCopyCertificates + 244
    frame #6: 0x0000000100dca798 ni3`security_framework::trust_settings::TrustSettings::iter::h1edabd8702ce777b + 68
    frame #7: 0x0000000100dbe2b4 ni3`rustls_native_certs::macos::load_native_certs::h046b3ae93eae041c + 648
    frame #8: 0x0000000100db9a68 ni3`rustls_native_certs::load_native_certs::ha1c97d4712715f7a + 208
    frame #9: 0x0000000100d7c29c ni3`reqwest::async_impl::client::ClientBuilder::build::h24b57e6bfb97b16f + 1756
    frame #10: 0x0000000100285c34 ni3`nix_installer::diagnostics::DiagnosticData::send::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::hb364914f25a07dda + 3752
    frame #11: 0x0000000100284c44 ni3`nix_installer::diagnostics::DiagnosticData::send::_$u7b$$u7b$closure$u7d$$u7d$::hff5a58997e99305b + 1948
    frame #12: 0x0000000100707ea8 ni3`nix_installer::plan::InstallPlan::uninstall::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h938e184001db3b94 + 6056
    frame #13: 0x00000001007065bc ni3`nix_installer::plan::InstallPlan::uninstall::_$u7b$$u7b$closure$u7d$$u7d$::hdda7160f3391c3bf + 1904
    frame #14: 0x00000001003d077c ni3`_$LT$nix_installer..cli..subcommand..uninstall..Uninstall$u20$as$u20$nix_installer..cli..CommandExecute$GT$::execute::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h3b36238108552425 + 12048
    frame #15: 0x00000001003cd760 ni3`_$LT$nix_installer..cli..subcommand..uninstall..Uninstall$u20$as$u20$nix_installer..cli..CommandExecute$GT$::execute::_$u7b$$u7b$closure$u7d$$u7d$::he7cc9d2b5388e4aa + 1864
    frame #16: 0x00000001000a69fc ni3`_$LT$core..pin..Pin$LT$P$GT$$u20$as$u20$core..future..future..Future$GT$::poll::hb5d9d3a651fe56a0 + 80
    frame #17: 0x000000010001e408 ni3`_$LT$nix_installer..cli..NixInstallerCli$u20$as$u20$nix_installer..cli..CommandExecute$GT$::execute::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::ha3702df63c175800 + 2076
    frame #18: 0x000000010001dae8 ni3`_$LT$nix_installer..cli..NixInstallerCli$u20$as$u20$nix_installer..cli..CommandExecute$GT$::execute::_$u7b$$u7b$closure$u7d$$u7d$::ha69d753b591ad6c8 + 1828
    frame #19: 0x00000001000a69fc ni3`_$LT$core..pin..Pin$LT$P$GT$$u20$as$u20$core..future..future..Future$GT$::poll::hb5d9d3a651fe56a0 + 80
    frame #20: 0x000000010000a2e0 ni3`nix_installer::main::_$u7b$$u7b$closure$u7d$$u7d$::hf64e8abe886930bb + 2052
    frame #21: 0x000000010000a884 ni3`_$LT$tracing..instrument..Instrumented$LT$T$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h1f2de4d21d0f127a + 156
    frame #22: 0x000000010000b828 ni3`tokio::runtime::park::CachedParkThread::block_on::_$u7b$$u7b$closure$u7d$$u7d$::hceb7e219e3e3e8fa + 56
    frame #23: 0x000000010000b650 ni3`tokio::runtime::park::CachedParkThread::block_on::hd1f542ec5fe59355 + 620
    frame #24: 0x000000010000dbb8 ni3`tokio::runtime::context::blocking::BlockingRegionGuard::block_on::h08c8b3ab3b971c54 + 140
    frame #25: 0x000000010000d5c8 ni3`tokio::runtime::scheduler::multi_thread::MultiThread::block_on::_$u7b$$u7b$closure$u7d$$u7d$::hd1d9237916b59e74 + 80
    frame #26: 0x000000010000c3c4 ni3`tokio::runtime::context::runtime::enter_runtime::h838a79fba69916b5 + 256
    frame #27: 0x000000010000d4ec ni3`tokio::runtime::scheduler::multi_thread::MultiThread::block_on::hda31b1dc81786461 + 92
    frame #28: 0x0000000100003c7c ni3`tokio::runtime::runtime::Runtime::block_on_inner::he9a2a95b1a4c5786 + 488
    frame #29: 0x0000000100003ea8 ni3`tokio::runtime::runtime::Runtime::block_on::h00b0f355995c909e + 356
    frame #30: 0x00000001000072a4 ni3`nix_installer::main::h160aa3f8fd00d376 + 232
    frame #31: 0x000000010000e278 ni3`core::ops::function::FnOnce::call_once::heb7a104604ebe398 + 20
    frame #32: 0x000000010000e174 ni3`std::sys::backtrace::__rust_begin_short_backtrace::hd16d71321146458a + 24
    frame #33: 0x000000010000e008 ni3`std::rt::lang_start::_$u7b$$u7b$closure$u7d$$u7d$::h0974c10848d110d0 + 36
    frame #34: 0x00000001012873b4 ni3`std::rt::lang_start_internal::h9e88109c8deb8787 + 808
    frame #35: 0x000000010000dfcc ni3`std::rt::lang_start::h1f83f9858182f039 + 84
    frame #36: 0x000000010000732c ni3`main + 36
    frame #37: 0x000000019cf0b154 dyld`start + 2476

