目标和动力
C/C++ 代码在运行时可能会存在未定义的行为。导致 未定义的行为包括:
- 使用未对齐指针或 null 指针。
- 有符号整数溢出。
- 转换为会溢出的浮点类型,或者从浮点类型之间进行转换 目标位置
为了大规模发现这些问题,我们推出了对 紫红色的未定义行为排错程序 (UBSan)。此运行时检查原为 默认启用。 尽管发现的大多数问题都已修正,并且新问题不会 引入源代码树后,还有 待解决的 UBSan 问题。
技术背景
需精通 C/C++ 编程。
如何提供帮助
选择任务
查看待解决的 UBSan 问题,然后选择要修正的错误。
或者,查找具有抑制的构建目标:
source_set("foo") {
...
# TODO(https://fxbug.dev/xxxxx): UBSan has found an instance of undefined behavior in this target.
# Disable UBSan for this target temporarily until it is migrated into CI/CQ.
configs += [ "//build/config:temporarily_disable_ubsan_do_not_use" ]
}
您可以专注于您拥有的代码,也可以在整个树中随机选择目标。
执行任务
第一步是解除禁止状态并解决问题。UBSan 通过记录根本原因和堆栈轨迹来提供问题排查信息 问题发生的时间。例如:
[2105.728] 1054084.1055594> ../../src/connectivity/wlan/lib/common/cpp/include/wlan/common/element.h:769:48: runtime error: upcast
[2105.728] 1054084.1055594> of misaligned address 0x245287a88d03 for type 'wlan::SupportedMcsRxMcsHead', which requires 8 byte alignment
[2105.729] 1054084.1055594> 0x245287a88d03: note: pointer points here
[2105.729] 1054084.1055594> 62 fe 01 00 ff 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[2105.729] 1054084.1055594> ^
2020/02/20 21:52:42.559678 WARN: on line 16830: could not find module for 0x22ec07646c96
2020/02/20 21:52:42.559792 WARN: on line 16831: could not find module for 0x22ec076466e9
[2105.734] 1054084.1055594> #0 0x000022ddedc71a41 in wlan::HtCapabilities::ToDdk() const ../../out/default/../../src/connectivity/wlan/lib/common/cpp/include/wlan/common/element.h:769 <<VMO#1054220=wlantap.so>>+0x1dba41
[2105.734] 1054084.1055594> #1 0x000022ec07646c96 in <>+0x38c96
[2105.734] 1054084.1055594> #2 0x000022ec076466e9 in <>+0x386e9
[2105.734] 1054084.1055594> #3 0x000022ddedc71a41 in wlan::HtCapabilities::ToDdk() const ../../out/default/../../src/connectivity/wlan/lib/common/cpp/include/wlan/common/element.h:769 <<VMO#1054220=wlantap.so>>+0x1dba41
2020/02/20 21:49:12.077658 testrunner attempting to close SSH session due to: failed to run SSH command: Process exited with status 101
2020/02/20 21:49:12.077681 testrunner ERROR: failed to send KILL signal over SSH session: EOF
2020/02/20 21:49:12.077689 testrunner ERROR: failed to close SSH session: EOF
[2105.735] 1054084.1055594> {{2020/02/20 21:49:12.081620 testrunner ERROR: failed to run SSH command: Process exited with status 101
not ok 138 fuchsia-pkg://fuchsia.com/wlan-hw-sim-test#meta/configure_legacy_privacy_off.cmx (4.259382565s)
{bt:4:0x22ddedc6d904}}}
[2105.735] 1054084.1055594> #5 0x000022ddedc6f173 in wlan::ConvertPhyInfo(wlan_info*, fuchsia::wlan::device::PhyInfo const&) ../../out/default/../../src/connectivity/wlan/testing/wlantap-driver/utils.cc:167 <<VMO#1054220=wlantap.so>>+0x1d9173
[2105.735] 1054084.1055594> #6 0x000022ddedc9521a in wlan::(anonymous namespace)::WlantapPhy::Query(wlanphy_impl_info*) ../../out/default/../../src/connectivity/wlan/testing/wlantap-driver/wlantap-phy.cc:186 <<VMO#1054220=wlantap.so>>+0x1ff21a
[2105.735] 1054084.1055594> #7 0x000022ddedc94f90 in wlan::$_0::operator()(void*, wlanphy_impl_info*) const ../../out/default/../../src/connectivity/wlan/testing/wlantap-driver/wlantap-phy.cc:410 <<VMO#1054220=wlantap.so>>+0x1fef90
[2105.735] 1054084.1055594> #8 0x000022ddedc94e8c in wlan::$_0::__invoke(void*, wlanphy_impl_info*) ../../out/default/../../src/connectivity/wlan/testing/wlantap-driver/wlantap-phy.cc:409 <<VMO#1054220=wlantap.so>>+0x1fee8c
[2105.735] 1054084.1055594> #9 0x000021a1e2e3d3e4 in wlanphy::Device::Query(fit::function_impl<16ul, false, void (fuchsia::wlan::device::QueryResponse)>) ../../out/default/../../src/connectivity/wlan/drivers/wlanphy/device.cc:260 <<VMO#1055531=wlanphy.so>>+0x1ab3e4
[2105.735] 1054084.1055594> #10 0x000021a1e2e9e77e in fuchsia::wlan::device::Phy_Stub::Dispatch_(fidl::Message, fidl::internal::PendingResponse) ../../out/default/fidling/gen/sdk/fidl/fuchsia.wlan.device/fuchsia/wlan/device/cpp/fidl.cc:739 <<VMO#1055531=wlanphy.so>>+0x20c77e
[2105.735] 1054084.1055594> #11 0x000021a1e2fa9a26 in fidl::internal::StubController::OnMessage(fidl::Message) ../../out/default/../../sdk/lib/fidl/cpp/internal/stub_controller.cc:30 <<VMO#1055531=wlanphy.so>>+0x317a26
[2105.735] 1054084.1055594> #12 0x000021a1e2f916b4 in fidl::internal::MessageReader::ReadAndDispatchMessage(fidl::MessageBuffer*) ../../out/default/../../sdk/lib/fidl/cpp/internal/message_reader.cc:235 <<VMO#1055531=wlanphy.so>>+0x2ff6b4
[2105.735] 1054084.1055594> #13 0x000021a1e2f91bde in fidl::internal::MessageReader::OnHandleReady(async_dispatcher*, int, zx_packet_signal const*) ../../out/default/../../sdk/lib/fidl/cpp/internal/message_reader.cc:179 <<VMO#1055531=wlanphy.so>>+0x2ffbde
[2105.735] 1054084.1055594> #14 0x000021a1e2f8f13c in fidl::internal::MessageReader::CallHandler(async_dispatcher*, async_wait*, int, zx_packet_signal const*) ../../out/default/../../sdk/lib/fidl/cpp/internal/message_reader.cc:166 <<VMO#1055531=wlanphy.so>>+0x2fd13c
[2105.735] 1054084.1055594> #15.1 0x000021a1e3273e31 in async_loop_run_once ../../out/default/../../sdk/lib/async-loop/loop.c:0 <<VMO#1055531=wlanphy.so>>+0x5e1e31
[2105.735] 1054084.1055594> #15 0x000021a1e3273e31 in async_loop_run ../../out/default/../../sdk/lib/async-loop/loop.c:253 <<VMO#1055531=wlanphy.so>>+0x5e1e31
[2105.735] 1054084.1055594> #16 0x000021a1e3275b76 in async_loop_run_thread ../../out/default/../../sdk/lib/async-loop/loop.c:799 <<VMO#1055531=wlanphy.so>>+0x5e3b76
[2105.736] 1054084.1055594> #17 0x000041f10d1f067e in start_c11 ../../out/default.zircon/../../zircon/third_party/ulib/musl/pthread/pthread_create.c:37 <libc.so>+0xaa67e
[2105.736] 1054084.1055594> #18 0x000041f10d3017ad in thread_trampoline ../../out/default.zircon/../../zircon/system/ulib/runtime/thread.c:93 <libc.so>+0x1bb7ad
[2105.736] 1054084.1055594>
如果是 UBSan 错误,该错误已包含此信息 但相关信息可能会公开,具体取决于错误报告的提交时间 日期。您也可以尝试重现问题,例如通过运行 移除禁用或将更改发送到 CQ 的测试。
如果无法重现问题,并且已解除禁止设置的更改 然后继续学习下一部分。如果违反规则的 代码已修复或移除,但更改的作者留下了抑制/错误 完好无损。
有关 UndefinedBehaviorSanitizer 和可用检查的更多信息 可在上游文档中找到。
完成任务
请在更改说明中标记封面 bug,如下所示:
Fixed: xxxxx
通过所有者查找审核者,然后合并您的更改。
示例
- 464343:[volume_image] 修复 ubsan 问题
- 461437:[ubsan] 修复了 nullptr 中的 memcpy
- 460020:[quickjs] 修复了 UBSan bug
- 460140:[UBSan][rawtime] 修复了未对齐读取,重新启用 UBSan
赞助商
如有疑问或需要更新状态,欢迎与我们联系: