mail archive of the barebox mailing list
 help / color / mirror / Atom feed
* [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN
@ 2020-10-15  9:00 Ahmad Fatoum
  2020-10-15  9:00 ` [PATCH 2/3] kbuild: force compiler to assume two's complement Ahmad Fatoum
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Ahmad Fatoum @ 2020-10-15  9:00 UTC (permalink / raw)
  To: barebox; +Cc: Ahmad Fatoum

dc7f1fce6747 ("sandbox: fix SANDBOX_UNWIND dependency to be KASAN
only") already restricted ARCH_HAS_STACK_DUMP to be dependent
only on AddressSanitizer being available.

This change got lost by an erroneous merge conflict resolution in
39bdcdfb814a ("Merge branch 'for-next/misc' into master"). Fix it up.

Fixes: 39bdcdfb814a ("Merge branch 'for-next/misc' into master")
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
 arch/sandbox/Kconfig | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/arch/sandbox/Kconfig b/arch/sandbox/Kconfig
index bced81f25e9b..113b619fc35b 100644
--- a/arch/sandbox/Kconfig
+++ b/arch/sandbox/Kconfig
@@ -10,6 +10,7 @@ config SANDBOX
 	select BLOCK
 	select BLOCK_WRITE
 	select PARTITION_DISK
+	select ARCH_HAS_STACK_DUMP if ASAN
 	default y
 
 config ARCH_TEXT_BASE
@@ -21,12 +22,6 @@ config LINUX
 	default y
 	select GENERIC_FIND_NEXT_BIT
 
-config SANDBOX_UNWIND
-	bool
-	default y
-	select ARCH_HAS_STACK_DUMP
-	depends on UBSAN || ASAN
-
 config SANDBOX_REEXEC
 	prompt "exec(2) reset handler"
 	def_bool y
-- 
2.28.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 2/3] kbuild: force compiler to assume two's complement
  2020-10-15  9:00 [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Ahmad Fatoum
@ 2020-10-15  9:00 ` Ahmad Fatoum
  2020-10-15  9:00 ` [PATCH 3/3] Revert "common: ubsan: ignore shifting one into sign bit" Ahmad Fatoum
  2020-10-19  7:58 ` [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Sascha Hauer
  2 siblings, 0 replies; 4+ messages in thread
From: Ahmad Fatoum @ 2020-10-15  9:00 UTC (permalink / raw)
  To: barebox; +Cc: Ahmad Fatoum

The kernel is compiled with this option and kernel code we port assumes
that integer types are two's complement, so play it safe and disable
optimizations that are possibly buggy in respect to barebox.

Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
 Makefile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Makefile b/Makefile
index 164f23e872df..ae713b5a665b 100644
--- a/Makefile
+++ b/Makefile
@@ -619,6 +619,9 @@ KBUILD_CFLAGS += $(call cc-disable-warning, trampolines)
 
 KBUILD_CFLAGS += $(call cc-option, -fno-delete-null-pointer-checks,)
 
+# disable invalid "can't wrap" optimizations for signed / pointers
+KBUILD_CFLAGS	+= $(call cc-option,-fno-strict-overflow)
+
 KBUILD_CFLAGS   += $(call cc-disable-warning, address-of-packed-member)
 
 # Align the bit size of userspace programs with the kernel
-- 
2.28.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 3/3] Revert "common: ubsan: ignore shifting one into sign bit"
  2020-10-15  9:00 [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Ahmad Fatoum
  2020-10-15  9:00 ` [PATCH 2/3] kbuild: force compiler to assume two's complement Ahmad Fatoum
@ 2020-10-15  9:00 ` Ahmad Fatoum
  2020-10-19  7:58 ` [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Sascha Hauer
  2 siblings, 0 replies; 4+ messages in thread
From: Ahmad Fatoum @ 2020-10-15  9:00 UTC (permalink / raw)
  To: barebox; +Cc: Ahmad Fatoum

With the previous commit, we now explicitly tell GCC not to optimize
constructs like (1 << 31) under assumption that they are undefined
anyway. GCC >= 8.0 -fsanitize=undefined should now not warn any longer
about (1 << 31) instances, so remove our work around.

This reverts commit 55397b9ebe3a21a3aeb6a98131c0991bff0f7123.

Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
 lib/ubsan.c | 20 --------------------
 1 file changed, 20 deletions(-)

diff --git a/lib/ubsan.c b/lib/ubsan.c
index 085d470cf784..648c7cc48a60 100644
--- a/lib/ubsan.c
+++ b/lib/ubsan.c
@@ -382,26 +382,6 @@ void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data,
 	if (suppress_report(&data->location))
 		return;
 
-	/* This handler would be called for code shifting a one into the
-	 * sign bit like (1 << 31), which is all too common in barebox.
-	 * It's technically UB, but it's so prevalent that it's highly
-	 * unlikely to be treated by a compiler as anything else than the
-	 * standard-compliant (1U << 31). Thus check for this case here
-	 * and ignore it selectively
-	 */
-	if (type_is_signed(lhs_type)) {
-		s_max lhs_int, rhs_int;
-
-		lhs_int = get_signed_val(lhs_type, lhs);
-		rhs_int = get_signed_val(rhs_type, rhs);
-
-		if (fls(lhs_int) + rhs_int == type_bit_width(lhs_type)) {
-			pr_debug("signed left shift of %lld by %lld ignored.\n",
-				(s64)lhs_int, (s64)rhs_int);
-			return;
-		}
-	}
-
 	ubsan_prologue(&data->location, &flags);
 
 	val_to_string(rhs_str, sizeof(rhs_str), rhs_type, rhs);
-- 
2.28.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN
  2020-10-15  9:00 [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Ahmad Fatoum
  2020-10-15  9:00 ` [PATCH 2/3] kbuild: force compiler to assume two's complement Ahmad Fatoum
  2020-10-15  9:00 ` [PATCH 3/3] Revert "common: ubsan: ignore shifting one into sign bit" Ahmad Fatoum
@ 2020-10-19  7:58 ` Sascha Hauer
  2 siblings, 0 replies; 4+ messages in thread
From: Sascha Hauer @ 2020-10-19  7:58 UTC (permalink / raw)
  To: Ahmad Fatoum; +Cc: barebox

On Thu, Oct 15, 2020 at 11:00:54AM +0200, Ahmad Fatoum wrote:
> dc7f1fce6747 ("sandbox: fix SANDBOX_UNWIND dependency to be KASAN
> only") already restricted ARCH_HAS_STACK_DUMP to be dependent
> only on AddressSanitizer being available.
> 
> This change got lost by an erroneous merge conflict resolution in
> 39bdcdfb814a ("Merge branch 'for-next/misc' into master"). Fix it up.
> 
> Fixes: 39bdcdfb814a ("Merge branch 'for-next/misc' into master")
> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> ---
>  arch/sandbox/Kconfig | 7 +------
>  1 file changed, 1 insertion(+), 6 deletions(-)

Applied this one to master and the other two for next.

Sascha


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-10-19  7:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-15  9:00 [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Ahmad Fatoum
2020-10-15  9:00 ` [PATCH 2/3] kbuild: force compiler to assume two's complement Ahmad Fatoum
2020-10-15  9:00 ` [PATCH 3/3] Revert "common: ubsan: ignore shifting one into sign bit" Ahmad Fatoum
2020-10-19  7:58 ` [PATCH 1/3] sandbox: fix link error when UBSAN is selected without ASAN Sascha Hauer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox