From patchwork Wed May  7 14:17:19 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888069
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp408103wrq;
 Wed, 7 May 2025 07:25:32 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCUBU5EavfXbFZSpCF7S7pi6qfUjElZNnvcZmoRoplTOCGvWWrpzEJxxUFVmvjmqvc+pPfi/AQ==@linaro.org
X-Google-Smtp-Source: AGHT+IHOjOPkHLmjmjiYcn6+Dzzhxj1gCXnG1KkoRaU35JrVbzEogjOT3ARgIEumdCb1ZKsysRYF
X-Received: by 2002:ad4:5dc3:0:b0:6ed:1681:4846 with SMTP id
 6a1803df08f44-6f542a74c11mr63226736d6.24.1746627932094;
 Wed, 07 May 2025 07:25:32 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746627932; cv=pass;
 d=google.com; s=arc-20240605;
 b=VkfdCquqDtX32m1oJsPuYyhw1y1/LvUpsI+kD1ZvVj4Z0kb80BW3JTDDFaNc9gA+L0
 +yQvTCRC7LQ10IVxBTdOtVI8W3/M/2Df0C0qGYy79HC0Viu1p7CN6oG5J9JTszaW76L2
 4LOYYr80ynGD6cAo/V5OaiPTzk0zwvUC72+9xUNwMjXu32Ogh7WVFRZ0sjNGXSDckyvF
 fQtdVhGoOx/++h9u5v2vKLDxOIqaYEylC/OuS2YWPonsEnG1gRrgX+ZJLC8y499RyvlK
 P6KitFhxakx4aHtxL/VVTcowNFhaEUcTz09NHGDK+02a+HmjhGk/EPA9+gU6W8cH1E07
 gHcw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter
 :delivered-to:dkim-filter;
 bh=hn38aUOHhHcvSWsYSfBkryGJAsQmbkDdnhJnIREaSB8=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=DhmMvllzhj0v3nGpNQDeLY2suGEjsWzr5129aXCfLH5IziSehv8HWUuJkaK7I3G+Id
 5UkoapIKYNyvk6x3tSFF8h2BsNFirxqKxpW0gx3Naq1QE/eHswOjYtLq7Jf1wYlkiHpL
 nF5079LvqScVW4wtJr2dGE4ZvDvtWYakjW7izTHkpw8L9wnvLs2SLadz863uRqvcZd/+
 s2CvVe86+W6pq2kqYQ4Nlvojos9JdTGxJXV0oGlDWcZP9uuVXqU92bCBbU8cbfyorjmr
 cPICnbn3tSZZ8n9HeUekdHPr4C8CEDbOxB6nNKIe63kQzFcOqT9VmaIMMcvUFqj6rdvR
 Hi3w==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=DeFMe6G7;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id
 6a1803df08f44-6f5427fa386si19772676d6.410.2025.05.07.07.25.31
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:25:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=DeFMe6G7;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 8B0FA3857711
 for <patch@linaro.org>; Wed,  7 May 2025 14:25:31 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8B0FA3857711
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=DeFMe6G7
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com
 [IPv6:2607:f8b0:4864:20::1032])
 by sourceware.org (Postfix) with ESMTPS id 0EFF83858CD1
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:21:19 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0EFF83858CD1
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 0EFF83858CD1
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::1032
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627679; cv=none;
 b=nS769JnEweXStzEiPtYg/CekKByPY2bVd7SREtYLUZN4n8ZEzdF/JcOeOTbHzAykHeuQIFcAhDvV3qdIu6J/9Frbl39X29EevnFnKpv3F1PfWwHhJPJRT4k5ooz/ctLLR/2XojaiB/xU4o2vVVTcX4LKfhPlkFeke/N1hlLZjLQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627679; c=relaxed/simple;
 bh=X5DHL9cQ0C3dJ4EqXF83XnbXPLQRPRh+V8inXD7EwkQ=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=Mq1W4XQxull4b7Mqeo//+R6uFWD4SBeLlFINA7vpQ6ikqEc/ueDA2Q90aDho11yhZPeyMpx8TnljDOPNV/kNNhQVHATUyBP0yrxwB0aoO1egsTxvVZpKxS37S7pI6IoGuLPLMUJQ/bEnBQFRF1F2ZXltFbE/HQxYG186eoGJ5Fo=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0EFF83858CD1
Received: by mail-pj1-x1032.google.com with SMTP id
 98e67ed59e1d1-30ac5cc0df4so580668a91.2
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:21:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627678; x=1747232478; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=hn38aUOHhHcvSWsYSfBkryGJAsQmbkDdnhJnIREaSB8=;
 b=DeFMe6G7f0Bh5bsBUyKTdkLb3gDtGH10hnF/8zpVEtDwka089KmFOCFt3yf+Qq4rmc
 lSijyrPM1qAeZkRA9vjTjbM3v5YVL1PkPk5d0VodaLUGSHe/aHHibMJy1ks6fsPE+cRQ
 3xs6SGsbdxlGL9u53V6ouiK/llMrYFEw/YTa8dwj1k3tO4OJpToIxJwvAC8MfKFJJuxg
 vGTnzJnyNrJODzNFuRV7n5KuhpzGETVKArajbDhmTuvJ0KI0MHGla9iSd6yFLo/1I/e/
 +vhdQtKwLCRfwlTqFTERLkdwG0IEg/5f8xv5FvRngbpSgbN1D+m0tbsD3+y7rKvtvChv
 myDg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627678; x=1747232478;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=hn38aUOHhHcvSWsYSfBkryGJAsQmbkDdnhJnIREaSB8=;
 b=KV3kZOr3g7tnHkQh6wEB4twkepW68ltRMFxiLNZBh381znqloNwyxSFDrQzwQhQGD6
 lP9J7xWCsJ3pQhHF5HoH0G05bxrllqftjZ9aAFf5amBG7fNxmzqrSW6vHTQpBiznVME7
 Oico8Xqev95tVA21//cwwC5aq1h91CS26Aa0oQWWTIZ4FlGnFRSBZi+fUl86jvZ9XrQE
 fDmoHj30CrjPUje54zRxpC32+CIYaDYG6ePZcrLBe/LL+TYOlXz7EoZqv+O2SmyCQ2lD
 FfFNMvEpyGKFNpy3KpiSL0h1hg3ahTiO2RwqLMkCUOLrFMrjyX6CsApxhRqqdtcVg0Zd
 jZcQ==
X-Gm-Message-State: AOJu0YzAIU65+5aMZoXrnNDrlCJxBxCpTDzRSi7ZpNq1CDU6/RFRhBNm
 GdsetHgT8uFojgcXAQM6/eEsoZHOse7VkPPMwqMvWbWRydDb5iXQGe3e2sXJPSPrrke2LfvnG6S
 x304=
X-Gm-Gg: ASbGnctq46jGQ289BMzVSHrki7rIERy1EMRGepJHPu+4kVfLi23xHpKlW/AVn5lgsra
 FVqshsKHGvhcmQfoibhuqZqbZZBFjRfJhZJq6v/9OBYEfM10wnMzxLyqlkTE1VaUKy688iz5yqK
 qAHVVcjx28YDUwfAGXylqrKxoB48SwLGIFEzXjA1ZHw1CdGgvjqrYI/bd4jG354rdp8IqmqS2xN
 mMgfn/ScgnemYwkUu0rqDz7e0BLDRjCylK+CNsI7ZUJ8I9M7d9iW2GT1CIzq/ZnDl1S3odSIS1J
 Myvj8klbA/nCUk+OtFVhjYHQ15BAQwFv/BTuuLoGAjsHOy1lOn+70g==
X-Received: by 2002:a17:90a:da87:b0:2ff:72f8:3708 with SMTP id
 98e67ed59e1d1-30aac1adc25mr6150036a91.17.1746627676604;
 Wed, 07 May 2025 07:21:16 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.21.15
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:21:16 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 01/11] ubsan: Add initial support for -fsanitize=undefined
Date: Wed,  7 May 2025 11:17:19 -0300
Message-ID: <20250507142110.3452012-2-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

It is enabled through a new configure flag, --enable-ubsan, and
should be used for debugging and/or testing.  Not all ubsan handlers
are implemented, only those generated/required by glibc libraries,
programs, and tests.  Some extra handlers might be needed in future
C++ tests, and __ubsan_handle_dynamic_type_cache_miss also needs a
proper implementation.

The ubsan handlers are exported from ld.so since they are used on
all libraries and tests.  This might interfere with ubsan from
compiler runtime (when programs are built with libubsan in shared
mode), and this is completely untested and/or not supported at the
moment.

There is no support for the UBSAN_OPTIONS environment variable,
although some options are supported through glibc.ubsan tunables.
Currently, glibc.ubsan.halt_on_errors can be used to avoid
the process halt when any UB handler is issued.

Using -fsanitize=undefined enables some extra compiler checks that
are not easily enabled through the libc-diag.h macro.  For instance
on iconv/iconvconfig.c, gcc 14.2.1 shows:

In file included from ../include/bits/string_fortified.h:1,
                 from ../string/string.h:548,
                 from ../include/string.h:60,
                 from iconvconfig.c:32:
In function ‘strcpy’,
    inlined from ‘write_output’ at iconvconfig.c:1033:7,
    inlined from ‘main’ at iconvconfig.c:340:14:
../string/bits/string_fortified.h:81:10: error: ‘__builtin_memcpy’ offset [0, 7] is out of the bounds [0, 0] [-Werror=array-bounds=]
   81 |   return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest));
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../string/bits/string_fortified.h:81:10: error: ‘__builtin_memcpy’ offset [0, 7] is out of the bounds [0, 0] [-Werror=array-bounds=]
cc1: all warnings being treated as errors

Some extra code adjustments are required to fix such cases.

This preliminary support is still incomplete:

  * Not all targets are supported, nor have I checked the test suitei
    on all successful targets.  Also, I only checked with limited gcc
    versions (only gcc 14.2.1 and for some targets 15.0.0).

    Currently --enable-ubsan builds on Linux for aarch64, arm, hppa,
    i686, powerpc64, microblaze, mips64, loongarch64, sparc, s390x, and
    x86_64.

  * The instrumentation is disabled on rltd.c, although it is enabled
    on other loaders functions.

  * A lot of test cases show failures due to UB.

Also, gcc-14 triggers an ICE building math routines.  gcc-15
works correctly.
---
 INSTALL                                       |   9 +
 Makeconfig                                    |   6 +-
 config.h.in                                   |   3 +
 configure                                     |  30 ++
 configure.ac                                  |  18 +
 elf/Makefile                                  |  32 +-
 elf/Versions                                  |  19 +
 elf/dl-printf.c                               |   6 +
 elf/dl-tunables.list                          |   9 +
 elf/tst-_dl_addr_inside_object.c              |  12 +
 elf/ubsan_error.c                             |  57 +++
 elf/ubsan_handle_add_overflow.c               |  26 ++
 elf/ubsan_handle_builtin_unreachable.c        |  27 ++
 elf/ubsan_handle_divrem_overflow.c            |  40 +++
 elf/ubsan_handle_dynamic_type_cache_miss.c    |  28 ++
 elf/ubsan_handle_invalid_builtin.c            |  39 +++
 elf/ubsan_handle_load_invalid_value.c         |  33 ++
 elf/ubsan_handle_mul_overflow.c               |  26 ++
 elf/ubsan_handle_negate_overflow.c            |  34 ++
 elf/ubsan_handle_nonnull_arg.c                |  34 ++
 elf/ubsan_handle_nonnull_return_v1.c          |  34 ++
 elf/ubsan_handle_out_of_bounds.c              |  34 ++
 elf/ubsan_handle_overflow.c                   |  39 +++
 elf/ubsan_handle_pointer_overflow.c           |  62 ++++
 elf/ubsan_handle_shift_out_of_bounds.c        |  53 +++
 elf/ubsan_handle_sub_overflow.c               |  26 ++
 elf/ubsan_handle_type_mismatch_v1.c           |  75 ++++
 elf/ubsan_handle_vla_bound_not_positive.c     |  34 ++
 elf/ubsan_val_to_string.c                     | 189 ++++++++++
 elf/ubsan_vptr_type_cache.c                   |  21 ++
 iconv/iconvconfig.c                           |  13 +-
 include/libintl.h                             |   3 +
 include/sys/cdefs.h                           |   6 +
 include/ubsan.h                               | 327 ++++++++++++++++++
 locale/programs/locfile.h                     |   3 +-
 manual/install.texi                           |   8 +
 nss/test-netdb.c                              |   6 +
 posix/glob.c                                  |   5 +-
 resolv/res_send.c                             |  11 +-
 stdio-common/tst-printf-format-s.h            |   4 +
 stdio-common/tst-printf-format-vs.h           |   4 +
 stdlib/stdbit.h                               |   9 +-
 sysdeps/arm/Makefile                          |   5 +
 sysdeps/generic/ldconfig.h                    |   3 +-
 sysdeps/generic/ldsodefs.h                    |   3 +
 sysdeps/generic/symbol-hacks.h                |  36 ++
 .../powerpc64/multiarch/stpncpy-ppc64.c       |   3 +-
 47 files changed, 1473 insertions(+), 31 deletions(-)
 create mode 100644 elf/ubsan_error.c
 create mode 100644 elf/ubsan_handle_add_overflow.c
 create mode 100644 elf/ubsan_handle_builtin_unreachable.c
 create mode 100644 elf/ubsan_handle_divrem_overflow.c
 create mode 100644 elf/ubsan_handle_dynamic_type_cache_miss.c
 create mode 100644 elf/ubsan_handle_invalid_builtin.c
 create mode 100644 elf/ubsan_handle_load_invalid_value.c
 create mode 100644 elf/ubsan_handle_mul_overflow.c
 create mode 100644 elf/ubsan_handle_negate_overflow.c
 create mode 100644 elf/ubsan_handle_nonnull_arg.c
 create mode 100644 elf/ubsan_handle_nonnull_return_v1.c
 create mode 100644 elf/ubsan_handle_out_of_bounds.c
 create mode 100644 elf/ubsan_handle_overflow.c
 create mode 100644 elf/ubsan_handle_pointer_overflow.c
 create mode 100644 elf/ubsan_handle_shift_out_of_bounds.c
 create mode 100644 elf/ubsan_handle_sub_overflow.c
 create mode 100644 elf/ubsan_handle_type_mismatch_v1.c
 create mode 100644 elf/ubsan_handle_vla_bound_not_positive.c
 create mode 100644 elf/ubsan_val_to_string.c
 create mode 100644 elf/ubsan_vptr_type_cache.c
 create mode 100644 include/ubsan.h

diff --git a/INSTALL b/INSTALL
index d3200f271f..50466cbfba 100644
--- a/INSTALL
+++ b/INSTALL
@@ -292,6 +292,15 @@ passed to 'configure'.  For example:
 
      Default is to disable fortification.
 
+'--enable-ubsan'
+     Build the GNU C library with, along with tests, with the
+     -fsanitize=undefined compiler option.  The compiler runtime is not
+     used, instead UBSAN functions called by the compiler instrumentation
+     is provided by glibc itself.
+
+     This is a debug/development option and the default is to disable
+     the instrumentation.
+
    To build the library and related programs, type 'make'.  This will
 produce a lot of output, some of which may look like errors from 'make'
 but aren't.  Look for error messages from 'make' containing '***'.
diff --git a/Makeconfig b/Makeconfig
index a2ea4f6a33..110ae79063 100644
--- a/Makeconfig
+++ b/Makeconfig
@@ -995,12 +995,14 @@ ifeq	"$(strip $(+cflags))" ""
 +cflags	:= $(default_cflags)
 endif	# $(+cflags) == ""
 
++ubsan-flags = $(cflags-enable-ubsan)
+
 # Force building with -fno-common because hidden_def, compat_symbol
 # and other constructs do not work for common symbols (and would
 # otherwise require specifying __attribute__ ((nocommon)) on a
 # case-by-case basis).
 +cflags += $(cflags-cpu) $(+gccwarn) $(+merge-constants) $(+math-flags) \
-	   $(+stack-protector) -fno-common
+	   $(+stack-protector) $(+ubsan-flags) -fno-common
 +gcc-nowarn := -w
 
 # We must filter out elf because the early bootstrap of the dynamic loader
@@ -1046,7 +1048,7 @@ libio-include = -I$(..)libio
 built-modules = iconvprogs iconvdata ldconfig libmemusage \
 		libpcprofile librpcsvc locale-programs \
 		memusagestat nonlib nscd extramodules libnldbl libsupport \
-		testsuite testsuite-internal
+		testsuite testsuite-internal libubsan
 
 in-module = $(subst -,_,$(firstword $(libof-$(basename $(@F))) \
 				    $(libof-$(<F)) \
diff --git a/config.h.in b/config.h.in
index d3575c9845..fd6013c52b 100644
--- a/config.h.in
+++ b/config.h.in
@@ -227,6 +227,9 @@
 /* An integer used to scale the timeout of test programs.  */
 #define TIMEOUTFACTOR 1
 
+/* Define if glibc should be build with -fsanitize=undefined.  */
+#undef ENABLE_UBSAN
+
 /*
  */
 
diff --git a/configure b/configure
index 7cda641fce..230adcf56c 100755
--- a/configure
+++ b/configure
@@ -701,6 +701,8 @@ INSTALL_DATA
 INSTALL_SCRIPT
 INSTALL_PROGRAM
 base_machine
+cflags_disable_ubsan
+cflags_enable_ubsan
 build_pt_chown
 build_nscd
 memory_tagging
@@ -820,6 +822,7 @@ enable_mathvec
 enable_cet
 enable_scv
 enable_fortify_source
+enable_ubsan
 with_cpu
 '
       ac_precious_vars='build_alias
@@ -1505,6 +1508,7 @@ Optional Features:
                           Use -D_FORTIFY_SOURCE=[1|2|3] to control code
                           hardening, defaults to highest possible value
                           supported by the build compiler.
+  --enable-ubsan          Build glibc with -fsanitize=undefined
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -4883,6 +4887,32 @@ case "$enable_fortify_source" in
 *) as_fn_error $? "Not a valid argument for --enable-fortify-source: \"$enable_fortify_source\"" "$LINENO" 5;;
 esac
 
+cflags_enable_ubsan=
+cflags_disable_ubsan=
+# Check whether --enable-ubsan was given.
+if test ${enable_ubsan+y}
+then :
+  enableval=$enable_ubsan; enable_ubsan=$enableval
+else case e in #(
+  e) enable_ubsan=no ;;
+esac
+fi
+
+config_vars="$config_vars
+enable-ubsan = $enable_ubsan"
+if test "$enable_ubsan" = yes; then
+  printf "%s\n" "#define ENABLE_UBSAN 1" >>confdefs.h
+
+  cflags_enable_ubsan="-fsanitize=undefined"
+  cflags_disable_ubsan="-fno-sanitize=undefined"
+fi
+
+
+config_vars="$config_vars
+cflags-enable-ubsan = $cflags_enable_ubsan"
+config_vars="$config_vars
+cflags-disable-ubsan = $cflags_disable_ubsan"
+
 # We keep the original values in `$config_*' and never modify them, so we
 # can write them unchanged into config.make.  Everything else uses
 # $machine, $vendor, and $os, and changes them whenever convenient.
diff --git a/configure.ac b/configure.ac
index 0b0d8875cc..95eacfaaf6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -440,6 +440,24 @@ case "$enable_fortify_source" in
 *) AC_MSG_ERROR([Not a valid argument for --enable-fortify-source: "$enable_fortify_source"]);;
 esac
 
+cflags_enable_ubsan=
+cflags_disable_ubsan=
+AC_ARG_ENABLE(ubsan,
+	      AS_HELP_STRING([--enable-ubsan],
+			     [Build glibc with -fsanitize=undefined]),
+	      [enable_ubsan=$enableval],
+	      [enable_ubsan=no])
+LIBC_CONFIG_VAR([enable-ubsan], [$enable_ubsan])
+if test "$enable_ubsan" = yes; then
+  AC_DEFINE(ENABLE_UBSAN)
+  cflags_enable_ubsan="-fsanitize=undefined"
+  cflags_disable_ubsan="-fno-sanitize=undefined"
+fi
+AC_SUBST(cflags_enable_ubsan)
+AC_SUBST(cflags_disable_ubsan)
+LIBC_CONFIG_VAR([cflags-enable-ubsan], [$cflags_enable_ubsan])
+LIBC_CONFIG_VAR([cflags-disable-ubsan], [$cflags_disable_ubsan])
+
 # We keep the original values in `$config_*' and never modify them, so we
 # can write them unchanged into config.make.  Everything else uses
 # $machine, $vendor, and $os, and changes them whenever convenient.
diff --git a/elf/Makefile b/elf/Makefile
index ed1b0223da..8d1bc9ea16 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -48,9 +48,35 @@ routines = \
   rtld_static_init \
   # routines
 
+ifeq (yes,$(enable-ubsan))
+ubsan-routines = \
+  ubsan_error \
+  ubsan_handle_add_overflow \
+  ubsan_handle_builtin_unreachable \
+  ubsan_handle_divrem_overflow \
+  ubsan_handle_dynamic_type_cache_miss \
+  ubsan_handle_invalid_builtin \
+  ubsan_handle_load_invalid_value \
+  ubsan_handle_mul_overflow \
+  ubsan_handle_negate_overflow \
+  ubsan_handle_nonnull_arg \
+  ubsan_handle_nonnull_return_v1 \
+  ubsan_handle_out_of_bounds \
+  ubsan_handle_overflow \
+  ubsan_handle_pointer_overflow \
+  ubsan_handle_shift_out_of_bounds \
+  ubsan_handle_sub_overflow \
+  ubsan_handle_type_mismatch_v1 \
+  ubsan_handle_vla_bound_not_positive \
+  ubsan_val_to_string \
+  ubsan_vptr_type_cache \
+  # ubsan-routines
+endif
+
 # The core dynamic linking functions are in libc for the static and
 # profiled libraries.
 dl-routines = \
+  $(ubsan-routines) \
   dl-call-libc-early-init \
   dl-call_fini \
   dl-catch \
@@ -102,6 +128,8 @@ ifeq (yes,$(have-loop-to-function))
 CFLAGS-dl-tunables.c += -fno-tree-loop-distribute-patterns
 endif
 
+CFLAGS-ubsan_handle_builtin_unreachable.c += -fno-builtin
+
 all-dl-routines = $(dl-routines) $(sysdep-dl-routines)
 # But they are absent from the shared libc, because that code is in ld.so.
 elide-routines.os = \
@@ -160,7 +188,7 @@ CFLAGS-dl-minimal-malloc.op = $(no-stack-protector)
 # On targets without __builtin_memset, rtld.c uses a hand-coded loop
 # in _dl_start.  Make sure this isn't turned into a call to regular memset.
 ifeq (yes,$(have-loop-to-function))
-CFLAGS-rtld.c += -fno-tree-loop-distribute-patterns
+CFLAGS-rtld.c += -fno-tree-loop-distribute-patterns $(cflags-disable-ubsan)
 endif
 
 # Compile rtld itself without stack protection.
@@ -3434,7 +3462,7 @@ endif
 # ld.so.  The test is always run directly, not under the dynamic
 # linker.  It is necessary to minimize run-time dependencies, by
 # disabling stack protection and unwinding.
-CFLAGS-tst-nolink-libc.c += $(no-stack-protector) \
+CFLAGS-tst-nolink-libc.c += $(no-stack-protector) $(cflags-disable-ubsan) \
  -fno-exceptions -fno-unwind-tables -fno-asynchronous-unwind-tables
 $(objpfx)tst-nolink-libc-1: $(objpfx)tst-nolink-libc.o $(objpfx)ld.so
 	$(LINK.o) -nostdlib -nostartfiles -o $@ $< \
diff --git a/elf/Versions b/elf/Versions
index 1591031da9..ca95312021 100644
--- a/elf/Versions
+++ b/elf/Versions
@@ -79,5 +79,24 @@ ld {
     # Set value of a tunable.
     __tunable_is_initialized;
     __tunable_get_val;
+
+    # -fsanitize=undefined support
+    __ubsan_handle_add_overflow;
+    __ubsan_handle_builtin_unreachable;
+    __ubsan_handle_divrem_overflow;
+    __ubsan_handle_dynamic_type_cache_miss;
+    __ubsan_handle_invalid_builtin;
+    __ubsan_handle_load_invalid_value;
+    __ubsan_handle_mul_overflow;
+    __ubsan_handle_negate_overflow;
+    __ubsan_handle_nonnull_arg;
+    __ubsan_handle_nonnull_return_v1;
+    __ubsan_handle_out_of_bounds;
+    __ubsan_handle_pointer_overflow;
+    __ubsan_handle_shift_out_of_bounds;
+    __ubsan_handle_sub_overflow;
+    __ubsan_handle_type_mismatch_v1;
+    __ubsan_handle_vla_bound_not_positive;
+    __ubsan_vptr_type_cache;
   }
 }
diff --git a/elf/dl-printf.c b/elf/dl-printf.c
index ebfc7eee86..cbaeb4acf7 100644
--- a/elf/dl-printf.c
+++ b/elf/dl-printf.c
@@ -269,6 +269,12 @@ _dl_debug_printf_c (const char *fmt, ...)
 }
 
 
+void
+_dl_debug_vprintf_c (const char *fmt, va_list ap)
+{
+  _dl_debug_vdprintf (GLRO(dl_debug_fd), -1, fmt, ap);
+}
+
 /* Write the given file descriptor.  */
 void
 _dl_dprintf (int fd, const char *fmt, ...)
diff --git a/elf/dl-tunables.list b/elf/dl-tunables.list
index c03c9967f0..9644940229 100644
--- a/elf/dl-tunables.list
+++ b/elf/dl-tunables.list
@@ -177,4 +177,13 @@ glibc {
       default: 1048576
     }
   }
+
+  ubsan {
+    halt_on_errors {
+      type: INT_32
+      minval: 0
+      maxval: 1
+      default: 1
+    }
+  }
 }
diff --git a/elf/tst-_dl_addr_inside_object.c b/elf/tst-_dl_addr_inside_object.c
index 0ef70a28a9..dbb74885e7 100644
--- a/elf/tst-_dl_addr_inside_object.c
+++ b/elf/tst-_dl_addr_inside_object.c
@@ -24,6 +24,18 @@
 
 extern int _dl_addr_inside_object (struct link_map *l, const ElfW(Addr) addr);
 
+#ifdef ENABLE_UBSAN
+void __GI___ubsan_handle_pointer_overflow (void *d, void *v, void *r)
+{
+  return __ubsan_handle_pointer_overflow (d, v, r);
+}
+
+void __GI___ubsan_handle_type_mismatch_v1 (void *d, void *p)
+{
+  return __ubsan_handle_type_mismatch_v1 (d, p);
+}
+#endif
+
 static int
 do_test (void)
 {
diff --git a/elf/ubsan_error.c b/elf/ubsan_error.c
new file mode 100644
index 0000000000..6922a1d933
--- /dev/null
+++ b/elf/ubsan_error.c
@@ -0,0 +1,57 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ldsodefs.h>
+#include <stdarg.h>
+#include <unistd.h>
+#include <abort-instr.h>
+#include <ubsan.h>
+#include <dl-tunables.h>
+
+static void _Noreturn
+ubsan_abort (void)
+{
+  /* abort() pulls a lot of extra definition from libc (rwlock, signal
+     hanlding, pthread, etc.; so use a more simpler implementation for
+     now.  */
+  raise (SIGABRT);
+
+#ifdef ABORT_INSTRUCTION
+  ABORT_INSTRUCTION;
+#endif
+  _exit (127);
+}
+
+void
+__ubsan_error (const struct source_location *source,
+	       const char *fmt,
+	       ...)
+{
+  _dl_debug_printf_c ("UBSAN: Undefined behaviour in %s:%u:%u ",
+		      get_source_location_file_name (source),
+		      get_source_location_line (source),
+		      get_source_location_column (source));
+
+  va_list ap;
+  va_start (ap, fmt);
+  _dl_debug_vprintf_c (fmt, ap);
+  va_end (ap);
+
+  if (TUNABLE_GET (glibc, ubsan, halt_on_errors, int32_t, NULL))
+    ubsan_abort ();
+}
diff --git a/elf/ubsan_handle_add_overflow.c b/elf/ubsan_handle_add_overflow.c
new file mode 100644
index 0000000000..b2463268cf
--- /dev/null
+++ b/elf/ubsan_handle_add_overflow.c
@@ -0,0 +1,26 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_add_overflow (void *_data, void *lhs, void *rhs)
+{
+  __ubsan_handle_overflow (_data, lhs, rhs, "+");
+}
+rtld_hidden_def (__ubsan_handle_add_overflow)
diff --git a/elf/ubsan_handle_builtin_unreachable.c b/elf/ubsan_handle_builtin_unreachable.c
new file mode 100644
index 0000000000..b2a7dde5c7
--- /dev/null
+++ b/elf/ubsan_handle_builtin_unreachable.c
@@ -0,0 +1,27 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_builtin_unreachable (void *_data)
+{
+   struct unreachable_data *data = _data;
+   __ubsan_error (&data->location, "calling __builtin_unreachable()\n");
+}
+rtld_hidden_def (__ubsan_handle_builtin_unreachable)
diff --git a/elf/ubsan_handle_divrem_overflow.c b/elf/ubsan_handle_divrem_overflow.c
new file mode 100644
index 0000000000..bf5788c2fd
--- /dev/null
+++ b/elf/ubsan_handle_divrem_overflow.c
@@ -0,0 +1,40 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_divrem_overflow (void *_data, void *lhs, void *rhs)
+{
+  struct overflow_data *data = _data;
+  char lhs_str[UBSAN_VAL_STR_LEN];
+  char rhs_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string (lhs_str, data->type, lhs);
+  __ubsan_val_to_string (rhs_str, data->type, rhs);
+
+  if (ubsan_type_is_signed (data->type)
+      && ubsan_get_signed_val (data->type, rhs))
+    __ubsan_error (&data->location,
+		   "division overflow: division of %s by -1 cannot be "
+		   "represented in type %s\n",
+		   rhs_str, data->type->type_name);
+  else
+    __ubsan_error (&data->location, "division by zero");
+}
+rtld_hidden_def (__ubsan_handle_divrem_overflow)
diff --git a/elf/ubsan_handle_dynamic_type_cache_miss.c b/elf/ubsan_handle_dynamic_type_cache_miss.c
new file mode 100644
index 0000000000..b5be609a0d
--- /dev/null
+++ b/elf/ubsan_handle_dynamic_type_cache_miss.c
@@ -0,0 +1,28 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+
+void
+__ubsan_handle_dynamic_type_cache_miss (void *_data, void *pointer, void *hash)
+{
+  /* TODO: this failure requires additional check to check for real
+     issues.  Ignore for now.  */
+}
+rtld_hidden_def (__ubsan_handle_dynamic_type_cache_miss)
diff --git a/elf/ubsan_handle_invalid_builtin.c b/elf/ubsan_handle_invalid_builtin.c
new file mode 100644
index 0000000000..4518408ab1
--- /dev/null
+++ b/elf/ubsan_handle_invalid_builtin.c
@@ -0,0 +1,39 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+void
+__ubsan_handle_invalid_builtin (void *_data)
+{
+  struct invalid_builtin_data *data = _data;
+  switch (data->kind)
+    {
+    case ubsan_builtin_check_kind_assume_passed_false:
+      __ubsan_error (&data->location,
+		     "assumption is violated during execution\n");
+      break;
+    default:
+      __ubsan_error (&data->location,
+		     "passing zero to __builtin_%s()\n",
+		     data->kind == ubsan_builtin_check_kind_ctz_passed_zero
+		     ? "ctz" : "clz");
+      break;
+    }
+}
+rtld_hidden_def (__ubsan_handle_invalid_builtin)
diff --git a/elf/ubsan_handle_load_invalid_value.c b/elf/ubsan_handle_load_invalid_value.c
new file mode 100644
index 0000000000..b2b2e9b3cd
--- /dev/null
+++ b/elf/ubsan_handle_load_invalid_value.c
@@ -0,0 +1,33 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_load_invalid_value (void *_data, void *val)
+{
+  struct invalid_value_data *data = _data;
+  char val_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string (val_str, data->type, val);
+  __ubsan_error (&data->location,
+		 "load of value %s is not a valid value for type %s\n",
+		 val_str,
+		 data->type->type_name);
+}
+rtld_hidden_def (__ubsan_handle_load_invalid_value)
diff --git a/elf/ubsan_handle_mul_overflow.c b/elf/ubsan_handle_mul_overflow.c
new file mode 100644
index 0000000000..b0010b9329
--- /dev/null
+++ b/elf/ubsan_handle_mul_overflow.c
@@ -0,0 +1,26 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_mul_overflow (void *_data, void *lhs, void *rhs)
+{
+  __ubsan_handle_overflow (_data, lhs, rhs, "*");
+}
+rtld_hidden_def (__ubsan_handle_mul_overflow)
diff --git a/elf/ubsan_handle_negate_overflow.c b/elf/ubsan_handle_negate_overflow.c
new file mode 100644
index 0000000000..bb0c12ea5e
--- /dev/null
+++ b/elf/ubsan_handle_negate_overflow.c
@@ -0,0 +1,34 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_negate_overflow (void *_data, void *val)
+{
+  struct overflow_data *data = _data;
+  char val_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string(val_str, data->type, val);
+
+  __ubsan_error (&data->location,
+		 "negation of %s cannot be represented in type %s\n",
+		 val_str,
+		 data->type->type_name);
+}
+rtld_hidden_def (__ubsan_handle_negate_overflow)
diff --git a/elf/ubsan_handle_nonnull_arg.c b/elf/ubsan_handle_nonnull_arg.c
new file mode 100644
index 0000000000..a5104fd49d
--- /dev/null
+++ b/elf/ubsan_handle_nonnull_arg.c
@@ -0,0 +1,34 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_nonnull_arg (void *_data)
+{
+  struct nonnull_arg_data *data = _data;
+
+  __ubsan_error (&data->location,
+		 "null pointer passed as argument %u, nonnull attribute "
+		 "declared at %s:%u:%u\n",
+		 data->arg_index,
+		 get_source_location_file_name (&data->attr_location),
+		 get_source_location_line (&data->attr_location),
+		 get_source_location_column (&data->attr_location));
+}
+rtld_hidden_def (__ubsan_handle_nonnull_arg)
diff --git a/elf/ubsan_handle_nonnull_return_v1.c b/elf/ubsan_handle_nonnull_return_v1.c
new file mode 100644
index 0000000000..a6e0d73fef
--- /dev/null
+++ b/elf/ubsan_handle_nonnull_return_v1.c
@@ -0,0 +1,34 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+void
+__ubsan_handle_nonnull_return_v1 (void *_data, void *_location)
+{
+  struct nonnull_return_data *data = _data;
+  struct source_location *location = _location;
+
+  __ubsan_error (&data->location,
+		 "null pointer returned from function declared as "
+		 "returns_nonnull: source %s:%u:%u\n",
+		 get_source_location_file_name (location),
+		 get_source_location_line (location),
+		 get_source_location_column (location));
+}
+rtld_hidden_def (__ubsan_handle_nonnull_return_v1)
diff --git a/elf/ubsan_handle_out_of_bounds.c b/elf/ubsan_handle_out_of_bounds.c
new file mode 100644
index 0000000000..469682ddfd
--- /dev/null
+++ b/elf/ubsan_handle_out_of_bounds.c
@@ -0,0 +1,34 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_out_of_bounds (void *_data, void *index)
+{
+  struct out_of_bounds_data *data = _data;
+  char index_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string (index_str, data->index_type, index);
+
+  __ubsan_error (&data->location,
+		 "index %s is out of bounds for type %s\n",
+                 index_str,
+                 data->array_type->type_name);
+}
+rtld_hidden_def (__ubsan_handle_out_of_bounds)
diff --git a/elf/ubsan_handle_overflow.c b/elf/ubsan_handle_overflow.c
new file mode 100644
index 0000000000..865ad76e49
--- /dev/null
+++ b/elf/ubsan_handle_overflow.c
@@ -0,0 +1,39 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include "ubsan.h"
+
+void
+__ubsan_handle_overflow (const struct overflow_data * data, void *lhs,
+			 void *rhs, const char *op)
+{
+  char lhs_str[UBSAN_VAL_STR_LEN];
+  char rhs_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string (lhs_str, data->type, lhs);
+  __ubsan_val_to_string (rhs_str, data->type, rhs);
+
+  __ubsan_error (&data->location,
+		 "%s integer overflow: %s %s %s cannot be represened in "
+		 "type %s\n",
+		 ubsan_type_is_signed (data->type) ? "signed" : "unsigned",
+		 lhs_str,
+		 op,
+		 rhs_str,
+		 data->type->type_name);
+}
diff --git a/elf/ubsan_handle_pointer_overflow.c b/elf/ubsan_handle_pointer_overflow.c
new file mode 100644
index 0000000000..8d0c4db739
--- /dev/null
+++ b/elf/ubsan_handle_pointer_overflow.c
@@ -0,0 +1,62 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stddef.h>
+#include <ubsan.h>
+
+void
+__ubsan_handle_pointer_overflow (void *_data, void *val, void *result)
+{
+  struct pointer_overflow_data *data = _data;
+
+  if (val == NULL && result == NULL)
+    __ubsan_error (&data->location,
+		   "applying zero offset to a NULL pointer\n");
+  else if (val == NULL && result != NULL)
+    __ubsan_error (&data->location,
+		   "applying non-zero offset to a NULL pointer\n");
+  else if (val != NULL && result == NULL)
+    __ubsan_error (&data->location,
+		   "applying non-zero offset to non-NULL pointer 0x%0*lx "
+		   "produced NULL pointer\n",
+		   (int) sizeof (void *) * 2,
+		   (unsigned long int) val);
+  else if (((intptr_t)val >= 0) == ((intptr_t)result >= 0))
+    {
+      const char *operation = ((uintptr_t)val > (uintptr_t)result)
+	? "addition" : "subtraction";
+
+      __ubsan_error (&data->location,
+		     "%s of unsigned offset to 0x%0*lx overflowed "
+		     "to 0x%0*lx\n",
+		     operation,
+		     (int) sizeof (void *) * 2,
+		     (unsigned long int) val,
+		     (int) sizeof (void *) * 2,
+		     (unsigned long int) result);
+    }
+  else
+    __ubsan_error (&data->location,
+		   "pointer index expression with base 0x%0*lx overflowed "
+		   "to 0x%0*lx\n",
+		   (int) sizeof (void *) * 2,
+		   (unsigned long int) val,
+		   (int) sizeof (void *) * 2,
+		   (unsigned long int) result);
+}
+rtld_hidden_def (__ubsan_handle_pointer_overflow)
diff --git a/elf/ubsan_handle_shift_out_of_bounds.c b/elf/ubsan_handle_shift_out_of_bounds.c
new file mode 100644
index 0000000000..f8402778ba
--- /dev/null
+++ b/elf/ubsan_handle_shift_out_of_bounds.c
@@ -0,0 +1,53 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+void
+__ubsan_handle_shift_out_of_bounds (void *_data, void *lhs, void *rhs)
+{
+  struct shift_out_of_bounds_data *data = _data;
+  char lhs_str[UBSAN_VAL_STR_LEN];
+  char rhs_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string (lhs_str, data->lhs_type, lhs);
+  __ubsan_val_to_string (rhs_str, data->rhs_type, rhs);
+
+  if (ubsan_val_is_negative (data->rhs_type, rhs))
+    __ubsan_error (&data->location,
+		   "shift expoenent %s is negative\n",
+		   rhs_str);
+  else if (ubsan_get_unsigned_val (data->rhs_type, rhs) >=
+	   ubsan_type_bit_width (data->lhs_type))
+    __ubsan_error (&data->location,
+		   "shift exponent %s is too large for %u-bit type %s\n",
+		   rhs_str,
+		   ubsan_type_bit_width (data->lhs_type),
+		   data->lhs_type->type_name);
+  else if (ubsan_val_is_negative (data->lhs_type, lhs))
+    __ubsan_error (&data->location,
+		   "left shift of negative valor %s\n",
+		   lhs_str);
+  else
+    __ubsan_error (&data->location,
+		   "left shift of %s by %s cannot be represented in type %s\n",
+		   lhs_str,
+		   rhs_str,
+		   data->lhs_type->type_name);
+}
+rtld_hidden_def (__ubsan_handle_shift_out_of_bounds)
diff --git a/elf/ubsan_handle_sub_overflow.c b/elf/ubsan_handle_sub_overflow.c
new file mode 100644
index 0000000000..8b576dae14
--- /dev/null
+++ b/elf/ubsan_handle_sub_overflow.c
@@ -0,0 +1,26 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+void
+__ubsan_handle_sub_overflow (void *_data, void *lhs, void *rhs)
+{
+  __ubsan_handle_overflow (_data, lhs, rhs, "-");
+}
+rtld_hidden_def (__ubsan_handle_sub_overflow)
diff --git a/elf/ubsan_handle_type_mismatch_v1.c b/elf/ubsan_handle_type_mismatch_v1.c
new file mode 100644
index 0000000000..de459b99f4
--- /dev/null
+++ b/elf/ubsan_handle_type_mismatch_v1.c
@@ -0,0 +1,75 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+static const char *
+type_check_to_string (unsigned char type_check_kind)
+{
+  switch (type_check_kind)
+    {
+    case ubsan_type_check_load: return "load of";
+    case ubsan_type_check_store: return "store to";
+    case ubsan_type_check_reference_binding: return "reference binding to";
+    case ubsan_type_check_member_access: return "member access within";
+    case ubsan_type_check_member_call: return "member call on";
+    case ubsan_type_check_constructor_call: return "constructor call on";
+    case ubsan_type_check_downcast_pointer:
+    case ubsan_type_check_downcast_reference: return "downcast of";
+    case ubsan_type_check_upcast: return "upcast of";
+    case ubsan_type_check_upcast_to_virtual_base: return "cast to virtual base of";
+    case ubsan_type_check_nonnull_assign: return "_Nonnull binding to";
+    case ubsan_type_check_dynamic_operation: return "dynamic operation on";
+    default: return "unknown";
+    }
+}
+
+static inline bool
+is_misaligned_pointer (const struct type_mismatch_data_v1 *data, void *ptr)
+{
+  uintptr_t alignment = 1UL << data->log_alignment;
+  return (uintptr_t) ptr & (alignment - 1);
+}
+
+void
+__ubsan_handle_type_mismatch_v1 (void *_data, void *ptr)
+{
+  struct type_mismatch_data_v1 *data = _data;
+
+  if (data->type_check_kind == ubsan_type_check_nonnull_assign)
+    __ubsan_error (&data->location,
+		   "%s null pointer of type %s\n",
+		   type_check_to_string (data->type_check_kind),
+		   data->type->type_name);
+  else if (is_misaligned_pointer (data, ptr))
+    __ubsan_error (&data->location,
+		   "%s misaligned address 0x%0*lx for type %s\n",
+		   type_check_to_string (data->type_check_kind),
+		   (int) sizeof (void *) * 2,
+		   (unsigned long int) ptr,
+		   data->type->type_name);
+  else
+    __ubsan_error (&data->location,
+		   "%s address 0x%0*lx with insufficient space for an "
+		   "object of type %s\n",
+		   type_check_to_string (data->type_check_kind),
+		   (int) sizeof (void *) * 2,
+		   (unsigned long int) ptr,
+		   data->type->type_name);
+}
+rtld_hidden_def (__ubsan_handle_type_mismatch_v1)
diff --git a/elf/ubsan_handle_vla_bound_not_positive.c b/elf/ubsan_handle_vla_bound_not_positive.c
new file mode 100644
index 0000000000..e2b3f5232d
--- /dev/null
+++ b/elf/ubsan_handle_vla_bound_not_positive.c
@@ -0,0 +1,34 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+void
+__ubsan_handle_vla_bound_not_positive (void *_data, void *bound)
+{
+  struct vla_bound_not_positive_data *data = _data;
+  char bound_str[UBSAN_VAL_STR_LEN];
+
+  __ubsan_val_to_string (bound_str, data->type, bound);
+
+  __ubsan_error (&data->location,
+		 "variable length array bound evaluates to "
+		 "non-positive value %s\n",
+		 bound_str);
+}
+rtld_hidden_def (__ubsan_handle_vla_bound_not_positive)
diff --git a/elf/ubsan_val_to_string.c b/elf/ubsan_val_to_string.c
new file mode 100644
index 0000000000..f354eed49d
--- /dev/null
+++ b/elf/ubsan_val_to_string.c
@@ -0,0 +1,189 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <intprops.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "ubsan.h"
+
+static const char lower_digits[] = "0123456789";
+
+enum { BASE = 10 };
+
+static char *
+utoa (unsigned long long int value, char *buf, size_t len)
+{
+  if (len == 0)
+    return buf;
+
+  char *ptr = buf;
+  do
+    {
+      if (len-- == 0)
+	break;
+      *ptr++ = lower_digits[value % BASE];
+      value /= BASE;
+    }
+  while (value != 0);
+  char *r = ptr;
+  *ptr-- = '\0';
+
+  while (buf < ptr)
+    {
+      char t = *ptr;
+      *ptr-- = *buf;
+      *buf++ = t;
+    }
+
+  return r;
+}
+
+static char *
+itoa (long long int value, char *buf, size_t len)
+{
+  if (len == 0)
+    return buf;
+
+  bool isneg = value < 0;
+  char *ptr = buf;
+  do
+    {
+      if (len-- == 0)
+	break;
+      *ptr++ = lower_digits[abs (value % BASE)];
+      value /= BASE;
+    }
+  while (value != 0);
+  if (isneg)
+    *ptr++ = '-';
+  char *r = ptr;
+  *ptr-- = '\0';
+
+  while (buf < ptr)
+    {
+      char t = *ptr;
+      *ptr-- = *buf;
+      *buf++ = t;
+    }
+
+  return r;
+}
+
+static long long int
+ubsan_val_to_ll (int width, void *value, long long int def)
+{
+  switch (width)
+    {
+    case 8:
+      return (int8_t) (intptr_t) value;
+    case 16:
+      return (int16_t) (intptr_t) value;
+    case 32:
+      if (sizeof (value) >= sizeof (int32_t))
+	return (int32_t) (intptr_t) value;
+      else
+	return *(int32_t *) value;
+    case 64:
+      if (sizeof (value) >= sizeof (int64_t))
+	return (int64_t) (intptr_t) value;
+      else
+	return *(int64_t *) value;
+    default:
+      return def;
+    }
+}
+
+static unsigned long long int
+ubsan_val_to_ull (int width, void *value, unsigned long long int def)
+{
+  switch (width)
+    {
+    case 8:
+      return (uint8_t) (uintptr_t) value;
+    case 16:
+      return (uint16_t) (uintptr_t) value;
+    case 32:
+      if (sizeof (value) >= sizeof (uint32_t))
+	return (uint32_t) (uintptr_t) value;
+      else
+	return *(uint32_t *) value;
+    case 64:
+      if (sizeof (value) >= sizeof (uint64_t))
+	return (uint64_t) (uintptr_t) value;
+      else
+	return *(uint64_t *) value;
+    default:
+      return def;
+    }
+}
+
+static inline char *
+add_string (char *str, const char *s, size_t *len)
+{
+  char *endp = __stpncpy (str, s, *len);
+  *len -= endp - str;
+  return endp;
+}
+
+static inline char *
+add_uint (char *str, unsigned long long int value, size_t *len)
+{
+  char *endp = utoa (value, str, *len);
+  *len -= endp - str;
+  return endp;
+}
+
+void
+__ubsan_val_to_string (char str[static UBSAN_VAL_STR_LEN],
+		       struct type_descriptor *type, void *value)
+{
+  int width = ubsan_type_bit_width (type);
+  switch (type->type_kind)
+    {
+    case ubsan_type_kind_int:
+      if (ubsan_type_is_signed (type))
+	{
+	  long long int v = ubsan_val_to_ll (width, value, 0);
+	  itoa (v, str, UBSAN_VAL_STR_LEN);
+	}
+      else
+	{
+	  unsigned long long int v = ubsan_val_to_ull (width, value, 0);
+	  utoa (v, str, UBSAN_VAL_STR_LEN);
+	}
+      break;
+    case ubsan_type_kind_float:
+      {
+	char *endp = __stpcpy (str, "float size ");
+	utoa (width, endp, UBSAN_VAL_STR_LEN);
+      }
+      break;
+    default:
+      {
+	size_t size = UBSAN_VAL_STR_LEN;
+	char *endp = add_string (str, "kind ", &size);
+	endp = add_uint (endp, type->type_kind, &size);
+	endp = add_string (endp, " (width ", &size);
+	endp = add_uint (endp, width, &size);
+	add_string (endp, " )", &size);
+      }
+      break;
+    }
+}
diff --git a/elf/ubsan_vptr_type_cache.c b/elf/ubsan_vptr_type_cache.c
new file mode 100644
index 0000000000..77572b2487
--- /dev/null
+++ b/elf/ubsan_vptr_type_cache.c
@@ -0,0 +1,21 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <ubsan.h>
+
+unsigned int __ubsan_vptr_type_cache[UBSAN_VPTR_TYPE_CACHE_SIZE];
diff --git a/iconv/iconvconfig.c b/iconv/iconvconfig.c
index aa6f381266..8975aa086e 100644
--- a/iconv/iconvconfig.c
+++ b/iconv/iconvconfig.c
@@ -1019,11 +1019,14 @@ write_output (void)
   /* Open the output file.  */
   if (output_file == NULL)
     {
-      assert (GCONV_MODULES_CACHE[0] == '/');
-      strcpy (stpcpy (mempcpy (tmpfname, prefix, prefix_len),
-		      GCONV_MODULES_CACHE),
-	      ".XXXXXX");
-      strcpy (mempcpy (finalname, prefix, prefix_len), GCONV_MODULES_CACHE);
+      snprintf (tmpfname, sizeof tmpfname, "%.*s%s.XXXXXX",
+		(int) prefix_len,
+		prefix,
+		GCONV_MODULES_CACHE);
+      snprintf (finalname, sizeof finalname, "%.*s%s",
+		(int) prefix_len,
+		prefix,
+		GCONV_MODULES_CACHE);
     }
   else
     strcpy (mempcpy (tmpfname, output_file, output_file_len), ".XXXXXX");
diff --git a/include/libintl.h b/include/libintl.h
index 3d63b7abbd..57039f1fc1 100644
--- a/include/libintl.h
+++ b/include/libintl.h
@@ -65,5 +65,8 @@ libc_hidden_proto (_libc_intl_domainname)
 # undef N_
 # define N_(msgid)	msgid
 
