HTTP/2 301
content-security-policy: script-src 'sha256-1az3CiAdXAaMP3TFl5msfrDjNuSHMdg1ecAgxfZPR50=' 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'none'; report-uri https://csp.withgoogle.com/csp/chromium-website/
location: https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Sun, 12 Oct 2025 03:13:42 GMT
x-served-by: cache-bom-vanm7210067-BOM
x-cache: MISS
x-cache-hits: 0
x-timer: S1760238823.635970,VS0,VE117
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85
HTTP/2 301
content-security-policy: script-src 'sha256-1az3CiAdXAaMP3TFl5msfrDjNuSHMdg1ecAgxfZPR50=' 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'none'; report-uri https://csp.withgoogle.com/csp/chromium-website/
location: /developers/testing/undefinedbehaviorsanitizer/
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Sun, 12 Oct 2025 03:13:42 GMT
x-served-by: cache-bom-vanm7210026-BOM
x-cache: MISS
x-cache-hits: 0
x-timer: S1760238823.807764,VS0,VE125
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62
HTTP/2 200
cache-control: max-age=3600
content-encoding: gzip
content-security-policy: script-src 'sha256-1az3CiAdXAaMP3TFl5msfrDjNuSHMdg1ecAgxfZPR50=' 'unsafe-inline' 'strict-dynamic'; object-src 'none'; base-uri 'none'; report-uri https://csp.withgoogle.com/csp/chromium-website/
content-type: text/html; charset=utf-8
etag: "aaa0f5cb2daf58162710410d3512a271b243ced699a423373c008982cc3ab5f4"
last-modified: Fri, 10 Oct 2025 02:31:02 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Sun, 12 Oct 2025 03:13:43 GMT
x-served-by: cache-bom-vanm7210026-BOM
x-cache: MISS
x-cache-hits: 0
x-timer: S1760238823.946071,VS0,VE163
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2210
UndefinedBehaviorSanitizer (UBSan)
UndefinedBehaviorSanitizer (UBSan) is a fast undefined behavior detector
implemented in Clang and Compiler-rt. Various computations will be instrumented
to detect undefined behavior at runtime.
For now, only 64-bit Linux platform is tested. Various compile flags to use
UBSan is available at
https://clang.llvm.org/docs/UsersManual.html#controlling-code-generation.
UBSan builds are experimentally supported by Chromium, and can be built as
below. is_ubsan=true automatically enforces to use Clang as a build compiler.
Please note that is_ubsan=true excludes -fsanitize=vptr, which is also part of
the undefined behavior sanitizer.
gn args out/ubsan
# set is_ubsan = true
# set is_debug = false
ninja -C out/ubsan chrome
To use -fsanitize=vptr, the is_ubsan_vptr options can be used. is_ubsan_vptr
loads the blocklist from src/tools/ubsan_vptr/ignorelist.txt.
gn args out/ubsan
# set is_ubsan_vptr = true
ninja -C out/ubsan chrome
Pre-built Chrome binaries are available at
https://commondatastorage.googleapis.com/chromium-browser-ubsan/index.html?prefix=linux-release-vptr/
UBSan also supports common runtime flags with UBSAN_OPTIONS like other
sanitizers. Followings are UBSan specific runtime flags.
- print_stacktrace : print the stacktrace when UBSan reports an error.
- suppressions : suppress an error report at runtime.
