Re: [PATCH v2] ubsan: Tighten UBSAN_BOUNDS on GCC
From: Guenter Roeck
Date: Wed Jun 21 2023 - 12:42:41 EST
Hi,
On Tue, Apr 04, 2023 at 07:23:59PM -0700, Kees Cook wrote:
> The use of -fsanitize=bounds on GCC will ignore some trailing arrays,
> leaving a gap in coverage. Switch to using -fsanitize=bounds-strict to
> match Clang's stricter behavior.
>
> Cc: Marco Elver <elver@xxxxxxxxxx>
> Cc: Masahiro Yamada <masahiroy@xxxxxxxxxx>
> Cc: Nathan Chancellor <nathan@xxxxxxxxxx>
> Cc: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
> Cc: Nicolas Schier <nicolas@xxxxxxxxx>
> Cc: Tom Rix <trix@xxxxxxxxxx>
> Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> Cc: Miroslav Benes <mbenes@xxxxxxx>
> Cc: linux-kbuild@xxxxxxxxxxxxxxx
> Cc: llvm@xxxxxxxxxxxxxxx
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> ---
This patch, presumably as side effect, enables CONFIG_ARCH_STM32
for arm64:allmodconfig. As consequence, CONFIG_STM32_RPROC is enabled
as well. This in turn results in the following build error.
Building arm64:allmodconfig ... failed
--------------
Error log:
In file included from include/linux/printk.h:564,
from include/asm-generic/bug.h:22,
from arch/arm64/include/asm/bug.h:26,
from include/linux/bug.h:5,
from include/linux/fortify-string.h:5,
from include/linux/string.h:254,
from include/linux/dma-mapping.h:7,
from drivers/remoteproc/stm32_rproc.c:9:
drivers/remoteproc/stm32_rproc.c: In function 'stm32_rproc_mem_alloc':
drivers/remoteproc/stm32_rproc.c:122:22: error: format '%x' expects argument of type 'unsigned int', but argument 5 has type 'size_t'
I did not try to understand what is going on, but reverting this
patch fixes the problem.
---
bisect script:
rm .config
make-arm64 mrproper
make-arm64 -j allmodconfig
if ! grep -q CONFIG_ARCH_STM32 .config; then
exit 1
fi
exit 0
---
bisect log:
# bad: [15e71592dbae49a674429c618a10401d7f992ac3] Add linux-next specific files for 20230621
# good: [45a3e24f65e90a047bef86f927ebdc4c710edaa1] Linux 6.4-rc7
git bisect start 'HEAD' 'v6.4-rc7'
# good: [e867e67cd55ae460c860ffd896c7fc96add2821c] Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git
git bisect good e867e67cd55ae460c860ffd896c7fc96add2821c
# good: [0ab4015a11182e2a19c3dd52db85418f370cef39] Merge branch 'for-next' of git://git.kernel.dk/linux-block.git
git bisect good 0ab4015a11182e2a19c3dd52db85418f370cef39
# good: [50b29407850776d7c61461f883e5896dcea596a4] Merge branch 'driver-core-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core.git
git bisect good 50b29407850776d7c61461f883e5896dcea596a4
# good: [04d46f23e86112fc9d6469fc0155ce19faabc181] Merge branch 'staging-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git
git bisect good 04d46f23e86112fc9d6469fc0155ce19faabc181
# good: [bdd44289ba061dab3863ff80a5999d4c6160b93d] Merge branch 'gpio/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux.git
git bisect good bdd44289ba061dab3863ff80a5999d4c6160b93d
# good: [c7d13e64a19b0bbed1a6eb18e9b4fd55f7530e5d] Merge branch 'at24/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux.git
git bisect good c7d13e64a19b0bbed1a6eb18e9b4fd55f7530e5d
# good: [6477d1cebd3339658f8421e05380576ed535677c] Merge branch 'rust-next' of https://github.com/Rust-for-Linux/linux.git
git bisect good 6477d1cebd3339658f8421e05380576ed535677c
# bad: [d01a77afd6bef1b3a2ed15e8ca6887ca7da0cddc] lib/string_helpers: Change returned value of the strreplace()
git bisect bad d01a77afd6bef1b3a2ed15e8ca6887ca7da0cddc
# bad: [d67790ddf0219aa0ad3e13b53ae0a7619b3425a2] overflow: Add struct_size_t() helper
git bisect bad d67790ddf0219aa0ad3e13b53ae0a7619b3425a2
# bad: [30ad0627f169f56180e668e7223eaa43aa190a75] dlm: Replace all non-returning strlcpy with strscpy
git bisect bad 30ad0627f169f56180e668e7223eaa43aa190a75
# bad: [3bf301e1ab85e18ed0e337ce124dc71d6d7b5fd7] string: Add Kunit tests for strcat() family
git bisect bad 3bf301e1ab85e18ed0e337ce124dc71d6d7b5fd7
# bad: [ead62aa370a81c4fb42a44c4edeafe13e0a3a703] fortify: strscpy: Fix flipped q and p docstring typo
git bisect bad ead62aa370a81c4fb42a44c4edeafe13e0a3a703
# bad: [2d47c6956ab3c8b580a59d7704aab3e2a4882b6c] ubsan: Tighten UBSAN_BOUNDS on GCC
git bisect bad 2d47c6956ab3c8b580a59d7704aab3e2a4882b6c
# first bad commit: [2d47c6956ab3c8b580a59d7704aab3e2a4882b6c] ubsan: Tighten UBSAN_BOUNDS on GCC