+# undef gettext
+# define gettext(msgid) (dgettext (NULL, msgid) ?: (char *)msgid)
+
 # endif /* !_ISOMAC */
 #endif
diff --git a/include/sys/cdefs.h b/include/sys/cdefs.h
index a676f75f62..8ec2079fa4 100644
--- a/include/sys/cdefs.h
+++ b/include/sys/cdefs.h
@@ -63,4 +63,10 @@ rtld_hidden_proto (__chk_fail)
 # define __attribute_optimization_barrier__ __attribute__ ((noinline, noclone))
 #endif
 
+#ifdef ENABLE_UBSAN
+# define __attribute_disable_ubsan__ __attribute__((no_sanitize("undefined")))
+#else
+# define __attribute_disable_ubsan__
+#endif
+
 #endif
diff --git a/include/ubsan.h b/include/ubsan.h
new file mode 100644
index 0000000000..56d8721507
--- /dev/null
+++ b/include/ubsan.h
@@ -0,0 +1,327 @@
+/* Undefined Behavior Sanitizer support.
+   Copyright (C) 2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#ifndef __UBSAN_H__
+#define __UBSAN_H__
+
+#include <stdint.h>
+#include <stdbool.h>
+#include <endian.h>
+
+#ifdef __SIZEOF_INT128__
+typedef __int128 ubsan_s_max;
+typedef unsigned __int128 ubsan_u_max;
+#else
+typedef int64_t ubsan_u_max;
+typedef uint64_t ubsan_s_max;
+#endif
+
+#define REPORTED_BIT 31
+#if (__WORDSIZE == 64 && BYTE_ORDER == BIG_ENDIAN)
+# define COLUMN_MASK  (~(1U << REPORTED_BIT))
+# define LINE_MASK    (~0U)
+#else
+# define COLUMN_MASK  (~0U)
+# define LINE_MASK    (~(1U << REPORTED_BIT))
+#endif
+
+struct source_location
+{
+  const char *file_name;
+  unsigned int line;
+  unsigned int column;
+};
+
+static inline const char *
+get_source_location_file_name (const struct source_location *location)
+{
+  return location->file_name ? location->file_name : "unknown";
+}
+
+static inline unsigned int
+get_source_location_line (const struct source_location *location)
+{
+  return location->line & LINE_MASK;
+}
+
+static inline unsigned int
+get_source_location_column (const struct source_location *location)
+{
+  return location->column & COLUMN_MASK;
+}
+
+struct nonnull_arg_data
+{
+  struct source_location location;
+  struct source_location attr_location;
+  int arg_index;
+};
+
+struct type_descriptor
+{
+  uint16_t type_kind;
+  uint16_t type_info;
+  char type_name[];
+};
+
+static inline bool
+ubsan_type_is_signed (const struct type_descriptor *type)
+{
+  return type->type_kind & 1;
+}
+
+static inline unsigned int
+ubsan_type_bit_width (const struct type_descriptor *type)
+{
+  return 1 << (type->type_info >> 1);
+}
+
+static inline bool
+ubsan_is_inline_int (const struct type_descriptor *type)
+{
+  unsigned int inline_bits = sizeof (unsigned long) * 8;
+  unsigned int bits = ubsan_type_bit_width (type);
+
+  return bits <= inline_bits;
+}
+
+static inline ubsan_s_max
+ubsan_get_signed_val (const struct type_descriptor *type, void *val)
+{
+  if (ubsan_is_inline_int (type))
+    {
+      unsigned int extra_bits = sizeof (ubsan_s_max) * 8
+	- ubsan_type_bit_width (type);
+      unsigned long ul_val = (unsigned long) val;
+      return ((ubsan_s_max) ul_val) << extra_bits >> extra_bits;
+    }
+
+  if (ubsan_type_bit_width (type) == 64)
+    return *(int64_t*) val;
+
+  return *(ubsan_s_max *) val;
+}
+
+static inline ubsan_u_max
+ubsan_get_unsigned_val (const struct type_descriptor *type, void *val)
+{
+  if (ubsan_is_inline_int (type))
+    return (unsigned long) val;
+
+  if (ubsan_type_bit_width (type) == 64)
+    return *(uint64_t*) val;
+
+  return *(ubsan_u_max *)val;
+}
+
+static inline bool
+ubsan_val_is_negative (const struct type_descriptor *type, void *val)
+{
+  return ubsan_type_is_signed (type) && ubsan_get_signed_val (type, val) < 0;
+}
+
+struct invalid_value_data
+{
+  struct source_location location;
+  struct type_descriptor *type;
+};
+
+/* The type_mismatch_data_v1::type_check_kind */
+enum
+{
+  ubsan_type_check_load,
+  ubsan_type_check_store,
+  ubsan_type_check_reference_binding,
+  ubsan_type_check_member_access,
+  ubsan_type_check_member_call,
+  ubsan_type_check_constructor_call,
+  ubsan_type_check_downcast_pointer,
+  ubsan_type_check_downcast_reference,
+  ubsan_type_check_upcast,
+  ubsan_type_check_upcast_to_virtual_base,
+  ubsan_type_check_nonnull_assign,
+  ubsan_type_check_dynamic_operation
+};
+
+struct type_mismatch_data_v1
+{
+  struct source_location location;
+  struct type_descriptor *type;
+  unsigned char log_alignment;
+  unsigned char type_check_kind;
+};
+
+struct pointer_overflow_data
+{
+  struct source_location location;
+};
+
+struct overflow_data
+{
+  struct source_location location;
+  struct type_descriptor *type;
+};
+
+struct out_of_bounds_data
+{
+  struct source_location location;
+  struct type_descriptor *array_type;
+  struct type_descriptor *index_type;
+};
+
+struct shift_out_of_bounds_data
+{
+  struct source_location location;
+  struct type_descriptor *lhs_type;
+  struct type_descriptor *rhs_type;
+};
+
+struct vla_bound_not_positive_data
+{
+  struct source_location location;
+  struct type_descriptor *type;
+};
+
+struct unreachable_data
+{
+  struct source_location location;
+};
+
+struct invalid_builtin_data
+{
+  struct source_location location;
+  unsigned char kind;
+};
+
+struct nonnull_return_data
+{
+  struct source_location location;
+};
+
+struct dynamic_type_cache_miss_data
+{
+  struct source_location location;
+  struct type_descriptor *type;
+  void *info;
+  unsigned char kind;
+};
+
+enum
+{
+  ubsan_type_kind_int = 0,
+  ubsan_type_kind_float = 1,
+  ubsan_type_unknown = 0xffff
+};
+
+enum
+{
+  ubsan_builtin_check_kind_ctz_passed_zero,
+  ubsan_builtin_check_kind_clz_passed_zero,
+  ubsan_builtin_check_kind_assume_passed_false,
+};
+
+#define UBSAN_VAL_STR_LEN     32
+
+void
+__ubsan_val_to_string (char str[static UBSAN_VAL_STR_LEN],
+		       struct type_descriptor *type, void *value)
+  attribute_hidden;
+
+#define UBSAN_VPTR_TYPE_CACHE_SIZE 128
+
+extern unsigned int __ubsan_vptr_type_cache[UBSAN_VPTR_TYPE_CACHE_SIZE];
+
+#if IS_IN(rtld)
+# define ubsan_hidden attribute_hidden
+#else
+# define ubsan_hidden
+#endif
+
+void __ubsan_error (const struct source_location *source,
+		    const char *fmt, ...)
+  __attribute__ ((__format__ (__printf__, 2, 3)))
+  attribute_hidden;
+
+void __ubsan_handle_overflow (const struct overflow_data *, void *,
+			      void *, const char *op)
+  attribute_hidden;
+
+void __ubsan_handle_load_invalid_value (void *data, void *value)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_load_invalid_value)
+
+void __ubsan_handle_type_mismatch_v1 (void *data, void *ptr)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_type_mismatch_v1)
+
+void __ubsan_handle_pointer_overflow (void *data, void *val, void *result)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_pointer_overflow)
+
+void __ubsan_handle_add_overflow (void *data, void *lhs, void *rhs)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_add_overflow)
+
+void __ubsan_handle_sub_overflow (void *data, void *lhs, void *rhs)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_sub_overflow)
+
+void __ubsan_handle_mul_overflow (void *data, void *lhs, void *rhs)
+  attribute_hidden;
+rtld_hidden_proto (__ubsan_handle_mul_overflow)
+
+void __ubsan_handle_out_of_bounds (void *data, void *index)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_out_of_bounds)
+
+void __ubsan_handle_negate_overflow (void *data, void *val)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_negate_overflow)
+
+void __ubsan_handle_shift_out_of_bounds (void *_data, void *lhs, void *rhs)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_shift_out_of_bounds)
+
+void __ubsan_handle_divrem_overflow (void *_data, void *lhs, void *rhs)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_divrem_overflow)
+
+void __ubsan_handle_vla_bound_not_positive (void *data, void *bound)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_vla_bound_not_positive)
+
+void __ubsan_handle_builtin_unreachable (void *data)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_builtin_unreachable)
+
+void __ubsan_handle_invalid_builtin (void *data)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_invalid_builtin)
+
+void __ubsan_handle_nonnull_arg (void *data)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_nonnull_arg);
+
+void __ubsan_handle_nonnull_return_v1 (void *data, void *location)
+  ubsan_hidden;
+rtld_hidden_proto (__ubsan_handle_nonnull_return_v1)
+
+void __ubsan_handle_dynamic_type_cache_miss (void *, void *, void *);
+rtld_hidden_proto (__ubsan_handle_dynamic_type_cache_miss)
+
+#endif /* __UBSAN_H__ */
diff --git a/locale/programs/locfile.h b/locale/programs/locfile.h
index 9103fade14..e0000bc392 100644
--- a/locale/programs/locfile.h
+++ b/locale/programs/locfile.h
@@ -124,7 +124,8 @@ extern void end_locale_structure (struct locale_file *file);
 extern void start_locale_prelude (struct locale_file *file);
 extern void end_locale_prelude (struct locale_file *file);
 extern void write_locale_data (const char *output_path, int catidx,
-			       const char *category, struct locale_file *file);
+			       const char *category, struct locale_file *file)
+     __attribute__ ((nonnull (1, 3, 4)));
 
 
 /* Entrypoints for the parsers of the individual categories.  */
diff --git a/manual/install.texi b/manual/install.texi
index 7fcdda9146..1e4242dff4 100644
--- a/manual/install.texi
+++ b/manual/install.texi
@@ -320,6 +320,14 @@ If not provided, @option{LEVEL} defaults to highest possible value supported by
 the build compiler.
 
