[U-Boot] [PATCH 0/8] Import Undefined Behavior Sanitizer

Mon Aug 20 00:00:24 UTC 2018

While certain classes of bugs (e.g. locking related) are totally
irrelevant for U-Boot, undefined behavior is something U-Boot may
experience all over the place and this certainly can lead to hidden
and difficult to debug issues.

As of v4.18, Linux kernel contains roughly 119 UBSAN fixes [1]. Hence
the sanity checker has been quite a productive and useful tool to play
with during development.

Thanks to UBSAN, this series proposes 7 (+1 in [2]) UB fixes, revealed
by a simple cold boot of sandbox and arm64 R-Car Gen3 U-Boot. There
could be more issues in arch/platform/board-specific code, whose
reproduction needs specific hardware.

A certain class of UBs [3] is reported regularly at runtime and looks
to be related to the implementation of U-Boot linker-generated arrays.
I believe some feedback from the authors/maintainers of those is
required to assess if this is a UBSAN false positive or a real bug.

This series collects the low-hanging fruit and leaves others to
experiment with UBSAN themselves.

Best regards,
Eugeniu.

[1] git log --oneline --no-merges --grep UBSAN v4.18 | wc -l
    119
[2] https://patchwork.ozlabs.org/patch/957323/
[3] Either a false-positive or a bug in "include/linker_lists.h":
=================================================================
UBSAN: Undefined behaviour in drivers/core/lists.c:28:26
load of address 000000000075f180 with insufficient space
for an object of type 'char *'
=================================================================

Eugeniu Rosca (8):
  UBSAN: run-time undefined behavior sanity checker
  mmc: Fix "left shift in type int" undefined behavior
  armv8: mmu: Fix "left shift in type int" undefined behavior
  pinctrl: renesas: Fix "left shift in type int" undefined behavior
  net: phy: Fix "left shift in type int" undefined behavior
  net: ravb: Fix "left shift in type int" undefined behavior
  mmc: Fix read-past-end-of-array undefined behavior
  hashtable: Fix zero-sized array undefined behavior

 Makefile                         |   3 +-
 arch/Kconfig                     |   1 +
 arch/arm/Kconfig                 |   1 +
 arch/arm/include/asm/armv8/mmu.h |   8 +-
 drivers/mmc/mmc.c                |   4 +-
 drivers/net/phy/phy.c            |   4 +-
 drivers/net/ravb.c               |  16 +-
 drivers/pinctrl/renesas/sh_pfc.h |  14 +-
 examples/standalone/Makefile     |   2 +
 include/linux/compat.h           |   3 +
 include/search.h                 |   2 +-
 lib/Kconfig                      |   1 +
 lib/Kconfig.ubsan                |  29 ++
 lib/Makefile                     |   3 +
 lib/hashtable.c                  |   4 +-
 lib/linux_compat.c               |   3 +
 lib/ubsan.c                      | 461 +++++++++++++++++++++++++++++++
 lib/ubsan.h                      |  94 +++++++
 scripts/Makefile.lib             |   6 +
 scripts/Makefile.ubsan           |  20 ++
 20 files changed, 652 insertions(+), 27 deletions(-)
 create mode 100644 lib/Kconfig.ubsan
 create mode 100644 lib/ubsan.c
 create mode 100644 lib/ubsan.h
 create mode 100644 scripts/Makefile.ubsan

-- 
2.18.0