Under the condition of MKLIBCSANITIZER==yes link ubsan.c into libc.
This is a clean-room reimplementation from scratch of the Undefined
Behavior runtime called micro-UBSan (or uBSan - user-UBSan).
Do not change the signedness bit with a left shift operation.
Cast to unsigned integer to prevent this.
ftok.c:56:10, left shift of 123456789 by 24 places cannot be represented in type 'int'
ftok.c:56:10, left shift of 4160 by 24 places cannot be represented in type 'int'
Detected with micro-UBSan in the user mode.
Do not change the signedness bit with a left shift operation.
Switch to unsigned integer to prevent this in the LAST_FRAG symbol.
xdr_rec.c:559:39, left shift of 1 by 31 places cannot be represented in type 'int'
xdr_rec.c:572:26, left shift of 1 by 31 places cannot be represented in type 'int'
xdr_rec.c:573:25, left shift of 1 by 31 places cannot be represented in type 'int'
xdr_rec.c:632:37, left shift of 1 by 31 places cannot be represented in type 'int'
xdr_rec.c:711:32, left shift of 1 by 31 places cannot be represented in type 'int'
xdr_rec.c:722:28, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with micro-UBSan in the user mode.
Change the type of shifted value to unsigned to prevent altering the
signedness bit.
jemalloc.c:1707:14, left shift of 1 by 31 places cannot be represented in type 'int'
jemalloc.c:1724:15, left shift of 1 by 31 places cannot be represented in type 'int'
jemalloc.c:1840:28, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with micro-UBSan in the user mode.
These changes should make no practical effect - but because external
data is being examined, it would be possible to contrive a situation
(perhaps) where uninit'd vars could actually be used (unless the format
has been checked elsewhere earlier - I did not look ... we have to
appease gcc anyway).
Joerg: Please review (& fix)
The basic glue works with mininal changes for other architectures as
well, but those require linker changes first to avoid leaking dynamic
relocations into the binary.
This change:
* Removes "options PERFCTRS", the associated includes, and the associated
ifdefs. In doing so, it removes several XXXSMPs in the MI code, which is
good.
* Removes the PMC code of ARM XSCALE.
* Removes all the pmc.h files. They were all empty, except for ARM XSCALE.
* Reorders the x86 PMC code not to rely on the legacy pmc.h file. The
definitions are put in sysarch.h.
* Removes the kern/sys_pmc.c file, and along with it, the sys_pmc_control
and sys_pmc_get_info syscalls. They are marked as OBSOL in kern,
netbsd32 and rump.
* Removes the pmc_evid_t and pmc_ctr_t types.
* Removes all the associated man pages. The sets are marked as obsolete.
support for only one ARM CPU. It used to have x86 support, but it was broken
and I removed it. The legacy PMC interface will be removed from the kernel
too. Sent on tech-kern@ yesterday, thorpej was fine.
The pt variable's elements are used after the end of the pt scope.
A move of pt to outer scope fixes this.
Detected with MKSANITIZER/ASan with tmux(1), a forkpty(3) user.
If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.
Detected with MKSANITIZER/ASan when executing passwd(1).