 Default is to disable fortification.
+
+@item --enable-ubsan
+Build @theglibc{}, along with tests, with the @code{-fsanitize=undefined}
+compiler option.  The compiler runtime is not used, instead UBSAN functions
+called by the compiler instrumentation is provided by glibc itself.
+
+This is a debug/development option and the default is to disable
+the instrumentation.
 @end table
 
 To build the library and related programs, type @code{make}.  This will
diff --git a/nss/test-netdb.c b/nss/test-netdb.c
index 3fb9ba0a42..3911c3c42a 100644
--- a/nss/test-netdb.c
+++ b/nss/test-netdb.c
@@ -41,6 +41,9 @@
 
 #include <support/support.h>
 
+#define assume(R) ((R) ? (void) 0 : __builtin_unreachable ())
+#define assume_nonnull(x) assume ((x) != NULL)
+
 /*
   The following define is necessary for glibc 2.0.6
 */
@@ -180,6 +183,9 @@ test_hosts (void)
       namelen += 2;		/* tiny increments to test a lot */
       name = xrealloc (name, namelen);
     }
+
+  assume_nonnull (name);
+
   if (gethostname (name, namelen) == 0)
     {
       printf ("Hostname: %s\n", name);
diff --git a/posix/glob.c b/posix/glob.c
index a7c7dd1ebe..60ca0147ac 100644
--- a/posix/glob.c
+++ b/posix/glob.c
@@ -1397,9 +1397,10 @@ glob_in_dir (const char *pattern, const char *directory, int flags,
                         if (s.length < need
                             && !scratch_buffer_set_array_size (&s, need, 1))
                           goto memory_error;
-                        char *p = mempcpy (s.data, directory, dirlen);
+                        char *pdata = s.data;
+                        char *p = mempcpy (pdata, directory, dirlen);
                         *p = '/';
-                        p += p[-1] != '/';
+                        p += pdata[p - pdata - 1] != '/';
                         memcpy (p, d.name, namelen + 1);
                         if (! is_dir (s.data, flags, pglob))
                           continue;
diff --git a/resolv/res_send.c b/resolv/res_send.c
index 802675995d..37444fc925 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -801,7 +801,7 @@ reopen (res_state statp, int *terrno, int ns)
 {
 	if (EXT(statp).nssocks[ns] == -1) {
 		struct sockaddr *nsap = __res_get_nsaddr (statp, ns);
-		socklen_t slen;
+		socklen_t slen = 0;
 
 		/* only try IPv6 if IPv6 NS and if not failed before */
 		if (nsap->sa_family == AF_INET6 && !statp->ipv6_unavail) {
@@ -845,16 +845,7 @@ reopen (res_state statp, int *terrno, int ns)
 		 * error message is received.  We can thus detect
 		 * the absence of a nameserver without timing out.
 		 */
-		/* With GCC 5.3 when compiling with -Os the compiler
-		   emits a warning that slen may be used uninitialized,
-		   but that is never true.  Both slen and
-		   EXT(statp).nssocks[ns] are initialized together or
-		   the function return -1 before control flow reaches
-		   the call to connect with slen.  */
-		DIAG_PUSH_NEEDS_COMMENT;
-		DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized");
 		if (__connect (EXT (statp).nssocks[ns], nsap, slen) < 0) {
-		DIAG_POP_NEEDS_COMMENT;
 			__res_iclose(statp, false);
 			return (0);
 		}
diff --git a/stdio-common/tst-printf-format-s.h b/stdio-common/tst-printf-format-s.h
index 20369b8e86..92946cbcba 100644
--- a/stdio-common/tst-printf-format-s.h
+++ b/stdio-common/tst-printf-format-s.h
@@ -21,6 +21,9 @@
 
 #include <support/next_to_fault.h>
 
+#define assume(R) ((R) ? (void) 0 : __builtin_unreachable ())
+#define assume_nonnull(x) assume ((x) != NULL)
+
 #define SPRINTF_BUFFER_SIZE 65536
 
 static struct support_next_to_fault ntf;
@@ -42,6 +45,7 @@ printf_under_test_fini (void)
 ({									\
   __label__ out;							\
   char *str = ntf.buffer;						\
+  assume_nonnull (str);							\
   int result;								\
 									\
   result = sprintf (str, __VA_ARGS__);					\
diff --git a/stdio-common/tst-printf-format-vs.h b/stdio-common/tst-printf-format-vs.h
index f99747a924..15d5341f80 100644
--- a/stdio-common/tst-printf-format-vs.h
+++ b/stdio-common/tst-printf-format-vs.h
@@ -22,6 +22,9 @@
 
 #include <support/next_to_fault.h>
 
+#define assume(R) ((R) ? (void) 0 : __builtin_unreachable ())
+#define assume_nonnull(x) assume ((x) != NULL)
+
 #define SPRINTF_BUFFER_SIZE 65536
 
 static struct support_next_to_fault ntf;
@@ -43,6 +46,7 @@ static int
 printf_under_test (const char *restrict fmt, ...)
 {
   char *str = ntf.buffer;
+  assume_nonnull (str);
   va_list ap;
   int result;
 
diff --git a/stdlib/stdbit.h b/stdlib/stdbit.h
index 4afa4362d1..36b92901e5 100644
--- a/stdlib/stdbit.h
+++ b/stdlib/stdbit.h
@@ -44,13 +44,8 @@ __BEGIN_DECLS
 /* Use __pacify_uint16 (N) instead of (uint16_t) (N) when the cast is helpful
    only to pacify older GCC (e.g., GCC 10 -Wconversion) or non-GCC (e.g
    clang -Wimplicit-int-conversion).  */
-#if __GNUC_PREREQ (11, 0)
-# define __pacify_uint8(n)  (n)
-# define __pacify_uint16(n) (n)
-#else
-# define __pacify_uint8(n)  ((uint8_t) (n))
-# define __pacify_uint16(n) ((uint16_t) (n))
-#endif
+#define __pacify_uint8(n)  ((uint8_t) (n))
+#define __pacify_uint16(n) ((uint16_t) (n))
 
 /* Count leading zeros.  */
 extern unsigned int stdc_leading_zeros_uc (unsigned char __x)
diff --git a/sysdeps/arm/Makefile b/sysdeps/arm/Makefile
index 9c4fd6b236..c7e92da053 100644
--- a/sysdeps/arm/Makefile
+++ b/sysdeps/arm/Makefile
@@ -31,6 +31,11 @@ $(objpfx)tst-armtlsdescextnow: $(objpfx)tst-armtlsdescextnowmod.so
 $(objpfx)tst-armtlsdescextlazy: $(objpfx)tst-armtlsdescextlazymod.so
 endif
 endif
+
+ifeq ($(enable-ubsan),yes)
+# aeabi_unwind_cpp_pr1 is built as rtld module
+CFLAGS-aeabi_unwind_cpp_pr1.c += -DDISABLE_USAN_INTERNAL_REDIR
+endif
 endif
 
 ifeq ($(subdir),csu)
diff --git a/sysdeps/generic/ldconfig.h b/sysdeps/generic/ldconfig.h
index 7bc8788647..78e43d7038 100644
--- a/sysdeps/generic/ldconfig.h
+++ b/sysdeps/generic/ldconfig.h
@@ -84,7 +84,8 @@ extern int search_aux_cache (struct stat *stat_buf, int *flags,
 extern void add_to_aux_cache (struct stat *stat_buf, int flags,
 			      unsigned int isa_level, const char *soname);
 
-extern void save_aux_cache (const char *aux_cache_name);
+extern void save_aux_cache (const char *aux_cache_name)
+  __attribute__((nonnull (1)));
 
 /* Declared in readlib.c.  */
 extern int process_file (const char *real_file_name, const char *file_name,
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index fc4a3de767..527381222f 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -27,6 +27,7 @@
 #include <stddef.h>
 #include <string.h>
 #include <stdint.h>
+#include <stdarg.h>
 
 #include <elf.h>
 #include <dlfcn.h>
@@ -773,6 +774,8 @@ extern void _dl_debug_printf (const char *fmt, ...)
 extern void _dl_debug_printf_c (const char *fmt, ...)
      __attribute__ ((__format__ (__printf__, 1, 2))) attribute_hidden;
 
+extern void _dl_debug_vprintf_c (const char *fmt, va_list ap)
+     __attribute__ ((__format__ (__printf__, 1, 0))) attribute_hidden;
 
 /* Write a message on the specified descriptor FD.  The parameters are
    interpreted as for a `printf' call.  */
diff --git a/sysdeps/generic/symbol-hacks.h b/sysdeps/generic/symbol-hacks.h
index 1115e4c0a7..10a3a5388d 100644
--- a/sysdeps/generic/symbol-hacks.h
+++ b/sysdeps/generic/symbol-hacks.h
@@ -18,3 +18,39 @@ asm (".hidden __stack_chk_fail_local\n"
      "__stack_chk_fail = __stack_chk_fail_local");
 # endif
 #endif
+
+#if !defined __ASSEMBLER__ && IS_IN(rtld) && defined ENABLE_UBSAN \
+  && !defined DISABLE_USAN_INTERNAL_REDIR
+/* These are autogenerated by the compiler, so no subject to either
+   hidden_attribute or hidden_proto alias definition.  */
+asm ("__ubsan_handle_negate_overflow = "
+     "__GI___ubsan_handle_negate_overflow");
+asm ("__ubsan_handle_shift_out_of_bounds = "
+     "__GI___ubsan_handle_shift_out_of_bounds");
+asm ("__ubsan_handle_divrem_overflow = "
+     "__GI___ubsan_handle_divrem_overflow");
+asm ("__ubsan_handle_vla_bound_not_positive = "
+     "__GI___ubsan_handle_vla_bound_not_positive");
+asm ("__ubsan_handle_pointer_overflow = "
+     "__GI___ubsan_handle_pointer_overflow");
+asm ("__ubsan_handle_load_invalid_value ="
+     "__GI___ubsan_handle_load_invalid_value");
+asm ("__ubsan_handle_out_of_bounds = "
+     "__GI___ubsan_handle_out_of_bounds");
+asm ("__ubsan_handle_sub_overflow = "
+     "__GI___ubsan_handle_sub_overflow");
+asm ("__ubsan_handle_add_overflow = "
+     "__GI___ubsan_handle_add_overflow");
+asm ("__ubsan_handle_mul_overflow = "
+     "__GI___ubsan_handle_mul_overflow");
+asm ("__ubsan_handle_type_mismatch_v1 = "
+     "__GI___ubsan_handle_type_mismatch_v1");
+asm ("__ubsan_handle_nonnull_return_v1 = "
+     "__GI___ubsan_handle_nonnull_return_v1");
+asm ("__ubsan_handle_nonnull_arg = "
+     "__GI___ubsan_handle_nonnull_arg");
+asm ("__ubsan_handle_invalid_builtin = "
+     "__GI___ubsan_handle_invalid_builtin");
+asm ("__ubsan_handle_builtin_unreachable = "
+     "__GI___ubsan_handle_builtin_unreachable");
+#endif
diff --git a/sysdeps/powerpc/powerpc64/multiarch/stpncpy-ppc64.c b/sysdeps/powerpc/powerpc64/multiarch/stpncpy-ppc64.c
index e0a8747884..6dec085cb7 100644
--- a/sysdeps/powerpc/powerpc64/multiarch/stpncpy-ppc64.c
+++ b/sysdeps/powerpc/powerpc64/multiarch/stpncpy-ppc64.c
@@ -20,7 +20,8 @@
 #ifdef SHARED
 #undef libc_hidden_def
 #define libc_hidden_def(name) \
-  __hidden_ver1 (__stpncpy_ppc, __GI___stpncpy, __stpncpy_ppc);
+  __hidden_ver1 (__stpncpy_ppc, __GI___stpncpy, __stpncpy_ppc); \
+  weak_alias (__stpncpy_ppc, __stpncpy)
 #endif
 
 #include <string/stpncpy.c>

From patchwork Wed May  7 14:17:20 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888064
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp406605wrq;
 Wed, 7 May 2025 07:22:12 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCWwn2ymsyZzbOYa+LfroHfG/F1TRhF3pl7fzbIOuzxNYV064xa5gJsT5rVdQhF0sssHVeZC7w==@linaro.org
X-Google-Smtp-Source: AGHT+IGGdLoGzTiYElALFNoZbDk68UZLxoMkv8FHSkCQTDyx6JHhepdM8CVjNCs96RNW7gOuNVRv
X-Received: by 2002:a05:620a:1903:b0:7c5:5003:81b0 with SMTP id
 af79cd13be357-7caf73a18b4mr549890785a.23.1746627731860;
 Wed, 07 May 2025 07:22:11 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746627731; cv=pass;
 d=google.com; s=arc-20240605;
 b=Cx9eyS7pL7R0H3z1mbDntIKdJLxmIRux+cGPUUiq3y7VgGl1f5vpc4GAoFazXY/Q35
 ecw/6HAfAhmCbWyiRv8kl1NADPNkDZgojhzOiOAYfss2EgoCV/olnbMnZzruwMgnvZdC
 JEne+gAaxAsCy1SGx61tn9zoFxRpqXaPsjYqW3Rmhzp0rCRD/g5eo+ba7okEy5isVqlw
 b4x1EheGZtJmRAqBd8dh4OktBmrvL/d8i+aaRgxYsxZGERFGZE7bEGyfQtja2HeLZAv6
 BWcew19e2+Yu/v/5K1uoUSPY8Pfn5rnt4yLrnxJcCMrk4shYaz4hklg4lXuMPmdrm4/W
 1EWQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter
 :delivered-to:dkim-filter;
 bh=43umIC1Dik48M0bbMNs0/MPY8++F//CqTf+Khg3YLys=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=gXhDgW5Oii0/pvt28yY6JEGfLLnwCtZue8AyH92UzXuPpxNGxFl58DIhFhZpLg0jhg
 OjILIXqkmBA+SBqMaFyo7ENasYMBKksUL2AVkbn4+waEqeT+89/Ab3u5TuX8OLnZw/B6
 Xglm+ymm3+RGFSazeguQHLiPaLyD6l58H00F16DGi1pBl57KtlGmiN4yYI6L1pCLk/L6
 G78GMwn7EPlpucvNQLm3KSabpx5Jib3P8LSE2gYIYwq+9DQNUk6sAoCmtK+BifMYeF22
 WYD1kv3QpB4C8NtS6KeraBbNw1bdrkWREBd6rzWJF4e8HE525FFWzxtLtDfdEh7O7ECT
 M6vQ==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=mMrrJW5O;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id
 af79cd13be357-7caf75948easi223373985a.220.2025.05.07.07.22.11
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=mMrrJW5O;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 7768E3858D34
 for <patch@linaro.org>; Wed,  7 May 2025 14:22:11 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7768E3858D34
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=mMrrJW5O
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pj1-x102d.google.com (mail-pj1-x102d.google.com
 [IPv6:2607:f8b0:4864:20::102d])
 by sourceware.org (Postfix) with ESMTPS id A9E2B3858C62
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:21:19 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org A9E2B3858C62
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org A9E2B3858C62
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::102d
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627679; cv=none;
 b=p/YLI+amExV2rB8z9HF+DbQi4EoZNivj+ef2w2q1R527MijPToY8ghRg3Hs5o+1gyZaJanKpfry7csgFvF3/AANbyLXKkKm4BxSKkuLRg9OFYF5cNJNCpVfJoWzdxNqrRbsnBk/zVepq/zWQIF26Y1KIkfrmHGXDegUoyV2alxI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627679; c=relaxed/simple;
 bh=TIjm9ogjZwnk94LNNDicCCrm+MBZU8GM0x/GO4cVS8Y=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=B5ZyHdpZx5EQNOTuPAdp+74/4Ulf2vAYjCCGkb6czSCZ2KBe6PPJPoZr8BWcqF8XZt7pNsGFjneo6I5Vz6hdkvlXT7nZv96ddlNsdbTwHeFqZabXvRGC2l0XMIuy/OZ7Azf+XEdFWBlkcX/WkBpvc6bS5SvCOoH7GcMbDwguGVs=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A9E2B3858C62
Received: by mail-pj1-x102d.google.com with SMTP id
 98e67ed59e1d1-30a8c929220so1891272a91.0
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:21:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627678; x=1747232478; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=43umIC1Dik48M0bbMNs0/MPY8++F//CqTf+Khg3YLys=;
 b=mMrrJW5OZsKJyFBUvp6v3Dc50iH04G6aMzh+3+fehTUplxP7Fit52ehvpGXyMsHXS5
 6kHtYGtJ5BKZklB9b/azZetOXZdS7fuJHSldlF8Yef9NNYrQf3oQmLVQVKnfmIdoOtP/
 pwNZQvdtOvtIEvBeHz6mXErB8lR1GhkN+UhzeMfPbQZ/7yeY/68PNXd2lRWGNyZWfQNK
 XxFym1UQjun6k3Jg8smg7nHSmKGhzDUfk+iubcV6XFBOxumGGrUefk+wRAC1oPcJwPiq
 WKvjNox3dxJyCD+QiRSF7CgIxirghX7ku8sZAwYo+eC3/hlDu6AduQ97y/AjgfUH9Pgq
 3W3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627678; x=1747232478;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=43umIC1Dik48M0bbMNs0/MPY8++F//CqTf+Khg3YLys=;
 b=NVTMdik1HKwIxVYrCh850JZCvHQPkK3lQcNDzRyi9NCoXyySzWOw5DPy5TgrWSK4/N
 esF8tzIpBPudYWBcfYjTkopPTbstFx0wj2sZW4tP8eG9kmSa5kjPVACOc1DmT43WcQn3
 blQhkgnIfT1BTEjVkCGDfN5fh/sr7fSlcbfIvOCeNGK0AIR79fU2+petQe0sdo84ezLF
 CnrOeriuIKQ4b09265PYM71R27LOUjQaA64vB57Snu1BvcsfLxZoqie2ItDekd6GHKip
 sg4GL4WyfxiRGlpkzW0s+95DslrqdzirPZiU4v5oCxCtiUwDasJ3K5aM7juRl3zujReF
 4NrA==
X-Gm-Message-State: AOJu0YwZBrjmNkK9xydY8vN4kn7kOysgAlyKd5KUc4FQkmAJIP/yF1Gl
 wMyjv/1OdjwxHdduKH+08tNR/FNBx7xEMLNHX4XuvqwfPrmLXGv2fpeKLGRpjpojVaBciZQict/
 kiZg=
X-Gm-Gg: ASbGnctZC9oi+t3lfUaUmCaOhnuV8PISCoJMjBQxUEEWFlOe0Y/ywao3lcC7L8AmlS5
 w1uLp69An3OnazkQ9UkAgXpj7GdALlCbks/N+Go1CRbG3uJ8i2jQOTWeZmGHQacyRN0WzadMmaC
 4AcYPio8EJQ8WWrjZh2LtN+1f40hI+0BIxC/3BlTi2D4owT3QLRpbBgvn1vGYRifhDsZXD4rZPr
 CmByS0NoZrJ9Qis+P5xNZySvGRd+PKbPR6taVvFemwpp4pSB8aB7ytAdu3Y3EG45AkAUibtVmUK
 sf3Dm6wJlRALJb+O4fUh2KWdN3zju2yrL9ymIA9ka7AgIsUerzYGOg==
X-Received: by 2002:a17:90b:1e08:b0:2fe:a0ac:5fcc with SMTP id
 98e67ed59e1d1-30aac28d6aemr4455889a91.34.1746627678191;
 Wed, 07 May 2025 07:21:18 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.21.16
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:21:17 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 02/11] riscv: Fix --enable-ubsan build failure on riscv
Date: Wed,  7 May 2025 11:17:20 -0300
Message-ID: <20250507142110.3452012-3-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

With ubsan enable, libc.so fails to build with:

[...]linkobj/libc_pic.a(setcontext.os): in function `__start_context':
[...]sysdeps/unix/sysv/linux/riscv/setcontext.S:111:(.text+0xc0): relocation
truncated to fit: R_RISCV_JAL against symbol `__GI_exit' defined in .text section
in [...]/linkobj/libc_pic.a(exit.os)

Using 'call' instead of 'j' works regardless whether UBSAN.
---
 sysdeps/unix/sysv/linux/riscv/setcontext.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sysdeps/unix/sysv/linux/riscv/setcontext.S b/sysdeps/unix/sysv/linux/riscv/setcontext.S
index a2de57b537..11dd46ea17 100644
--- a/sysdeps/unix/sysv/linux/riscv/setcontext.S
+++ b/sysdeps/unix/sysv/linux/riscv/setcontext.S
@@ -110,6 +110,6 @@ LEAF (__start_context)
 	mv	a0, s2
 	beqz	s2, 1f
 	jal	HIDDEN_JUMPTARGET (__setcontext)
-1:	j	HIDDEN_JUMPTARGET (exit)
+1:	call	HIDDEN_JUMPTARGET (exit)
 
 END (__start_context)

From patchwork Wed May  7 14:17:21 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888067
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp407964wrq;
 Wed, 7 May 2025 07:25:13 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCWJAjRLThFcbnaDI3ThD62AgzCIJH+3rSUu8EWtUtL+iGkCLe/wF5ZeNlguQlUYNWLWXgRdUg==@linaro.org
X-Google-Smtp-Source: AGHT+IEFmYvqgQrIhehHqoa4UKMsF+/XKemliiQPOyLx/kJkkap9I3UlZRJqhdzIRnSBlnWsGv1J
X-Received: by 2002:a05:620a:4555:b0:7c5:6ef2:275d with SMTP id
 af79cd13be357-7caf741d348mr454299085a.52.1746627913444;
 Wed, 07 May 2025 07:25:13 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746627913; cv=pass;
 d=google.com; s=arc-20240605;
 b=ipY53C314ybrmhmvk0Mw7Ev7WJ6GX8iuE/8Kd6le2IlCO3Ouym4rtpRRF+XpVG2VQ7
 sPqwXRaKYfUeluRLjHtLymZPMyeQFGboJyqHQ4iM+zloBDZPxUdPvk9c2cJ1JSf6Q+2D
 6cm6puCwvP2z+Kc5yKCVtPHJK0xqVwqtCWI9r9QlU2XRkJddg4bdQAIauMC+mEcgyPo1
 LYXXb0QzEjggfktxXd4KG8WcIc334awkKzHTCMNsI3oGG9XRX68RroxEM1kcT27v5hDj
 kuwuCeL+ubiLPUh2Mki25w7kLNroby7tslbUxvkpJwBz66pa6Lkns85ZLgs66VkmgsHc
 2cKw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter
 :delivered-to;
 bh=NyWaQXUUsBl8JDAAyC/5Sz5T0bV/DvSdrr0XZLudzbc=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=YZji5zKEx62uYcyo1iH38JY/uNHdlDasE+ZJB48PuhYYG1fyextfiCr+fjYSfbTQ5z
 BchUaGidcp85wO1K8dGDBvcHd+t8gk4HXKEJdOLOBXyAlVxWIMkrs8MrnYOxXe2Z30kY
 s5FmI/FgA8czdRHHifKvBuoCMcc1TFbN2riCTjJqtcrNOhDBQwV8jCfHQl1C3mo8bhhC
 QqcZaExmKJgGAMAr+QswkHIoPUSfDAPIUNHZE1AnA33LwjAvaeICyN06jI9B4Si6kR0f
 WJ2S8uVp+JIMCfyawHDdWiYoUijj9l9sIQLcHx3p6buqtgeWGdnRS5joz3BXvLNv1Xuh
 Bw4Q==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=BVFUR+q5;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 af79cd13be357-7caf75c9373si210976885a.529.2025.05.07.07.25.13
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:25:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=BVFUR+q5;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 1C57A3857350
 for <patch@linaro.org>; Wed,  7 May 2025 14:25:13 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com
 [IPv6:2607:f8b0:4864:20::531])
 by sourceware.org (Postfix) with ESMTPS id 705B03858C2F
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:21:21 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 705B03858C2F
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 705B03858C2F
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::531
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627681; cv=none;
 b=dT0U5aLMo8UMHx4V6e8ClTgLReoXHoiIFrQcMSK3ldehRFO/asjtQFVO4V+fRi9eMu/R19UlyLM0jUxKRBCgAaUOv2W0AR5TZ2byaPYc90+xsvXRBNvhTfJX5xpGnMM4r/ouqq0qZw+uIbytiBn0PZC0IR1vxhXOGNi7w6uGmEE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627681; c=relaxed/simple;
 bh=q6zzHaOYE1ZxHWetGgf1cmsqzjeuUEW6y0pIIBao1Mg=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=SyEeGevaAu/RFAsoqZuf33ndiqBkhWOqFCxRkrD9+VfFHpS4tlzO8Ey5EhZok9DayVS2MbxwNuE4ZL/0EnzOmqkVmqVVUGfqMqglATFUXM+1FyUSM7D6ltyf0Mps/q7qHJP8ovUOtJTGm7X7XaGNqT68tghYUdvtvcldk2yytUM=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 705B03858C2F
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=BVFUR+q5
Received: by mail-pg1-x531.google.com with SMTP id
 41be03b00d2f7-af5139ad9a2so4766068a12.1
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:21:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627680; x=1747232480; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=NyWaQXUUsBl8JDAAyC/5Sz5T0bV/DvSdrr0XZLudzbc=;
 b=BVFUR+q5FfsfBtyhMoOmfAiHUvnLniKjPd3P3QzRpURvaqAjAJPRZoW6kbPmfcoVIz
 EJWUOA8ivUP9IIGG28XwHrWFG8djXLjLXR+GpaF0AdISi6vGfCeDXRo+tIiaaWzXAoWr
 jUc4cYB1Y1QdiglNsizL85IZwSv50RmhnXYozMKk3PcJ8l3ZWmPXPFqO/26xK1thYMJ5
 3FHqfSDpRML62qa4d74q49YR125KFY8C2a3fuMe6lCF3u4dXbXvGXJpRqwDwSHRxrbXm
 Xe35cOdsq+b6mg/WhbCxiCFKJmkQ2YOEVYy2FOst0PVKd12pe9x8PUPCf0CHxImXe/ps
 3J9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627680; x=1747232480;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=NyWaQXUUsBl8JDAAyC/5Sz5T0bV/DvSdrr0XZLudzbc=;
 b=Mi6lqx0aacPjTWARhj/rTr31yrCyh8XlMMfrjc6A9sDlH8rpK9l6+kUtPu4qFoJSGt
 e/U8mt3KRGYCh6V3P9MDfIL2JuIcG52ZfGI1DydLMp3jQJ2znlOsaXNyRy3jcKzhoGKN
 rWroS02csZrOvs8tHKV6Lpr0/dWqeWQT1WlLqZSpW+rAnVWUvXLN2WueML94msprhISe
 ommxgsE7/R5JZuEiBFkgimbDQGK34FODrDc8T5zlZ+leoacS04r5TQdFQ8jGnRsSObmj
 jXTveqjE+3+44PRVLaA0n2Yj/vTCc8eSHQnYGhTR+aAYqzZjpYhmggPsEg9AY7sJwlC1
 xzug==
X-Gm-Message-State: AOJu0YzROfpERcgTpRVroO7YroD+mEGrdxHeOq+fH/ShDmkU6GWv2Hvv
 XwEc07x0dPlpOQTKTg/+7fmm8rk5ysNwuTaWDeZMjUjIK4y7xiuqe//49Er/H9V4DZwOi5cr8Nl
 Wlzw=
X-Gm-Gg: ASbGncuFlZtdJkRdl1/L8Bc3JsHG5N32ZLqjczSeeN6o3Jx8LeK4OfN5iCTGPGfTCJd
 9c1xx3WA53ZW5QDRwyuWdQco1h/tJonPJmazO2oVsWxa4VgaSTv224e+8hddSRvqDsc8HPlwXWW
 H6+r3QqecVC/Bj9B0fwefcxyE03VEmrcxlQ8/voX8eXhZLSpbxlEJ8swbfUvBhBVffjx4sILdhS
 7HN57AB4En45s1Dyok0G3lX7rWriduBD99VDkUdJHADPfBzvStvv+KVDJ8km6UpjKsX0Gk4J9Aa
 +sPf2Ev+jYl7JiOsE63+VkTkFM1+N8sFbA96thmftkAbiK5HOyJiPAHY1bHZhy2K
X-Received: by 2002:a17:90b:1e08:b0:2fe:a0ac:5fcc with SMTP id
 98e67ed59e1d1-30aac28d6aemr4456008a91.34.1746627679896;
 Wed, 07 May 2025 07:21:19 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.21.18
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:21:19 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 03/11] locale: Fix --enable-ubsan build failure on some ABIs
Date: Wed,  7 May 2025 11:17:21 -0300
Message-ID: <20250507142110.3452012-4-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

On mips, arc, powerpc, and s390 gcc 14 triggers the warning

In function ‘charmap_new_char’,
    inlined from ‘parse_charmap.isra’ at ../locale/programs/charmap.c:570:6:
../locale/programs/charmap.c:1017:32: error: ‘strncmp’ specified bound [2147483649, 4294967295] exceeds maximum object size 2147483647 [-Werror=stringop-overread]
 1017 |   if (cp == &from[len1 - 1] || strncmp (from, to, prefix_len) != 0)
      |                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../locale/programs/charmap.c:1017:32: error: ‘strncmp’ specified bound [2147483649, 4294967295] exceeds maximum object size 2147483647 [-Werror=stringop-overread]
cc1: all warnings being treated as errors

So move the case to an special function and disable the sanitizer.
---
 locale/programs/charmap.c    | 2 +-
 locale/programs/charmap.h    | 7 +++++++
 locale/programs/repertoire.c | 2 +-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/locale/programs/charmap.c b/locale/programs/charmap.c
index 7768a7a7fc..58433c8c5b 100644
--- a/locale/programs/charmap.c
+++ b/locale/programs/charmap.c
@@ -1014,7 +1014,7 @@ hexadecimal range format should use only capital characters"));
 
   prefix_len = (cp - from) + 1;
 
-  if (cp == &from[len1 - 1] || strncmp (from, to, prefix_len) != 0)
+  if (check_illegal_range (cp, from, len1, to, prefix_len))
     goto illegal_range;
 
   errno = 0;
diff --git a/locale/programs/charmap.h b/locale/programs/charmap.h
index dcdbfe1828..b4aa8d6b6c 100644
--- a/locale/programs/charmap.h
+++ b/locale/programs/charmap.h
@@ -62,6 +62,13 @@ struct charseq
   unsigned char bytes[];
 };
 
+static inline bool
+__attribute_disable_ubsan__
+check_illegal_range (const char *cp, const char *from, size_t len1,
+		     const char *to, size_t prefix_len)
+{
+  return cp == &from[len1 - 1] || strncmp (from, to, prefix_len) != 0;
+}
 
 /* True if the encoding is not ASCII compatible.  */
 extern bool enc_not_ascii_compatible;
diff --git a/locale/programs/repertoire.c b/locale/programs/repertoire.c
index 7ed8c915dd..99f560fc45 100644
--- a/locale/programs/repertoire.c
+++ b/locale/programs/repertoire.c
@@ -433,7 +433,7 @@ hexadecimal range format should use only capital characters"));
 
   prefix_len = (cp - from) + 1;
 
-  if (cp == &from[len1 - 1] || strncmp (from, to, prefix_len) != 0)
+  if (check_illegal_range (cp, from, len1, to, prefix_len))
     goto invalid_range;
 
   errno = 0;

From patchwork Wed May  7 14:17:22 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888072
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp410601wrq;
 Wed, 7 May 2025 07:31:02 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCW+mDO6eMnme+fNs1XrlTIQcmWFPW0qnjZQf9QlDxu8qM3lDVgzTeT7ZybiYF7wfWSh2zx53g==@linaro.org
X-Google-Smtp-Source: AGHT+IGSY5Pg7vB+rBNnXT7H8mpqdP7n/xtR5O/zPl8+JlA3kMCsy8cVsVcWeWjp5Wea9KIMZVlS
X-Received: by 2002:a05:6102:5687:b0:4c5:505a:c1f5 with SMTP id
 ada2fe7eead31-4dc738a9111mr2847547137.24.1746628258028;
 Wed, 07 May 2025 07:30:58 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746628258; cv=pass;
 d=google.com; s=arc-20240605;
 b=Dt0fjvcqdx02Nzr6DUGxsqIwoV0YZTdtril8AwIkwRxR5TIcFs8Deds16C+xfarpUt
 wF5NSy9jTPULnXzUgRytQHBOO64U6sBn+LK3/ZSMgNhdPBMvRMNwkTgLeQXKLnfsX14m
 IBs0HDgFv4UA7lzELkRoxtH2qGuaTC6jjinqH7k7AqOF+89vdjH/wsfi8o/hU1U9HXxc
 wG0IVvvo3p7ARf3RAM1YIEuLzsdmPOTtJVCDnfGfPxpDM4KcktWGQ9xW2887CCM/rAi5
 9mnfQsU1K35hepRghyH+SfGx6afJktSpLRfAQ4v95P+8n9hr6BuA3YoS89fiLvQGRfk5
 PS/A==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter
 :delivered-to:dkim-filter;
 bh=yJLvcdHJFgpzIx5SG54f1zHkrBB2udLXET/cRASmdg4=;
 fh=It5km38euVI8/J8jICL8p6EEg4GU7FV7823jK5hOifk=;
 b=HunCPajtD0FgYYK2DvUEFu/+dJDuXHs731Rtu1+YWEImWB/E7zTs4CcgkK7vbTsemI
 UI01X7vuFLgunqQuJpz+Ie23Sedf3+jA0Re5C5p/WNg8Jfr8wx+oOrg2GVutZptJSiTa
 3kZmf2Z4Z/FGibYX1GZm7/lw4TKDBVT+wTA2unOeiW5y6PMJa5/3hXcSh0p2UtoUKojY
 uL7EK6SPpmDQByRqbzECJoy6ZHcEN1cihXrpixc4xt9g5HKRuyLpvY6qWe1OG5OflqYt
 IORsWI9tZLarZpA/DBL8qE2ajJLeDB8lO2AMoE7ePANjKuoa3NU9cn3xqdewGAIm5RWL
 Sn0A==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=lnl1zksI;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 6a1803df08f44-6f54278b86bsi21166876d6.184.2025.05.07.07.30.57
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:30:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=lnl1zksI;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 801853858C98
 for <patch@linaro.org>; Wed,  7 May 2025 14:30:57 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 801853858C98
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=lnl1zksI
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-qk1-x729.google.com (mail-qk1-x729.google.com
 [IPv6:2607:f8b0:4864:20::729])
 by sourceware.org (Postfix) with ESMTPS id C446C3858D34
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:29:54 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C446C3858D34
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C446C3858D34
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::729
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746628194; cv=none;
 b=wMBxQB3egcrAAPjTeqNOnTicmzjy9hqMBKFyD0c7HjnI9lWwocBPiPNXrLJsT5teTtCbePJ9KpYjXTLKtZtKmOoau48mD8VX2Szyn4aplmiB1Ga+EwB9eUzQcElGrWFGlApdSyqHBONYo49vfjN3v+QRzOPti+hW9qSjyunM5Kc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746628194; c=relaxed/simple;
 bh=TIeNWy/tTfDKlXTWByo+6joMrFwcndOmaDRWMK3llWI=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=MMvtNL+6Ai5BdAPJbtglPsFjP5BXXQ2LhrKF3LfamknO10rnZjHunqCXKv8NQMNgpxTxRJ+OGnMW+UK/r8Keq2Z6BwES3a3sjn+LYFySIOF2Lh/M63cyC8Q2FO60GjgkkfB8tSb88XbohEJ4j/SaKKCbeFqGJThzVrbGgjnI4Rw=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C446C3858D34
Received: by mail-qk1-x729.google.com with SMTP id
 af79cd13be357-7c56a3def84so710860985a.0
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:29:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746628193; x=1747232993; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=yJLvcdHJFgpzIx5SG54f1zHkrBB2udLXET/cRASmdg4=;
 b=lnl1zksICY20/cpNTHIJd+u0nHx0KHNDLDCGS9pEjYvdVGr6oHTP6dycOum+HZF1dU
 5ckNmK29gzhYyhR5A5hCHoOGCw/hY6HwiMyMvgpySf8E3g4uQZTnH/Er60jehJ4LLCK/
 aR7Ldel4UZzkHA8XPHuqpjMLTm2jvt/o+l+r7qve+fCMbVTKH5vFe6XsPtAyEcAqNt12
 BucQNPPoi1JGLR/KrRyqnAvHEecZpduEUSuuv7NfQBk1oQPWc9703FHNs7Sc/pIDSlhW
 8UQ/ecVIPCLwhwxVy36nk15ujFtUVQFlkZc7eL8rQknsb/p41CXFRygJnrTSgfM8aBUI
 9G5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746628193; x=1747232993;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=yJLvcdHJFgpzIx5SG54f1zHkrBB2udLXET/cRASmdg4=;
 b=vscNZmtzaPX/mY+0YGhAGUeGgjm6/3EJyYO0qKccjpn0xGrjVVNHQMp/b6z5ygLzHM
 kRywwULycSzu3C5KJmhUdtqYGOgJe/WqzP0CEfiVPRqlT5ypLbAcQDcI+qEAt8stY8V4
 UJxG8J2sVhaESXD6rNCY1hYm1SCUU4cX47TsOY83Z1YYX71a4dzE4km/LX0gyhfunH0b
 /GGGX1pHU0I/jLvrY9N3c06vhX2IjrQBg1/IkQNEiXH8056e4JxvcLdffcLOizh2Y3SO
 OZ0QrqMClPjZ6b1/kBzyp2hK11GcCPeQxZ4NmNsPhZzLWd88DK/dFu1lkRxYvyagGZmb
 tFbQ==
X-Gm-Message-State: AOJu0YwbK34CGVFbJA5+4bNZBe+kKF2eCNObF5cEItNJ/FlDyRuOK2VE
 yD1G4h36d8lb/zvR/YAaTKYIWIl4gcXZV8k0xZmJGoiH5DQtDV6a1gXLnGlZsxProHaCmCR81UH
 vecA=
X-Gm-Gg: ASbGncvFin2vad2C6l6kD53zYW4K5YuquenxHXE0Zw+sD+8orkQbn8pzZHIBjU2jqaR
 21imjQ2L27vnG0LkcRMsHWpnBKPxBZQ18oy77sD9UkS4OPs1CZxHFDrw3JgF1kjwdSSiWyeNgyT
 XNaiuWXh2ln0SHkGBetygJcL2a4G7ImnmZEiAGP77pBDuuGBGJiYQG/M7+ZlcywDS2ZMwcd2tjr
 Va1OStZ+tcuKrC1Y1xd6B6j2/8VPwQfYxcJml/WDOJOpNYApby35jowUzwtx94/JtwkziDFj5/y
 +3m3Ujnaxtg6bH1dxto1C+4iOu+cdTStKQuX0iiCQMaUixvv6OQ1mg==
X-Received: by 2002:a17:902:d4ce:b0:21f:35fd:1b6c with SMTP id
 d9443c01a7336-22e5ede6912mr49545215ad.45.1746627728170;
 Wed, 07 May 2025 07:22:08 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.06
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:07 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>,
	Richard Henderson <rth@twiddle.net>
Subject: [PATCH 04/11] elf: Adjust DT_EXTRATAGIDX to avoid undefined shifts
Date: Wed,  7 May 2025 11:17:22 -0300
Message-ID: <20250507142110.3452012-5-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

From: Richard Henderson <rth@twiddle.net>

When building with --enable-ubsan, the relocation code triggers:

UBSAN: Undefined behaviour in get-dynamic-info.h:56:30 left shift of 1879047925 by 1 cannot be represented in type 'int'

Originally from
https://sourceware.org/pipermail/libc-alpha/2015-August/063015.html.
---
 elf/elf.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/elf/elf.h b/elf/elf.h
index 1e1a59c14d..d48cf47b9a 100644
--- a/elf/elf.h
+++ b/elf/elf.h
@@ -995,7 +995,7 @@ typedef struct
    range.  Be compatible.  */
 #define DT_AUXILIARY    0x7ffffffd      /* Shared object to load before self */
 #define DT_FILTER       0x7fffffff      /* Shared object to get values from */
-#define DT_EXTRATAGIDX(tag)	((Elf32_Word)-((Elf32_Sword) (tag) <<1>>1)-1)
+#define DT_EXTRATAGIDX(tag)  (-((Elf32_Sword)((Elf32_Word)(tag) * 2) / 2 + 1))
 #define DT_EXTRANUM	3
 
 /* Values of `d_un.d_val' in the DT_FLAGS entry.  */

From patchwork Wed May  7 14:17:23 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888065
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp406953wrq;
 Wed, 7 May 2025 07:22:56 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCV/aMTcaSGcn5dhoFDQINR5bPFrghr+2221KT3OUcn4q3E+3fLmT8PbnzpA/YaP3E1oMw09LQ==@linaro.org
X-Google-Smtp-Source: AGHT+IGIgFYOuNxONae41/t7Sgxgpmv0FQTjz0NQo7HJpEhXfUn/WfmoCxaAANDfske8EZ+xcGzb
X-Received: by 2002:a67:e711:0:b0:4bb:c8e5:aa8b with SMTP id
 ada2fe7eead31-4dc738bc384mr2978552137.22.1746627775943;
 Wed, 07 May 2025 07:22:55 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746627775; cv=pass;
 d=google.com; s=arc-20240605;
 b=csNOCNxNU9BCfzK3Qm43NAZhSa99PoxcyttaEDLWZ5bEeLQrOARTSpKoVTP0RLJ4BG
 usKjNkzBNEHa4Nx2mwM3v7MlnPvsssUYeIVSgnc01jX2YupvIhI3PQhon+2W7nDV1OQB
 L4t/Ai4YvRti1ZWu2JFQjg1/K/Q1e4mwJxe+pMYbq6Pn16QApq+ix1FzNlg8Ktybyc0w
 JaHJ8fK6mYqwrJHUSSnsm+l871WbYbak8weTBGtnxPKELyeQJzKIP+jPtfSVWtMSyJop
 M6yWwrg+74j9JKpxomQu3phifSQJO+2V1gQDNzJ/EGCFlLgh7aEo/eTPQBI8g7gV4P6G
 +5mQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter
 :delivered-to:dkim-filter;
 bh=U30Ej1Mm52k6nZq1S6BJ+pXdhraMCTapq8BUrRUStUY=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=k3pDGn9F8eaI3srC/dJ3tjYRMpWQnRjfuLvTm5bc9cl/DD9QMG7P8AzaRfsRIvJBwG
 pWu0kjw53VVLPIBK2nkt9+L3O4hWb+z/HdA5HXz+NK/+MI8O1U0I3qEuvmNnQWCiEdZg
 Lb3YprTLu+50OnBYAx/aGz2+UQVAwvR6hHXswl8Pi7Y0wZQGKK8VIygN/vz/yhe4kZEz
 biAJ4QqzxCbp4uA7R9wNBrdb2EudjwtCcEfF7uw0pHmvN+twqhctDXt/tfaKD1WIH/RJ
 5leDGIysNpqyKN5ExYCd2esHdp6u0nokGcv62r9PvLx0bYJutV5/ApEcFJ+uj9/qXqvt
 q4Zg==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=dtsi3OWz;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 ada2fe7eead31-4daf2586dc0si2976154137.466.2025.05.07.07.22.55
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=dtsi3OWz;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 6D2093857C4F
 for <patch@linaro.org>; Wed,  7 May 2025 14:22:55 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6D2093857C4F
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=dtsi3OWz
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com
 [IPv6:2607:f8b0:4864:20::1035])
 by sourceware.org (Postfix) with ESMTPS id 919593857BA7
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:15 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 919593857BA7
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 919593857BA7
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::1035
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627735; cv=none;
 b=rXOBPlqCC5TSbBGW3AgI8knCUrGyqO/eFmsQEyvpgrPwv3HPiNIkGu/Qr7Nm+fz3Q3MCs58yFDiara3DOWBUKZ9ngU8KsKszUngeDdgePX6vh/sClqxfD8On3uFLmxanpqVZ/Qk2OIO4f2IzwYsUnN9PMCC0E8B99oxWB3g9tao=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627735; c=relaxed/simple;
 bh=0WHm2sm6S0dV7DI48jwoFtWs4Pct+skLZdcOIf9iCHM=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=t8E8S59tl4RCzh0GqoA49KCV9pmC5hrSynjviD4AZ0ncph742ArIXBabwHZrojd9oHlZEmpJJ2Cmb3mmn/BMszAP33uKL68bS/+auPPfhCfNdE8SMjC3vjer8MSbK0jq2DsRiqLZsmMfHNUaC2nXYrU518ZGQJ3D/78pusR38iA=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 919593857BA7
Received: by mail-pj1-x1035.google.com with SMTP id
 98e67ed59e1d1-30ac5cc0df4so582813a91.2
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627730; x=1747232530; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=U30Ej1Mm52k6nZq1S6BJ+pXdhraMCTapq8BUrRUStUY=;
 b=dtsi3OWzBFhT7z+MHgPM4GaQT4mfPrHavGPikpUdig43dsFIJxuRAo+l0ymik7ALhd
 VZYImdCKRCM580oxjsNw07dLPBQcEG73cd00D12NdU7RydV9KLx/imixWB9u7pbyJkrC
 bhvR1UnqPVmZUz8bo7KTaUiCIwDOY5YEVeTe7HO0/+7PvCCqmRur7vTwoPiKFj+WYQww
 Lus2Y9p2evdiC1VMFtUjL8xV9/cFjDVWofW4BzJ/fFlsX3INd1WMDCALiBgUwI9cQ04C
 IK+3tafN2ZvJph0j3Ah0QeUY7P3Ykep3RMGLKtpOds/oCJ1Zo4crX4VO0ggQNvuj6g3n
 bgkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627730; x=1747232530;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=U30Ej1Mm52k6nZq1S6BJ+pXdhraMCTapq8BUrRUStUY=;
 b=tJ6LfpYBmyWpzFoApThmp3FLea2dhnrrYj68p/khV831GsqjOfJjoIEQsc9k5K1H1g
 0D6uIWf75SWJJQBZB5fiUG1jBrU/AuugEl/L4kQFB6pDUr/g0/C5WJusSiFuwHqsE8DN
 Z2eOH04DtjCSrNeNX8YuerGpB1Tnpk7gbqoulvqivGtKt2DCSuisZm90GBJWVg6dJhlx
 XmHHgJ/TAxD3T93AfGtSegFvJLShleE59Yt+GZ2u8ZvcW+F5L6rDx9LOKGSjuhnkjPur
 QwhyTHmoVpuTTC0XdLNfHbhVGQSdryIIsDUirlnMy1e3Obodsf/72qffeyanFdXNJYRI
 pAaA==
X-Gm-Message-State: AOJu0YzAMhtMpOqSYeTSMAuL8ki5v2P0wgZoKbXrrj1kkHpnjfAvKa4J
 a1Tgt1ST7ORe3mO7KXpDsYByhEyxZlo/LqsxZRiv/vO12T9dQQdhqbPuxQyo/T8rVQZy8+n+ZcC
 B+Mk=
X-Gm-Gg: ASbGnct+0AAZEzdPoeTK6ccZaeTle8K3lR6IFwYOGpicKrq/yrRsebYDd+iT56IgxE+
 mhfDP176o+vaq91lyuIAryI/b6mGJJFqWQzXYuJOvRxfweoMVkaXtKc7EDq1FIeAvYGdfeOQnJ0
 kcEzjcgXloaYgScRmA+IfxKVWG6wA3VW6gpePXgDTH2xQOLebXkdmvp6cVDtZmqos1whFTER+as
 7ExysuITuN/Nq0O8e138yN7b2+Xc0U2Y4uIXE0Z2FGBbdvdeAuno6EDtKarBy8gSb+x+NJWzZyj
 Lwm3lI27mYVzYjSrKKto++5OQEESR5uQ4MhHgc9B5TRqqWMFPfUegg==
X-Received: by 2002:a17:90b:3a87:b0:2ff:52e1:c49f with SMTP id
 98e67ed59e1d1-30aac28b70bmr4689311a91.26.1746627729811;
 Wed, 07 May 2025 07:22:09 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.08
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:09 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 05/11] locate: Fix UB on memcpy call
Date: Wed,  7 May 2025 11:17:23 -0300
Message-ID: <20250507142110.3452012-6-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

The ubsan triggers:

UBSAN: Undefined behaviour in programs/charmap.c:908:2 null pointer passed as argument 2, nonnull attribute declared at unknown:0:0

This is not an isseu since size is always '0' in this case.
---
 locale/programs/charmap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/locale/programs/charmap.c b/locale/programs/charmap.c
index 58433c8c5b..07d406e12f 100644
--- a/locale/programs/charmap.c
+++ b/locale/programs/charmap.c
@@ -904,9 +904,9 @@ number of bytes for byte sequence of beginning and end of range not the same: %d
 	(struct width_rule *) obstack_alloc (&result->mem_pool,
 					     (new_size
 					      * sizeof (struct width_rule)));
-
-      memcpy (new_rules, result->width_rules,
-	      result->nwidth_rules_max * sizeof (struct width_rule));
+      if (result->width_rules != NULL)
+	memcpy (new_rules, result->width_rules,
+		result->nwidth_rules_max * sizeof (struct width_rule));
 
       result->width_rules = new_rules;
       result->nwidth_rules_max = new_size;

From patchwork Wed May  7 14:17:24 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888071
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp409528wrq;
 Wed, 7 May 2025 07:28:50 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCWxltkqObLuomK51KTJYZULwQlTw54pLbsv4h/eitID6dDgnxib6/NLGxqU3xH21khIzP6N/g==@linaro.org
X-Google-Smtp-Source: AGHT+IF8vhAl28zB/jxWdKM2hmJtZJCNai8b7I37KBTKykvj1Ut4UD/4eyO3tuSAW1Sa6n9guyib
X-Received: by 2002:a05:620a:3199:b0:7c5:94a1:7975 with SMTP id
 af79cd13be357-7caf726a27cmr531595085a.0.1746628129405;
 Wed, 07 May 2025 07:28:49 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746628129; cv=pass;
 d=google.com; s=arc-20240605;
 b=MvBAEDk/7CzlXca+b4IxhYRtNkOxjGjjIySM9RL7g9Y8l8EazSQNdW07tEMwU6jvZ9
 DHVZJanYHXinmhhyWsjSVe1QvU8qaipU+KIvDrBCSM0qmY3330IZsBvSoBUJy2JStF/G
 QSye4UC99RUo//C3ndMx2rKKBOD1BlPXzJcdRVsX9fzkKEEueFgZT6tjZNOR/icmb/zH
 qOdaEhGWqxubbtMI96CVzGKozVauRRb0wQCZf5/JurzHEx182Zk9T0sPz8sj6Iy0tdzF
 YsAr/+ISmQVUpX8ftHIKY2GcqbyNkmVetMXaMGyuBBfiPYK65dwRf5FejgeFEu3hhOWs
 pqag==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:arc-filter:dmarc-filter:delivered-to
 :dkim-filter;
 bh=54kAqlS9QHN6DqjDGon9okTLJS/GDXzhTSi4H7yMdys=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=ibb20BB9eyUsPKVLzWDiku0HXjuY2gj1l73iyoN988zAF9pwynrnRNprpn1MaT3esa
 ADrie2H3iuu9OSSKqDGuVlyBbDMXAYXDVR2iQmwmFWAn5Ei1sOM/8kAYJEGsqI9EKdwa
 dX3lVwi4PtVNFMvRScqjByBDQWUifighpirZUnT5OVFn7zGcUSBysOvClhrzUtsFsiPf
 SX1W2g1BnK0euv3pT60Ve5oShL/yjGayIBpm7U2zrH3Hh9UGXOeH4/vJGsnb+3rWt0K6
 +MKPqepyDOoPVwJugOzSymQGr5aCMzSyaJdmZy66aDUuUL4SF9AUh/3MmUJzC8TZ6MQB
 y0uQ==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=AiELkZKA;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 af79cd13be357-7caf751f121si211340085a.48.2025.05.07.07.28.49
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:28:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=AiELkZKA;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 058713858D34
 for <patch@linaro.org>; Wed,  7 May 2025 14:28:49 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 058713858D34
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=AiELkZKA
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com
 [IPv6:2607:f8b0:4864:20::1035])
 by sourceware.org (Postfix) with ESMTPS id 8E1953857C7B
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:15 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8E1953857C7B
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8E1953857C7B
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::1035
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627735; cv=none;
 b=qwsPtBYAscOpxdIgAIU08fysRyoxiN2Q303yq9ZoFQcZlX3LIUiv91UAkA5SpLyfnnl+siIGlWm3QB2ipa+5TUQ/Z8DOhXBWsuVkaVOzWJXO9jH20fnXl/ufaKsXJhw56+vsHxUT05TpTLf1xlP3LDT4kqjVjaT61ScOF0Gl/OY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627735; c=relaxed/simple;
 bh=DnU9atuiNzlyYY70/1eBXom+NEVhJcfM/iG2sOrXFHQ=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=FJMGr6HrVy0PYw1hnUWhx3p/uzwN914T8zUwhb3mfZ9U+8v0Gt0cowDO+rbW1rSw7o/slePXAfvfS9PBsrqW1pce6cV1BWLW3N4DH3Tdx3Dc5Nl8xE/Ui8iVr9QKxzOUFD71Wv8/y1LFVeaqySZslvoa2IbpR1bURKcsjYsZyow=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pj1-x1035.google.com with SMTP id
 98e67ed59e1d1-30a452d3b38so6265040a91.3
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627731; x=1747232531; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=54kAqlS9QHN6DqjDGon9okTLJS/GDXzhTSi4H7yMdys=;
 b=AiELkZKACy7raRYTUFDSMvEW5wr0VcJdbAx6ND6N0HKfzI2ZSojsQlApBAYYvAg0F8
 O5B6ZYwLOqeNlctN3+66ggf+VfejYkHX6S3Js26tPyOYEr/0GDD6pxLIwl5ctJxrBZQk
 AyvS03mFxWudInPDGg5E9ICGk2pLSIaBpJ0JkKUT7+sE0QXrGbEKi+L7CUJJTSJKU/PZ
 K6vRohrWeW7ItRG6nv/gAHqtKSslqT4v5gGXkLqpo29WxC2KmVDQfv0m/uHBLnV57f/1
 zzUMxpyJmfM1jnJZx1EPouJ4JFYM4ENGRPwPsrm0Gmn2lrNSGjoav/yaBviDEOuk0yTt
 USzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627731; x=1747232531;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=54kAqlS9QHN6DqjDGon9okTLJS/GDXzhTSi4H7yMdys=;
 b=aITignKC/Ow03ofF5jDA84mjmIPiS6TEUqxGpIDYsRPIDQNmv9ALwEFLiOIeCZYEwr
 yh4N48SzOvWDIHYhszkfqyENGIZ0P5nzddF9C8DkUMuq9n7t7QdwABUcFHmMXpMEMi64
 IzK5weLn2kTA74OQcRk8g0KcrZYgiACoqD5pWYKD1IhzDeXrlrvimibNr4+8EhD+WBqJ
 YYjL7uk9VPNidWwx7LTL0zT/ca+3Ao2CDzBpuhPET/BqQY4NvMoRaIxoPoAQIqzKxwjp
 cpIUhpqYh0ZwLuETbtzOIHj0dsrlLeYqT6uqnP34atPsNIg592cFDstjBjNo8eq3WXoy
 bXwA==
X-Gm-Message-State: AOJu0YzIGNW+NrzmHeVbfZ/WACZzHHhn4CrNKrmrRMNvGTrk1VBiiZVG
 gQWMqaFkeOR3YyvesLCll379pek/23syRV6IsQVpFeoy4cNEVPA9Z8NGjkLB5keLT01TtwaoKb/
 wzOg=
X-Gm-Gg: ASbGnct3AfHAd0bSS2Ey9zQ3BubzLjhLFgEu/PSBwmg1O/6f4OVto6IpUM4pP6Tpxze
 4OyaTdUJYiXZn5QblLwVHeKekVKqd+8ZvVBndjugQJ8R+iniqm9pvxxd95JxpxYfSjUN6kAmizm
 q6VTwnF8UnDUmULko7cigzV2t6OA7maLFo9gE+TzUoGCu54w8tZi8Md27jctMSBOWJ+Uk0H3xYd
 e8bKiNfSwvEobvIhMt8i0+jcyyk6pVn4xR1wbxTC5PmF1P5h7XIVeOjDA3bN+X0P0L3+Zm5R0pX
 uiAmxPqc5Xh9rto8CURkS5s+qOvqZzc9oZTOQJCNEQCBncx/RZoOrmqBrMRnLFsH
X-Received: by 2002:a17:90b:3849:b0:2f9:c139:b61f with SMTP id
 98e67ed59e1d1-30aac193d45mr5746713a91.14.1746627731333;
 Wed, 07 May 2025 07:22:11 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.10
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:10 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 06/11] locale: Fix UB on insert_weights
Date: Wed,  7 May 2025 11:17:24 -0300
Message-ID: <20250507142110.3452012-7-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

The ubsan triggers:

UBSAN: Undefined behaviour in programs/ld-collate.c:862:5 null pointer passed as argument 2, nonnull attribute declared at unknown:0:0,

The memcpy is only requires if current 'weights' is nonnull, so
check it before calling it.
---
 locale/programs/ld-collate.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/locale/programs/ld-collate.c b/locale/programs/ld-collate.c
index 7de3ba064d..4fa08bd273 100644
--- a/locale/programs/ld-collate.c
+++ b/locale/programs/ld-collate.c
@@ -858,7 +858,8 @@ insert_weights (struct linereader *ldfile, struct element_t *elem,
 		  max += 10;
 		  newp = (struct element_t **)
 		    alloca (max * sizeof (struct element_t *));
-		  memcpy (newp, weights, cnt * sizeof (struct element_t *));
+		  if (weights != NULL)
+		    memcpy (newp, weights, cnt * sizeof (struct element_t *));
 		  weights = newp;
 		}
 	      weights[cnt++] = charelem;

From patchwork Wed May  7 14:17:25 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888070
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp409456wrq;
 Wed, 7 May 2025 07:28:38 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCU/Do4s3f0X9tK7ZYR2LLJ4ig/N7o8W1757hHVeDs1AhTKWcvOElMAfOQ780StNjLGbai9Q8w==@linaro.org
X-Google-Smtp-Source: AGHT+IHAnaqtMp3ox9QOZBXDe8sjr8ijpLu/iYBXe5RMew0y521e5+Qfk7YwDTTEQnANYAWK4FH8
X-Received: by 2002:ad4:5ae2:0:b0:6e6:4969:f005 with SMTP id
 6a1803df08f44-6f542a829e2mr47729096d6.30.1746628117822;
 Wed, 07 May 2025 07:28:37 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746628117; cv=pass;
 d=google.com; s=arc-20240605;
 b=DCWYXrbtMApeUTvy1o7zjVsWcJob3gLmeunESs5HwDSGpxp2Nnfq6+A1hYfwS330eN
 hPIoAwyS/vHuf5nmFuFBGY8zDagk6jRFNG2ymjiXE1+33MeRORHC+7n/7bR/i4jKOt8c
 Adod6L39m8jmB1fuPexBjPX5xkAYDEKWekoalP38FaPZ5Vnlb8oItTg529JMyQ/xW8w6
 zsuIqCu+3D7zpFzsxuaZMOTMJb65ZAZlPpkUoX+EmLnifbt562zrH5xE9YyLji83oWdu
 tW5DpOs2d2CC5a5YYRSiEA0cC7c5PyuoqA1JbkxwD5/GvCccU/2N1QnS+bnOlg+83Knn
 Pn+w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:dkim-filter:arc-filter:dmarc-filter
 :delivered-to:dkim-filter;
 bh=RfYOXC+J2xBWVeEGcvuEAVrgqJT+uMIOS8B0wp2g6ik=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=KxLWm1PRKnOQkpnN5kGw01n4f/yLENjL2O69ef1EX75B02zDdf3hgJ81pHB9S+rHpS
 c7qDidarfPwOHic2eFsU3ffopG0C+3wtHJN91YhboR500T9HiNJmgxtHq3Xq9sUvRutK
 CIPSh1leAioZbC8T31Cq/yOpGC0wuOzPyUzJZKD0+pFVUvZbIalDN8hhbx/78lQtG13+
 xLxZxfS4qXZB9GE9WD2b/wMaIAFIe1y7JVkephs9pQ2sznCnUx277dB6zoS8E4KmxbDg
 HijT2jr31ptbRnTEFyKWrWFkdLuGx/S/erjRNLEQFts0D+gkIuktap8GX/zfm+J/9Cnd
 s52g==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=T9Rmdxl5;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 6a1803df08f44-6f542627cb2si19737586d6.36.2025.05.07.07.28.37
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:28:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=T9Rmdxl5;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 669D13858429
 for <patch@linaro.org>; Wed,  7 May 2025 14:28:37 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 669D13858429
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=T9Rmdxl5
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com
 [IPv6:2607:f8b0:4864:20::632])
 by sourceware.org (Postfix) with ESMTPS id 922303858D37
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:16 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 922303858D37
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 922303858D37
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::632
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627736; cv=none;
 b=EbUYWgxccXEba7ZNqfoGKoDP3BT85Vz458AcE19DwiqP80n7uSPweyAO5cKww+3kgbCDhjHm5IMLZ8zIuJI7qrgf+QSn9zcBqzWt9BVGx2aDwelnDnpfR4rXEYHlKsASP1DI+FxOAaCAm71bAyrN6mxEPjGQrcyAIWszxl5OCc4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627736; c=relaxed/simple;
 bh=fEG3cc5bmcTQ0AD8r/nXXNK31IxhP9Et1jIeAxpujfg=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=NnXxyyMhcMZICUZfzsW6AFQuWcmcKxmNfXXUN+sxCvxaGzUhunjCwA7ewDFXTVD3dA9z16s4aHoQSBIrUQgO9PV/TWC84jCsuzA/vBdEreFfL4RzRP+J3qWqBuvFkWJMOUeplftX19JKtYpp/DVRQVnu9s4zZEmEvdjE55Cf5mE=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 922303858D37
Received: by mail-pl1-x632.google.com with SMTP id
 d9443c01a7336-22e4d235811so24614295ad.2
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627733; x=1747232533; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=RfYOXC+J2xBWVeEGcvuEAVrgqJT+uMIOS8B0wp2g6ik=;
 b=T9Rmdxl58TTfh0QwEW18Rtzwmn9odRScbXjIqakfLeh7ogk0+X7mjOWDNvcFTQ//Aq
 LUgJcytndp5h1IWO0CwbxygDZQe/qg43s455wLear2RwNkoUtATQEM6+H0L/1Kjj03TH
 yClMudH5LtPLaA36a5c1cHInJ2PyP97iOMhnAC8upzpYdGG8Zb9Payo1SFCQsCWUlSSE
 BXR9BBIy8mpfUrkIvvI1VOt321z2oI0lqPTcq+Lg2/pXqt8YkMLM2ZqpTi538IAppShb
 611TQRqWaCNtGMFY7XiFiJlnNt+7TaPgUOD21Rtj+b67k3Fjz9BZYQBxKcZY2ppW4fmF
 Iciw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627733; x=1747232533;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=RfYOXC+J2xBWVeEGcvuEAVrgqJT+uMIOS8B0wp2g6ik=;
 b=AMCy+O81r0LSxNkejP7tnmAyap/LHxvKZuw6Ufo5imou9pto4ReOgigfcGIG3ygRS1
 +bMWqkcpeVJNGsRlDgYfPY/gCyOQssDV7VIvdLs+FH3HI3YcBswhIRjACfgNc8n1kerr
 Z/zn5jvWi9q8hEja4SLmGuacholF4IojPBaV46jEica+zCRwUE1aGCEjYNZAfN1IXEc6
 N/rFSm7vqh1n6HeG7GuzAAUyvS//KORfHFYeKiLHwfkxzBA9icCJMQqJGx6YnV0zC9iF
 xM6Olg4OYfqajm2DqqFc5aRDqKN9IXYrp/PfmYuRMSgb96k/O61vHJZw6Y0u3KKGN0Nh
 6uBQ==
X-Gm-Message-State: AOJu0YzXmEfojdAktE+5lyTFxpLaoI7RrkCgPx52hjIDIWA9CEzAd6wm
 YrUd5aG2wqbIP6bfuXO8/g10MQ6OhT7/hQ9cmEoL1YcVa4NZ0N5oD6mt1cnWP2y7R1MfRjt23Bu
 Uu60=
X-Gm-Gg: ASbGncsGP9YDMpGgpyVIu3okMc5WxdogejagErbDSCkn5hIWC7IcQ1LLT66qRPH6Fjm
 8ZEImgFSGnKTHYbJlagrzeD54w7+nkf1kkxwULb/ek4OAXLb47b529Fb8UdpsCfKXNvADDYAU9S
 Am4W/Nx0g1Atg7z8LoA3Yyei/X4U8TfPG5rcsC2Mf+dKDTBVAIjk+AiM7i14O/Ur3458ry1qIc/
 XcdHGGh9GZrlOLp+i8Kj/lZRBsyK61bbrpmx1/3+NZXFWe4R+5o2KS56J9cBPynO14OAaVXCvUc
 xMZVCI/Ms4/UNSlZmXo0BfoVg8Guop1f1UgblfDCQn1TgUrvpDoxhw==
X-Received: by 2002:a17:903:3d0b:b0:223:52fc:a15a with SMTP id
 d9443c01a7336-22e5ece2308mr50060555ad.33.1746627732852;
 Wed, 07 May 2025 07:22:12 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.11
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:12 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 07/11] localte: Fix UB on collate_finish
Date: Wed,  7 May 2025 11:17:25 -0300
Message-ID: <20250507142110.3452012-8-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

