* WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 @ 2018-11-13 16:55 Qian Cai 2018-11-13 17:20 ` Geert Uytterhoeven 2018-11-13 17:29 ` Andy Shevchenko 0 siblings, 2 replies; 10+ messages in thread From: Qian Cai @ 2018-11-13 16:55 UTC (permalink / raw) To: linux-kernel Cc: Petr Mladek, Andy Shevchenko, Tobin C. Harding, Steven Rostedt (VMware), Geert Uytterhoeven Running the trinity fuzzer with a non-root user on an aarch64 server with the latest mainline (rc2) generated this. Is it just a false alarm to ignore? [ 807.847370] precision 65525 too large [ 807.847449] WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 [ 807.860161] Modules linked in: cast6_generic cast_common lrw bridge 8021q garp mrp stp llc dlci tcp_diag inet_diag af_key pptp gre l2tp_ppp l2tp_netlink l2tp_core ip6_udp_tunnel udp_tunnel pppoe pppox ppp_generic slhc crypto_user ib_core nfnetlink scsi_transport_iscsi atm sctp vfat fat ghash_ce sha2_ce sha256_arm64 sha1_ce ses enclosure ipmi_ssif sg ipmi_si ipmi_devintf sbsa_gwdt ipmi_msghandler sch_fq_codel xfs libcrc32c marvell mpt3sas mlx5_core raid_class hibmc_drm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm ixgbe hisi_sas_v2_hw igb hisi_sas_main libsas hns_dsaf mlxfw devlink hns_enet_drv mdio i2c_designware_platform i2c_algo_bit i2c_designware_core ehci_platform scsi_transport_sas hns_mdio hnae dm_mirror dm_region_hash dm_log dm_mod [ 807.927838] CPU: 26 PID: 64391 Comm: trinity-c90 Kdump: loaded Tainted: G W 4.20.0-rc2+ #16 [ 807.937494] Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.50 06/01/2018 [ 807.944718] pstate: 60000005 (nZCv daif -PAN -UAO) [ 807.949515] pc : set_precision+0x84/0x90 [ 807.953439] lr : set_precision+0x84/0x90 [ 807.957362] sp : ffff801e6430f6b0 [ 807.960677] x29: ffff801e6430f6b0 x28: ffff801e6430fb10 [ 807.965992] x27: 0000000000000003 x26: 00000000ffffffd8 [ 807.971307] x25: ffff801e6430fba0 x24: ffff801e6430fb48 [ 807.976622] x23: ffff2000093ddfa0 x22: ffff801e6430f770 [ 807.981937] x21: ffff2000090eb4a6 x20: ffff801e6430f770 [ 807.987252] x19: 000000000000fff5 x18: 0000000000000000 [ 807.992569] x17: 0000000000000000 x16: 0000000000000000 [ 807.997884] x15: 0000000000000000 x14: 3878302031343220 [ 808.003201] x13: 6265783020303939 x12: ffff04000172b49c [ 808.008516] x11: 1fffe4000172b49b x10: ffff04000172b49b [ 808.013832] x9 : 0000000000000000 x8 : 203532353536206e [ 808.019148] x7 : 6f69736963657270 x6 : 0000000041b58ab3 [ 808.024463] x5 : dfff200000000000 x4 : dfff200000000000 [ 808.029779] x3 : dfff200000000000 x2 : 65a2459128144800 [ 808.035093] x1 : 65a2459128144800 x0 : 0000000000000000 [ 808.040408] Call trace: [ 808.042861] set_precision+0x84/0x90 [ 808.046440] vsnprintf+0x23c/0x858 [ 808.049845] __request_module+0x1a0/0x8b8 [ 808.053860] get_fs_type+0xb0/0x138 [ 808.057351] do_mount+0x2c4/0x13c0 [ 808.060756] ksys_mount+0xf4/0x110 [ 808.064160] __arm64_sys_mount+0x70/0x88 [ 808.068087] el0_svc_handler+0xd4/0x198 [ 808.071928] el0_svc+0x8/0xc [ 808.074810] irq event stamp: 347872 [ 808.078305] hardirqs last enabled at (347871): [<ffff2000082080e8>] vprintk_emit+0x2b0/0x5c0 [ 808.086833] hardirqs last disabled at (347872): [<ffff200008081490>] do_debug_exception+0xd8/0x190 [ 808.095795] softirqs last enabled at (347844): [<ffff200008082210>] __do_softirq+0x7c8/0x9c8 [ 808.104325] softirqs last disabled at (347837): [<ffff20000812dbe4>] irq_exit+0x25c/0x2f0 [ 808.112502] ---[ end trace 598902d30712b79e ]--- ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 16:55 WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 Qian Cai @ 2018-11-13 17:20 ` Geert Uytterhoeven 2018-11-13 17:32 ` Andy Shevchenko 2018-11-13 17:29 ` Andy Shevchenko 1 sibling, 1 reply; 10+ messages in thread From: Geert Uytterhoeven @ 2018-11-13 17:20 UTC (permalink / raw) To: cai Cc: Linux Kernel Mailing List, Petr Mladek, Andy Shevchenko, Tobin C. Harding, Steven Rostedt, Geert Uytterhoeven On Tue, Nov 13, 2018 at 5:57 PM Qian Cai <cai@gmx.us> wrote: > Running the trinity fuzzer with a non-root user on an aarch64 server with the > latest mainline (rc2) generated this. Is it just a false alarm to ignore? > > [ 807.847370] precision 65525 too large > [ 807.847449] WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 > set_precision+0x84/0x90 > [ 807.860161] Modules linked in: cast6_generic cast_common lrw bridge 8021q > garp mrp stp llc dlci tcp_diag inet_diag af_key pptp gre l2tp_ppp l2tp_netlink > l2tp_core ip6_udp_tunnel udp_tunnel pppoe pppox ppp_generic slhc crypto_user > ib_core nfnetlink scsi_transport_iscsi atm sctp vfat fat ghash_ce sha2_ce > sha256_arm64 sha1_ce ses enclosure ipmi_ssif sg ipmi_si ipmi_devintf sbsa_gwdt > ipmi_msghandler sch_fq_codel xfs libcrc32c marvell mpt3sas mlx5_core raid_class > hibmc_drm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm > ixgbe hisi_sas_v2_hw igb hisi_sas_main libsas hns_dsaf mlxfw devlink > hns_enet_drv mdio i2c_designware_platform i2c_algo_bit i2c_designware_core > ehci_platform scsi_transport_sas hns_mdio hnae dm_mirror dm_region_hash dm_log > dm_mod > [ 807.927838] CPU: 26 PID: 64391 Comm: trinity-c90 Kdump: loaded Tainted: > G W 4.20.0-rc2+ #16 > [ 807.937494] Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.50 > 06/01/2018 > [ 807.944718] pstate: 60000005 (nZCv daif -PAN -UAO) > [ 807.949515] pc : set_precision+0x84/0x90 > [ 807.953439] lr : set_precision+0x84/0x90 > [ 807.957362] sp : ffff801e6430f6b0 > [ 807.960677] x29: ffff801e6430f6b0 x28: ffff801e6430fb10 > [ 807.965992] x27: 0000000000000003 x26: 00000000ffffffd8 > [ 807.971307] x25: ffff801e6430fba0 x24: ffff801e6430fb48 > [ 807.976622] x23: ffff2000093ddfa0 x22: ffff801e6430f770 > [ 807.981937] x21: ffff2000090eb4a6 x20: ffff801e6430f770 > [ 807.987252] x19: 000000000000fff5 x18: 0000000000000000 > [ 807.992569] x17: 0000000000000000 x16: 0000000000000000 > [ 807.997884] x15: 0000000000000000 x14: 3878302031343220 > [ 808.003201] x13: 6265783020303939 x12: ffff04000172b49c > [ 808.008516] x11: 1fffe4000172b49b x10: ffff04000172b49b > [ 808.013832] x9 : 0000000000000000 x8 : 203532353536206e > [ 808.019148] x7 : 6f69736963657270 x6 : 0000000041b58ab3 > [ 808.024463] x5 : dfff200000000000 x4 : dfff200000000000 > [ 808.029779] x3 : dfff200000000000 x2 : 65a2459128144800 > [ 808.035093] x1 : 65a2459128144800 x0 : 0000000000000000 > [ 808.040408] Call trace: > [ 808.042861] set_precision+0x84/0x90 > [ 808.046440] vsnprintf+0x23c/0x858 > [ 808.049845] __request_module+0x1a0/0x8b8 > [ 808.053860] get_fs_type+0xb0/0x138 > [ 808.057351] do_mount+0x2c4/0x13c0 > [ 808.060756] ksys_mount+0xf4/0x110 Looks like someone is calling the mount syscall with a very long filesystemtype parameter. struct file_system_type *get_fs_type(const char *name) { struct file_system_type *fs; const char *dot = strchr(name, '.'); int len = dot ? dot - name : strlen(name); fs = __get_fs_type(name, len); if (!fs && (request_module("fs-%.*s", len, name) == 0)) { set_precision() complains about any prevision that doesn't fit in signed 16-bits. Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 17:20 ` Geert Uytterhoeven @ 2018-11-13 17:32 ` Andy Shevchenko 0 siblings, 0 replies; 10+ messages in thread From: Andy Shevchenko @ 2018-11-13 17:32 UTC (permalink / raw) To: Geert Uytterhoeven Cc: cai, Linux Kernel Mailing List, Petr Mladek, Tobin C. Harding, Steven Rostedt, Geert Uytterhoeven On Tue, Nov 13, 2018 at 06:20:20PM +0100, Geert Uytterhoeven wrote: > On Tue, Nov 13, 2018 at 5:57 PM Qian Cai <cai@gmx.us> wrote: > > Running the trinity fuzzer with a non-root user on an aarch64 server with the > > latest mainline (rc2) generated this. Is it just a false alarm to ignore? > > > > [ 807.847370] precision 65525 too large > > [ 807.847449] WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 > > set_precision+0x84/0x90 > > [ 807.860161] Modules linked in: cast6_generic cast_common lrw bridge 8021q > > garp mrp stp llc dlci tcp_diag inet_diag af_key pptp gre l2tp_ppp l2tp_netlink > > l2tp_core ip6_udp_tunnel udp_tunnel pppoe pppox ppp_generic slhc crypto_user > > ib_core nfnetlink scsi_transport_iscsi atm sctp vfat fat ghash_ce sha2_ce > > sha256_arm64 sha1_ce ses enclosure ipmi_ssif sg ipmi_si ipmi_devintf sbsa_gwdt > > ipmi_msghandler sch_fq_codel xfs libcrc32c marvell mpt3sas mlx5_core raid_class > > hibmc_drm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm > > ixgbe hisi_sas_v2_hw igb hisi_sas_main libsas hns_dsaf mlxfw devlink > > hns_enet_drv mdio i2c_designware_platform i2c_algo_bit i2c_designware_core > > ehci_platform scsi_transport_sas hns_mdio hnae dm_mirror dm_region_hash dm_log > > dm_mod > > [ 807.927838] CPU: 26 PID: 64391 Comm: trinity-c90 Kdump: loaded Tainted: > > G W 4.20.0-rc2+ #16 > > [ 807.937494] Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.50 > > 06/01/2018 > > [ 807.944718] pstate: 60000005 (nZCv daif -PAN -UAO) > > [ 807.949515] pc : set_precision+0x84/0x90 > > [ 807.953439] lr : set_precision+0x84/0x90 > > [ 807.957362] sp : ffff801e6430f6b0 > > [ 807.960677] x29: ffff801e6430f6b0 x28: ffff801e6430fb10 > > [ 807.965992] x27: 0000000000000003 x26: 00000000ffffffd8 > > [ 807.971307] x25: ffff801e6430fba0 x24: ffff801e6430fb48 > > [ 807.976622] x23: ffff2000093ddfa0 x22: ffff801e6430f770 > > [ 807.981937] x21: ffff2000090eb4a6 x20: ffff801e6430f770 > > [ 807.987252] x19: 000000000000fff5 x18: 0000000000000000 > > [ 807.992569] x17: 0000000000000000 x16: 0000000000000000 > > [ 807.997884] x15: 0000000000000000 x14: 3878302031343220 > > [ 808.003201] x13: 6265783020303939 x12: ffff04000172b49c > > [ 808.008516] x11: 1fffe4000172b49b x10: ffff04000172b49b > > [ 808.013832] x9 : 0000000000000000 x8 : 203532353536206e > > [ 808.019148] x7 : 6f69736963657270 x6 : 0000000041b58ab3 > > [ 808.024463] x5 : dfff200000000000 x4 : dfff200000000000 > > [ 808.029779] x3 : dfff200000000000 x2 : 65a2459128144800 > > [ 808.035093] x1 : 65a2459128144800 x0 : 0000000000000000 > > [ 808.040408] Call trace: > > [ 808.042861] set_precision+0x84/0x90 > > [ 808.046440] vsnprintf+0x23c/0x858 > > [ 808.049845] __request_module+0x1a0/0x8b8 > > [ 808.053860] get_fs_type+0xb0/0x138 > > [ 808.057351] do_mount+0x2c4/0x13c0 > > [ 808.060756] ksys_mount+0xf4/0x110 > > Looks like someone is calling the mount syscall with a very long filesystemtype > parameter. > > struct file_system_type *get_fs_type(const char *name) > { > struct file_system_type *fs; > const char *dot = strchr(name, '.'); > int len = dot ? dot - name : strlen(name); > > fs = __get_fs_type(name, len); > if (!fs && (request_module("fs-%.*s", len, name) == 0)) { > > set_precision() complains about any prevision that doesn't fit in signed > 16-bits. Or maybe \0 is missed and it found first one at that position. -- With Best Regards, Andy Shevchenko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 16:55 WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 Qian Cai 2018-11-13 17:20 ` Geert Uytterhoeven @ 2018-11-13 17:29 ` Andy Shevchenko 2018-11-13 18:58 ` Qian Cai 1 sibling, 1 reply; 10+ messages in thread From: Andy Shevchenko @ 2018-11-13 17:29 UTC (permalink / raw) To: Qian Cai Cc: linux-kernel, Petr Mladek, Tobin C. Harding, Steven Rostedt (VMware), Geert Uytterhoeven, Rasmus Villemoes On Tue, Nov 13, 2018 at 11:55:32AM -0500, Qian Cai wrote: +Cc Rasmus > Running the trinity fuzzer with a non-root user on an aarch64 server with the > latest mainline (rc2) generated this. Is it just a false alarm to ignore? > > [ 807.847370] precision 65525 too large It seems like someone uses -EAGAIN as a parameter to printf(). Or rather this line if (!fs && (request_module("fs-%.*s", len, name) == 0)) { ... } Care to print the len and name parameters before this line? > [ 807.847449] WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 > set_precision+0x84/0x90 > [ 807.860161] Modules linked in: cast6_generic cast_common lrw bridge 8021q > garp mrp stp llc dlci tcp_diag inet_diag af_key pptp gre l2tp_ppp l2tp_netlink > l2tp_core ip6_udp_tunnel udp_tunnel pppoe pppox ppp_generic slhc crypto_user > ib_core nfnetlink scsi_transport_iscsi atm sctp vfat fat ghash_ce sha2_ce > sha256_arm64 sha1_ce ses enclosure ipmi_ssif sg ipmi_si ipmi_devintf sbsa_gwdt > ipmi_msghandler sch_fq_codel xfs libcrc32c marvell mpt3sas mlx5_core raid_class > hibmc_drm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm > ixgbe hisi_sas_v2_hw igb hisi_sas_main libsas hns_dsaf mlxfw devlink > hns_enet_drv mdio i2c_designware_platform i2c_algo_bit i2c_designware_core > ehci_platform scsi_transport_sas hns_mdio hnae dm_mirror dm_region_hash dm_log > dm_mod > [ 807.927838] CPU: 26 PID: 64391 Comm: trinity-c90 Kdump: loaded Tainted: > G W 4.20.0-rc2+ #16 > [ 807.937494] Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.50 > 06/01/2018 > [ 807.944718] pstate: 60000005 (nZCv daif -PAN -UAO) > [ 807.949515] pc : set_precision+0x84/0x90 > [ 807.953439] lr : set_precision+0x84/0x90 > [ 807.957362] sp : ffff801e6430f6b0 > [ 807.960677] x29: ffff801e6430f6b0 x28: ffff801e6430fb10 > [ 807.965992] x27: 0000000000000003 x26: 00000000ffffffd8 > [ 807.971307] x25: ffff801e6430fba0 x24: ffff801e6430fb48 > [ 807.976622] x23: ffff2000093ddfa0 x22: ffff801e6430f770 > [ 807.981937] x21: ffff2000090eb4a6 x20: ffff801e6430f770 > [ 807.987252] x19: 000000000000fff5 x18: 0000000000000000 > [ 807.992569] x17: 0000000000000000 x16: 0000000000000000 > [ 807.997884] x15: 0000000000000000 x14: 3878302031343220 > [ 808.003201] x13: 6265783020303939 x12: ffff04000172b49c > [ 808.008516] x11: 1fffe4000172b49b x10: ffff04000172b49b > [ 808.013832] x9 : 0000000000000000 x8 : 203532353536206e > [ 808.019148] x7 : 6f69736963657270 x6 : 0000000041b58ab3 > [ 808.024463] x5 : dfff200000000000 x4 : dfff200000000000 > [ 808.029779] x3 : dfff200000000000 x2 : 65a2459128144800 > [ 808.035093] x1 : 65a2459128144800 x0 : 0000000000000000 > [ 808.040408] Call trace: > [ 808.042861] set_precision+0x84/0x90 > [ 808.046440] vsnprintf+0x23c/0x858 > [ 808.049845] __request_module+0x1a0/0x8b8 > [ 808.053860] get_fs_type+0xb0/0x138 > [ 808.057351] do_mount+0x2c4/0x13c0 > [ 808.060756] ksys_mount+0xf4/0x110 > [ 808.064160] __arm64_sys_mount+0x70/0x88 > [ 808.068087] el0_svc_handler+0xd4/0x198 > [ 808.071928] el0_svc+0x8/0xc > [ 808.074810] irq event stamp: 347872 > [ 808.078305] hardirqs last enabled at (347871): [<ffff2000082080e8>] > vprintk_emit+0x2b0/0x5c0 > [ 808.086833] hardirqs last disabled at (347872): [<ffff200008081490>] > do_debug_exception+0xd8/0x190 > [ 808.095795] softirqs last enabled at (347844): [<ffff200008082210>] > __do_softirq+0x7c8/0x9c8 > [ 808.104325] softirqs last disabled at (347837): [<ffff20000812dbe4>] > irq_exit+0x25c/0x2f0 > [ 808.112502] ---[ end trace 598902d30712b79e ]--- -- With Best Regards, Andy Shevchenko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 17:29 ` Andy Shevchenko @ 2018-11-13 18:58 ` Qian Cai 2018-11-13 19:23 ` Steven Rostedt 0 siblings, 1 reply; 10+ messages in thread From: Qian Cai @ 2018-11-13 18:58 UTC (permalink / raw) To: Andy Shevchenko Cc: linux-kernel, Petr Mladek, Tobin C. Harding, Steven Rostedt (VMware), Geert Uytterhoeven, Rasmus Villemoes On Tue, 2018-11-13 at 19:29 +0200, Andy Shevchenko wrote: > On Tue, Nov 13, 2018 at 11:55:32AM -0500, Qian Cai wrote: > > +Cc Rasmus > > > Running the trinity fuzzer with a non-root user on an aarch64 server with > > the > > latest mainline (rc2) generated this. Is it just a false alarm to ignore? > > > > [ 807.847370] precision 65525 too large > > It seems like someone uses -EAGAIN as a parameter to printf(). > > Or rather this line > > if (!fs && (request_module("fs-%.*s", len, name) == 0)) { > ... > } > > Care to print the len and name parameters before this line? len = 60612; name = %d%d%d%d%d%d%s%s%s%d%s%d%d%d%s%s%s%s%s%d%s%d%s%s%s%d%s%d%d%s%s%d%s%s%d%d%s%s%s%s %s%d%s%d%d%s%s%s%d%d%d%d%d%s%s%s%s%d%s%s%s%s%d%d%d%d%d%d%d%s%s%s%s%d%s%d%s%d%s%d %s%s%d%s%d%s%s%s%s%d%s%d%s%s%d%d%s%s%d%s%d%s%s%d%s%d%d%s%s%s%s%d%s%s%s%s%d%d%s%s %s%d%s%d%s%s%d%d%d%d%d%s%s%s%s%s%s%s%d%d%d%s%d%s%d%d%s%d%d%d%s%s%d%d%d%s%s%d%s%d %s%s%s%d%d%d%s%d%s%s%d%s%d%s%s%d%s%d%d%s%d%s%s%d%s%s%s%s%s%d%s%d%d%d%s%d%d%d%d%s %d%s%d%d%d%s%s%s%s%s%d%s%s%s%s%d%d%d%s%d%s%d%d%s%d%s%s%d%d%d%s%d%s%d%d%s%s%s%d%s %s%d%d%d%d%d%d%d%d%d%d%s%d%s%d%s%d%d%s%d%d%s%d%s%s%s%d%d%d%d%s%s%d%d%s%d%d%d%s%d %d%s%d%d%d%d%s%s%d%s%s%d%d%d%s%s%s%s%s%s%s%s%s%d%s%d%d%s%d%s%s%d%s%s%s%s%d%d%d%d %s%d%s%s%d%d%d%s%d%d%d%s%s%s%s%d%d%d%s%d%s%d%s%d%d%d%d%d%d%d%d%d%d%s%s%d%d%d%s%d %d%d%s%s%s%s%s%s%s%d%d%d%d%s%s%d%s%s%d%s%s%s%s%d%d%s%d%d%s%d%d%s%d%d%d%s%s%s%s%d %s%s%d%s%d%s%d%s%d%d%d%d%s%d%d%d%s%d%d%d%d%s%s%d%s%s%d%d%d%s%d%s%d%d%d%d%d%d%s%d %s%s%d%d%s%d%d%d%s%s%d%s%d%s%d%s%d%d%s%d%s%s%s%s%s%d%s%s%d%d%d%s%s%d%d%s%s%d%s%d %s%d%s%s%s% [ 833.044728] ------------[ cut here ]------------ [ 833.137184] precision 60612 too large > > > > [ 807.847449] WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 > > set_precision+0x84/0x90 > > [ 807.860161] Modules linked in: cast6_generic cast_common lrw bridge 8021q > > garp mrp stp llc dlci tcp_diag inet_diag af_key pptp gre l2tp_ppp > > l2tp_netlink > > l2tp_core ip6_udp_tunnel udp_tunnel pppoe pppox ppp_generic slhc crypto_user > > ib_core nfnetlink scsi_transport_iscsi atm sctp vfat fat ghash_ce sha2_ce > > sha256_arm64 sha1_ce ses enclosure ipmi_ssif sg ipmi_si ipmi_devintf > > sbsa_gwdt > > ipmi_msghandler sch_fq_codel xfs libcrc32c marvell mpt3sas mlx5_core > > raid_class > > hibmc_drm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm > > drm > > ixgbe hisi_sas_v2_hw igb hisi_sas_main libsas hns_dsaf mlxfw devlink > > hns_enet_drv mdio i2c_designware_platform i2c_algo_bit i2c_designware_core > > ehci_platform scsi_transport_sas hns_mdio hnae dm_mirror dm_region_hash > > dm_log > > dm_mod > > [ 807.927838] CPU: 26 PID: 64391 Comm: trinity-c90 Kdump: loaded Tainted: > > G W 4.20.0-rc2+ #16 > > [ 807.937494] Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.50 > > 06/01/2018 > > [ 807.944718] pstate: 60000005 (nZCv daif -PAN -UAO) > > [ 807.949515] pc : set_precision+0x84/0x90 > > [ 807.953439] lr : set_precision+0x84/0x90 > > [ 807.957362] sp : ffff801e6430f6b0 > > [ 807.960677] x29: ffff801e6430f6b0 x28: ffff801e6430fb10 > > [ 807.965992] x27: 0000000000000003 x26: 00000000ffffffd8 > > [ 807.971307] x25: ffff801e6430fba0 x24: ffff801e6430fb48 > > [ 807.976622] x23: ffff2000093ddfa0 x22: ffff801e6430f770 > > [ 807.981937] x21: ffff2000090eb4a6 x20: ffff801e6430f770 > > [ 807.987252] x19: 000000000000fff5 x18: 0000000000000000 > > [ 807.992569] x17: 0000000000000000 x16: 0000000000000000 > > [ 807.997884] x15: 0000000000000000 x14: 3878302031343220 > > [ 808.003201] x13: 6265783020303939 x12: ffff04000172b49c > > [ 808.008516] x11: 1fffe4000172b49b x10: ffff04000172b49b > > [ 808.013832] x9 : 0000000000000000 x8 : 203532353536206e > > [ 808.019148] x7 : 6f69736963657270 x6 : 0000000041b58ab3 > > [ 808.024463] x5 : dfff200000000000 x4 : dfff200000000000 > > [ 808.029779] x3 : dfff200000000000 x2 : 65a2459128144800 > > [ 808.035093] x1 : 65a2459128144800 x0 : 0000000000000000 > > [ 808.040408] Call trace: > > [ 808.042861] set_precision+0x84/0x90 > > [ 808.046440] vsnprintf+0x23c/0x858 > > [ 808.049845] __request_module+0x1a0/0x8b8 > > [ 808.053860] get_fs_type+0xb0/0x138 > > [ 808.057351] do_mount+0x2c4/0x13c0 > > [ 808.060756] ksys_mount+0xf4/0x110 > > [ 808.064160] __arm64_sys_mount+0x70/0x88 > > [ 808.068087] el0_svc_handler+0xd4/0x198 > > [ 808.071928] el0_svc+0x8/0xc > > [ 808.074810] irq event stamp: 347872 > > [ 808.078305] hardirqs last enabled at (347871): [<ffff2000082080e8>] > > vprintk_emit+0x2b0/0x5c0 > > [ 808.086833] hardirqs last disabled at (347872): [<ffff200008081490>] > > do_debug_exception+0xd8/0x190 > > [ 808.095795] softirqs last enabled at (347844): [<ffff200008082210>] > > __do_softirq+0x7c8/0x9c8 > > [ 808.104325] softirqs last disabled at (347837): [<ffff20000812dbe4>] > > irq_exit+0x25c/0x2f0 > > [ 808.112502] ---[ end trace 598902d30712b79e ]--- > > ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 18:58 ` Qian Cai @ 2018-11-13 19:23 ` Steven Rostedt 2018-11-13 23:05 ` Petr Mladek 2018-11-14 20:35 ` Qian Cai 0 siblings, 2 replies; 10+ messages in thread From: Steven Rostedt @ 2018-11-13 19:23 UTC (permalink / raw) To: Qian Cai Cc: Andy Shevchenko, linux-kernel, Petr Mladek, Tobin C. Harding, Geert Uytterhoeven, Rasmus Villemoes On Tue, 13 Nov 2018 13:58:18 -0500 Qian Cai <cai@gmx.us> wrote: > > Care to print the len and name parameters before this line? > len = 60612; name = How big are pages on arm64? Because we shouldn't get to this path if the string is bigger than PAGE_SIZE. But I know that on PPC64, PAGE_SIZE can be 64K, and 60612 is less than that. Thus, if we get there, the test is against signed int:16 (16 bit signed integer) that can go up to most 32768. If the string size is bigger than that, you would get this error. I would just say to ignore it. The only thing that can happen if someone does this is to trigger the warning. Unless if it is considered a form of DOS, where userspace just bombards the console by triggering this waring. But I don't see a problem with the actual design. There's no reason we should be processing string variables bigger than 32768 in vsprintf. -- Steve > %d%d%d%d%d%d%s%s%s%d%s%d%d%d%s%s%s%s%s%d%s%d%s%s%s%d%s%d%d%s%s%d%s%s%d%d%s%s%s%s > %s%d%s%d%d%s%s%s%d%d%d%d%d%s%s%s%s%d%s%s%s%s%d%d%d%d%d%d%d%s%s%s%s%d%s%d%s%d%s%d > %s%s%d%s%d%s%s%s%s%d%s%d%s%s%d%d%s%s%d%s%d%s%s%d%s%d%d%s%s%s%s%d%s%s%s%s%d%d%s%s > %s%d%s%d%s%s%d%d%d%d%d%s%s%s%s%s%s%s%d%d%d%s%d%s%d%d%s%d%d%d%s%s%d%d%d%s%s%d%s%d > %s%s%s%d%d%d%s%d%s%s%d%s%d%s%s%d%s%d%d%s%d%s%s%d%s%s%s%s%s%d%s%d%d%d%s%d%d%d%d%s > %d%s%d%d%d%s%s%s%s%s%d%s%s%s%s%d%d%d%s%d%s%d%d%s%d%s%s%d%d%d%s%d%s%d%d%s%s%s%d%s > %s%d%d%d%d%d%d%d%d%d%d%s%d%s%d%s%d%d%s%d%d%s%d%s%s%s%d%d%d%d%s%s%d%d%s%d%d%d%s%d > %d%s%d%d%d%d%s%s%d%s%s%d%d%d%s%s%s%s%s%s%s%s%s%d%s%d%d%s%d%s%s%d%s%s%s%s%d%d%d%d > %s%d%s%s%d%d%d%s%d%d%d%s%s%s%s%d%d%d%s%d%s%d%s%d%d%d%d%d%d%d%d%d%d%s%s%d%d%d%s%d > %d%d%s%s%s%s%s%s%s%d%d%d%d%s%s%d%s%s%d%s%s%s%s%d%d%s%d%d%s%d%d%s%d%d%d%s%s%s%s%d > %s%s%d%s%d%s%d%s%d%d%d%d%s%d%d%d%s%d%d%d%d%s%s%d%s%s%d%d%d%s%d%s%d%d%d%d%d%d%s%d > %s%s%d%d%s%d%d%d%s%s%d%s%d%s%d%s%d%d%s%d%s%s%s%s%s%d%s%s%d%d%d%s%s%d%d%s%s%d%s%d > %s%d%s%s%s% > [ 833.044728] ------------[ cut here ]------------ > [ 833.137184] precision 60612 too large > > ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 19:23 ` Steven Rostedt @ 2018-11-13 23:05 ` Petr Mladek 2018-11-14 9:38 ` Andy Shevchenko 2018-11-14 20:35 ` Qian Cai 1 sibling, 1 reply; 10+ messages in thread From: Petr Mladek @ 2018-11-13 23:05 UTC (permalink / raw) To: Steven Rostedt Cc: Qian Cai, Andy Shevchenko, linux-kernel, Tobin C. Harding, Geert Uytterhoeven, Rasmus Villemoes On Tue 2018-11-13 14:23:17, Steven Rostedt wrote: > On Tue, 13 Nov 2018 13:58:18 -0500 > Qian Cai <cai@gmx.us> wrote: > > > > Care to print the len and name parameters before this line? > > len = 60612; name = > > How big are pages on arm64? Because we shouldn't get to this path if > the string is bigger than PAGE_SIZE. But I know that on PPC64, > PAGE_SIZE can be 64K, and 60612 is less than that. Thus, if we get > there, the test is against signed int:16 (16 bit signed integer) that > can go up to most 32768. If the string size is bigger than that, you > would get this error. > > I would just say to ignore it. I tend to agree. > The only thing that can happen if > someone does this is to trigger the warning. Unless if it is considered > a form of DOS, where userspace just bombards the console by triggering > this waring. We are actually on the safe side because it is WARN_ONCE(). > But I don't see a problem with the actual design. There's > no reason we should be processing string variables bigger than 32768 in > vsprintf. It is not even needed in this case. The string is limited also by MODULE_NAME_LEN. Best Regards, Petr ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 23:05 ` Petr Mladek @ 2018-11-14 9:38 ` Andy Shevchenko 2018-11-14 19:29 ` Petr Mladek 0 siblings, 1 reply; 10+ messages in thread From: Andy Shevchenko @ 2018-11-14 9:38 UTC (permalink / raw) To: Petr Mladek Cc: Steven Rostedt, Qian Cai, linux-kernel, Tobin C. Harding, Geert Uytterhoeven, Rasmus Villemoes On Wed, Nov 14, 2018 at 12:05:12AM +0100, Petr Mladek wrote: > On Tue 2018-11-13 14:23:17, Steven Rostedt wrote: > > On Tue, 13 Nov 2018 13:58:18 -0500 > > Qian Cai <cai@gmx.us> wrote: > > > > > > Care to print