On Thu, 11 Nov 2021 at 01:36, Tadeusz Struk<tadeusz.struk@xxxxxxxxxx> wrote:
Kernel throws a runtime object-size-mismatch error in skbuff queueThe config includes CONFIG_UBSAN_OBJECT_SIZE, right? Normally that's
helpers like in [1]. This happens every time there is a pattern
like the below:
int skbuf_xmit(struct sk_buff *skb)
{
struct sk_buff_head list;
__skb_queue_head_init(&list);
__skb_queue_tail(&list, skb); <-- offending call
return do_xmit(net, &list);
}
and the kernel is build with clang and -fsanitize=undefined flag set.
The reason is that the functions __skb_queue_[tail|head]() access the
struct sk_buff_head object via a pointer to struct sk_buff, which is
much bigger in size than the sk_buff_head. This could cause undefined
behavior and clang is complaining:
UBSAN: object-size-mismatch in ./include/linux/skbuff.h:2023:28
member access within address ffffc90000cb71c0 with insufficient space
for an object of type 'struct sk_buff'
disabled by default, probably why nobody has noticed these much.
Suppress the error with __attribute__((no_sanitize("undefined")))Isn't there a better way, because doing this might also suppress other
in the skb helpers.
issues wholesale. __no_sanitize_undefined should be the last resort.