The ubsan triggers:

UBSAN: Undefined behaviour in programs/ld-collate.c:1557:7 variable length array bound evaluates to non-positive value 0

The VLA is allocated with nrules being 0.  To simplify the fix,
just allocate one for this case.
---
 locale/programs/ld-collate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/locale/programs/ld-collate.c b/locale/programs/ld-collate.c
index 4fa08bd273..5ed03f4cbf 100644
--- a/locale/programs/ld-collate.c
+++ b/locale/programs/ld-collate.c
@@ -1554,7 +1554,7 @@ collate_finish (struct localedef_t *locale, const struct charmap_t *charmap)
      The multibyte case is easy.  We simply sort into an array with
      256 elements.  */
   struct locale_collate_t *collate = locale->categories[LC_COLLATE].collate;
-  int mbact[nrules];
+  int mbact[nrules == 0 ? 1 : nrules];
   int wcact;
   int mbseqact;
   int wcseqact;

From patchwork Wed May  7 14:17:26 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888068
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp408057wrq;
 Wed, 7 May 2025 07:25:27 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCUjd3v+1C+y2b0FH6e37XwcfWc+JMWbLzgj0OSh/ENculWi27xjZftNzL2Yo6F45o82XRVdRw==@linaro.org
X-Google-Smtp-Source: AGHT+IESuxOweDVAKrklfjtHXkL++lDjF+4Kcvi4o17L8oZmyCZtIJoJEVRTdlN195NSx7oNqjq7
X-Received: by 2002:a05:6214:260e:b0:6f4:7779:62 with SMTP id
 6a1803df08f44-6f542ad4333mr43982276d6.40.1746627927361;
 Wed, 07 May 2025 07:25:27 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746627927; cv=pass;
 d=google.com; s=arc-20240605;
 b=QBHfjEckswpcGY9kUHPbFz8ULs+yH7MCFxRbcE63SmbWQ26UAzazJ/XGxQnlH1QRvg
 628j/ft/Eprx72EXJpS7Ox0EYy3oJ25DvJIm9AhcZuNm2ckZygfOe6zE1KMgRRBajm/P
 hXN1sRXXk4fUVq/uMWhY2t/nSZpX2FNx/ZbJWIC09KmHH0Kjz6lfuA7vQSrg7FNkcM9N
 kHJ/OSyDeCxGzMopzogGNwsp9OxlwNmdhhYK0cni5ZujQFltzwHTWsVcsncCybbrP7FP
 dSy8nPPaMGNkI1i8g9LZIpCHcI7Nr4PzYupz2vBFO9Stqe10n3lhomHQgilo3VfxMshM
 UI5w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:arc-filter:dmarc-filter:delivered-to
 :dkim-filter;
 bh=BDbfNxk/ZGdPaKk4V5zdS0YfltN8tY59kl6WyI2yGPM=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=LwQ1V4x0f38d8DdErsUg4obcSlnknw1NuCgZo1axb/d+UoaWlDuv3lDAz3mVLV2SmX
 GneYUR3Xbux0asTtOo1JYMMoRABr79rUlI1jKFO2aAtCkodUG0kmNzAR1dEpuuOoHlo8
 0NDx+RL14kJRI8Rk4DTRB+9TWPxX/sGCw4mbtbOhEMmKDCox+RCzVyXV6rE+avJkxpR4
 8oJ57e21NqxG+3RqGYQochvLj6xXJ+zVD5DAujncK/LqYv31hk+gtIAOWGo9xKJsVI2V
 wK6vrrdRWC6OEz4Uq8lJC07zPk9QQvSWfZ/xVKmn8dotaUnH9QOn/meVJ87fyBd1D95S
 afug==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=FCYNzWsQ;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id
 6a1803df08f44-6f542627314si21555626d6.21.2025.05.07.07.25.27
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:25:27 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=FCYNzWsQ;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id D58D03857BA7
 for <patch@linaro.org>; Wed,  7 May 2025 14:25:26 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D58D03857BA7
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=FCYNzWsQ
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com
 [IPv6:2607:f8b0:4864:20::1032])
 by sourceware.org (Postfix) with ESMTPS id 951743858CD1
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:16 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 951743858CD1
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 951743858CD1
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::1032
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627736; cv=none;
 b=s0ddWTNcL9F4ftekR0r/Tp4JhwmA80twKnrWUUVrCwHRl0mfdzGb2DWRz7qP80u50djuuPLSBH3KA0C7k8QSu0YvAlnfimLrwse9LY7ueVnXWGW6MgoHNQiepN+vmg7r4QfK6G8GOAy6uoJciEeRP1EXjy1bPp1XsNbJr1/372A=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627736; c=relaxed/simple;
 bh=nHIsn1jHMzm4b5vW/k4w9RE2XpB63h/19PAlcmK0Bas=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=CptbOC7Fly+3Z/c2t3n+k5L5lJUu5xWVLxVzAO/XXRdrUXiOHe/+8YvgvIw6oYz7RZRrWDnKl9fYsJ3QUkKXfwV9xt6u8BWhvryO6MJHXw6WfHnu/l26MU/jG8G47ie4sTJfKgqFjVgiOkZNussqrlKxi8o8K4uRoPgj0Z36FtY=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pj1-x1032.google.com with SMTP id
 98e67ed59e1d1-30ac24ede15so655120a91.2
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627734; x=1747232534; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=BDbfNxk/ZGdPaKk4V5zdS0YfltN8tY59kl6WyI2yGPM=;
 b=FCYNzWsQ4UCETe0aCWYjlgklwicpgWbvjhcIjx+hqoRR2qoW+/5KEE7rU97vnwHeFE
 oNDXXlX2UheZm65iolYjTOkED/k+fWcBm6h/uLVBD2bantU9irRMtV5N11OEgeYHLypo
 JewbZq6iuJ1Hy3y0rjj+17B3vtwqwCfd9eaf79Z+cktrgWvnIjaHnEeJqzeBJ+qrYTYa
 ov10Yz2E8vpPJXv1RnbBqer9XTVhBdaHMhEYuXhxgbzvtRBstkwffn/HIY6SRV0WoX9r
 ePAhbIDVfIo1GFYSLfwpHf68fuUHSAFyXrCs4z1axyjpdt/v//9yldaEB9z8Gll4PXqL
 jC3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627734; x=1747232534;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=BDbfNxk/ZGdPaKk4V5zdS0YfltN8tY59kl6WyI2yGPM=;
 b=V4cKM3NySrgZY39xQJ9WVQrpW5FtiFwOdh9NlltLgER68xfl5B6qh1Tq9PeRpmcn8R
 +x20618b4QPeQ/1cV/KIIR/0GVhE/9pzDVMxIfuiwl2kabor3t1N6+iRAOSouOVxqe3o
 0suMQST9A37EUBu/sQ+pt2vfHyPsQfh9T2eam9OAT2Pzie1jEAddbl7zZDoxMGPEZyn9
 BnQMISq8WE3M/1wtEB10r3nJ7LoxFMOmuz1j8Jc/19RuyDalltevyBXav+G/ZIVbp9oK
 1D3dVRzbXz9Wz2I7Rf7fjBeGqLP8d85gCyQDMqLYbX6LSLBmKOifpy+MqRcgdS38M5JZ
 jjFA==
X-Gm-Message-State: AOJu0YxkwbogFJySmBajNenAIl+hq5zTdpzbaXsiBZYl4RwcGwmyLIWx
 C2+lJB0wm+77wYGWiRTvopolRFrvlEMWX3sl6bKZ7hpPUuoYfaIuZysuHQk8dgNlh4JVLabefji
 gB9g=
X-Gm-Gg: ASbGncsT9UUWs+jge2x3aE3+4Fifrmac6KDP9/mDrktXe+xVpLEuJ1FOmx5i0Op3yQl
 M0Nlxn7BDv3IR8Om5YZUpYkK8kWqRmkTC1g1IocX1KZNPD4RYaIOIuB8XQl3c1FdNyX7cmkQQsc
 0SefmSJ1YvHQMv4yO6cqQ9SYRDlIAosQqWaEHg8m/cSJOJfJFEE7SbGrpR8N712+i4STV/9ws7+
 MyUUrmvf0wuA+YHRJ/UY/9vIxpboEsYjr8lqS5SAaVghbnuRz0f7ba46pnxxYb2d89Nurn0B5qF
 qkubvRaxRdJn4+Btizmiu4CWZFCtCWwV3X/+G8g7Ee4jlcmIhIc/6Q==
X-Received: by 2002:a17:90b:1d82:b0:2ee:5958:828 with SMTP id
 98e67ed59e1d1-30aac19d5demr5341400a91.9.1746627734356;
 Wed, 07 May 2025 07:22:14 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.13
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:13 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 08/11] locale: Fix UB in elem_hash
Date: Wed,  7 May 2025 11:17:26 -0300
Message-ID: <20250507142110.3452012-9-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

The ubsan triggers:

UBSAN: Undefined behaviour in ./elem-hash.h:27:14 left shift of 360447856 by 3 cannot be represented in type 'int'

Using unsigned shift here zero fill like signed.
---
 locale/elem-hash.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/locale/elem-hash.h b/locale/elem-hash.h
index 5d34ec43f3..8052b0fe6d 100644
--- a/locale/elem-hash.h
+++ b/locale/elem-hash.h
@@ -24,7 +24,7 @@ elem_hash (const char *str, int32_t n)
 
   while (n-- > 0)
     {
-      result <<= 3;
+      result = (uint32_t)result << 3;
       result += *str++;
     }
 

From patchwork Wed May  7 14:17:27 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888073
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp411780wrq;
 Wed, 7 May 2025 07:33:10 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCXnKZTtp/7pbitRXGxN+U+9oK4XzmTyyNjbiiWl91PNlzoHRQUrHBh87B0wppB7ilM8wvfW6A==@linaro.org
X-Google-Smtp-Source: AGHT+IEk7ahGAHA9AM7KKdSkd22ZnzLw6crMaakOwoURfyGEJ1m2U6shNXLXZthWjbv3i2SMJV+r
X-Received: by 2002:a05:6214:c46:b0:6f5:1034:7be7 with SMTP id
 6a1803df08f44-6f542ae09e2mr61044736d6.37.1746628389897;
 Wed, 07 May 2025 07:33:09 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746628389; cv=pass;
 d=google.com; s=arc-20240605;
 b=BQDtPc/oGwewsvUio5Q/B+e2mOannjy1iwJfUVo7QQedvUZf5WFIir1MxiR7n3hmgl
 bFIPd5CRggCjW2RGDLyoivP0I6N+XsHrNJRjyC3a1Ikr6OWzdyR682XiBB4URrqF5x0V
 blmcwUyHBsI3eP/xFUzdudrgCCxyEOjC7Th/kf7Ejc1nVmzFWS8MY1TvlaOsguQGUUFM
 HjCQ5wJQPFfaLRV+z1oXYfgwuXEYytsPmJi0mb/8lUsa8wqj2K1ooelXGDCHxQ8pAag2
 skGFyeli02syDIPFQDS9LhqYQ/M5Ldx2fKYHKgVwEi5ykdO7CNdpuzqv/mjLlPEOPR2Z
 in1w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:arc-filter:dmarc-filter:delivered-to
 :dkim-filter;
 bh=6Uhbj8BOnt4Q1DD/tpRisEis/EOhqhxNkifexbpBBJI=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=d5yCbYM4DP3DbSjR5jmKdCyF+xTxQBXeunwWOqw9EcbFI4KN2Y+UIu9qWrOXYoy3nm
 qyNtewT7gNFysHVwtKtL9WdMwDIsi14iPWkN0Z5A/jT0YNfGu0akSjZDwCWd6CehYeB0
 o6WaCptLAXyw8qzDwVI+7ofcz74bMCOF5Gfk9ZdeW9SjsWApCtLN96ofXYXrG03M0n/Z
 knKKDV0VeFLeaHm/9ywhS9MFdb2lfUlYZs2swQn+Yd0pHu6W9jmJ/ssHGutltraUThbZ
 AzHnzSU3BrK+GNsxhZWH+z/jwpP1Tx41h9fYT57wzPO/pFgnUxEp1UFdCmJNq6H7Ezk8
 Ew+A==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b="g3/IuLGe";
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 6a1803df08f44-6f5427e1f0fsi20595156d6.379.2025.05.07.07.33.09
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:33:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b="g3/IuLGe";
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 65EF73857B96
 for <patch@linaro.org>; Wed,  7 May 2025 14:33:09 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 65EF73857B96
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=g3/IuLGe
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com
 [IPv6:2607:f8b0:4864:20::62a])
 by sourceware.org (Postfix) with ESMTPS id 91B243858C62
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:17 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 91B243858C62
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 91B243858C62
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::62a
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627737; cv=none;
 b=rumqgVxQlPbXDM3Y3QO3O1hF3IWnT+z0PS+V8qxEzmyDIyjqSXYctek1yFRYUnKtgkBQef5j74OaFixT0WngKjTkDMh7EW1BuAnjY9p+TRagdqLz04uc2YBbMNdMDsG3KR75EKBFVobu2Z+j34Cz+yVOan8fG1kej+dBFq95oGI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627737; c=relaxed/simple;
 bh=HB0FYJusXnQU81GctvxV5BJVNfO1Mu4mZ+FNMhw8F28=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=dFjvOYPdyOuJC4xNNohY8D+1bekKa0HTTh5hEcRE5W0b1q8pEo3w3nfRpfWgb4+K7LxkF+kgJNc5qB9BLMFya7ESKmYfQXeMCtK9jobO9+wSsoVwEzFYkszFkeM/GDiJ9OHUkeJwPUIif6ywNvPfEunZJ7lcyUS7Av/pqgWOH2Y=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pl1-x62a.google.com with SMTP id
 d9443c01a7336-225477548e1so73679365ad.0
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627736; x=1747232536; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=6Uhbj8BOnt4Q1DD/tpRisEis/EOhqhxNkifexbpBBJI=;
 b=g3/IuLGecEhiAU7yWqifz5GjUZkUgpqhZmYupeC9xdyD0/StwkrGRoI+sL9IuujqYs
 1iALq3NnklLF76uYK7ioi4MeqPyG0Fa/rOOUuY5Kln6LaYcpVHkbqEJ7dyCjDN5AvnhU
 YJqZoTI6JUPEKMiEo7eNwX29plMgzQDUcXPNZEJyCEZw62qK4MoANzKLa4IQ45Mmps2s
 FbDtz2mrYwOraE9IF8c/ZwT+TZlFgsGcoaVKcZpP8ZjmYz0P7c3JJgWKu+GAknYHYXHJ
 taIqGhFwtvnMagKXsdSwl3Dvyqo54AZIch1hPgWVgCxf56aLxDLmI/Z+kbHfWz79ZB0W
 Q7YA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627736; x=1747232536;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=6Uhbj8BOnt4Q1DD/tpRisEis/EOhqhxNkifexbpBBJI=;
 b=n8ZaE2a8LZu4WaCwfN6/JNCfPRJ7yCr404KNhQp5DZTjQLs+j9yjm74sZ9CQcJH3hB
 VBTD8l3AQMAxCzIMsgCIUpYdrJLOcUJi7Be4+FAw+xgtQllFzifmJcT/sXtsGISPfcVx
 gLWnyrKpvJaGYT2i+WzTSrn/MHEcen8f3Z3H/Jq14yYJaQ1omV4YwymkHamC22wJATkS
 RyMQr4LVqEt8gs5p9U7DcNLFd4GMr+peZ9xQ6pDuFMCsS4h1qCeqfFUEfZBgxHMwlKQH
 SsmwOrZuL43RmXOD6su0Z9PUPv9+vAF4oips4U7Iha26WaAO13ZSu3h6LM8ElDEa4E/7
 kOdw==
X-Gm-Message-State: AOJu0Ywv71RyaVQooZYbK8fYDvpbdDfaARta8npqJ6kqtmImX+ozhyyv
 oklZvlJZf6TjZ5t4OGdLajb5uh00+SQoxX08L3eWXDkZL+mfhDncAr8osPC+7KO4y+OTOLDKi8Q
 nJZI=
X-Gm-Gg: ASbGncv4TPXNhVC2w3W9NhmbmSpxSFJBfrrusf/tis91kcp4UdTTZuWrA1wQxL2Fa8f
 psMjCUtjarpu5JfJ9D9iIvR/mMs0k6uY/PTo+/XRJqxIzfrqVEPmEW7miKrdDWRQKJZZQjeIGVV
 L7IEgF0pU/BJhay52BfII7F2PkTHvwrOOKUEhwbAlsrYnW4htLoYv8yGZq41gIzRG8Xly0OgUbj
 5UJ/hKmKkx4Y56nCABlkJQ5//vpbfTZ85bEbgGDxZEOif8okkMNsZywaU8wIdkt6bfPRE52k11e
 P/zgfMXvdBwbABMiX9IYWVRbe2W1tXlshfBd5Ax4c4zrlt0AQA3/LgphKHx+4GgU
X-Received: by 2002:a17:902:e747:b0:22d:e5ab:5525 with SMTP id
 d9443c01a7336-22e5ecd2fbdmr52814025ad.38.1746627735896;
 Wed, 07 May 2025 07:22:15 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.14
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:15 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 09/11] locale: Fix UB on add_locale_uint32_array
Date: Wed,  7 May 2025 11:17:27 -0300
Message-ID: <20250507142110.3452012-10-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

