File:  [NetBSD Developer Wiki] / wikisrc / users / maya.mdwn
Revision 1.8: download - view: text, annotated - select for diffs
Sun Feb 25 11:30:25 2018 UTC (23 months, 3 weeks ago) by maya
Branches: MAIN
CVS tags: HEAD
put release notes draft in its own page.

    1: # Tips for using analyzers on NetBSD #
    2: 
    3: ## Address Sanitizer (+UBsan) (preliminary) ##
    4: 
    5: ASan reports memory violations, and detects many off-by-ones. It seems to produce very high quality reports.
    6: 
    7: It only needs to be compiled on the resulting binary[1]. It cannot compile static objects so requires some fiddling with makefiles to disable those.
    8: 
    9: I've been running it on netbsd tests in the following manner[2]:
   10: 
   11:     cd /usr/src/tests/lib/libc
   12:     env USETOOLS=never MK_SSP=no HAVE_SSP=no CFLAGS="-fno-omit-frame-pointer -O0 -g -ggdb -U_FORTIFY_SOURCE -fsanitize=address -fsanitize=undefined" LDFLAGS="-lasan -lubsan" make -j20
   13: 
   14:     env ASAN_OPTIONS=alloc_dealloc_mismatch=0 LD_PRELOAD="/usr/lib/libasan.so /usr/lib/libubsan.so" atf-run # [3]
   15: 
   16:     sysctl -w security.pax.aslr.enabled=0 # [4]
   17: 
   18: 1. Seems like this is a cause of worse reports, as in-library functions
   19: are not intercepted.
   20: 
   21: 2. Not even close to canonical commands, should probably be improved.
   22: 
   23: 3. To workaround "Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly". An alternative is to LD_PRELOAD and LD_LIBRARY_PATH an entirely separate libc, ld.elf_so, etc.
   24: 
   25: 4. ASan can be wrong about which function is faulting, if we're talking about functions internal to the library. Running it on a separate file or in GDB can be helpful. Worth trying if the failure doesn't make sense.
   26: 
   27: **Important note: ASan should not be run on production systems. [It can pose a security risk](http://www.openwall.com/lists/oss-security/2016/02/17/9).**
   28: 
   29: ## Coverity ##
   30: 
   31: Coverity is a static analyzer.
   32: 
   33: You can see a part of its output in coverity-updates@, and a lot more
   34: if you go to the website (sign up with your netbsd email or poke someone
   35: for access).
   36: 
   37: A lot of the reports are about strncpy/strcpy or in code that belongs
   38: to GCC (in the case of userland), you can tackle this by limiting
   39: results to a particular directory (click the folder icon). You can
   40: also sort by issue.
   41: 
   42: Some suggestions for things to focus on, as there are many defects
   43: reported:
   44: 
   45: - Setuid programs
   46: - Anything kernel
   47: - Stuff that runs as root
   48: - Library or other code you know well already
   49: - Drivers for hardware you actually own and can test
   50: 
   51: ## Future ideas: ##
   52: 
   53: - GCC could be told to add ASan flags for all shared objects, making it easier to build world with those flags
   54: - We could run all of NetBSD with ASan for some real world tests.
   55: - ASan for kernel? (subr_kmem.c has some flags which do some of the work, could it do more?)
   56: - Fuzzers are cool.

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb