ubsan: integer-overflow: depend on BROKEN to keep this out of CI

[ Upstream commit d6a0e0bfec ] Depending on !COMPILE_TEST isn't sufficient to keep this feature out of CI because we can't stop it from being included in randconfig builds. This feature is still highly experimental, and is developed in lock-step with Clang's Overflow Behavior Types[1]. Depend on BROKEN to keep it from being enabled by anyone not expecting it. Link: https://discourse.llvm.org/t/rfc-v2-clang-introduce-overflowbehaviortypes-for-wrapping-and-non-wrapping-arithmetic/86507 [1] Reported-by: kernel test robot <oliver.sang@intel.com> Closes: https://lore.kernel.org/oe-lkp/202505281024.f42beaa7-lkp@intel.com Fixes: 557f8c582a ("ubsan: Reintroduce signed overflow sanitizer") Acked-by: Eric Biggers <ebiggers@kernel.org> Link: https://lore.kernel.org/r/20250528182616.work.296-kees@kernel.org Reviewed-by: Nathan Chancellor <nathan@kernel.org> Acked-by: Marco Elver <elver@google.com> Signed-off-by: Kees Cook <kees@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-09-13 11:07:46 +10:00 · 2025-05-28 11:26:22 -07:00 · 2025-05-28 11:26:22 -07:00 · 5b6eb04c05
commit 5b6eb04c05
parent f3a472b914
1 changed files with 2 additions and 0 deletions
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@ -118,6 +118,8 @@ config UBSAN_UNREACHABLE

 config UBSAN_SIGNED_WRAP
 	bool "Perform checking for signed arithmetic wrap-around"
+	# This is very experimental so drop the next line if you really want it
+	depends on BROKEN
 	depends on !COMPILE_TEST
 	# The no_sanitize attribute was introduced in GCC with version 8.
 	depends on !CC_IS_GCC || GCC_VERSION >= 80000