UBSAN: array-index-out-of-bounds in arch/powerpc/kernel/legacy_serial.c:359:56

linuxppc-dev.lists.ozlabs.org archive mirror
 help / color / mirror / Atom feed

From: Paul Menzel <pmenzel@molgen.mpg.de>
To: Michael Ellerman <mpe@ellerman.id.au>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Paul Mackerras <paulus@samba.org>
Cc: linuxppc-dev@lists.ozlabs.org
Subject: UBSAN: array-index-out-of-bounds in arch/powerpc/kernel/legacy_serial.c:359:56
Date: Thu, 6 May 2021 21:32:18 +0200	[thread overview]
Message-ID: <a7467e08-1e53-e974-d14b-13e6ff558dae@molgen.mpg.de> (raw)
In-Reply-To: <9f1e8f9a-9ccd-fc96-04cc-30137dbe9011@molgen.mpg.de>

[corrected subject]

Am 06.05.21 um 21:31 schrieb Paul Menzel:
> Dear Linux folks,
> 
> 
> On the POWER8 system IBM S822LC, Linux 5.13+, built with USSAN, logs the 
> warning below.
> 
> ```
> [    0.030091] 
> ================================================================================ 
> 
> [    0.030295] UBSAN: array-index-out-of-bounds in arch/powerpc/kernel/legacy_serial.c:359:56
> [    0.030325] index -1 is out of range for type 'legacy_serial_info [8]'
> [    0.030350] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.12.0+ #2
> [    0.030360] Call Trace:
> [    0.030363] [c000000024f1bad0] [c0000000009f4330] dump_stack+0xc4/0x114 (unreliable)
> [    0.030386] [c000000024f1bb20] [c0000000009efed0] ubsan_epilogue+0x18/0x78
> [    0.030400] [c000000024f1bb80] [c0000000009efafc] __ubsan_handle_out_of_bounds+0xac/0xd0
> [    0.030414] [c000000024f1bc20] [c000000001711588] ioremap_legacy_serial_console+0x54/0x144
> [    0.030430] [c000000024f1bc70] [c0000000000123c0] do_one_initcall+0x60/0x2c0
> [    0.030444] [c000000024f1bd40] [c000000001704bc4] kernel_init_freeable+0x19c/0x25c
> [    0.030458] [c000000024f1bda0] [c000000000012a2c] kernel_init+0x2c/0x180
> [    0.030471] [c000000024f1be10] [c00000000000d6ec] ret_from_kernel_thread+0x5c/0x70
> [    0.030484] 
> ================================================================================ 
> 
> [    0.030641] 
> ================================================================================ 
> 
> [    0.030668] UBSAN: array-index-out-of-bounds in arch/powerpc/kernel/legacy_serial.c:360:58
> [    0.030697] index -1 is out of range for type 'plat_serial8250_port [9]'
> [    0.030721] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.12.0+ #2
> [    0.030730] Call Trace:
> [    0.030733] [c000000024f1bad0] [c0000000009f4330] dump_stack+0xc4/0x114 (unreliable)
> [    0.030749] [c000000024f1bb20] [c0000000009efed0] ubsan_epilogue+0x18/0x78
> [    0.030762] [c000000024f1bb80] [c0000000009efafc] __ubsan_handle_out_of_bounds+0xac/0xd0
> [    0.030775] [c000000024f1bc20] [c0000000017115a0] ioremap_legacy_serial_console+0x6c/0x144
> [    0.030790] [c000000024f1bc70] [c0000000000123c0] do_one_initcall+0x60/0x2c0
> [    0.030802] [c000000024f1bd40] [c000000001704bc4] kernel_init_freeable+0x19c/0x25c
> [    0.030816] [c000000024f1bda0] [c000000000012a2c] kernel_init+0x2c/0x180
> [    0.030829] [c000000024f1be10] [c00000000000d6ec] ret_from_kernel_thread+0x5c/0x70
> [    0.030842] 
> ================================================================================ 
> ```
> 
> 
> Kind regards,
> 
> Paul

next prev parent reply	other threads:[~2021-05-06 19:32 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-06 19:31 WARNING: CPU: 0 PID: 1 at arch/powerpc/lib/feature-fixups.c:109 do_feature_fixups+0xb0/0xf0 Paul Menzel
2021-05-06 19:32 ` Paul Menzel [this message]
2021-05-07  8:31   ` UBSAN: array-index-out-of-bounds in arch/powerpc/kernel/legacy_serial.c:359:56 Christophe Leroy
2021-05-07  8:42     ` Paul Menzel
2021-05-07  8:59       ` Christophe Leroy
2021-05-07 17:52         ` Paul Menzel
2021-05-07 20:59     ` Segher Boessenkool

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a7467e08-1e53-e974-d14b-13e6ff558dae@molgen.mpg.de \
    --to=pmenzel@molgen.mpg.de \
    --cc=benh@kernel.crashing.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=mpe@ellerman.id.au \
    --cc=paulus@samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).