...and thread 19 is running in what I think is a Grand Central Dispatch queue to copy_certificates_from_keychain:

* thread #19, queue = 'copy_certificates_from_keychain', stop reason = EXC_BAD_ACCESS (code=10, address=0x106e34000)
  * frame #0: 0x000000019cf07204 dyld`dyld3::MachOFile::forEachLoadCommand(Diagnostics&, void (load_command const*, bool&) block_pointer) const + 52
    frame #1: 0x000000019cf5cb6c dyld`dyld3::MachOLoaded::getSlide() const + 148
    frame #2: 0x000000019cf3ced4 dyld`invocation function for block in dyld4::APIs::_dyld_register_func_for_add_image(void (*)(mach_header const*, long)) + 264
    frame #3: 0x000000019cf1277c dyld`dyld4::RuntimeLocks::withLoadersReadLock(void () block_pointer) + 100
    frame #4: 0x000000019cf3c918 dyld`dyld4::APIs::_dyld_register_func_for_add_image(void (*)(mach_header const*, long)) + 156
    frame #5: 0x000000019cfe0d50 libsystem_trace.dylib`_os_trace_init_slow + 616
    frame #6: 0x000000019d0e53e8 libdispatch.dylib`_dispatch_client_callout + 20
    frame #7: 0x000000019d0e6c68 libdispatch.dylib`_dispatch_once_callout + 32
    frame #8: 0x000000019cfe2f30 libsystem_trace.dylib`os_log_create + 856
    frame #9: 0x00000001a033ba24 Security`__secLogObjForCFScope_block_invoke + 40
    frame #10: 0x00000001a033b9c8 Security`secLogObjForCFScope + 272
    frame #11: 0x00000001a033bb90 Security`secLogObjForScope + 108
    frame #12: 0x00000001a00d6578 Security`___SecTrustSettingsUseXPCEnabled_block_invoke + 76
    frame #13: 0x000000019d0e53e8 libdispatch.dylib`_dispatch_client_callout + 20
    frame #14: 0x000000019d0e6c68 libdispatch.dylib`_dispatch_once_callout + 32
    frame #15: 0x00000001a02ed7f4 Security`Security::KeychainCore::TrustSettings::CreateTrustSettings(SecTrustSettingsDomain, bool, bool, Security::KeychainCore::TrustSettings*&) + 976
    frame #16: 0x00000001a02decb4 Security`__SecTrustSettingsCopyCertificates_block_invoke_2 + 96
    frame #17: 0x000000019d0f4470 libdispatch.dylib`_dispatch_block_async_invoke2 + 148
    frame #18: 0x000000019d0e53e8 libdispatch.dylib`_dispatch_client_callout + 20
    frame #19: 0x000000019d0eca14 libdispatch.dylib`_dispatch_lane_serial_drain + 748
    frame #20: 0x000000019d0ed544 libdispatch.dylib`_dispatch_lane_invoke + 380
    frame #21: 0x000000019d0f82d0 libdispatch.dylib`_dispatch_root_queue_drain_deferred_wlh + 288
    frame #22: 0x000000019d0f7b44 libdispatch.dylib`_dispatch_workloop_worker_thread + 404
    frame #23: 0x000000019d29200c libsystem_pthread.dylib`_pthread_wqthread + 288

full session: btall.txt

• An IPS dump from another failure: ni2-2024-11-13-102540.ips.txt
• A failed run in CI: https://github.com/DeterminateSystems/nix-installer/actions/runs/11822504396/job/32940036094?pr=1287
• Discourse thread about the update: https://discourse.nixos.org/t/the-darwin-sdks-have-been-updated/55295

[grahamc]

On Matrix, Emily theorized the new frameworks makes the Security framework available when it wasn't before, and that might be causing new unwanted behavior. Indeed, that seems to be true? So I tried adding it: https://github.com/DeterminateSystems/nix-installer/pull/1289 ...but CI passed all the way through, suggesting that is not the issue.