From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
 id 6BAC23857C59; Tue, 14 Sep 2021 18:36:01 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6BAC23857C59
From: "kees at outflux dot net" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug sanitizer/102317] signed integer overflow sanitizer cannot work
 well with -fno-strict-overflow
Date: Tue, 14 Sep 2021 18:36:01 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: sanitizer
X-Bugzilla-Version: 12.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: kees at outflux dot net
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Resolution: INVALID
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-102317-4-SeJMsxkNkO@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-102317-4@http.gcc.gnu.org/bugzilla/>
References: <bug-102317-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: gcc-bugs@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-bugs mailing list <gcc-bugs.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-bugs>,
 <mailto:gcc-bugs-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-bugs>,
 <mailto:gcc-bugs-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Sep 2021 18:36:01 -0000

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D102317

--- Comment #9 from Kees Cook <kees at outflux dot net> ---
(In reply to Jakub Jelinek from comment #8)
> So, instead (when building the kernel with sanitization) build with
> -fsanitize=3Dsigned-integer-overflow and no -fno-strict-overflow, and
> the routines where you want wrapv behavior and not runtime traps build wi=
th
> optimize ("wrapv", "wrapv-pointer") attribute?

__attribute__((optimize)) is documented as not for production use ("for
debugging purposes only"):
https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-op=
timize-function-attribute
and the kernel has hit multiple problems with it. As such, all use has been
removed, for example:
https://lore.kernel.org/lkml/20201027205723.12514-1-ardb@kernel.org/
https://lore.kernel.org/lkml/20201028080433.26799-1-ardb@kernel.org/
https://lore.kernel.org/lkml/20210118105557.186614-3-adrian.ratiu@collabora=
.com/

If there were an __attribute__((wrapv)) and __attribute__((wrapv-pointer)),=
 we
could create the wrapping helpers with those and
__attribute__((no_sanitize("signed-integer-overflow")))


FWIW, I've been trying to track this issue in the kernel here:
https://github.com/KSPP/linux/issues/26=