* UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
@ 2016-01-26 10:11 Chris Bainbridge
2016-01-26 15:25 ` Alan Stern
0 siblings, 1 reply; 4+ messages in thread
From: Chris Bainbridge @ 2016-01-26 10:11 UTC (permalink / raw)
To: linux-kernel; +Cc: aryabinin, gregkh, stern, linux-usb
Booting 4.5.0-rc1 with new UBSAN checker enabled:
[ 4.556968] ================================================================================
[ 4.556972] UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
[ 4.556975] shift exponent -1 is negative
[ 4.556979] CPU: 2 PID: 3624 Comm: usb Not tainted 4.5.0-rc1 #252
[ 4.556981] Hardware name: Apple Inc. MacBookPro10,2/Mac-AFD8A9D944EA4843, BIOS MBP102.88Z.0106.B0A.1509130955 09/13/2015
[ 4.556984] 0000000000000000 0000000000000000 ffffffff845c6528 ffff8802493b3c68
[ 4.556988] ffffffff81b2e7d9 0000000000000007 ffff8802493b3c98 ffff8802493b3c80
[ 4.556992] ffffffff81bcb87d ffffffffffffffff ffff8802493b3d10 ffffffff81bcc1c1
[ 4.556996] Call Trace:
[ 4.557004] [<ffffffff81b2e7d9>] dump_stack+0x45/0x6c
[ 4.557010] [<ffffffff81bcb87d>] ubsan_epilogue+0xd/0x40
[ 4.557015] [<ffffffff81bcc1c1>] __ubsan_handle_shift_out_of_bounds+0xf1/0x140
[ 4.557020] [<ffffffff81438f49>] ? __kmalloc+0x209/0x5f0
[ 4.557025] [<ffffffff8220a615>] ? usb_alloc_urb+0x15/0x40
[ 4.557030] [<ffffffff822247af>] ? proc_do_submiturb+0x9af/0x2c30
[ 4.557034] [<ffffffff82226794>] proc_do_submiturb+0x2994/0x2c30
[ 4.557039] [<ffffffff811eb821>] ? blocking_notifier_call_chain+0x11/0x20
[ 4.557044] [<ffffffff8222733b>] usbdev_do_ioctl+0x90b/0x2170
[ 4.557049] [<ffffffff81279fe4>] ? hrtimer_start_range_ns+0x274/0xc60
[ 4.557053] [<ffffffff82228bb9>] usbdev_ioctl+0x9/0x10
[ 4.557059] [<ffffffff8148a322>] do_vfs_ioctl+0xd2/0xcb0
[ 4.557063] [<ffffffff8148af74>] SyS_ioctl+0x74/0x80
[ 4.557067] [<ffffffff82b40a57>] entry_SYSCALL_64_fastpath+0x12/0x6a
[ 4.557070] ================================================================================
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
2016-01-26 10:11 UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25 Chris Bainbridge
@ 2016-01-26 15:25 ` Alan Stern
2016-01-26 16:03 ` Andrey Ryabinin
0 siblings, 1 reply; 4+ messages in thread
From: Alan Stern @ 2016-01-26 15:25 UTC (permalink / raw)
To: Chris Bainbridge; +Cc: linux-kernel, aryabinin, gregkh, linux-usb
On Tue, 26 Jan 2016, Chris Bainbridge wrote:
> Booting 4.5.0-rc1 with new UBSAN checker enabled:
>
> [ 4.556968] ================================================================================
> [ 4.556972] UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
> [ 4.556975] shift exponent -1 is negative
Does a left shift by a negative amount matter if the result isn't used?
Alan Stern
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
2016-01-26 15:25 ` Alan Stern
@ 2016-01-26 16:03 ` Andrey Ryabinin
2016-01-26 16:43 ` Greg KH
0 siblings, 1 reply; 4+ messages in thread
From: Andrey Ryabinin @ 2016-01-26 16:03 UTC (permalink / raw)
To: Alan Stern, Chris Bainbridge; +Cc: linux-kernel, aryabinin, gregkh, linux-usb
On 01/26/2016 06:25 PM, Alan Stern wrote:
> On Tue, 26 Jan 2016, Chris Bainbridge wrote:
>
>> Booting 4.5.0-rc1 with new UBSAN checker enabled:
>>
>> [ 4.556968] ================================================================================
>> [ 4.556972] UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
>> [ 4.556975] shift exponent -1 is negative
>
> Does a left shift by a negative amount matter if the result isn't used?
>
By definition, any code with undefined behavior could do anything.
But in practice, undefined shift just leads to undefined result of shift operation
(it depends on operands and architecture).
> Alan Stern
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
2016-01-26 16:03 ` Andrey Ryabinin
@ 2016-01-26 16:43 ` Greg KH
0 siblings, 0 replies; 4+ messages in thread
From: Greg KH @ 2016-01-26 16:43 UTC (permalink / raw)
To: Andrey Ryabinin; +Cc: Alan Stern, Chris Bainbridge, linux-kernel, linux-usb
On Tue, Jan 26, 2016 at 07:03:39PM +0300, Andrey Ryabinin wrote:
> On 01/26/2016 06:25 PM, Alan Stern wrote:
> > On Tue, 26 Jan 2016, Chris Bainbridge wrote:
> >
> >> Booting 4.5.0-rc1 with new UBSAN checker enabled:
> >>
> >> [ 4.556968] ================================================================================
> >> [ 4.556972] UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25
> >> [ 4.556975] shift exponent -1 is negative
> >
> > Does a left shift by a negative amount matter if the result isn't used?
> >
>
> By definition, any code with undefined behavior could do anything.
But in reality, we are ok here, gcc isn't that foolish.
> But in practice, undefined shift just leads to undefined result of shift operation
> (it depends on operands and architecture).
But if we don't use the value...
Anyway, please send a patch if you wish this issue to be fixed and we
can discuss it that way.
thanks,
greg k-h
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-01-26 16:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-26 10:11 UBSAN: Undefined behaviour in drivers/usb/core/devio.c:1517:25 Chris Bainbridge
2016-01-26 15:25 ` Alan Stern
2016-01-26 16:03 ` Andrey Ryabinin
2016-01-26 16:43 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox