* [patch 115/115] kernel/exit.c: avoid undefined behaviour when calling wait4()
@ 2017-07-10 22:53 akpm
0 siblings, 0 replies; only message in thread
From: akpm @ 2017-07-10 22:53 UTC (permalink / raw)
To: akpm, aneesh.kumar, kirill.shutemov, mm-commits, oleg, qiuxishi,
rientjes, torvalds, zhongjiang
From: zhongjiang <zhongjiang@huawei.com>
Subject: kernel/exit.c: avoid undefined behaviour when calling wait4()
wait4(-2147483648, 0x20, 0, 0xdd0000) triggers:
UBSAN: Undefined behaviour in kernel/exit.c:1651:9
The related calltrace is as follows:
[518871.435738] negation of -2147483648 cannot be represented in type 'int':
[518871.442618] CPU: 9 PID: 16482 Comm: zj Tainted: G B ---- ------- 3.10.0-327.53.58.71.x86_64+ #66
[518871.452874] Hardware name: Huawei Technologies Co., Ltd. Tecal RH2285 /BC11BTSA , BIOS CTSAV036 04/27/2011
[518871.464690] ffffffff82599190 000000008b740a25 ffff880112447d90 ffffffff81d6eb16
[518871.472395] ffff880112447da8 ffffffff81d6ebc9 ffffffff82599180 ffff880112447e98
[518871.480101] ffffffff81d6fc99 0000000041b58ab3 ffffffff8228d698 ffffffff81d6fb90
[518871.487801] Call Trace:
[518871.490435] [<ffffffff81d6eb16>] dump_stack+0x19/0x1b
[518871.495751] [<ffffffff81d6ebc9>] ubsan_epilogue+0xd/0x50
[518871.501328] [<ffffffff81d6fc99>] __ubsan_handle_negate_overflow+0x109/0x14e
[518871.508548] [<ffffffff81d6fb90>] ? __ubsan_handle_divrem_overflow+0x1df/0x1df
[518871.516041] [<ffffffff8116e0d4>] ? lg_local_lock+0x24/0xb0
[518871.521785] [<ffffffff8116e640>] ? lg_local_unlock+0x20/0xd0
[518871.527708] [<ffffffff81366fa0>] ? __pmd_alloc+0x180/0x180
[518871.533458] [<ffffffff8143f81b>] ? mntput+0x3b/0x70
[518871.538598] [<ffffffff8110d7bb>] SyS_wait4+0x1cb/0x1e0
[518871.543999] [<ffffffff8110d5f0>] ? SyS_waitid+0x220/0x220
[518871.549661] [<ffffffff8123bb57>] ? __audit_syscall_entry+0x1f7/0x2a0
[518871.556278] [<ffffffff81d91109>] system_call_fastpath+0x16/0x1b
Exclude the overflow to avoid the UBSAN warning.
Link: http://lkml.kernel.org/r/1497264618-20212-1-git-send-email-zhongjiang@huawei.com
Signed-off-by: zhongjiang <zhongjiang@huawei.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Xishi Qiu <qiuxishi@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
kernel/exit.c | 4 ++++
1 file changed, 4 insertions(+)
diff -puN kernel/exit.c~exit-avoid-undefined-behaviour-when-call-wait4 kernel/exit.c
--- a/kernel/exit.c~exit-avoid-undefined-behaviour-when-call-wait4
+++ a/kernel/exit.c
@@ -1639,6 +1639,10 @@ long kernel_wait4(pid_t upid, int __user
__WNOTHREAD|__WCLONE|__WALL))
return -EINVAL;
+ /* -INT_MIN is not defined */
+ if (upid == INT_MIN)
+ return -ESRCH;
+
if (upid == -1)
type = PIDTYPE_MAX;
else if (upid < 0) {
_
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-07-10 22:53 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-07-10 22:53 [patch 115/115] kernel/exit.c: avoid undefined behaviour when calling wait4() akpm
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.