kernel undefined behavior sanitizer
kubsan detects undefined behavior at runtime inside the
kernel. Detected undefined behavior is printed to the system console,
including the offending line in the source code.
kubsan is not enabled but
instead requires the following line to be present in the kernel
The following undefined behavior is detected:
- Integer overflow
- The result of an arithmetic computation on two integer operands cannot be
represented by the destination type.
- Negate overflow
- Negation of an integer cannot be represented by the destination type.
- Pointer overflow
- Pointer arithmetic overflow.
- Out of bounds
- Array indexing out of bounds, limited to cases where the size of the array
can be statically determined.
- Shift out of bounds
- Undefined logical shift caused by:
- The shift amount being negative.
- The shift operand being negative.
- The shift amount exceeds the number of bits as given by the shift
- The result of the shift computation cannot be represented by the
- Non-null argument
NULL as the value for a function argument
- Invalid load
- Loading a value that cannot be represented by the destination type.
- Type mismatch
- Mismatch between pointer and value type caused by:
- A pointer which does not fulfill the alignment requirements of the
- A pointer to an address which lacks sufficient space to store the
- Execution reached passed a function annotated with
kubsan implementation is derived from
NetBSD and first appeared in OpenBSD
kubsan implementation is limited to architectures
using clang(1) as their default compiler.