debug printing of `Message` segfaults

radiohertz commented 10 months ago

Minimal repro code:

use std::time::Duration;

use endpoint_sec::{sys::es_event_type_t, Client, Message};

fn main() {
    let mut client = Client::new(handler).unwrap();
    client
        .subscribe(&[es_event_type_t::ES_EVENT_TYPE_NOTIFY_OPEN])
        .unwrap();

    loop {
        std::thread::sleep(Duration::from_millis(50));
    }
}

fn handler(client: &mut Client, msg: Message) {
    println!("{msg:?}");
}

I've tried to debug it a bit but i couldn't find anything that was obvious that could cause a segfault.

stacktrace:

Process 98549 stopped
* thread #2, queue = 'BBReaderQueue', stop reason = EXC_BAD_ACCESS (code=1, address=0xa)
    frame #0: 0x0000000100008d78 sensors`_$LT$endpoint_sec..message..Process$u20$as$u20$core..fmt..Debug$GT$::fmt::hace9a1b94f9b91f2 [inlined] endpoint_sec::message::Process::audit_token::ha1fa2dd15fc885e7(self=0x000000016fe853c0) at message.rs:373:25
   370      /// Audit token of the process.
   371      #[inline(always)]
   372      pub fn audit_token(&self) -> AuditToken {
-> 373          AuditToken::new(self.raw.audit_token)
   374      }
   375  
   376      /// Parent pid of the process.

