cmake: Enable undefined behavior sanitizer on all targets

GCC and Clang support the undefined behavior sanitizer in any configuration, the only restriction is that if you want to get nice messages printed, then you need the ubsan library routines which are only present for posix architecture or when using picolibc. This patch adds three new compiler properties: * sanitizer_undefined. Enables the undefined behavior sanitizer. * sanitizer_undefined_library. Calls ubsan library routines on fault. * sanitizer_undefined_trap. Invokes __builtin_trap() on fault. Overhead for using the trapping sanitizer is fairly low and should be considered for use in CI once all of the undefined behavior faults in Zephyr are fixed. Signed-off-by: Keith Packard <keithp@keithp.com>
2025-04-07 15:23:02 -07:00 · 2025-04-07 15:23:02 -07:00 · 2d64237f44
commit 2d64237f44
parent 1fdad5cc29
6 changed files with 50 additions and 5 deletions
--- a/cmake/compiler/gcc/compiler_flags.cmake
+++ b/cmake/compiler/gcc/compiler_flags.cmake
@ -197,6 +197,10 @@ if(NOT CONFIG_NO_OPTIMIZATIONS)
  set_compiler_property(PROPERTY security_fortify_run_time _FORTIFY_SOURCE=2)
 endif()

+check_set_compiler_property(PROPERTY sanitizer_undefined -fsanitize=undefined)
+check_set_compiler_property(PROPERTY sanitizer_undefined_trap -fsanitize-undefined-trap-on-error)
+check_set_compiler_property(PROPERTY sanitizer_undefined_library)
+
 # gcc flag for a hosted (no-freestanding) application
 check_set_compiler_property(APPEND PROPERTY hosted -fno-freestanding)