[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] ubsan: Introduce CONFIG_UBSAN_FATAL to panic on UBSAN failure

To: Michal Orzel <michal.orzel@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Julien Grall <julien@xxxxxxx>
Date: Tue, 28 Nov 2023 17:14:03 +0100
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
Delivery-date: Tue, 28 Nov 2023 16:14:20 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Michal,

On 27/11/2023 15:41, Michal Orzel wrote:

Introduce the CONFIG_UBSAN_FATAL option to cater to scenarios where prompt
attention to undefined behavior issues, notably during CI test runs, is
essential. When enabled, this option causes Xen to panic upon detecting
UBSAN failure (as the last step in ubsan_epilogue()).

I have mixed opinions on this patch. This would be a good one if we hada Xen mostly free from UBSAN behavior. But this is not the case at leaston arm32. So we would end up to stop at the first error. IOW, we wouldneed to fix the first error before we can see the next one.

So I feel it would be best if the gitlab CI jobs actually check forUSBAN in the logs and fail if there are any. With that, we can get thefull list of UBSAN issues on each job.


Cheers,


Signed-off-by: Michal Orzel <michal.orzel@xxxxxxx>
---
  xen/Kconfig.debug        | 7 +++++++
  xen/common/ubsan/ubsan.c | 4 ++++
  2 files changed, 11 insertions(+)

diff --git a/xen/Kconfig.debug b/xen/Kconfig.debug
index 94e818ee09b5..e19e9d48817c 100644
--- a/xen/Kconfig.debug
+++ b/xen/Kconfig.debug
@@ -107,6 +107,13 @@ config UBSAN

If unsure, say N here.+config UBSAN_FATAL

+       bool "Panic on UBSAN failure"
+       depends on UBSAN
+       help
+         Enabling this option will cause Xen to panic when an undefined 
behavior
+         is detected by UBSAN. If unsure, say N here.
+
  config DEBUG_TRACE
        bool "Debug trace support"
        ---help---
diff --git a/xen/common/ubsan/ubsan.c b/xen/common/ubsan/ubsan.c
index a3a80fa99eec..dd5ee0013648 100644
--- a/xen/common/ubsan/ubsan.c
+++ b/xen/common/ubsan/ubsan.c
@@ -174,6 +174,10 @@ static void ubsan_epilogue(unsigned long *flags)
                "========================================\n");
        spin_unlock_irqrestore(&report_lock, *flags);
        current->in_ubsan--;
+
+#ifdef CONFIG_UBSAN_FATAL
+       panic("UBSAN failure detected\n");
+#endif
  }

static void handle_overflow(struct overflow_data *data, unsigned long lhs,


--
Julien Grall

Follow-Ups:
- Re: [PATCH] ubsan: Introduce CONFIG_UBSAN_FATAL to panic on UBSAN failure
  - From: Michal Orzel

References:
- [PATCH] ubsan: Introduce CONFIG_UBSAN_FATAL to panic on UBSAN failure
  - From: Michal Orzel

Prev by Date: Re: [RFC XEN PATCH v2 3/3] tools: Add new function to get gsi from irq
Next by Date: Re: [RFC XEN PATCH v2 3/3] tools: Add new function to get gsi from irq
Previous by thread: [PATCH] ubsan: Introduce CONFIG_UBSAN_FATAL to panic on UBSAN failure
Next by thread: Re: [PATCH] ubsan: Introduce CONFIG_UBSAN_FATAL to panic on UBSAN failure
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.