Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp1048800imw; Thu, 14 Jul 2022 16:17:43 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vUj+6Y59gFlNeH0EWetKYySlLerUeyJPwFQVu689ANWkM+sbPp3CEMyiYdmcBHvD+M0ejk X-Received: by 2002:a17:902:9046:b0:168:b8ee:8164 with SMTP id w6-20020a170902904600b00168b8ee8164mr10428480plz.159.1657840663534; Thu, 14 Jul 2022 16:17:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657840663; cv=none; d=google.com; s=arc-20160816; b=rE0NlTQcYLpk561P+mfLwdCWAO+puqj1jr88XCFFNgWKokRGLlr4iaJft6seLaeXQm EOFd2s61WenPRIJvRO4Ku93YUTYT07wAQtMwCk2hL2eEIB4fIKdIMcAH6woZ0OV3KgAs zfOk3/S+/sT3GgD+bSjUlMFYaPZhkkJNwsVO5xd5WuQXOK3Uqo3e+3Xm3LfyXM6ATS5e r1ByjWxYr4is9AyGWerxtNE8+XRavzPUX4k1QY+1i12LGZ8nK9zsL8w04JqKuDdq3syv NSmSxfGRXRY2tSgq4F4+VDrHANpg28BIowNRbmnl/lyI/f4PnNEw2P2njH6ZB7nTNhzp F4bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=mhQ2HipCSIsUJpyE/i8kxJC7kPv5Mey32tmIcjzcEvM=; b=rSfmn15rqLvDwdEtGiYI9N4nkOlyKRPDOYGOyQrKdo67JnECtq9EmaW8crhXDs28ll BRhoc9RBb3bREkbw5fh76CmSR8OckAaCGKn9GJ3gkGvsQjb0akj98GGQZmNdBBGnIFC1 YrfYOaWy+f3W8jxH4xmcQK7Wha4mMWlKnt2lpHIZsfnjc4oM1vbQi6UvDshM18/n1a9Y 4O4M8lnFPJIx7V+Td+5GU7P1R08Gv9CBAF3zSpsfR7/qkFaszRkiMqHBw/ETlf50WrSL pP6zzWyVkpaWIZFghHGZSUxq8oM/hme7iOYOZHrKFaUx2zN4mO21+JW1+/2WMC9QJ03d rExQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="E2/At9bh"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s18-20020a634512000000b00412a34b4731si3091871pga.633.2022.07.14.16.17.28; Thu, 14 Jul 2022 16:17:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="E2/At9bh"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240895AbiGNXP7 (ORCPT + 99 others); Thu, 14 Jul 2022 19:15:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39704 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240880AbiGNXP7 (ORCPT ); Thu, 14 Jul 2022 19:15:59 -0400 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3B7EE70E52 for ; Thu, 14 Jul 2022 16:15:58 -0700 (PDT) Received: by mail-ej1-x631.google.com with SMTP id fy29so4941229ejc.12 for ; Thu, 14 Jul 2022 16:15:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mhQ2HipCSIsUJpyE/i8kxJC7kPv5Mey32tmIcjzcEvM=; b=E2/At9bh0D+VaRs0orvvuVOXh4fB5WM8tcn/3FipPHKSOBT3NhDUeIDNQ/mQER9x8Z XV9jeVxH9x2+zduW3/Gu50S4g+78OEXb8l1fM82ztO6lYoOZ7JpbZ0y5SP0OKbgx8XbJ km0wJxtnSUeQCP/qz9ngZvdi21muhw6ELdWE4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mhQ2HipCSIsUJpyE/i8kxJC7kPv5Mey32tmIcjzcEvM=; b=kZn1ThNsT0evrOwIGchyCfjIdGVmYQUrh7JGyJnWarY1VSrUvDVEi7Xtdg1DBlPbVw f5ScOXZ8orRwYbvrP/AsirsqfEEJ2wezkI8uXUB/0IHIvRNw8LrJBViMfGkwVwxynPUI f56bBJ2qhpUPyDbStMc2iXtTH3ppj+mWrOioKqDvdqb9HSYmP19lrJkYmh8plIIZbeR0 NHptITq+e3AMd3ILqvPMXaHuqOqxIokFkTtIkXQiFnotHlqSXACpmSCJvYCow+p99kDF 5o++uyDgkF5LvZQHBYxv6efQ2WMJxJR/bpSlYBUh7Lp2GVK6Uut5DjADqWlpD3Qr0EP8 T3eA== X-Gm-Message-State: AJIora929IhkuZbZKUzmXI9FWms36PG/AInlh+feoxNGKybC3LGHGuIO guBbI6yTu0nJ4GrdlGcbdKz1lK2nCY1beAFBN3s= X-Received: by 2002:a17:906:49d4:b0:6d6:e5ec:9a23 with SMTP id w20-20020a17090649d400b006d6e5ec9a23mr11312708ejv.79.1657840556631; Thu, 14 Jul 2022 16:15:56 -0700 (PDT) Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com. [209.85.221.50]) by smtp.gmail.com with ESMTPSA id d23-20020a170906305700b0072b7d76211dsm1237305ejd.107.2022.07.14.16.15.52 