From: Laura Abbott <labbott@...> commit 1414c7f4f7d72d138fff35f00151d15749b5beda upstream. By default, page poisoning uses a poison value (0xaa) on free. If this is changed to 0, the

This is a backport of changes in 4.5 to add support for GCC's Undefined Behaviour Sanitizer (UBSAN), and fixes for undefined behaviour that it has found (that are not already in 4.4.30). UBSAN

From: Andrey Ryabinin <aryabinin@...> commit c6d308534aef6c99904bf5862066360ae067abc4 upstream. UBSAN uses compile-time instrumentation to catch undefined behavior (UB). Compiler inserts

From: Yang Shi <yang.shi@...> commit 7707535ab95e2231b6d7f2bfb4f27558e83c4dc2 upstream. When enabling UBSAN_SANITIZE_ALL, the kernel image size gets increased significantly (~3x). So, it

From: Eric Biggers <ebiggers3@...> commit f97238373b8662a6d580e204df2e7bcbfa43e27a upstream. Accessing more than one byte from a symbol declared simply 'char' is undefined behavior, as

From: Chris Bainbridge <chris.bainbridge@...> commit bc864af13f34d19c911f5691d87bdacc9ce109f5 upstream. Microcode checksum verification should be done using unsigned 32-bit values otherwise

From: Andrey Ryabinin <aryabinin@...> commit d59b1087a98e402ed9a7cc577f4da435f9a555f5 upstream. Calculation of dirty_ratelimit sometimes is not correct. E.g. initial values of

From: Peter Zijlstra <peterz@...> commit 8184059e93c200757f5c0805dae0f14e880eab5d upstream. Sasha reported: [ 3494.030114] UBSAN: Undefined behaviour in

From: Andrey Ryabinin <aryabinin@...> commit dde5cf39d4d2cce71f2997c37210dd624d0e4bf6 upstream. -fsanitize=* options makes GCC less smart than usual and increase number of

From: Nicolai Stange <nicstange@...> commit e7080a439a6f507abbc860847c33efc39b5c1c6d upstream. If - generic_file_read_iter() gets called with a zero read length, - the read offset is at a

From: Adam Borowski <kilobyte@...> commit 0a25556f84d5f79e68e9502bb1f32a43377ab2bf upstream. The entry for PERF_COUNT_HW_REF_CPU_CYCLES is not used on AMD, but is referenced by

From: Nicolai Stange <nicstange@...> commit b2c0cbd657173f024138d6421774007690ceeffd upstream. The values of all but the RADEON_HPD_NONE members of the radeon_hpd_id enum transform 1:1 into

From: Adam Borowski <kilobyte@...> commit 8eb0dfdbda3f56bf7d248ed87fcc383df114ecbb upstream. UBSAN: Undefined behaviour in fs/btrfs/extent-tree.c:4623:21 signed integer overflow: 10808 *

From: Bartlomiej Zolnierkiewicz <b.zolnierkie@...> commit b3a834b1596ac668df206aa2bb1f191c31f5f5e4 upstream. When this_order variable in blk_mq_init_rq_map() becomes zero the code

From: Sven Eckelmann <sven.eckelmann@...> commit d285f52cc0f23564fd61976d43fd5b991b4828f6 upstream. The undefined behavior sanatizer detected an signed integer overflow in a setup with

From: Oleg Nesterov <oleg@...> commit 5c8ccefdf46c5f87d87b694c7fbc04941c2c99a5 upstream. All the users of siginmask() must ensure that sig < SIGRTMIN. sig_fatal() doesn't and this is

From: Seung-Woo Kim <sw0312.kim@...> commit 65257a0deed5aee66b4e3708944f0be62a64cabc upstream. This patch removes following UBSAN warnings in dw_mci_setup_bus(). UBSAN: Undefined

From: Nicolas Iooss <nicolas.iooss_linux@...> commit 901d805c33fc4c029fc6b2d94ee5fb7d30278045 upstream. handle_object_size_mismatch() used %pk to format a kernel pointer with pr_err(). This

From: Vegard Nossum <vegard.nossum@...> commit 12311959ecf8a3a64676c01b62ce67a0c5f0fd49 upstream. I got this:

From: Vegard Nossum <vegard.nossum@...> commit 979515c5645830465739254abc1b1648ada41518 upstream. I ran into this: