Hello.
While trying to track down a memory corruption issue on sparc64/sun4v I noticed
kernel_sanitizers(7) and the
lack of support on platforms other than amd64 and arm/aarch64.
Some of the sanitizers requires MD code, e.g. KASAN, KCSAN and KMSAM, whereas
KUBSAN should be available on all platforms.
Trying to build with KUBSAN enabled on a few selected ports seems to cause
build issues:
sparc/sparc64:
In function 'be16enc',
inlined from 'uuid_enc_be' at
/home/palle/netbsd/git/src/sys/kern/kern_uuid.c:178:2:
/home/palle/netbsd/git/src/sys/sys/endian.h:204:9: error:
'__builtin_memcpy' offset [0, 1] is out of the bounds [0, 0]
[-Werror=array-bounds]
204 | __builtin_memcpy(dst, &u, sizeof(u)); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/palle/netbsd/git/src/sys/sys/endian.h:207:1: note: in
expansion of macro '__GEN_ENDIAN_ENC'
207 | __GEN_ENDIAN_ENC(16, be)
| ^~~~~~~~~~~~~~~~
In function 'be16dec',
evbppc:
In file included from /home/palle/netbsd/git/src/sys/dev/rasops/rasops2.c:49:
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_bitops.h: In function
'rasops2_copycols':
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_masks.h:85:50: error: array
subscript 2147483616 is above array bounds of 'const uint32_t[33]' {aka 'const
unsigned int[33]'} [-Werror=array-bounds]
85 | (dp)[1] = ((dp)[1] & rasops_rmask[n]) |
\
| ~~~~~~~~~~~~^~~
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_bitops.h:279:25:
note: in expansion of macro 'PUTBITS'
279 | PUTBITS(tmp, db, num, drp);
| ^~~~~~~
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_masks.h:92:25: note: while
referencing 'rasops_rmask'
92 | extern const uint32_t rasops_rmask[32 + 1];
| ^~~~~~~~~~~~
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_masks.h:86:56: error: array
subscript 2147483616 is above array bounds of 'const uint32_t[33]' {aka 'const
unsigned int[33]'} [-Werror=array-bounds]
86 | (MBL(sw, 32-(x)) &
rasops_lmask[n]); \
|
~~~~~~~~~~~~^~~
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_bitops.h:279:25: note: in
expansion of macro 'PUTBITS'
279 | PUTBITS(tmp,
db, num, drp);
| ^~~~~~~
/home/palle/netbsd/git/src/sys/dev/rasops/rasops_masks.h:91:25: note: while
referencing 'rasops_lmask'
91 | extern const uint32_t
rasops_lmask[32 + 1];
|
^~~~~~~~~~~~
evbmips64-el:
-- kern-MALTA32 ---
--- aes_bear.o ---
In function 'le32dec',
inlined from 'aesbear_cbc_dec.part.0' at
/home/palle/netbsd/git/src/sys/crypto/aes/aes_bear.c:236:8:
/home/palle/netbsd/git/src/sys/sys/endian.h:220:9: error:
'__builtin_memcpy' offset [0, 3] is out of the bounds [0, 0]
[-Werror=array-bounds]
220 | __builtin_memcpy(&u, buf, sizeof(u)); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/palle/netbsd/git/src/sys/sys/endian.h:228:1: note: in
expansion of macro '__GEN_ENDIAN_DEC'
228 | __GEN_ENDIAN_DEC(32, le)
| ^~~~~~~~~~~~~~~~
--
evbmips64-eb:
--- kern-MALTA32 ---
In function 'be16dec',
inlined from 'uuid_dec_be' at
/home/palle/netbsd/git/src/sys/kern/kern_uuid.c:193:19:
/home/palle/netbsd/git/src/sys/sys/endian.h:220:9: error:
'__builtin_memcpy' offset [0, 1] is out of the bounds [0, 0]
[-Werror=array-bounds]
220 | __builtin_memcpy(&u, buf, sizeof(u)); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/palle/netbsd/git/src/sys/sys/endian.h:224:1: note: in
expansion of macro '__GEN_ENDIAN_DEC'
224 | __GEN_ENDIAN_DEC(16, be)
| ^~~~~~~~~~~~~~~~
riscv32:
bmake[2]: stopped making "all" in
/home/palle/netbsd/build/riscv32/objdir/sys/arch/riscv/compile/GENERIC
--- chacha_ref.o ---
In function 'le32dec',
inlined from 'chacha_stream_ref' at
/home/palle/netbsd/git/src/sys/crypto/chacha/chacha_ref.c:138:7:
/home/palle/netbsd/git/src/sys/sys/endian.h:220:9: error:
'__builtin_memcpy' offset [0, 3] is out of the bounds [0, 0]
[-Werror=array-bounds]
220 | __builtin_memcpy(&u, buf, sizeof(u)); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/palle/netbsd/git/src/sys/sys/endian.h:228:1: note: in
expansion of macro '__GEN_ENDIAN_DEC'
228 | __GEN_ENDIAN_DEC(32, le)
| ^~~~~~~~~~~~~~~~
riscv64:
nbmake[2]: stopped making "all" in
/home/palle/netbsd/build/riscv64/objdir/sys/arch/riscv/compile/GENERIC64
--- chacha_ref.o ---
In function 'le32dec',
inlined from 'chacha_stream_ref' at
/home/palle/netbsd/git/src/sys/crypto/chacha/chacha_ref.c:138:7:
/home/palle/netbsd/git/src/sys/sys/endian.h:220:9: error:
'__builtin_memcpy' offset [0, 3] is out of the bounds [0, 0]
[-Werror=array-bounds]
220 | __builtin_memcpy(&u, buf, sizeof(u)); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/palle/netbsd/git/src/sys/sys/endian.h:228:1: note: in
expansion of macro '__GEN_ENDIAN_DEC'
228 | __GEN_ENDIAN_DEC(32, le)
| ^~~~~~~~~~~~~~~~
---
It would be nice to have KUBSAN enabled when the daily CI build jobs are
running.
Would it make sense to create a GENERIC.KUBSAN config for all ports so build
issues as shown above are caught?
And what about running the daily test runs with the supported kernel sanitizers
enabled as well?
It's a shame that such useful functionality is not enabled by default at least
when the daily test runs are executed.
Regards
Palle
