[U-Boot] [PATCH v2 01/13] UBSAN: run-time undefined behavior sanity checker

[Tom Rini <trini@konsulko.com>]

On Mon, Aug 27, 2018 at 01:13:19AM +0200, Eugeniu Rosca wrote:

> Import Undefined Behavior SANitizer from Linux Kernel v4.18, as
> implemented by Andrey Ryabinin <aryabinin@virtuozzo.com>.
> 
> Roughly, the UBSAN development history in Linux kernel looks like:
> 
> v4.18     3ca17b1f3628 ("lib/ubsan: remove null-pointer checks")
> v4.17-rc1 317506009216 ("lib/test_ubsan.c: make test_ubsan_misaligned_access() static")
> v4.17-rc1 854686f4edf4 ("lib: add testing module for UBSAN")
> v4.16-rc1 bac7a1fff792 ("lib/ubsan: remove returns-nonnull-attribute checks")
> v4.16-rc1 42440c1f9911 ("lib/ubsan: add type mismatch handler for new GCC/Clang")
> v4.16-rc1 b8fe1120b4ba ("lib/ubsan.c: s/missaligned/misaligned/")
> v4.10-rc1 0462554707d6 ("Kconfig: lib/Kconfig.ubsan fix reference to ubsan documentation")
>  v4.9-rc5 a76bcf557ef4 ("Kbuild: enable -Wmaybe-uninitialized warning for "make W=1"")
>  v4.9-rc1 725c4d22bbc4 ("ubsan: allow to disable the null sanitizer")
>  v4.9-rc1 1ead009cd622 ("docs: sphinxify ubsan.txt and move it to dev-tools")
>  v4.8-rc1 901d805c33fc ("UBSAN: fix typo in format string")
>  v4.8-rc1 6e8d666e9253 ("Disable "maybe-uninitialized" warning globally")
>  v4.6-rc1 dde5cf39d4d2 ("ubsan: fix tree-wide -Wmaybe-uninitialized false positives")
>  v4.5-rc4 7707535ab95e ("ubsan: cosmetic fix to Kconfig text")
>  v4.5-rc1 bf76f73c5f65 ("powerpc: enable UBSAN support")
>  v4.5-rc1 c6d308534aef ("UBSAN: run-time undefined behavior sanity checker")
> 
> What's not interesting for U-Boot is:
>  - 317506009216 ("lib/test_ubsan.c: make test_ubsan_misaligned_access() static")
>  - 854686f4edf4 ("lib: add testing module for UBSAN")
>    since they add a module-only test functionality.
>  - any Documentation commits.
> 
> Since dump_stack() evaluates to NOOP in U-Boot, the UBSAN report
> retains only the header from the original kernel report.
> 
> As example, below is a UB found in U-Boot thanks to UBSAN:
> 
>  ====================================================================
>  UBSAN: Undefined behaviour in drivers/net/phy/phy.c:728:19
>  left shift of 1 by 31 places cannot be represented in type 'int'
>  ====================================================================
> 
> For comparison, below is a full-fledged kernel UBSAN report, based on
> v4.17-rc4 Linux commit 0dfc0c792d69 ("iommu/vt-d: fix shift-out-of-
> bounds in bug checking"):
> 
>  ================================================================================
> UBSAN: Undefined behaviour in drivers/iommu/dmar.c:1348:3
> shift exponent 64 is too large for 32-bit type 'int'
> CPU: 2 PID: 0 Comm: swapper/2 Tainted: G     U            4.17.0-rc1+ #89
> Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016
> Call Trace:
>  <IRQ>
>  dump_stack+0x90/0xfb
>  ubsan_epilogue+0x9/0x40
>  __ubsan_handle_shift_out_of_bounds+0x10e/0x170
>  ? qi_flush_dev_iotlb+0x124/0x180

Reviewed-by: Tom Rini <trini@konsulko.com>

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180827/bef3dbb9/attachment.sig>