The ubsan triggers:

UBSAN: Undefined behaviour in programs/locfile.c:644:3 null pointer passed as argument 2, nonnull attribute declared at unknown:0:0

The obstack_grow is only required if there is extra elements to be
inserted (n_elems > 0).
---
 locale/programs/locfile.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/locale/programs/locfile.c b/locale/programs/locfile.c
index b54fcbbceb..7907c949ea 100644
--- a/locale/programs/locfile.c
+++ b/locale/programs/locfile.c
@@ -641,6 +641,8 @@ add_locale_uint32_array (struct locale_file *file,
 {
   align_locale_data (file, LOCFILE_ALIGN);
   record_offset (file);
+  if (n_elems == 0)
+    return;
   obstack_grow (&file->data, data, n_elems * sizeof (uint32_t));
   maybe_swap_uint32_obstack (&file->data, n_elems);
 }

From patchwork Wed May  7 14:17:28 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888066
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp407071wrq;
 Wed, 7 May 2025 07:23:13 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCVompe0A1X+MyBPVRzwsKs2JQilsLPoVBk1hKlrcIHVb/gP23SKamB5pDsEyAw3qZ9GL+Haag==@linaro.org
X-Google-Smtp-Source: AGHT+IEJfZZ1z6oRdZJYAUFvJR4oDwfUCG4l8IUsMtqATJzJ1Q0IOach7VpOYGnGU3KMsrYzNzKO
X-Received: by 2002:a05:620a:4608:b0:7c7:b60f:ebd8 with SMTP id
 af79cd13be357-7caf7388e7cmr471097285a.24.1746627793150;
 Wed, 07 May 2025 07:23:13 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746627793; cv=pass;
 d=google.com; s=arc-20240605;
 b=jvVyDFS0oOXsCZV/CzMxfO9MYnxlxo9yqcqqS7AaPEw3+w6XylKJxwjJ7bdVwee4vx
 KIgxkR6A5cPwvVQkQwujU7yqX5r6Wmjl+AQqQEyHw6R18ee8EkkH4X7aUAzY0GmP4P+t
 OVlk023YEhpQxaEFU74VHzS8yMkQxJMSkr7fQQtAwK9N2CXlIzAUaPXxcZTZYPibcis4
 q5v1UuxImGhxme0onocdtBjNoxJOne3otElNZegDBOwMfz7W0Hg1ymTKxLHD8yOCFZ/o
 w9WWLOCWVvt2iDAnv6TpQL6jTQN1uNIJNcPdPnFL8ijczoD0qaDAKE2EyEVVcTnuxGyV
 dfJw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:arc-filter:dmarc-filter:delivered-to;
 bh=eXsmJqB3dgs2JFUs9C3hMHnIoPcQPaxvyawgf67FwtI=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=fHcjZOMAxqz9aoDov2/k/HxvUbffHeOvE3a3cKned5Sb6GP4E2nvPXI8KGcHTxcMd+
 WYbCsoxxojub6q7fpDdt35A00dhrPeRX+ble59HibbFnLwfJL4u3lhOMyHeHX8tw+AtK
 nFHXxS23asHJn7338doJsr/hSdDlCF7qZGd1jBdsDih95+lME8tlIdKmLVn/VZjjEelG
 KsmDDILejkS7/dEj3MOrDNJU23P0N1tL4feWHMDKkEYvpcOd7MemPLPMnHwAPcugHppG
 J94SOfeuiGsnCM+hu2/e5qxHVPp0TG4y3anhs3usPdkgh0dDRH9PQRY+P+s3iPP9elt5
 dCZg==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=kS5N0QOO;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id
 af79cd13be357-7caf75c96a5si210734885a.530.2025.05.07.07.23.12
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:23:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=kS5N0QOO;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id D253B3857732
 for <patch@linaro.org>; Wed,  7 May 2025 14:23:12 +0000 (GMT)
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com
 [IPv6:2607:f8b0:4864:20::52b])
 by sourceware.org (Postfix) with ESMTPS id 8FF533858D34
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:19 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8FF533858D34
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8FF533858D34
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::52b
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627739; cv=none;
 b=RAvnbjLWqLhIDxQ3CU7dfmqT1F7sN4W43+tZpFRx4k0R9jqaMw1Zw8KddkU86joe4IZQB2aguga3AXzI2fW2tFbBVTge9VxjSRtIeRe+JOEP++KFj7b8p8SUO9kbwYa+ntcSYm5ZVPfrG3mFUBSARHiKzwg45N5ewGB+xJfoGPI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627739; c=relaxed/simple;
 bh=y2y/fQ8F/lW4CCZxvX56Ei/ojX4qTy3VjBu84XEHMmk=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=f6H5VjsWjVrLwYxszuvYXnqoi2wnmk8yR1EUaW4u+l5p5mvt032+kJRIoFkCU4sVdXkTTYoiwIvOrvdtqL5YCW9VYXVHJZ/uf+q1J7FyDnhLpH3awbsC8+bFBA+4GIBFDPRP7oiWXGoMtAv1RIq2zAjibSh9rZCMp6SVkDD7RP4=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pg1-x52b.google.com with SMTP id
 41be03b00d2f7-af6a315b491so6291328a12.1
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627737; x=1747232537; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=eXsmJqB3dgs2JFUs9C3hMHnIoPcQPaxvyawgf67FwtI=;
 b=kS5N0QOOemHlsWJRs/aeUhTW8bp102t1xF9xZdYccqloCkUUkTWdsc7cgp376eJ0YG
 3vq0Aukhk/rNrw3A7/rdgs/ENLd9k0HwimDF3Dtal5uLFe2iXG1xsHClVepQTBCm3Wuu
 0vsMio8nqNGHJ1lRSblFZ6bnhiztp4WXk6oXEIeI6GJcc2JSnm3c4tW0N0XOQJ3O6iKx
 rrdch2nVGufv1FfZiCAzDezVyQBORuPCrLVGd5fXnSE49oV2tNhvCRfAWoWYtRcu8aYT
 a3UwtUEbXH7p/UjSoD1kDJKaY5TrShRBgCCo0qOmBo8/auxxbZDt4U/NiHCfpjQakATr
 JOQQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627737; x=1747232537;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=eXsmJqB3dgs2JFUs9C3hMHnIoPcQPaxvyawgf67FwtI=;
 b=swTRn6uVR3pxOIESXtjG7T1PHC/9IZ6FLYoWVEVaSxkS4hjgdWgtU8jcsMeCnqPslV
 Iy0ub3RYv7A+1lwgZEwwEiqNbXFGX/7w48E+jOhLYu+zIRuwx9uUfGRVTEaUQPzB3zCg
 +5rfzD9hRMPO4i+YqEcDFyTZOSfyM0bi3egkFzfFMeaihswRdfO2IlprKtlq9KfFDtNO
 OkvAN5OhV8uvNJE8z4grsB0GwEM4DcalPMIvsCbbiPFbpQ64rxOsLRzIHBxZVRiaHJCV
 8P97FrsnRvk9ukfnikBFvy+K5xyhyCH6DYKuBrPSqqAi6wNfyHKE2a+cD231kT/cp4CR
 zZCg==
X-Gm-Message-State: AOJu0Yxe7TFlaRSilbVfpWiLCHa28eTW+IimfcSgVmEoj6qcwS8E9hum
 GggWdPcBzAkI8NzIYdR4ibeh1dIba9L1M//lkEXkeaM0z2XIR0dww7uIJ35DJp5BJ72zkkG6pA4
 W1rw=
X-Gm-Gg: ASbGncscAaCcCkeGkVFnK1Kxo7WL1+Celml1oHGjqBU+zzA6sbh2ziImkpwsEWhx6Vj
 fjIdv6IYrh88DtUxAo5tAqwBTZmVd+ogdSA+couK5YysoTnmR6QWtbIKoByI4vc8msa/xBP+cpi
 cagoE/bAhRj+SlvbLTRizL4EtR/7TgFet+WMzCXQ4uO7lof3wBmVYE6LTSmc84W1M31aB+F2Qvk
 ki+s7a4bngPDRqZzJuCUxdTGGwKloqZdDLhtYt3QIzZU7GAQQM6fd2+sRlZRV1bwKkH06CjW3zc
 R5rn/BHUZimL0LeY2+s41W66aCiCl0SLYC1WXOzshAAdVp5cgvnakw==
X-Received: by 2002:a17:90b:554f:b0:2ff:4f04:4261 with SMTP id
 98e67ed59e1d1-30aac2d25aemr4215693a91.34.1746627737480;
 Wed, 07 May 2025 07:22:17 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.16
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:17 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 10/11] argp: Fix shift bug
Date: Wed,  7 May 2025 11:17:28 -0300
Message-ID: <20250507142110.3452012-11-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

>From gnulib commits 06094e390b0 and 88033d3779362a.
---
 argp/argp-parse.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/argp/argp-parse.c b/argp/argp-parse.c
index 82c7b784de..99f8d9ecd4 100644
--- a/argp/argp-parse.c
+++ b/argp/argp-parse.c
@@ -735,12 +735,15 @@ parser_parse_opt (struct parser *parser, int opt, char *val)
 	    }
     }
   else
-    /* A long option.  We use shifts instead of masking for extracting
-       the user value in order to preserve the sign.  */
-    err =
-      group_parse (&parser->groups[group_key - 1], &parser->state,
-		   (opt << GROUP_BITS) >> GROUP_BITS,
-		   parser->opt_data.optarg);
+    /* A long option.  Preserve the sign in the user key, without
+       invoking undefined behavior.  Assume two's complement.  */
+    {
+      int user_key =
+        ((opt & (1 << (USER_BITS - 1))) ? ~USER_MASK : 0) | (opt & USER_MASK);
+      err =
+        group_parse (&parser->groups[group_key - 1], &parser->state,
+                     user_key, parser->opt_data.optarg);
+    }
 
   if (err == EBADKEY)
     /* At least currently, an option not recognized is an error in the

From patchwork Wed May  7 14:17:29 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Patchwork-Id: 888074
Delivered-To: patch@linaro.org
Received: by 2002:a5d:4683:0:b0:38f:210b:807b with SMTP id u3csp412902wrq;
 Wed, 7 May 2025 07:35:23 -0700 (PDT)
X-Forwarded-Encrypted: i=3;
 AJvYcCWYO4VNhvnEPZ1VrGY+aOp+OCw/5N097lBzOl0HOoLyuHeR2I1aiCGDfZOG3I10SGHpBt/pvQ==@linaro.org
X-Google-Smtp-Source: AGHT+IFhyd/ViNG75+ue1wUkxje66kdDKczHI00MpRp9mzGPnxtKzQ4bomiU7R4t3HcCT5l13x3z
X-Received: by 2002:a05:620a:4045:b0:7c7:82b1:ed1e with SMTP id
 af79cd13be357-7caf73b7a3fmr494886285a.34.1746628522704;
 Wed, 07 May 2025 07:35:22 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1746628522; cv=pass;
 d=google.com; s=arc-20240605;
 b=JzEqFXIftKcMb671AELMDbrpPiPMIFB9Ss9Hso4qk4OOt5i7SrwnYd7/OGxAnMQFfp
 0/HjbWntyHKQ2UvroMRH09nKbQ1QVSj4ntzvikGSTY5/+MeShGN4/7E8learrX8Ez6K0
 11a6HVNb/JImZDic/dTH/XBtYMna/KobVrqJ5QcRUGvKYy6UBHPcRS1RCq2eKIGAuH1W
 qguMgofnm7DzFiPgqL1rMIhwkRPwpGjTwx3cthaYGlUUW2Hsb9vzggJSvsjdw0oChbiq
 X4oqqvSQrnqo1OHhPO+g2hcsDwZBf7J4u7Bw3RbXHADXbT51lQSjySOQOC204D5tgNtE
 7jhQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature:arc-filter:dmarc-filter:delivered-to
 :dkim-filter;
 bh=yw9el3d3Po7BDj3fVpAs1Z4n1FMj/b8x2mBhnPQnEbQ=;
 fh=v2Nv3k9i7Amxu65q1mEuFELTOLzYYycJBMRhbhFxZhE=;
 b=kNteGVTip8HITDHabAiPIfNz13ki+O2BTay6pDUjfCWN5Vi/H0xIRFiGrIZnSwNCQw
 yqpr+N6356t5c+gZTubcj1oLLFUQZU8+kDpg87vJCLdqLUrF5ldU4o427cwDBObmn/7R
 36i9rrhJIpDGNv97UJTGY5uUTcqjeWZPI0d/Dy8m8o1fBoXUN3gb6p1paf7gvnHI9ZB+
 Unwm/j6/KaGAvTT0wgC4tMjD/amqek5ApVdCATMegcMgEfsYTm4Nn9sQC0qMaoqrUveb
 wFcyhHhlIFth3hrn4RIpFqrAqr+yfytNutI+EbhX/2V8sAVhxybmxM1oZIoUrBMAEBW6
 i0nQ==; dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=ZQLHSHNa;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <libc-alpha-bounces~patch=linaro.org@sourceware.org>
Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97])
 by mx.google.com with ESMTPS id
 af79cd13be357-7caf75e28ffsi210835785a.650.2025.05.07.07.35.22
 for <patch@linaro.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:35:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender) client-ip=8.43.85.97;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=ZQLHSHNa;
 arc=pass (i=1); spf=pass (google.com: domain of
 libc-alpha-bounces~patch=linaro.org@sourceware.org designates 8.43.85.97 as
 permitted sender)
 smtp.mailfrom="libc-alpha-bounces~patch=linaro.org@sourceware.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
 by sourceware.org (Postfix) with ESMTP id 4C9A83858C62
 for <patch@linaro.org>; Wed,  7 May 2025 14:35:22 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4C9A83858C62
Authentication-Results: sourceware.org; dkim=pass (2048-bit key,
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=ZQLHSHNa
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com
 [IPv6:2607:f8b0:4864:20::102f])
 by sourceware.org (Postfix) with ESMTPS id 8EDDF3858039
 for <libc-alpha@sourceware.org>; Wed,  7 May 2025 14:22:22 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8EDDF3858039
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8EDDF3858039
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=2607:f8b0:4864:20::102f
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1746627742; cv=none;
 b=pUJLv6QhDhf4NAdcuCWBw23Mugh9howQog0KW44xQIKlScuEvqPRF4uPBDmZBNGBsLU7bg9yFTORVbfHrV4Hn2iiOqsvkKHsZH3pzHolvv0zcLowqn98pyrABpOcXKsQviv+bRCgyE9jNb1B04eXC2fL07DVOJmsDH8+CxFQUk4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1746627742; c=relaxed/simple;
 bh=DGBlXEwNExz4HL4XwXa1LSowzKOooH5gcuIuATWCVg4=;
 h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;
 b=QwhzRvqu/EcxO3tfnovUaq08kLJjnCAktzSdsHLd2Jk8GGeOiW32mCdWmH2fgqE1+XGtoDk5IuPrlf7RWtBiv+4I+uzPr31qCz2fC/WXNad9AMJ+G/8d+2VJi3SpqdAMI1rUMHHa+PMjXlBFGyeU5U8QbzwTqB0US9XVTusaKt4=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pj1-x102f.google.com with SMTP id
 98e67ed59e1d1-306b6ae4fb2so5793032a91.3
 for <libc-alpha@sourceware.org>; Wed, 07 May 2025 07:22:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1746627739; x=1747232539; darn=sourceware.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=yw9el3d3Po7BDj3fVpAs1Z4n1FMj/b8x2mBhnPQnEbQ=;
 b=ZQLHSHNapaSQKsX8iJDSlIKJKg7MOBHTXsE/N3Xxus7FqDVhzEKi6D5GFXBinmQHyH
 Ska3BUQ9TBmP9C9+vWDNBjmBuR9P9aZnx7N8BRvJcQM80DITocE5kRHEuIENeXqJsDJ3
 RXuuN/O8LL4rG44TTvKHIey2jELr0JPiMwYf0BaL4Q6cPVlqXfCnw6ukrTiqTzZ+41UT
 zS4nVh9hE6jpVqtDQenoBQcMjXHbCmyn7Lkm7fXk/c3ZAERvNRBGT7lMG/nKAzH/MXoj
 4qB/pyijdOcKBiQ+fThoEuCv2gSmUOJnWrtGFEjHznBNSUU/r/ew5mTbzUXK0IDeV6SR
 gasA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1746627739; x=1747232539;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=yw9el3d3Po7BDj3fVpAs1Z4n1FMj/b8x2mBhnPQnEbQ=;
 b=vAN4fTnvRMIal8ueK9r9vpuk8AFcgu1h7j2VMO7JHbshd2ZuhHq69Qnzygc7nurWl6
 M2dOiUvPtwL9F9ZWhGw/ocVKnngGAEQESLeeGCmEU3h7ixVj1tUS6PpGAa4gNycWbzGi
 MuH9zizpGzj4ec9grK9OESbU68KZ2M+0+EY5VtIzf0zF1ur4IAkL53HfBUEUUWMecY+L
 T83r6ATk/z+IysQ+TQSoOsG7HprtiQZ3GTud2H/Ym/NnSM6SyEXPAoqjyQ8dkU/5msFQ
 XCzstCyvQLo1gGGFAFWnM6BjK9Je8V5eJxtoE8HDypk/1y2tr1Yiv3r0OpvZ//1WNIEu
 GwTw==
X-Gm-Message-State: AOJu0YzuEbPK0Rr1fs8SAqL09DQrWVkqP9Z0jUIQhM2GYddVwL7TaNBv
 omhoQywBzle+MGAD3IrxSyiFgYXtS/XmoKXwBzC0uSYGp1LKUiCtPbvISEqYNJ1ApcHwhp/9CSg
 w57w=
X-Gm-Gg: ASbGncsVLBqQMT5PxIOWrNDpnMC+ToEsSzHvAB0FraZC4md+bGYOTEuJfQWLpKeGDPr
 AfDIjohtrlRlpDuiAvIi/yHsPoRCCgZ5WaKuv+xvvopOreCom/U1ZAvv66e+D6e2s7C1IkBWByo
 nEGsAoYd9nxEkhAP/UqgHdSkSjt4iK8MoaQoaDv1A480WaUM3YNYOQGJzc79gU3ZyodR0FrxfZy
 Q8qZQ81WrC8/Kp7lDzsAy3Sh2m0ryTZUc4/yxK7Sj781MNYQZQPRPzAOOPiMaLgPgDxyFPAjgYT
 VOflXStCKpCxEcVGYwNwHAtZ2F135KBvGanZKMA9Kythydt4CGwqekXFXALt2KXL
X-Received: by 2002:a17:90b:4c48:b0:30a:a38f:f78b with SMTP id
 98e67ed59e1d1-30aac16e267mr5822709a91.9.1746627739038;
 Wed, 07 May 2025 07:22:19 -0700 (PDT)
Received: from mandiga.. ([2804:1b3:a7c0:2a60:2bef:3994:10d0:59c9])
 by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-30ad474a050sm179453a91.8.2025.05.07.07.22.17
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 May 2025 07:22:18 -0700 (PDT)
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: libc-alpha@sourceware.org
Cc: Carlos O'Donell <carlos@redhat.com>
Subject: [PATCH 11/11] elf: Fix UB on _dl_map_object_from_fd
Date: Wed,  7 May 2025 11:17:29 -0300
Message-ID: <20250507142110.3452012-12-adhemerval.zanella@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
References: <20250507142110.3452012-1-adhemerval.zanella@linaro.org>
MIME-Version: 1.0
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
Errors-To: libc-alpha-bounces~patch=linaro.org@sourceware.org

On 32-bit architecture ubsan triggers:

UBSAN: Undefined behaviour in dl-load.c:1345:54 pointer index expression with base 0x00612508 overflowed  to 0xf7c3a508

Use explicit uintptr_t operation instead.
---
 elf/dl-load.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/elf/dl-load.c b/elf/dl-load.c
index bf29ec725d..6e26ef0583 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -1340,7 +1340,7 @@ cannot enable executable stack as shared object requires");
 
   /* Adjust the address of the TLS initialization image.  */
   if (l->l_tls_initimage != NULL)
-    l->l_tls_initimage = (char *) l->l_tls_initimage + l->l_addr;
+    l->l_tls_initimage = (void*)((uintptr_t)l->l_tls_initimage + l->l_addr);
 
   /* Process program headers again after load segments are mapped in
      case processing requires accessing those segments.  Scan program