* thread #2, queue = 'BBReaderQueue', stop reason = EXC_BAD_ACCESS (code=1, address=0xa)
  * frame #0: 0x0000000100008d78 sensors`_$LT$endpoint_sec..message..Process$u20$as$u20$core..fmt..Debug$GT$::fmt::hace9a1b94f9b91f2 [inlined] endpoint_sec::message::Process::audit_token::ha1fa2dd15fc885e7(self=0x000000016fe853c0) at message.rs:373:25
    frame #1: 0x0000000100008d74 sensors`_$LT$endpoint_sec..message..Process$u20$as$u20$core..fmt..Debug$GT$::fmt::hace9a1b94f9b91f2(self=0x000000016fe853c0, f=0x000000016fe86150) at lib.rs:53:71
    frame #2: 0x000000010003fb24 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::fmt::builders::DebugStruct::field::_$u7b$$u7b$closure$u7d$$u7d$::h1765f85e73f89ba1 at builders.rs:133:35 [opt]
    frame #3: 0x000000010003fb18 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::fmt::builders::DebugStruct::field_with::_$u7b$$u7b$closure$u7d$$u7d$::h40d33b2eb75bb156 at builders.rs:162:17 [opt]
    frame #4: 0x000000010003faa0 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::result::Result$LT$T$C$E$GT$::and_then::hfb09d6a97ccedb7c at result.rs:1320:22 [opt]
    frame #5: 0x000000010003fa8c sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::fmt::builders::DebugStruct::field_with::hbd3e512012ce17a9 at builders.rs:145:35 [opt]
    frame #6: 0x000000010003fa80 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 at builders.rs:133:14 [opt]
    frame #7: 0x000000010000bfac sensors`_$LT$endpoint_sec..event..event_exec..EventExec$u20$as$u20$core..fmt..Debug$GT$::fmt::h464a01b6888a6a75(self=0x000000016fe859e8, f=0x000000016fe86150) at lib.rs:53:34
    frame #8: 0x000000010000b178 sensors`_$LT$$RF$T$u20$as$u20$core..fmt..Debug$GT$::fmt::h9901b7e71a1ebd38(self=0x000000016fe85580, f=0x000000016fe86150) at mod.rs:2294:62
    frame #9: 0x000000010003fd3c sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::fmt::builders::DebugTuple::field::_$u7b$$u7b$closure$u7d$$u7d$::h73580d56b24b77a4 at builders.rs:330:29 [opt]
    frame #10: 0x000000010003fd30 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::fmt::builders::DebugTuple::field_with::_$u7b$$u7b$closure$u7d$$u7d$::h5d03d57e5ce5a198 at builders.rs:355:17 [opt]
    frame #11: 0x000000010003fcf0 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::result::Result$LT$T$C$E$GT$::and_then::h5b0a518692d0ecf0 at result.rs:1320:22 [opt]
    frame #12: 0x000000010003fcf0 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::fmt::builders::DebugTuple::field_with::h9fce8f4b2e5050f9 at builders.rs:342:35 [opt]
    frame #13: 0x000000010003fcf0 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 at builders.rs:330:14 [opt]
    frame #14: 0x0000000100040f64 sensors`core::fmt::Formatter::debug_tuple_field1_finish::hd67e60d0499796cf at mod.rs:2061:9 [opt]
    frame #15: 0x0000000100006d84 sensors`_$LT$endpoint_sec..event..Event$u20$as$u20$core..fmt..Debug$GT$::fmt::hcf90a5a225045063(self=0x000000016fe859e0, f=0x000000016fe86150) at event.rs:72:14
    frame #16: 0x0000000100005ccc sensors`_$LT$$RF$T$u20$as$u20$core..fmt..Debug$GT$::fmt::hb993b84062b7f66f(self=0x000000016fe85868, f=0x000000016fe86150) at mod.rs:2294:62
    frame #17: 0x000000010003fd3c sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::fmt::builders::DebugTuple::field::_$u7b$$u7b$closure$u7d$$u7d$::h73580d56b24b77a4 at builders.rs:330:29 [opt]
    frame #18: 0x000000010003fd30 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::fmt::builders::DebugTuple::field_with::_$u7b$$u7b$closure$u7d$$u7d$::h5d03d57e5ce5a198 at builders.rs:355:17 [opt]
    frame #19: 0x000000010003fcf0 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::result::Result$LT$T$C$E$GT$::and_then::h5b0a518692d0ecf0 at result.rs:1320:22 [opt]
    frame #20: 0x000000010003fcf0 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 [inlined] core::fmt::builders::DebugTuple::field_with::h9fce8f4b2e5050f9 at builders.rs:342:35 [opt]
    frame #21: 0x000000010003fcf0 sensors`core::fmt::builders::DebugTuple::field::hcad6bc266aa6f8d3 at builders.rs:330:14 [opt]
    frame #22: 0x0000000100040f64 sensors`core::fmt::Formatter::debug_tuple_field1_finish::hd67e60d0499796cf at mod.rs:2061:9 [opt]
    frame #23: 0x0000000100009cf0 sensors`_$LT$core..option..Option$LT$T$GT$$u20$as$u20$core..fmt..Debug$GT$::fmt::h31d3b3c9c89ff6e7(self=0x000000016fe859e0, f=0x000000016fe86150) at option.rs:565:37
    frame #24: 0x000000010003fb24 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::fmt::builders::DebugStruct::field::_$u7b$$u7b$closure$u7d$$u7d$::h1765f85e73f89ba1 at builders.rs:133:35 [opt]
    frame #25: 0x000000010003fb18 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::fmt::builders::DebugStruct::field_with::_$u7b$$u7b$closure$u7d$$u7d$::h40d33b2eb75bb156 at builders.rs:162:17 [opt]
    frame #26: 0x000000010003faa0 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::result::Result$LT$T$C$E$GT$::and_then::hfb09d6a97ccedb7c at result.rs:1320:22 [opt]
    frame #27: 0x000000010003fa8c sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 [inlined] core::fmt::builders::DebugStruct::field_with::hbd3e512012ce17a9 at builders.rs:145:35 [opt]
    frame #28: 0x000000010003fa80 sensors`core::fmt::builders::DebugStruct::field::hf76a2de6e6cfc7d7 at builders.rs:133:14 [opt]
    frame #29: 0x000000010000890c sensors`_$LT$endpoint_sec..message..Message$u20$as$u20$core..fmt..Debug$GT$::fmt::hb858dc4fea2e3faa(self=0x000000016fe862d0, f=0x000000016fe86150) at lib.rs:53:34
    frame #30: 0x00000001000401ac sensors`core::fmt::write::h4e276abdb6d0c2a1 [inlined] core::fmt::rt::Argument::fmt::hf9661447f7b99899 at rt.rs:142:9 [opt]
    frame #31: 0x00000001000401a4 sensors`core::fmt::write::h4e276abdb6d0c2a1 at mod.rs:1120:17 [opt]
    frame #32: 0x0000000100028d60 sensors`_$LT$$RF$std..io..stdio..Stdout$u20$as$u20$std..io..Write$GT$::write_fmt::hc5ce29407b4c70c2 [inlined] std::io::Write::write_fmt::hbe79527751b11dc2 at mod.rs:1762:15 [opt]
    frame #33: 0x0000000100028d44 sensors`_$LT$$RF$std..io..stdio..Stdout$u20$as$u20$std..io..Write$GT$::write_fmt::hc5ce29407b4c70c2 at stdio.rs:727:9 [opt]
    frame #34: 0x0000000100029238 sensors`std::io::stdio::_print::h4bb5fc4c58811fac [inlined] _$LT$std..io..stdio..Stdout$u20$as$u20$std..io..Write$GT$::write_fmt::h93b2a0f9eb67e34b at stdio.rs:701:9 [opt]
    frame #35: 0x0000000100029228 sensors`std::io::stdio::_print::h4bb5fc4c58811fac [inlined] std::io::stdio::print_to::h35c3f30cfd2886b6 at stdio.rs:1020:21 [opt]
    frame #36: 0x00000001000291fc sensors`std::io::stdio::_print::h4bb5fc4c58811fac at stdio.rs:1097:5 [opt]
    frame #37: 0x00000001000049f4 sensors`sensors::handler::h9de8d7fbf601d679(client=0x000000016fe863a0, msg=Message @ 0x000000016fe862d0) at main.rs:17:5
    frame #38: 0x0000000100004314 sensors`core::ops::function::Fn::call::h116959be90a1eedd((null)=0x000060000004ac60, (null)=(&mut endpoint_sec::client::Client, endpoint_sec::message::Message) @ 0x000000016fe86368) at function.rs:79:5
    frame #39: 0x000000010000508c sensors`endpoint_sec::client::Client::new::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::h38af925ff7737af3 at client.rs:115:21
    frame #40: 0x0000000100004210 sensors`std::panicking::try::do_call::h1f1a4d6dad676cf1(data="(e\xe8o\U00000001") at panicking.rs:552:40
    frame #41: 0x00000001000042bc sensors`__rust_try + 32
    frame #42: 0x0000000100004178 sensors`std::panicking::try::he4afa19e8d6acb3a(f=<unavailable>) at panicking.rs:516:19
    frame #43: 0x0000000100004808 sensors`std::panic::catch_unwind::he1d62e4bce7e562a(f=<unavailable>) at panic.rs:142:14
    frame #44: 0x0000000100004fc0 sensors`endpoint_sec::client::Client::new::_$u7b$$u7b$closure$u7d$$u7d$::h1db78153064bc896(client=NonNull<endpoint_sec_sys::client::es_client_t> @ 0x000000016fe86520, message=NonNull<endpoint_sec_sys::message::es_message_t> @ 0x000000016fe86528) at client.rs:107:28
    frame #45: 0x0000000100004628 sensors`_$LT$X$u20$as$u20$block2..concrete_block..IntoConcreteBlock$LT$$LP$A$C$B$RP$$GT$$GT$::__into_concrete_block::concrete_block_invoke_args2::hd236248828e43c50(block=0x000060000004ac40, a=NonNull<endpoint_sec_sys::client::es_client_t> @ 0x000000016fe86590, b=NonNull<endpoint_sec_sys::message::es_message_t> @ 0x000000016fe86598) at concrete_block.rs:59:21
    frame #46: 0x0000000199fd40c8 libEndpointSecurity.dylib`spar::BBReader<ESMessageReaderConfig>::handleItems() + 356
    frame #47: 0x0000000199fd3e50 libEndpointSecurity.dylib`spar::BBReader<ESMessageReaderConfig>::woke(void*) + 28
    frame #48: 0x00000001860e8910 libdispatch.dylib`_dispatch_client_callout + 20
    frame #49: 0x00000001860ebdc8 libdispatch.dylib`_dispatch_continuation_pop + 600
    frame #50: 0x00000001860ffbe4 libdispatch.dylib`_dispatch_source_latch_and_call + 420
    frame #51: 0x00000001860fe7b4 libdispatch.dylib`_dispatch_source_invoke + 832
    frame #52: 0x00000001860efd28 libdispatch.dylib`_dispatch_lane_serial_drain + 368
    frame #53: 0x00000001860f0a08 libdispatch.dylib`_dispatch_lane_invoke + 432
    frame #54: 0x00000001860f1cb8 libdispatch.dylib`_dispatch_workloop_invoke + 1756
    frame #55: 0x00000001860fb61c libdispatch.dylib`_dispatch_root_queue_drain_deferred_wlh + 288
    frame #56: 0x00000001860fae90 libdispatch.dylib`_dispatch_workloop_worker_thread + 404
    frame #57: 0x0000000186296114 libsystem_pthread.dylib`_pthread_wqthread + 288

radiohertz commented 10 months ago

it's not reproducible when max feature is enabled

poliorcetics commented 10 months ago

Thanks for the report!

Could we have more infos about:

macOS version
crate version (endpoint-sec)
actives features (if any)

~~I'm especially interested in the second because we've fixed a few bugs recently and if you're not on 0.3.3 it means I should retest with the most recent version~~

Nevermind, we found the source, PR incoming

roblabla commented 10 months ago

Oof, that's embarassing, thank you for reporting! I made a PR (#34) that should fix the issue - it turned out to be a wrong FFI structure definition when targeting old versions of macos.

We may want to increase our unit tests coverage to test with no features (and perhaps also test all the various feature levels). Currently it only tests the --all-features, but we don't test the default feature set, which is very much not great.

roblabla commented 10 months ago

A fix was released in 0.3.4.

HarfangLab / endpoint-sec

debug printing of `Message` segfaults #33

Minimal repro code:

stacktrace: