From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bombadil.infradead.org ([65.50.211.133]:57715 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751170AbeAYPa4 (ORCPT ); Thu, 25 Jan 2018 10:30:56 -0500 Date: Thu, 25 Jan 2018 16:30:45 +0100 From: Peter Zijlstra To: Jiri Slaby Cc: Greg Kroah-Hartman , Thomas Gleixner , linux-kernel@vger.kernel.org, stable@vger.kernel.org, Li Jinyue , dvhart@infradead.org, "torvalds@linux-foundation.org" Subject: Re: [PATCH 4.14 17/89] futex: Prevent overflow by strengthen input validation Message-ID: <20180125153045.GL2269@hirez.programming.kicks-ass.net> References: <20180122083954.683903493@linuxfoundation.org> <20180122083956.427607580@linuxfoundation.org> <20567b49-e0a3-e9e0-d520-74bbfc20d414@suse.cz> <20180125151219.GA16752@kroah.com> <99cabcaa-8829-d50e-afbc-920d9dbbe903@suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <99cabcaa-8829-d50e-afbc-920d9dbbe903@suse.cz> Sender: stable-owner@vger.kernel.org List-ID: On Thu, Jan 25, 2018 at 04:21:51PM +0100, Jiri Slaby wrote: > > The same reason it was applied upstream, it fixes a reported > > issue. > > > > Does that mean that all UBSAN overflow error reports are not valid > > because of how we build the kernel? > > IMO yes, because with the option, signed overflow is not undefined. > > In the long term, it would be nice to get rid of *all* signed integer > overflows and kill the compiler option from Makefile. Therefore the > fixes are indeed very valid in upstream. I actually think the option is unconditionally good. Undefined behaviour in a language is bad. Sadly C has lots of it, but any reduction we can have we must take.