Add minimal kernel runtime for UBSAN
Needs ReviewPublic

Authored by smahadevan_freebsdfoundation.org on Aug 21 2017, 4:05 PM.

Details

Reviewers
emaste
Summary

To use:

  1. Add options UBSAN to the kernel configuration file
  2. Add WITH_UBSAN=yes to src.conf(5) to enable UBSAN
  3. (optional) Add WITH_UBSAN_SANITIZE_ALL=yes to src.conf(5) to check all kernel source files for undefined behaviour

To check individual kernel source files with UBSAN, add compile-with "${NORMAL_C} ${ENABLE_UBSAN}" to the corresponding line in sys/conf/files. To disable UBSAN for individual files (even with WITH_UBSAN_SANITIZE_ALL=yes), add compile-with "${NORMAL_C} ${DISABLE_UBSAN}" to the corresponding line in sys/conf/files.

Diff Detail

Lint
Lint Skipped
Unit
Unit Tests Skipped

Add license after consulting with Ed

emaste added inline comments.Aug 22 2017, 2:51 PM
share/man/man5/src.conf.5
1512–1515

src.conf.5 is generated automatically, via tools/build/options/makeman. You need to create WITH_ files in that directory.

sys/conf/NOTES
3034–3036

This should go up near INVARIANTS INVARIANT_SUPPORT DIAGNOSTIC etc., with a slightly longer description.

sys/conf/options
1002

also near INVARIANTS and other debugging options
Also something like # undefined behaviour sanitizer (ubsan) runtime - to highlight that it's only one part of the ubsan mechanism

sys/libkern/ubsan.c
349

probably need an assert that data->type_check_kind <= nitems(type_check_kinds)

  • Moved around kernel options to correct locations and added additional comments
  • Added assert for checking bounds of array access
op added a subscriber: op.Aug 29 2017, 12:05 PM
op added inline comments.
sys/libkern/ubsan.c
112

FreeBSD style(9) requires parentheses after the return, like return (1 << (type->type_info >> 1)); and new line after { when there are no local variables.

Wrong commit order, accidentally deleted license.