From patchwork Sun Aug 26 23:13:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eugeniu Rosca X-Patchwork-Id: 962307 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="ql401s5a"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 41zDKV2HRHz9s2P for ; Mon, 27 Aug 2018 11:08:25 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id 1309BC21EC5; Mon, 27 Aug 2018 01:08:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=FREEMAIL_FROM, KHOP_BIG_TO_CC, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id EC1C1C21C3F; Mon, 27 Aug 2018 01:08:10 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 90BB1C21C3F; Sun, 26 Aug 2018 23:15:09 +0000 (UTC) Received: from mail-wm0-f66.google.com (mail-wm0-f66.google.com [74.125.82.66]) by lists.denx.de (Postfix) with ESMTPS id 6D7E0C21C27 for ; Sun, 26 Aug 2018 23:15:06 +0000 (UTC) Received: by mail-wm0-f66.google.com with SMTP id j192-v6so6610505wmj.1 for ; Sun, 26 Aug 2018 16:15:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=VufiN9oo212JbRfTNACFLX3pSrZFVajO6nkljPXCwoM=; b=ql401s5aZDKwj19K+9S/8DfkdZeY6n05kYEkA1nkel1iDOfeoIwqd/Bscm3dGpqAiy 60A64JxywqyclGh8v1rQxgpG5LQieg7EQHroEzA/sstFoIKOpOi1MQhO7WtSy8Ftxxad d2jiUBcWVnv1SCoBRuQZZhZsyf+4hK3XIMNdp2MEXzNjLX6qDn4C3pPtRDaBxhr0y3f5 gBp0yL8cvxGmMR06iiuJxqtHSYi+mRqBBRUIVH00DUewXtiXgNO/uesyJdgYPAVqlGG6 Jm0IWRDVYDKYmkl8S7pCJOO6EauNPO1Tbzjcr6EXPE0nI2nHGwy+SunXPfRkjbcwO73+ sEXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=VufiN9oo212JbRfTNACFLX3pSrZFVajO6nkljPXCwoM=; b=radz7p9RX8rl47vFj1CbSkEoTXaeytLTv7Lbn5fKg9AvyTb/SGfQr2ww1jdMNBFrtY l9GKvrgXrnv0mrWuIRHMskDrxMZW46G4a1iea8je46B6oFo85S1QHIHvhvwsdjJ5HfCz VUXselBpkq7vAqrmUf0Ylyhh50GdfdPF9+4/c0H5amN1FsGUyi5vJaKnCUnAg2MJhXje jFQJjZFMDT7RDdyeu4ppJJMxCs6qbRETQb+fEf21WusAjxbNrETzUI1+NklPAt0o1gCE pTdgbmwSBKW1PBxOXWOQ3+OOoKAlZLkk9OMWVuO06hDkH8ge2/E2rlnPnwviDwJHHN0g r0rw== X-Gm-Message-State: APzg51DQvnlmZj5OErHgXxjWdAuw3JUdFBhoOoPq6VyJOpgxJbVFYXLN kJn/T+d3apJ2F8YWjp2CU3Y= X-Google-Smtp-Source: ANB0VdaoB6Lgm28+eExW6JsMyBot2s8e4duAqR0S5xeT1OoozxEohzOZVzDkb9WwyzNyQNUSOCdQ6w== X-Received: by 2002:a1c:bb0a:: with SMTP id l10-v6mr3930216wmf.32.1535325306002; Sun, 26 Aug 2018 16:15:06 -0700 (PDT) Received: from localhost.localdomain (ipb218f467.dynamic.kabel-deutschland.de. [178.24.244.103]) by smtp.gmail.com with ESMTPSA id e141-v6sm10828362wmd.32.2018.08.26.16.15.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 26 Aug 2018 16:15:04 -0700 (PDT) From: Eugeniu Rosca X-Google-Original-From: Eugeniu Rosca To: Tom Rini , u-boot@lists.denx.de Date: Mon, 27 Aug 2018 01:13:18 +0200 Message-Id: <20180826231332.2491-1-erosca@de.adit-jv.com> X-Mailer: git-send-email 2.18.0 X-Mailman-Approved-At: Mon, 27 Aug 2018 01:08:09 +0000 Cc: Maxime Ripard , Joe Hershberger , Eugeniu Rosca , Chris Packham , Michal Simek , Marek Vasut , Marek Vasut , Stefan Roese , Stephen Warren , Heinrich Schuchardt , Alexey Brodkin , Alexander Graf , Eugeniu Rosca , Andre Przywara , Jagan Teki , Fabio Estevam Subject: [U-Boot] [PATCH v2 00/13] Import Undefined Behavior Sanitizer X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" While certain classes of bugs (e.g. locking related) are totally irrelevant for U-Boot, undefined behavior is something U-Boot may experience all over the place and this certainly can lead to hidden and difficult to debug issues. As of v4.18, Linux kernel contains roughly 119 UBSAN fixes [1], so it has been quite a productive and useful tool to play with during development. Thanks to UBSAN, this series fixes 11 (+1 in [2]) UB issues, revealed by simply cold-booting (sometimes by running an existing command on) sandbox, qemu-system-{arm,ppc,i386} and arm64 R-Car Gen3 targets. | Undefined Behavior class | Noticed | Fixed | Ref --|---------------------------------------|---------|-------|----- A | Signed shift overflow | 8 | 8 | B | Zero-sized array declaration | 2 | 2 | C | Read-past-end-of-array | 1 | 1 | D | Shift by negative value | 1 | 0 | [3] E | Load of address 'X' with insufficient | | | | space for an object of type 'Y' | ~20-30 | 0 | [4] A certain class of UBs (see E above) is reported regularly at runtime on all architectures and looks to be related to the implementation of U-Boot linker-generated arrays [4]. I believe some feedback from the authors/maintainers of those is required to assess if this is a UBSAN false positive or a real bug. The "signed shift overflow" (see A above) UB is very common in U-Boot. Grepping the code for '(1 << 31)' (which is a consistent source of this type of UB) gives 528 occurrences: $ git grep -E '1[ ]*<<[ ]*31' | wc -l 528 This series collects the low-hanging fruit, as well as leaves others to experiment with UBSAN themselves. Best regards, Eugeniu. [1] git log --oneline --no-merges --grep UBSAN v4.18 | wc -l 119 [2] https://patchwork.ozlabs.org/patch/957323/ [3] Example of "shift by negative value" UB ================================================================== UBSAN: Undefined behaviour in drivers/pci/fsl_pci_init.c:139:17 shift exponent -1 is negative ================================================================== [4] Either a false-positive or a bug in "include/linker_lists.h": ================================================================= UBSAN: Undefined behaviour in drivers/core/lists.c:28:26 load of address 000000000075f180 with insufficient space for an object of type 'char *' ================================================================= Eugeniu Rosca (13): UBSAN: run-time undefined behavior sanity checker mmc: Fix signed shift overflow armv8: mmu: Fix signed shift overflow pinctrl: renesas: Fix signed shift overflow net: phy: Fix signed shift overflow net: ravb: Fix signed shift overflow x86: Fix signed shift overflow in MSR_IA32_APICBASE_BASE disk: part_dos: Fix signed shift overflow common.h: Fix signed shift overflow in cpumask_next() mmc: Fix read-past-end-of-array hashtable: Fix zero-sized array input: Fix zero-sized array configs: sandbox*: Enable UBSAN Makefile | 3 +- arch/Kconfig | 4 + arch/arm/Kconfig | 1 + arch/arm/include/asm/armv8/mmu.h | 42 +-- arch/x86/include/asm/msr-index.h | 2 +- configs/sandbox64_defconfig | 1 + configs/sandbox_defconfig | 1 + configs/sandbox_flattree_defconfig | 1 + configs/sandbox_noblk_defconfig | 1 + configs/sandbox_spl_defconfig | 1 + disk/part_dos.c | 9 +- drivers/input/input.c | 4 +- drivers/mmc/mmc.c | 4 +- drivers/net/phy/phy.c | 4 +- drivers/net/ravb.c | 16 +- drivers/pinctrl/renesas/sh_pfc.h | 14 +- examples/standalone/Makefile | 2 + include/common.h | 2 +- include/linux/compat.h | 3 + include/search.h | 2 +- lib/Kconfig | 1 + lib/Kconfig.ubsan | 29 ++ lib/Makefile | 2 + lib/hashtable.c | 4 +- lib/linux_compat.c | 3 + lib/ubsan.c | 461 +++++++++++++++++++++++++++++ lib/ubsan.h | 94 ++++++ scripts/Makefile.lib | 6 + scripts/Makefile.ubsan | 20 ++ 29 files changed, 684 insertions(+), 53 deletions(-) create mode 100644 lib/Kconfig.ubsan create mode 100644 lib/ubsan.c create mode 100644 lib/ubsan.h create mode 100644 scripts/Makefile.ubsan