Introduce the CONFIG_UBSAN_FATAL option to cater to scenarios where prompt
attention to undefined behavior issues, notably during CI test runs, is
essential. When enabled, this option causes Xen to panic upon detecting
UBSAN failure (as the last step in ubsan_epilogue()).
Signed-off-by: Michal Orzel <michal.or...@amd.com>
---
xen/Kconfig.debug | 7 +++++++
xen/common/ubsan/ubsan.c | 4 ++++
2 files changed, 11 insertions(+)
diff --git a/xen/Kconfig.debug b/xen/Kconfig.debug
index 94e818ee09b5..e19e9d48817c 100644
--- a/xen/Kconfig.debug
+++ b/xen/Kconfig.debug
@@ -107,6 +107,13 @@ config UBSAN
If unsure, say N here.
+config UBSAN_FATAL
+ bool "Panic on UBSAN failure"
+ depends on UBSAN
+ help
+ Enabling this option will cause Xen to panic when an undefined
behavior
+ is detected by UBSAN. If unsure, say N here.
+
config DEBUG_TRACE
bool "Debug trace support"
---help---
diff --git a/xen/common/ubsan/ubsan.c b/xen/common/ubsan/ubsan.c
index a3a80fa99eec..dd5ee0013648 100644
--- a/xen/common/ubsan/ubsan.c
+++ b/xen/common/ubsan/ubsan.c
@@ -174,6 +174,10 @@ static void ubsan_epilogue(unsigned long *flags)
"========================================\n");
spin_unlock_irqrestore(&report_lock, *flags);
current->in_ubsan--;
+
+#ifdef CONFIG_UBSAN_FATAL
+ panic("UBSAN failure detected\n");
+#endif
}
static void handle_overflow(struct overflow_data *data, unsigned long lhs,
--
2.25.1
