From patchwork Wed May 7 14:17:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 888063 Delivered-To: patch@linaro.org Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp406479wrq; Wed, 7 May 2025 07:21:55 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW441EMqOEqar6o+EL7E3CKWIlMLUIWvp75Ux26gIEwjcfq9oHCdKL+rK7VYg6gCNoEYX/5Eg==@linaro.org X-Google-Smtp-Source: AGHT+IEd+kONe8NMddNbNlTyHUmB/zC37ARBtoi5q+2X64cchwnFYLaW6RItG1i9Ei3a9SNDvY8v X-Received: by 2002:a05:6102:2b8b:b0:4c5:5aba:94bb with SMTP id ada2fe7eead31-4dc7379b1a0mr3021355137.3.1746627715009; Wed, 07 May 2025 07:21:55 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1746627714; cv=pass; d=google.com; s=arc-20240605; b=SHxNmlNry2HebvB4JloT7Hb4w8o7C/1G5Uf7tkiCkWlhi/HaiqhHAE6BCSXNGaIs/i 00uQwg6OtW/xyrEx02zKQtZFzlO5Yl8YWtd6t90eepMYBtUhggfPsexOWekyV0eyZ15J hpMOcC7fJ9vUEVZKlt0t/KtyrBJ7vaZSRIP8+NACIJ+zeAOwiAXF+JyPsIJPSq7YT5um 8zRrfEPgw21RFdHPvoROdGb/GGkV2JtWH8X948hFlFRPt6x1Cyzk2d9CSqOMrhjnrv76 nuokZ5daz5rMElfFBVegVO36uop/BMpAP48jsa9aUtlmIpnYcnqNnisD7H3ESISoicSc Y+4Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature :dkim-filter:arc-filter:dmarc-filter:delivered-to:dkim-filter; bh=U5US67OJ7uRFIHAPjsh1CNlD+4Iw5wCHx1tKeLDuDwk=; fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=; b=FD0RY0WfNAt25o2zwoLmVLiYf/NVzZryGoCUPM4nwLH9lywxBAwVdojAWK/XVQlkCM iTqgrZo+vFEHYAYwNxVNAEuGG8ToYuty6FAocHzVpAtTPeWz38NJ3Q0wXYoqgTi3cDHM nNyCoFyB6N92mbO02UOujzy7kS9AxE4/eyS3Ylj6a9rE/lPTujPKz9ko1YK9Ic9uhBan ST1gnullYOuEkzHcjiCLvT/3ltWCQw5rhP5Y7Dxfc80C5lf3kW4LXW3GvzWLPjofgoKw xwxUBSNTDUU65tRArcBe6Lv9v/5Wo/FTQK8kd8Qeo0SM7avBZR4RsvmWoDLyGr1W/P8W EqKA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sVE9YVHO; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id ada2fe7eead31-4daf25ce1c2si3057590137.607.2025.05.07.07.21.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 May 2025 07:21:54 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sVE9YVHO; arc=pass (i=1); spf=pass (google.com: domain of libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 8A1983858C2F for ; Wed, 7 May 2025 14:21:54 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8A1983858C2F Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=sVE9YVHO X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com [IPv6:2607:f8b0:4864:20::1032]) by sourceware.org (Postfix) with ESMTPS id 21D593858D34 for ; Wed, 7 May 2025 14:21:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 21D593858D34 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 21D593858D34 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::1032 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627676; cv=none; b=Zjq67KZZqJskUKgLkqelrX/SmmfVE/n0UUmvH1K5fdCtuHoAq+v9wJxpSqIYrk5hzL2kCxvm8ZKuiJBVvdM7z51ariSPYrrP3bWj3ioztJ2EIMk/4muGA662H1kPB4navvBNojrcjShQXskNOhqn+51nQM7y9LKWlNQ+PqRIrjQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627676; c=relaxed/simple; bh=YwvrYyJNx3aIGulzL5ZlUUw+CVBbtbSXhE7tsZk6Ook=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=V6LYz7Xhq+p/wwjuW4PgJETLjodvpC59gMD4b95UKVLptefmLxgeMlFmg5TOnv1K3P4M5klI2qG3uk1Q+oIpZWJwU4CZ3sDOA5h45Jx5+47cQwSDTwwUZ02DYXaxDIlCW9gULZA3s8/1kUMOwyblKQcFKo9X5mdyT0AhTmbgSRo= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 21D593858D34 Received: by mail-pj1-x1032.google.com with SMTP id 98e67ed59e1d1-30a8cbddce3so1893584a91.1 for ; Wed, 07 May 2025 07:21:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1746627675; x=1747232475; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=U5US67OJ7uRFIHAPjsh1CNlD+4Iw5wCHx1tKeLDuDwk=; b=sVE9YVHO+qF30LKNmwtjRHJi62aR5gcR6Lp330k7vWFziXG5boOVEn5WG4LUa1gr3j qTLo/nGXb1h1u031E/cWZBzQaG1SajkDrzpGNyhdrIIhbLxCTllDvA2VnMJgXRiN26kr LN/aNncy+TzbdHzoDQoID6jFOSXD56FMncOaXU2Y9kIG5dFaEuZT4S9+1G4o0KzMnLOB AKs5eYENjwNpwaThyIJ151OZ8teFmtRsIexzjv6RS8jSFAjfgJfsOzza6X20mCmilz74 dYe5JFftk06ZHH0fOW+OHznNXwQJzaMDaPzgws8TpAEwoEn/FTbV1ZXvIw5QD+6ain+j 7dFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1746627675; x=1747232475; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=U5US67OJ7uRFIHAPjsh1CNlD+4Iw5wCHx1tKeLDuDwk=; b=p/Nn/TjOIEPUJ61y3wAsoH+anshEXVMkvAC392tCi51w4CdiQf/LV4icq81TXdrTzV Cd5dhGNi98fRGyPpoYBVlVxz/qMz2AN76gelOZM7nH/pP25f1BCGwOlHXq3a+sJV5qtM jb04kPqfK0xOcKJNnvo32FbcA/vb3Z5xBlJL9ghTsF4vYUQw2XDcd8KLoJwm5gvjRVBv wZvBM0utxsTCkDSrvkdiwP7cshKwA6AH3+uMP8Gg18482AReASfO88t4U+sO+jTRbWMW BTAn1+DXrwsZtJn3zKZaxAS5qqNOesZI9nAt3ZZhnsX92amtkIO/E4qHEN9dF8+YLrup HFQw== X-Gm-Message-State: AOJu0Ywxsb3PgS1crP0hcKuAZHB/lDevBmKFQAe6J6UrEaYrnh0tlMLm PwXCReBrA4bIVqK5r0tt72d/YPWeLCbSOrf1bMJiys1+aZKsWeLK7Q5kxs7EEGhRrhp4tDaOfl8 vDFM= X-Gm-Gg: ASbGnctJtZ0oUgUkNkDS9Os3U7VbvttGjGko7cbcDmyb4FAL0lUeH4wEJffIlaiJ40W Ni913hC/nB/82ViHm/MtTR9mtcsojyaBdCdG5dThNII41Qu6SRhn2FXUu6bZKNlTdwwr9yifTdT HRsr843tJIfMzHQH6qxu6BOfXjQ/tzJFjqSmwol33/cSVYTojeHALqkn+JLOCy83db/Yu+0aCdC m4sa8x9mkk3UYyG6lEQx69zxZ2CBoJU/ssFOkOCW8RSCxiMxJcSVzdD/QwxUlKyiXqvMoEVazuO BgwAE8Q84bY+Kcgz1+H0olqYhcsyMl0CzhSZJdG3A4zGkDg7sI95Vg== X-Received: by 2002:a17:90b:35c1:b0:2f2:ab09:c256 with SMTP id 98e67ed59e1d1-30aac2a3537mr6558005a91.33.1746627674714; Wed, 07 May 2025 07:21:14 -0700 (PDT) Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.21.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 May 2025 07:21:14 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Cc: Carlos O'Donell Subject: [PATCH 00/11] Add initial support for --enable-ubsan Date: Wed, 7 May 2025 11:17:18 -0300 Message-ID: <20250507142110.3452012-1-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org This patchset is preliminary and incomplete to enable glibc to be built with Undefined Behavior Sanitizer (UBSAN) [1]. UBSAN uses compiler instrumentation that triggers internal callbacks when undefined behavior happens at runtime. This option is an extra debug and maintenance mode; the generated code is suboptimal in size and performance. It is enabled through a new configure flag, --enable-ubsan, and implements only a subset of all possible handlers/checks the compiler might generate (the one required for glibc and the regression tests). Extra handlers might be required for future C++ tests, and__ ubsan_handle_dynamic_type_cache_miss also needs a proper implementation. The ubsan handlers are exported from ld, since they are called on all libraries and tests. It might interfere with ubsan from compiler runtime (when programs are built with libubsan in shared mode), and this is ccompletely untested and/or not supported at the moment. There is no support for the UBSAN_OPTIONS environment variable, although some options are supported through glibc.ubsan tunables. Currently, glibc.ubsan.halt_on_errors can be used to avoid the process halt when any UB handler is issued. Not all targets are supported, nor have I checked the test suite on all targets. Also, I only checked with limited gcc versions (only gcc 14.2.1 and for some targets 15.0.0). UBSAN builds on Linux for aarch64, arm, hppa, i686, powerpc64, microblaze, mips64, loongarch64, sparc, s390x, and x86_64. The alpha and m68k would require to change to a different code model (since relocations are truncated), while ork1, sh4, and hurd would need to adjust the ld, so pull of abort/exit. The make check shows a lot of regression on ARM and x86, I have a WIP branch [2] with a lot of fixes that I plan to eventually send for review. It already shows an invalid write [3] and led to better implementation for ilogb [4]. [1] https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html [2] https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/azanella/ubsan-undef [3] https://patchwork.sourceware.org/project/glibc/patch/20250430194401.818624-1-adhemerval.zanella@linaro.org/ [4] https://patchwork.sourceware.org/project/glibc/list/?series=46808 Adhemerval Zanella (10): ubsan: Add initial support for -fsanitize=undefined riscv: Fix --enable-ubsan build failure on riscv locale: Fix --enable-ubsan build failure on some ABIs locate: Fix UB on memcpy call locale: Fix UB on insert_weights localte: Fix UB on collate_finish locale: Fix UB in elem_hash locale: Fix UB on add_locale_uint32_array argp: Fix shift bug elf: Fix UB on _dl_map_object_from_fd Richard Henderson (1): elf: Adjust DT_EXTRATAGIDX to avoid undefined shifts INSTALL | 9 + Makeconfig | 6 +- argp/argp-parse.c | 15 +- config.h.in | 3 + configure | 30 ++ configure.ac | 18 + elf/Makefile | 32 +- elf/Versions | 19 + elf/dl-load.c | 2 +- elf/dl-printf.c | 6 + elf/dl-tunables.list | 9 + elf/elf.h | 2 +- elf/tst-_dl_addr_inside_object.c | 12 + elf/ubsan_error.c | 57 +++ elf/ubsan_handle_add_overflow.c | 26 ++ elf/ubsan_handle_builtin_unreachable.c | 27 ++ elf/ubsan_handle_divrem_overflow.c | 40 +++ elf/ubsan_handle_dynamic_type_cache_miss.c | 28 ++ elf/ubsan_handle_invalid_builtin.c | 39 +++ elf/ubsan_handle_load_invalid_value.c | 33 ++ elf/ubsan_handle_mul_overflow.c | 26 ++ elf/ubsan_handle_negate_overflow.c | 34 ++ elf/ubsan_handle_nonnull_arg.c | 34 ++ elf/ubsan_handle_nonnull_return_v1.c | 34 ++ elf/ubsan_handle_out_of_bounds.c | 34 ++ elf/ubsan_handle_overflow.c | 39 +++ elf/ubsan_handle_pointer_overflow.c | 62 ++++ elf/ubsan_handle_shift_out_of_bounds.c | 53 +++ elf/ubsan_handle_sub_overflow.c | 26 ++ elf/ubsan_handle_type_mismatch_v1.c | 75 ++++ elf/ubsan_handle_vla_bound_not_positive.c | 34 ++ elf/ubsan_val_to_string.c | 189 ++++++++++ elf/ubsan_vptr_type_cache.c | 21 ++ iconv/iconvconfig.c | 13 +- include/libintl.h | 3 + include/sys/cdefs.h | 6 + include/ubsan.h | 327 ++++++++++++++++++ locale/elem-hash.h | 2 +- locale/programs/charmap.c | 8 +- locale/programs/charmap.h | 7 + locale/programs/ld-collate.c | 5 +- locale/programs/locfile.c | 2 + locale/programs/locfile.h | 3 +- locale/programs/repertoire.c | 2 +- manual/install.texi | 8 + nss/test-netdb.c | 6 + posix/glob.c | 5 +- resolv/res_send.c | 11 +- stdio-common/tst-printf-format-s.h | 4 + stdio-common/tst-printf-format-vs.h | 4 + stdlib/stdbit.h | 9 +- sysdeps/arm/Makefile | 5 + sysdeps/generic/ldconfig.h | 3 +- sysdeps/generic/ldsodefs.h | 3 + sysdeps/generic/symbol-hacks.h | 36 ++ .../powerpc64/multiarch/stpncpy-ppc64.c | 3 +- sysdeps/unix/sysv/linux/riscv/setcontext.S | 2 +- 57 files changed, 1503 insertions(+), 48 deletions(-) create mode 100644 elf/ubsan_error.c create mode 100644 elf/ubsan_handle_add_overflow.c create mode 100644 elf/ubsan_handle_builtin_unreachable.c create mode 100644 elf/ubsan_handle_divrem_overflow.c create mode 100644 elf/ubsan_handle_dynamic_type_cache_miss.c create mode 100644 elf/ubsan_handle_invalid_builtin.c create mode 100644 elf/ubsan_handle_load_invalid_value.c create mode 100644 elf/ubsan_handle_mul_overflow.c create mode 100644 elf/ubsan_handle_negate_overflow.c create mode 100644 elf/ubsan_handle_nonnull_arg.c create mode 100644 elf/ubsan_handle_nonnull_return_v1.c create mode 100644 elf/ubsan_handle_out_of_bounds.c create mode 100644 elf/ubsan_handle_overflow.c create mode 100644 elf/ubsan_handle_pointer_overflow.c create mode 100644 elf/ubsan_handle_shift_out_of_bounds.c create mode 100644 elf/ubsan_handle_sub_overflow.c create mode 100644 elf/ubsan_handle_type_mismatch_v1.c create mode 100644 elf/ubsan_handle_vla_bound_not_positive.c create mode 100644 elf/ubsan_val_to_string.c create mode 100644 elf/ubsan_vptr_type_cache.c create mode 100644 include/ubsan.h