lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090309201503.GA5010@nowhere>
Date:	Mon, 9 Mar 2009 21:15:04 +0100
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Sitsofe Wheeler <sitsofe@...oo.com>
Cc:	Lai Jiangshan <laijs@...fujitsu.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org
Subject: Re: [TIP,BISECTED] Negative nice values have become big positive
	numbers

On Sun, Mar 08, 2009 at 11:18:50PM +0000, Sitsofe Wheeler wrote:
> (Forgot to cc lkml. Resending...)
> 
> Formally negative nice values have started become very big in positive
> integers in -tip kernels:
> 
>     2 root      15 2147483647     0    0    0 S  0.0  0.0   0:00.00 kthreadd    


The weird thing here is that number: 2147483647
It is 0xefffffff
Which means -1 without the highest bit (the sign).
I really don't know how it could have happened.

Anyway, I caught something in the signedness bits from my patch that unifies
the format decoding.
I've never seen your bug on my machine. But I note you have a 32 bits CPU.
Mine is 64 bits with a 64 bits kernel. Perhaps some weird signedness related things
happened because of the signedness bug that the following patch fixes.

Since there are no negative values in my dmesg, I did not catch this bug until now
(and my top output is normal).

Can you please give it a try?

Thanks a lot!

---
>From df7f96a703e15a995620813f1397a01d9000bbe8 Mon Sep 17 00:00:00 2001
From: Frederic Weisbecker <fweisbec@...il.com>
Date: Mon, 9 Mar 2009 21:10:15 +0100
Subject: [PATCH] vsprintk: keep track of signedness

While unifying the format decoding, the sign flag has been dropped out in
favour of precise types (ie: LONG/ULONG).
But the format helper number() still needs this flag to keep track of the
signedness unless it will consider all numbers as unsigned.

Also add an explicit cast to int (for %d) while parsing with va_arg()
to ensure the highest bit is well extended on the 64 bits number that hosts the
value in case of negative values.

Signed-off-by: Frederic Weisbecker <fweisbec@...il.com>
---
 lib/vsprintf.c |   13 ++++++-------
 1 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index 25f0157..dc16743 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -768,7 +768,6 @@ static char *pointer(const char *fmt, char *buf, char *end, void *ptr,
 static int format_decode(const char *fmt, struct printf_spec *spec)
 {
 	const char *start = fmt;
-	bool sign = false;
 
 	/* we finished early by reading the field width */
 	if (spec->type == FORMAT_TYPE_WITDH) {
@@ -900,7 +899,7 @@ qualifier:
 
 	case 'd':
 	case 'i':
-		sign = true;
+		spec->flags |= SIGN;
 	case 'u':
 		break;
 
@@ -912,7 +911,7 @@ qualifier:
 	if (spec->qualifier == 'L')
 		spec->type = FORMAT_TYPE_LONG_LONG;
 	else if (spec->qualifier == 'l') {
-		if (sign)
+		if (spec->flags & SIGN)
 			spec->type = FORMAT_TYPE_LONG;
 		else
 			spec->type = FORMAT_TYPE_ULONG;
@@ -921,12 +920,12 @@ qualifier:
 	} else if (spec->qualifier == 't') {
 		spec->type = FORMAT_TYPE_PTRDIFF;
 	} else if (spec->qualifier == 'h') {
-		if (sign)
+		if (spec->flags & SIGN)
 			spec->type = FORMAT_TYPE_SHORT;
 		else
 			spec->type = FORMAT_TYPE_USHORT;
 	} else {
-		if (sign)
+		if (spec->flags & SIGN)
 			spec->type = FORMAT_TYPE_INT;
 		else
 			spec->type = FORMAT_TYPE_UINT;
@@ -1101,8 +1100,8 @@ int vsnprintf(char *buf, size_t size, const char *fmt, va_list args)
 			case FORMAT_TYPE_SHORT:
 				num = (short) va_arg(args, int);
 				break;
-			case FORMAT_TYPE_UINT:
-				num = va_arg(args, unsigned int);
+			case FORMAT_TYPE_INT:
+				num = (int) va_arg(args, int);
 				break;
 			default:
 				num = va_arg(args, unsigned int);
-- 
1.6.1


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