While certain classes of bugs (e.g. locking related) are totally irrelevant for U-Boot, undefined behavior is something U-Boot may experience all over the place and this certainly can lead to hidden and difficult to debug issues.
As of v4.18, Linux kernel contains roughly 119 UBSAN fixes [1]. Hence the sanity checker has been quite a productive and useful tool to play with during development.
Thanks to UBSAN, this series proposes 7 (+1 in [2]) UB fixes, revealed by a simple cold boot of sandbox and arm64 R-Car Gen3 U-Boot. There could be more issues in arch/platform/board-specific code, whose reproduction needs specific hardware.
A certain class of UBs [3] is reported regularly at runtime and looks to be related to the implementation of U-Boot linker-generated arrays. I believe some feedback from the authors/maintainers of those is required to assess if this is a UBSAN false positive or a real bug.
This series collects the low-hanging fruit and leaves others to experiment with UBSAN themselves.
Best regards, Eugeniu.
[1] git log --oneline --no-merges --grep UBSAN v4.18 | wc -l 119 [2] https://patchwork.ozlabs.org/patch/957323/ [3] Either a false-positive or a bug in "include/linker_lists.h": ================================================================= UBSAN: Undefined behaviour in drivers/core/lists.c:28:26 load of address 000000000075f180 with insufficient space for an object of type 'char *' =================================================================
Eugeniu Rosca (8): UBSAN: run-time undefined behavior sanity checker mmc: Fix "left shift in type int" undefined behavior armv8: mmu: Fix "left shift in type int" undefined behavior pinctrl: renesas: Fix "left shift in type int" undefined behavior net: phy: Fix "left shift in type int" undefined behavior net: ravb: Fix "left shift in type int" undefined behavior mmc: Fix read-past-end-of-array undefined behavior hashtable: Fix zero-sized array undefined behavior
Makefile | 3 +- arch/Kconfig | 1 + arch/arm/Kconfig | 1 + arch/arm/include/asm/armv8/mmu.h | 8 +- drivers/mmc/mmc.c | 4 +- drivers/net/phy/phy.c | 4 +- drivers/net/ravb.c | 16 +- drivers/pinctrl/renesas/sh_pfc.h | 14 +- examples/standalone/Makefile | 2 + include/linux/compat.h | 3 + include/search.h | 2 +- lib/Kconfig | 1 + lib/Kconfig.ubsan | 29 ++ lib/Makefile | 3 + lib/hashtable.c | 4 +- lib/linux_compat.c | 3 + lib/ubsan.c | 461 +++++++++++++++++++++++++++++++ lib/ubsan.h | 94 +++++++ scripts/Makefile.lib | 6 + scripts/Makefile.ubsan | 20 ++ 20 files changed, 652 insertions(+), 27 deletions(-) create mode 100644 lib/Kconfig.ubsan create mode 100644 lib/ubsan.c create mode 100644 lib/ubsan.h create mode 100644 scripts/Makefile.ubsan