Re: [PATCH 4.14 17/89] futex: Prevent overflow by strengthen input validation
From: Peter Zijlstra
Date: Thu Jan 25 2018 - 10:31:03 EST
On Thu, Jan 25, 2018 at 04:21:51PM +0100, Jiri Slaby wrote:
> > The same reason it was applied upstream, it fixes a reported
> > issue.
> >
> > Does that mean that all UBSAN overflow error reports are not valid
> > because of how we build the kernel?
>
> IMO yes, because with the option, signed overflow is not undefined.
>
> In the long term, it would be nice to get rid of *all* signed integer
> overflows and kill the compiler option from Makefile. Therefore the
> fixes are indeed very valid in upstream.
I actually think the option is unconditionally good. Undefined behaviour
in a language is bad. Sadly C has lots of it, but any reduction we can
have we must take.