An implementation of ubsan runtime library suitable for use in production.
Minimal attack surface.
- No stack traces.
- Definitely no C++ demangling.
- No UBSAN_OPTIONS=log_file=/path (very suid-unfriendly). And no UBSAN_OPTIONS in general.
- as simple as possible
Minimal CPU and RAM overhead.
- Source locations unnecessary in the presence of (split) debug info.
- Values and types (as in A+B overflows T) can be reconstructed from register/stack dumps, once you know what type of error you are looking at.
- above two items save 3% binary size.
When UBSan is used with -ftrap-function=abort, sometimes it is hard to reason about failures. This library replaces abort with a slightly more informative message without much extra overhead. Since ubsan interface in not stable, this code must reside in compiler-rt.
- Tests pending ***
Now that we have three of these I think it would be more readable to change this to:
and similarly below.