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 14 Jul 2022 16:15:53 -0700 (PDT) Received: by mail-wr1-f50.google.com with SMTP id bk26so4485140wrb.11 for ; Thu, 14 Jul 2022 16:15:52 -0700 (PDT) X-Received: by 2002:a05:6000:1a88:b0:21d:aa97:cb16 with SMTP id f8-20020a0560001a8800b0021daa97cb16mr10335067wry.97.1657840551971; Thu, 14 Jul 2022 16:15:51 -0700 (PDT) MIME-Version: 1.0 References: <20220714205646.4023495-1-ndesaulniers@google.com> In-Reply-To: <20220714205646.4023495-1-ndesaulniers@google.com> From: Linus Torvalds Date: Thu, 14 Jul 2022 16:15:35 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] ubsan: disable UBSAN_DIV_ZERO for clang To: Nick Desaulniers Cc: Kees Cook , Sudip Mukherjee , Nathan Chancellor , Tom Rix , Marco Elver , Andrew Morton , Josh Poimboeuf , "Peter Zijlstra (Intel)" , Linux Kernel Mailing List , clang-built-linux Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jul 14, 2022 at 1:56 PM Nick Desaulniers wrote: > > Building with UBSAN_DIV_ZERO with clang produces numerous fallthrough > warnings from objtool. Ok, with this applied, things are better. There are still the "__ubsan_handle_load_invalid_value() with UACCESS enabled" messages, but those are misfeatures of the kvm cmpxchg implementation. I'm not entirely sure why the clang build warns but gcc doesn't, but I *think* it's because clang is just being silly. It *looks* like it checks that a "bool" has a value range of 0/1, and will complain if not. And the reason I say that's silly is that if I read it correctly, then that value has literally been generated by clang itself, using "setz" instruction. It's the __try_cmpxchg_user_asm() macro, and with clang-14 I have it's that CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT case, and the C code uses inline asm and does asm_volatile_goto("\n" \ "1: " LOCK_PREFIX "cmpxchg"itype" %[new], %[ptr]\n"\ _ASM_EXTABLE_UA(1b, %l[label]) \ : CC_OUT(z) (success), \ where that CC_OUT() in this case turns into # define CC_OUT(c) "=@cc" #c and clang generates this code for it: 7d01e: f0 48 0f b1 4d 00 lock cmpxchg %rcx,0x0(%rbp) 7d024: 49 89 c5 mov %rax,%r13 7d027: 0f 94 c0 sete %al 7d02a: 41 88 c6 mov %al,%r14b 7d02d: bf 02 00 00 00 mov $0x2,%edi 7d032: 44 89 f6 mov %r14d,%esi 7d035: e8 00 00 00 00 call __sanitizer_cov_trace_const_cmp1 7d03a: 41 80 fe 01 cmp $0x1,%r14b 7d03e: 0f 87 af 01 00 00 ja 7d1f3 where that last "ja 7d1f3" is the branch to the code that then calls __ubsan_handle_load_invalid_value. But look at that code: it's literally sete %al mov %al,%r14b cmp $0x1,%r14b where clang has generated that "sete itself, and then it verifies that the result is "<= 1". IOW, clang seems to be literally just checking that the "sete" instruction works right. That's silly. Maybe I'm misreading this, but I think the reason the clang build complains, but the gcc build does not, is simply because gcc isn't doing crazy checks of how the CPU works. Some mis-feature of the "asm with flag output" code, where clang doesn't understand that it generated that code itself, and the "setcc" instruction always returns 0/1? The old issue with "memcpy/memset() leaves .noinstr.text section" because clang has generated out-of-line functions for trivial copies also remains, but whatever. Linus