From: Kees Cook <keescook@chromium.org>
To: Justin Stitt <justinstitt@google.com>
Cc: Marco Elver <elver@google.com>, Miguel Ojeda <ojeda@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Hao Luo <haoluo@google.com>,
Andrey Konovalov <andreyknvl@gmail.com>,
Andrew Morton <akpm@linux-foundation.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Nicolas Schier <nicolas@fjasle.eu>,
Nick Desaulniers <ndesaulniers@google.com>,
Przemek Kitszel <przemyslaw.kitszel@intel.com>,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
linux-hardening@vger.kernel.org, linux-kbuild@vger.kernel.org
Subject: Re: [PATCH v3] ubsan: Reintroduce signed overflow sanitizer
Date: Wed, 7 Feb 2024 03:04:14 -0800 [thread overview]
Message-ID: <202402070255.36699AE147@keescook> (raw)
In-Reply-To: <20240207014528.5byuufi5f33bl6e2@google.com>
On Wed, Feb 07, 2024 at 01:45:28AM +0000, Justin Stitt wrote:
> I wouldn't mind also seeing a test_ubsan_div_overflow test case here.
>
> It has some quirky behavior and it'd be nice to test that the sanitizers
> properly capture it.
>
> Check out this Godbolt: https://godbolt.org/z/qG5f1j6n1
>
> tl;dr: with -fsanitize=signed-integer-overflow division (/) and
> remainder (%) operators still instrument arithmetic even with
> -fno-strict-overflow on.
>
> This makes sense as division by 0 and INT_MIN/-1 are UBs that are not
> influenced by -fno-strict-overflow.
There is actually already a test_ubsan_divrem_overflow, but because the
failure modes result in a trap even without the sanitizer, it's disabled
in the test. For testing a crashing mode, it might be interesting to add
it to LKDTM, which is the crash tester...
>
> Really though, the patch is fine and the above test case is optional and
> can be shipped later -- as such:
>
> Reviewed-by: Justin Stitt <justinstitt@google.com>
Thanks!
-Kees
--
Kees Cook
prev parent reply other threads:[~2024-02-07 11:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-05 9:37 [PATCH v3] ubsan: Reintroduce signed overflow sanitizer Kees Cook
2024-02-05 11:29 ` Marco Elver
2024-02-05 12:51 ` Kees Cook
2024-02-05 12:54 ` Andrey Ryabinin
2024-02-05 12:59 ` Kees Cook
2024-02-05 13:10 ` Marco Elver
2024-02-06 11:09 ` Kees Cook
2024-02-07 1:45 ` Justin Stitt
2024-02-07 11:04 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202402070255.36699AE147@keescook \
--to=keescook@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=elver@google.com \
--cc=haoluo@google.com \
--cc=justinstitt@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=nicolas@fjasle.eu \
--cc=ojeda@kernel.org \
--cc=peterz@infradead.org \
--cc=przemyslaw.kitszel@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.