lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date:	Tue, 26 Jan 2016 10:08:22 +0000
From:	Chris Bainbridge <chris.bainbridge@...il.com>
To:	linux-kernel@...r.kernel.org
Cc:	aryabinin@...tuozzo.com, tglx@...utronix.de, mingo@...hat.com,
	hpa@...or.com, x86@...nel.org
Subject: UBSAN: Undefined behaviour in ./arch/x86/include/asm/atomic.h:156:2

Booting 4.5.0-rc1 with new UBSAN checker enabled:

[    3.805449] ================================================================================
[    3.805453] UBSAN: Undefined behaviour in ./arch/x86/include/asm/atomic.h:156:2
[    3.805455] signed integer overflow:
[    3.805456] -1720106381 + -1531247276 cannot be represented in type 'int'
[    3.805460] CPU: 3 PID: 3235 Comm: cups-browsed Not tainted 4.5.0-rc1 #252
[    3.805461] Hardware name: Apple Inc. MacBookPro10,2/Mac-AFD8A9D944EA4843, BIOS MBP102.88Z.0106.B0A.1509130955 09/13/2015
[    3.805465]  0000000000000000 0000000000000000 ffffffffa4bb0554 ffff88025f2c37c8
[    3.805468]  ffffffff81b2e7d9 0000000000000001 ffff88025f2c37f8 ffff88025f2c37e0
[    3.805470]  ffffffff81bcb87d ffffffff84b16a74 ffff88025f2c3868 ffffffff81bcbc4d
[    3.805471] Call Trace:
[    3.805478]  <IRQ>  [<ffffffff81b2e7d9>] dump_stack+0x45/0x6c
[    3.805483]  [<ffffffff81bcb87d>] ubsan_epilogue+0xd/0x40
[    3.805485]  [<ffffffff81bcbc4d>] handle_overflow+0xbd/0xe0
[    3.805490]  [<ffffffff82b3409f>] ? csum_partial_copy_nocheck+0xf/0x20
[    3.805493]  [<ffffffff81d635df>] ? get_random_bytes+0x4f/0x100
[    3.805496]  [<ffffffff81bcbc7e>] __ubsan_handle_add_overflow+0xe/0x10
[    3.805500]  [<ffffffff82680a4a>] ip_idents_reserve+0x9a/0xd0
[    3.805503]  [<ffffffff826835e9>] __ip_select_ident+0xc9/0x160
[    3.805506]  [<ffffffff826a585a>] __ip_make_skb+0x83a/0x1e70
[    3.805509]  [<ffffffff8269bf80>] ? ip_setup_cork+0x4d0/0x4d0
[    3.805511]  [<ffffffff826a6f2d>] ip_push_pending_frames+0x1d/0x50
[    3.805514]  [<ffffffff826a746f>] ip_send_unicast_reply+0x3df/0xa80
[    3.805517]  [<ffffffff82800690>] ? ac6_proc_exit+0x40/0x40
[    3.805521]  [<ffffffff8270c1b4>] tcp_v4_send_reset+0x4e4/0xe40
[    3.805524]  [<ffffffff8270feb9>] tcp_v4_rcv+0x979/0x1db0
[    3.805527]  [<ffffffff82690969>] ip_local_deliver_finish+0x139/0x600
[    3.805529]  [<ffffffff8269127a>] ip_local_deliver+0x10a/0x1a0
[    3.805532]  [<ffffffff82690830>] ? ip_rcv_finish+0xb10/0xb10
[    3.805534]  [<ffffffff8268ff5d>] ip_rcv_finish+0x23d/0xb10
[    3.805536]  [<ffffffff8269176d>] ip_rcv+0x45d/0xa30
[    3.805540]  [<ffffffff81200f02>] ? wake_up_q+0x12/0xd0
[    3.805543]  [<ffffffff8268fd20>] ? inet_del_offload+0x40/0x40
[    3.805545]  [<ffffffff82691310>] ? ip_local_deliver+0x1a0/0x1a0
[    3.805549]  [<ffffffff8258ae1c>] __netif_receive_skb_core+0xd2c/0x1c30
[    3.805552]  [<ffffffff8258bd49>] __netif_receive_skb+0x29/0x190
[    3.805556]  [<ffffffff812648ae>] ? rcu_gp_kthread_wake+0x6e/0xb0
[    3.805559]  [<ffffffff8258bfc6>] process_backlog+0x116/0x5d0
[    3.805562]  [<ffffffff8258f865>] net_rx_action+0x395/0x9c0
[    3.805566]  [<ffffffff811b296c>] __do_softirq+0xbc/0x590
[    3.805569]  [<ffffffff82b4269c>] do_softirq_own_stack+0x1c/0x30
[    3.805572]  <EOI>  [<ffffffff811b1ddd>] do_softirq.part.17+0x1d/0x20
[    3.805575]  [<ffffffff811b1e74>] __local_bh_enable_ip+0x94/0xc0
[    3.805577]  [<ffffffff8269c899>] ip_finish_output2+0x219/0x880
[    3.805580]  [<ffffffff8269f4f0>] ip_finish_output+0x280/0x690
[    3.805582]  [<ffffffff826a3d30>] ip_output+0x100/0x210
[    3.805585]  [<ffffffff8269f270>] ? ip_fragment.constprop.24+0x190/0x190
[    3.805588]  [<ffffffff826a217b>] ip_local_out+0x3b/0x80
[    3.805590]  [<ffffffff826a29f4>] ip_queue_xmit+0x274/0x1000
[    3.805593]  [<ffffffff825500bb>] ? __skb_clone+0x5b/0x550
[    3.805595]  [<ffffffff826f38c6>] tcp_transmit_skb+0x7b6/0x2260
[    3.805598]  [<ffffffff826fa80d>] tcp_connect+0xf2d/0x1fe0
[    3.805601]  [<ffffffff825772cc>] ? secure_tcp_sequence_number+0x7c/0xd0
[    3.805603]  [<ffffffff82709137>] tcp_v4_connect+0x4a7/0x15f0
[    3.805607]  [<ffffffff8274fba1>] __inet_stream_connect+0xf1/0x880
[    3.805609]  [<ffffffff82b40456>] ? _raw_spin_unlock_bh+0x26/0x40
[    3.805612]  [<ffffffff82750330>] ? __inet_stream_connect+0x880/0x880
[    3.805615]  [<ffffffff82750368>] inet_stream_connect+0x38/0x80
[    3.805618]  [<ffffffff8253de27>] SYSC_connect+0xe7/0x170
[    3.805622]  [<ffffffff81a251da>] ? selinux_file_fcntl+0x8a/0x100
[    3.805625]  [<ffffffff81a1d4a8>] ? security_file_fcntl+0x48/0x80
[    3.805629]  [<ffffffff81488932>] ? SyS_fcntl+0x542/0x8b0
[    3.805632]  [<ffffffff8253fac9>] SyS_connect+0x9/0x10
[    3.805634]  [<ffffffff82b40a57>] entry_SYSCALL_64_fastpath+0x12/0x6a
[    3.805636] ================================================================================

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