| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jul 2022 14:24:43 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Nick Desaulniers <ndesaulniers@...gle.com>
Cc: Kees Cook <keescook@...omium.org>,
Sudip Mukherjee <sudipm.mukherjee@...il.com>,
Nathan Chancellor <nathan@...nel.org>,
Tom Rix <trix@...hat.com>, Marco Elver <elver@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Josh Poimboeuf <jpoimboe@...nel.org>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
clang-built-linux <llvm@...ts.linux.dev>
Subject: Re: [PATCH] ubsan: disable UBSAN_DIV_ZERO for clang
On Thu, Jul 14, 2022 at 1:56 PM Nick Desaulniers
<ndesaulniers@...gle.com> wrote:
>
> Linus,
> I still think we should add explicit checks to gaurd against divide by
> zero.
I mean, that's what UBSAN_DIV_ZERO is supposed to do.
The fact that clang then messes it up, and turns "I found undefined
behavior" into "I just crashed the machine" is why it needs to be
disabled.
Please conmvince clang people to fix the sanitizer.
san·i·tize
/ˈsanəˌtīz/
verb
make clean and hygienic; disinfect.
note how "sanitize" is meant to clean things of undefined behavior.
The way you do that is by warning, and giving it defined behavior. It
really is that simple.
Clang seems to warn and then just turn it into ANOTHER - and much
worse - undefined behavior.
In other words, clang doesn't "sanitize" anything at all. It just
moves the mess around and makes it worse.
Linus
Powered by blists - more mailing lists