Re: [PATCH] ubsan: disable UBSAN_DIV_ZERO for clang

public inbox for [email protected]
 help / color / mirror / Atom feed

From: Linus Torvalds <[email protected]>
To: Nick Desaulniers <[email protected]>
Cc: Kees Cook <[email protected]>,
	Sudip Mukherjee <[email protected]>,
	Nathan Chancellor <[email protected]>, Tom Rix <[email protected]>,
	Marco Elver <[email protected]>,
	Andrew Morton <[email protected]>,
	Josh Poimboeuf <[email protected]>,
	"Peter Zijlstra (Intel)" <[email protected]>,
	Linux Kernel Mailing List <[email protected]>,
	clang-built-linux <[email protected]>
Subject: Re: [PATCH] ubsan: disable UBSAN_DIV_ZERO for clang
Date: Thu, 14 Jul 2022 14:24:43 -0700	[thread overview]
Message-ID: <CAHk-=whnndsMXO=32vFn9-Osw4r8-NvROV1rtsbxjw9Uvj1WPA@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>

On Thu, Jul 14, 2022 at 1:56 PM Nick Desaulniers
<[email protected]> wrote:
>
> Linus,
> I still think we should add explicit checks to gaurd against divide by
> zero.

I mean, that's what UBSAN_DIV_ZERO is supposed to do.

The fact that clang then messes it up, and turns "I found undefined
behavior" into "I just crashed the machine" is why it needs to be
disabled.

Please conmvince clang people to fix the sanitizer.

  san·i·tize
  /ˈsanəˌtīz/
  verb
  make clean and hygienic; disinfect.

note how "sanitize" is meant to clean things of undefined behavior.

The way you do that is by warning, and giving it defined behavior. It
really is that simple.

Clang seems to warn and then just turn it into ANOTHER - and much
worse - undefined behavior.

In other words, clang doesn't "sanitize" anything at all. It just
moves the mess around and makes it worse.

                    Linus

next prev parent reply	other threads:[~2022-07-14 21:25 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-07-14 20:56 [PATCH] ubsan: disable UBSAN_DIV_ZERO for clang Nick Desaulniers
2022-07-14 21:24 ` Linus Torvalds [this message]
2022-07-14 21:38   ` Nick Desaulniers
2022-07-14 21:48     ` Linus Torvalds
2022-07-14 21:24 ` Nathan Chancellor
2022-07-14 23:15 ` Linus Torvalds

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHk-=whnndsMXO=32vFn9-Osw4r8-NvROV1rtsbxjw9Uvj1WPA@mail.gmail.com' \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox