About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Documentation / ubsan.txt




Custom Search

Based on kernel version 4.8. Page generated on 2016-10-06 23:19 EST.

1	Undefined Behavior Sanitizer - UBSAN
2	
3	Overview
4	--------
5	
6	UBSAN is a runtime undefined behaviour checker.
7	
8	UBSAN uses compile-time instrumentation to catch undefined behavior (UB).
9	Compiler inserts code that perform certain kinds of checks before operations
10	that may cause UB. If check fails (i.e. UB detected) __ubsan_handle_*
11	function called to print error message.
12	
13	GCC has that feature since 4.9.x [1] (see -fsanitize=undefined option and
14	its suboptions). GCC 5.x has more checkers implemented [2].
15	
16	Report example
17	---------------
18	
19		 ================================================================================
20		 UBSAN: Undefined behaviour in ../include/linux/bitops.h:110:33
21		 shift exponent 32 is to large for 32-bit type 'unsigned int'
22		 CPU: 0 PID: 0 Comm: swapper Not tainted 4.4.0-rc1+ #26
23		  0000000000000000 ffffffff82403cc8 ffffffff815e6cd6 0000000000000001
24		  ffffffff82403cf8 ffffffff82403ce0 ffffffff8163a5ed 0000000000000020
25		  ffffffff82403d78 ffffffff8163ac2b ffffffff815f0001 0000000000000002
26		 Call Trace:
27		  [<ffffffff815e6cd6>] dump_stack+0x45/0x5f
28		  [<ffffffff8163a5ed>] ubsan_epilogue+0xd/0x40
29		  [<ffffffff8163ac2b>] __ubsan_handle_shift_out_of_bounds+0xeb/0x130
30		  [<ffffffff815f0001>] ? radix_tree_gang_lookup_slot+0x51/0x150
31		  [<ffffffff8173c586>] _mix_pool_bytes+0x1e6/0x480
32		  [<ffffffff83105653>] ? dmi_walk_early+0x48/0x5c
33		  [<ffffffff8173c881>] add_device_randomness+0x61/0x130
34		  [<ffffffff83105b35>] ? dmi_save_one_device+0xaa/0xaa
35		  [<ffffffff83105653>] dmi_walk_early+0x48/0x5c
36		  [<ffffffff831066ae>] dmi_scan_machine+0x278/0x4b4
37		  [<ffffffff8111d58a>] ? vprintk_default+0x1a/0x20
38		  [<ffffffff830ad120>] ? early_idt_handler_array+0x120/0x120
39		  [<ffffffff830b2240>] setup_arch+0x405/0xc2c
40		  [<ffffffff830ad120>] ? early_idt_handler_array+0x120/0x120
41		  [<ffffffff830ae053>] start_kernel+0x83/0x49a
42		  [<ffffffff830ad120>] ? early_idt_handler_array+0x120/0x120
43		  [<ffffffff830ad386>] x86_64_start_reservations+0x2a/0x2c
44		  [<ffffffff830ad4f3>] x86_64_start_kernel+0x16b/0x17a
45		 ================================================================================
46	
47	Usage
48	-----
49	
50	To enable UBSAN configure kernel with:
51	
52		CONFIG_UBSAN=y
53	
54	and to check the entire kernel:
55	
56	        CONFIG_UBSAN_SANITIZE_ALL=y
57	
58	To enable instrumentation for specific files or directories, add a line
59	similar to the following to the respective kernel Makefile:
60	
61	        For a single file (e.g. main.o):
62	                UBSAN_SANITIZE_main.o := y
63	
64	        For all files in one directory:
65	                UBSAN_SANITIZE := y
66	
67	To exclude files from being instrumented even if
68	CONFIG_UBSAN_SANITIZE_ALL=y, use:
69	
70	                UBSAN_SANITIZE_main.o := n
71	        and:
72	                UBSAN_SANITIZE := n
73	
74	Detection of unaligned accesses controlled through the separate option -
75	CONFIG_UBSAN_ALIGNMENT. It's off by default on architectures that support
76	unaligned accesses (CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y). One could
77	still enable it in config, just note that it will produce a lot of UBSAN
78	reports.
79	
80	References
81	----------
82	
83	[1] - https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Debugging-Options.html
84	[2] - https://gcc.gnu.org/onlinedocs/gcc/Debugging-Options.html
Hide Line Numbers
About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Information is copyright its respective author. All material is available from the Linux Kernel Source distributed under a GPL License. This page is provided as a free service by mjmwired.net.