lib/ubsan: default UBSAN_ALIGNMENT to not set

Message ID 20181217150326.30933-1-anders.roxell@linaro.org
State Accepted
Commit 1a6a1dbeb72fce7517665b365085ea405490c2d5
Headers show
Series
  • lib/ubsan: default UBSAN_ALIGNMENT to not set
Related show

Commit Message

Anders Roxell Dec. 17, 2018, 3:03 p.m.
When booting an allmodconfig kernel, there are a lot of false-positives.
With a message like this 'UBSAN: Undefined behaviour in...' with a call
trace that follows.

Reworked so that when building a allmodconfig kernel that turns
everything into '=m' or '=y' will turn off UBSAN_ALIGNMENT.

Suggested-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Anders Roxell <anders.roxell@linaro.org>

---
 lib/Kconfig.ubsan | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

-- 
2.19.2

Comments

Andrey Ryabinin Jan. 11, 2019, 7:01 p.m. | #1
On 12/17/18 6:03 PM, Anders Roxell wrote:
> When booting an allmodconfig kernel, there are a lot of false-positives.

> With a message like this 'UBSAN: Undefined behaviour in...' with a call

> trace that follows.

> 

> Reworked so that when building a allmodconfig kernel that turns

> everything into '=m' or '=y' will turn off UBSAN_ALIGNMENT.

> 

> Suggested-by: Arnd Bergmann <arnd@arndb.de>

> Signed-off-by: Anders Roxell <anders.roxell@linaro.org>

> ---


Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>



>  lib/Kconfig.ubsan | 14 +++++++++-----

>  1 file changed, 9 insertions(+), 5 deletions(-)

> 

> diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan

> index 98fa559ebd80..a2ae4a8e4fa6 100644

> --- a/lib/Kconfig.ubsan

> +++ b/lib/Kconfig.ubsan

> @@ -27,15 +27,19 @@ config UBSAN_SANITIZE_ALL

>  	  Enabling this option will get kernel image size increased

>  	  significantly.

>  

> -config UBSAN_ALIGNMENT

> -	bool "Enable checking of pointers alignment"

> +config UBSAN_NO_ALIGNMENT

> +	bool "Disable checking of pointers alignment"

>  	depends on UBSAN

> -	default y if !HAVE_EFFICIENT_UNALIGNED_ACCESS

> +	default y if HAVE_EFFICIENT_UNALIGNED_ACCESS

>  	help

> -	  This option enables detection of unaligned memory accesses.

> -	  Enabling this option on architectures that support unaligned

> +	  This option disables the check of unaligned memory accesses.

> +	  This option should be used when building allmodconfig.

> +	  Disabling this option on architectures that support unaligned

>  	  accesses may produce a lot of false positives.

>  

> +config UBSAN_ALIGNMENT

> +	def_bool !UBSAN_NO_ALIGNMENT

> +

>  config TEST_UBSAN

>  	tristate "Module for testing for undefined behavior detection"

>  	depends on m && UBSAN

>
Andrew Morton Jan. 30, 2019, 1:36 a.m. | #2
On Fri, 11 Jan 2019 22:01:16 +0300 Andrey Ryabinin <aryabinin@virtuozzo.com> wrote:

> 

> 

> On 12/17/18 6:03 PM, Anders Roxell wrote:

> > When booting an allmodconfig kernel, there are a lot of false-positives.

> > With a message like this 'UBSAN: Undefined behaviour in...' with a call

> > trace that follows.

> > 

> > Reworked so that when building a allmodconfig kernel that turns

> > everything into '=m' or '=y' will turn off UBSAN_ALIGNMENT.

> > 

> > Suggested-by: Arnd Bergmann <arnd@arndb.de>

> > Signed-off-by: Anders Roxell <anders.roxell@linaro.org>

> > ---

> 

> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

> 


Confused.  Why does allmodconfig result in UBSAN warnings?
Andrey Ryabinin Jan. 30, 2019, 5:12 p.m. | #3
On 1/30/19 4:36 AM, Andrew Morton wrote:
> On Fri, 11 Jan 2019 22:01:16 +0300 Andrey Ryabinin <aryabinin@virtuozzo.com> wrote:

> 

>>

>>

>> On 12/17/18 6:03 PM, Anders Roxell wrote:

>>> When booting an allmodconfig kernel, there are a lot of false-positives.

