From: "Toralf Förster" <toralf.foerster@gmx.de>
To: x86@kernel.org
Cc: Linux Kernel <linux-kernel@vger.kernel.org>
Subject: Re: 4.6.0-rc3 UBSAN: atomic.h:156:2,Apr 14 15:40:24 n22kvm-clone kernel: signed integer overflow:
Date: Thu, 14 Apr 2016 15:51:32 +0200 [thread overview]
Message-ID: <570FA064.1060707@gmx.de> (raw)
In-Reply-To: <570F9F21.7000209@gmx.de>
Toralf Förster:
> Got this at a 32 bit KVM during boot :
and later while fuzzying with trinity :
Apr 14 15:44:56 n22kvm-clone kernel: ================================================================================
Apr 14 15:44:56 n22kvm-clone kernel: UBSAN: Undefined behaviour in ./arch/x86/include/asm/futex.h:53:13
Apr 14 15:44:56 n22kvm-clone kernel: shift exponent -1 is negative
Apr 14 15:44:56 n22kvm-clone kernel: CPU: 0 PID: 13969 Comm: trinity-c1 Not tainted 4.6.0-rc3 #5
Apr 14 15:44:56 n22kvm-clone kernel: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014
Apr 14 15:44:56 n22kvm-clone kernel: 00000000 00000086 f3e7fde8 d6fe2fe8 00000007 f3e7fe14 d78b8dac f3e7fdf8
Apr 14 15:44:56 n22kvm-clone kernel: d704887e f3e7fdf8 d78b8dac f3e7fe78 d704919d d774876c f3e7fe18 00000002
Apr 14 15:44:56 n22kvm-clone kernel: f3e16180 00000001 00000286 d600312d f3e7fe5c 00000286 00000000 00000001
Apr 14 15:44:56 n22kvm-clone kernel: Call Trace:
Apr 14 15:44:56 n22kvm-clone kernel: [<d6fe2fe8>] dump_stack+0x9f/0xe7
Apr 14 15:44:56 n22kvm-clone kernel: [<d704887e>] ubsan_epilogue+0xe/0x40
Apr 14 15:44:56 n22kvm-clone kernel: [<d704919d>] __ubsan_handle_shift_out_of_bounds+0xdd/0x140
Apr 14 15:44:56 n22kvm-clone kernel: [<d6ba2257>] ? do_futex+0x257/0xdc0
Apr 14 15:44:56 n22kvm-clone kernel: [<d75bf3ad>] ? _raw_spin_lock_nested+0x3d/0x50
Apr 14 15:44:56 n22kvm-clone kernel: [<d6ba2a04>] do_futex+0xa04/0xdc0
Apr 14 15:44:56 n22kvm-clone kernel: [<d75bfb0f>] ? _raw_spin_unlock_irqrestore+0x5f/0x80
Apr 14 15:44:56 n22kvm-clone kernel: [<d6ba2e44>] SyS_futex+0x84/0x150
Apr 14 15:44:56 n22kvm-clone kernel: [<d6a033b0>] do_fast_syscall_32+0x150/0x960
Apr 14 15:44:56 n22kvm-clone kernel: [<d6ba2dc0>] ? do_futex+0xdc0/0xdc0
Apr 14 15:44:56 n22kvm-clone kernel: [<d75bfeeb>] sysenter_past_esp+0x4c/0x7f
Apr 14 15:44:56 n22kvm-clone kernel: ================================================================================
--
Toralf
PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
prev parent reply other threads:[~2016-04-14 13:51 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-14 13:46 4.6.0-rc3 UBSAN: atomic.h:156:2,Apr 14 15:40:24 n22kvm-clone kernel: signed integer overflow: Toralf Förster
2016-04-14 13:51 ` Toralf Förster [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=570FA064.1060707@gmx.de \
--to=toralf.foerster@gmx.de \
--cc=linux-kernel@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox