Sanitization is a process of detecting potential issues during the execution process. Sanitizers instrument (embedding checks into the generated code) and interact with the runtime linked into an executable, either statically or dynamically. In the past month, I've finished a functional support of MKSANITIZER with Address Sanitizer and Undefined Behavior Sanitizer. MKSANITIZER uses the default compiler runtime shipped with Clang and GCC and ported to NetBSD. Over the past month, I've implemented from scratch a clean-room version of the UBSan runtime. The initial motivation was the need of developing one for the purposes of catching undefined behavior reports (unspecified code semantics in a compiled executable) in the NetBSD kernel. However, since we need to write a new runtime, I've decided to go two steps further and design code that will be usable inside libc and as a standalone library (linked .c source code) for the use of ATF regression tests. http://blog.netbsd.org/tnf/entry/introduction_to_%C2%B5ubsan_a_clean Plan for the next milestone The Google Summer of Code programming period is over and I intend to finish two leftover tasks:: - Port the ptrace(2) attach functionality in honggfuzz to NetBSD. It will allow catching crash signals more effectively during the fuzzing process. - Resume the porting process (together with the student) of Address Sanitizer to the NetBSD kernel. This work was sponsored by The NetBSD Foundation.
Attachment:
signature.asc
Description: OpenPGP digital signature