>>> With a message like this 'UBSAN: Undefined behaviour in...' with a call

>>> trace that follows.

>>>

>>> Reworked so that when building a allmodconfig kernel that turns

>>> everything into '=m' or '=y' will turn off UBSAN_ALIGNMENT.

>>>

>>> Suggested-by: Arnd Bergmann <arnd@arndb.de>

>>> Signed-off-by: Anders Roxell <anders.roxell@linaro.org>

>>> ---

>>

>> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

>>

> 

> Confused.  Why does allmodconfig result in UBSAN warnings?

>  


UBSAN warnings is a result of enabling noisy CONFIG_UBSAN_ALIGNMENT which is disabled
by default if HAVE_EFFICIENT_UNALIGNED_ACCESS=y.
It's noisy even if don't have efficient unaligned access, e.g. people often add  __cacheline_aligned_in_smp
in structs, but forget to align allocations of such struct (kmalloc() give 8-byte alignment in worst case).
Arnd Bergmann Jan. 30, 2019, 9:30 p.m. | #4
On Wed, Jan 30, 2019 at 6:12 PM Andrey Ryabinin <aryabinin@virtuozzo.com> wrote:
> On 1/30/19 4:36 AM, Andrew Morton wrote:

> > On Fri, 11 Jan 2019 22:01:16 +0300 Andrey Ryabinin <aryabinin@virtuozzo.com> wrote:

> >> On 12/17/18 6:03 PM, Anders Roxell wrote:

> >>> When booting an allmodconfig kernel, there are a lot of false-positives.

> >>> With a message like this 'UBSAN: Undefined behaviour in...' with a call

> >>> trace that follows.

> >>>

> >>> Reworked so that when building a allmodconfig kernel that turns

> >>> everything into '=m' or '=y' will turn off UBSAN_ALIGNMENT.

> >>>

> >>> Suggested-by: Arnd Bergmann <arnd@arndb.de>

> >>> Signed-off-by: Anders Roxell <anders.roxell@linaro.org>

> >>> ---

> >>

> >> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

> >>

> >

> > Confused.  Why does allmodconfig result in UBSAN warnings?

> >

>

> UBSAN warnings is a result of enabling noisy CONFIG_UBSAN_ALIGNMENT which is disabled

> by default if HAVE_EFFICIENT_UNALIGNED_ACCESS=y.

> It's noisy even if don't have efficient unaligned access, e.g. people often add

>  __cacheline_aligned_in_smp in structs, but forget to align allocations of such struct

> (kmalloc() give 8-byte alignment in worst case).


That would be a fixable issue, but there is another one that I looked at
with Anders: We have a number of list_for_each_entry_safe() loops
that use a list_head on the stack and add objects of a type with
large alignment. When list_for_each_entry_safe() gets to the end of
that list, it sees a pointer to an unaligned structure starting  few bytes
before the list_head on stack. The only element of that structure that
is ever used is that list_head, so there is no actual problem, but the
warning triggers nonetheless.

      Arnd

Patch

diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index 98fa559ebd80..a2ae4a8e4fa6 100644
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -27,15 +27,19 @@  config UBSAN_SANITIZE_ALL
 	  Enabling this option will get kernel image size increased
 	  significantly.
 
-config UBSAN_ALIGNMENT
-	bool "Enable checking of pointers alignment"
+config UBSAN_NO_ALIGNMENT
+	bool "Disable checking of pointers alignment"
 	depends on UBSAN
-	default y if !HAVE_EFFICIENT_UNALIGNED_ACCESS
+	default y if HAVE_EFFICIENT_UNALIGNED_ACCESS
 	help
-	  This option enables detection of unaligned memory accesses.
-	  Enabling this option on architectures that support unaligned
+	  This option disables the check of unaligned memory accesses.
+	  This option should be used when building allmodconfig.
+	  Disabling this option on architectures that support unaligned
 	  accesses may produce a lot of false positives.
 
+config UBSAN_ALIGNMENT
+	def_bool !UBSAN_NO_ALIGNMENT
+
 config TEST_UBSAN
 	tristate "Module for testing for undefined behavior detection"
 	depends on m && UBSAN