[Bug sanitizer/94307] Provide a way to declare the *SAN exception handler -fsanitize-undefined-trap-on-error

Tue, 31 Mar 2020 00:46:17 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94307

--- Comment #6 from Martin Liška <marxin at gcc dot gnu.org> ---
(In reply to Kees Cook from comment #5)
> Hi! I recently learned that Clang has -fsanitizer-minimal-runtime that is
> very close to what I was expecting to use:
> 
> https://bugs.llvm.org/show_bug.cgi?id=45295

Looking at the implementation, you'll still have to implement ~50 entry points:
#define HANDLER_RECOVER(name, msg)                               \
  INTERFACE void __ubsan_handle_##name##_minimal() {             \
    if (!report_this_error(__builtin_return_address(0))) return; \
    message("ubsan: " msg "\n");                                 \
  }

#define HANDLER_NORECOVER(name, msg)                             \
  INTERFACE void __ubsan_handle_##name##_minimal_abort() {       \
    message("ubsan: " msg "\n");                                 \
    abort_with_message("ubsan: " msg);                           \
  }

#define HANDLER(name, msg)                                       \
  HANDLER_RECOVER(name, msg)                                     \
  HANDLER_NORECOVER(name, msg)

HANDLER(type_mismatch, "type-mismatch")
HANDLER(alignment_assumption, "alignment-assumption")
HANDLER(add_overflow, "add-overflow")
HANDLER(sub_overflow, "sub-overflow")
HANDLER(mul_overflow, "mul-overflow")
HANDLER(negate_overflow, "negate-overflow")
HANDLER(divrem_overflow, "divrem-overflow")
HANDLER(shift_out_of_bounds, "shift-out-of-bounds")
HANDLER(out_of_bounds, "out-of-bounds")
HANDLER_RECOVER(builtin_unreachable, "builtin-unreachable")
HANDLER_RECOVER(missing_return, "missing-return")
HANDLER(vla_bound_not_positive, "vla-bound-not-positive")
HANDLER(float_cast_overflow, "float-cast-overflow")
HANDLER(load_invalid_value, "load-invalid-value")
HANDLER(invalid_builtin, "invalid-builtin")
HANDLER(function_type_mismatch, "function-type-mismatch")
HANDLER(implicit_conversion, "implicit-conversion")
HANDLER(nonnull_arg, "nonnull-arg")
HANDLER(nonnull_return, "nonnull-return")
HANDLER(nullability_arg, "nullability-arg")
HANDLER(nullability_return, "nullability-return")
HANDLER(pointer_overflow, "pointer-overflow")
HANDLER(cfi_check_fail, "cfi-check-fail")

> 
> That is close to what you're already suggesting. Would it be possible to do
> the same thing? That way the kernel can have just one "not the full debug
> details" handler.

Well, it can be possible to implement the same. But I would like to see first a
kernel discussion to happen. You can prepare a patch that will utilize clang
and their -fsanitizer-minimal-runtime and sent it to Kernel mailing list. Would
it be possible?

> 
> Thanks for looking at this!

Reply via email to