the len and name parameters before this line? > > > len = 60612; name = > > > > How big are pages on arm64? Because we shouldn't get to this path if > > the string is bigger than PAGE_SIZE. But I know that on PPC64, > > PAGE_SIZE can be 64K, and 60612 is less than that. Thus, if we get > > there, the test is against signed int:16 (16 bit signed integer) that > > can go up to most 32768. If the string size is bigger than that, you > > would get this error. > > > > I would just say to ignore it. > > I tend to agree. > > > The only thing that can happen if > > someone does this is to trigger the warning. Unless if it is considered > > a form of DOS, where userspace just bombards the console by triggering > > this waring. > > We are actually on the safe side because it is WARN_ONCE(). > > > But I don't see a problem with the actual design. There's > > no reason we should be processing string variables bigger than 32768 in > > vsprintf. > > It is not even needed in this case. The string is limited also by > MODULE_NAME_LEN. At least not in this code. Are you proposing to replace strlen(name) with strnlen(name, MODULE_NAME_LEN)? -- With Best Regards, Andy Shevchenko ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-14 9:38 ` Andy Shevchenko @ 2018-11-14 19:29 ` Petr Mladek 0 siblings, 0 replies; 10+ messages in thread From: Petr Mladek @ 2018-11-14 19:29 UTC (permalink / raw) To: Andy Shevchenko Cc: Steven Rostedt, Qian Cai, linux-kernel, Tobin C. Harding, Geert Uytterhoeven, Rasmus Villemoes On Wed 2018-11-14 11:38:19, Andy Shevchenko wrote: > On Wed, Nov 14, 2018 at 12:05:12AM +0100, Petr Mladek wrote: > > On Tue 2018-11-13 14:23:17, Steven Rostedt wrote: > > > On Tue, 13 Nov 2018 13:58:18 -0500 > > > Qian Cai <cai@gmx.us> wrote: > > > > > > > > Care to print the len and name parameters before this line? > > > > len = 60612; name = > > > > > > How big are pages on arm64? Because we shouldn't get to this path if > > > the string is bigger than PAGE_SIZE. But I know that on PPC64, > > > PAGE_SIZE can be 64K, and 60612 is less than that. Thus, if we get > > > there, the test is against signed int:16 (16 bit signed integer) that > > > can go up to most 32768. If the string size is bigger than that, you > > > would get this error. > > > > > > I would just say to ignore it. > > > > I tend to agree. > > > > > The only thing that can happen if > > > someone does this is to trigger the warning. Unless if it is considered > > > a form of DOS, where userspace just bombards the console by triggering > > > this waring. > > > > We are actually on the safe side because it is WARN_ONCE(). > > > > > But I don't see a problem with the actual design. There's > > > no reason we should be processing string variables bigger than 32768 in > > > vsprintf. > > > > It is not even needed in this case. The string is limited also by > > MODULE_NAME_LEN. > > At least not in this code. > > Are you proposing to replace strlen(name) with strnlen(name, MODULE_NAME_LEN)? It might be a solution. Well, it looks like a wrong design when we would need to use MODULE_NAME_LEN outside module loader code. Also it does not handle other request_module() users that might be affected. On the other hand, I am not sure how a proper solution would look like. request_module() should not limit printk format before the arguments are substituted. The most clean solution probably would be on the vsprintf-level. I mean to limit the precision by the overall string length limit. But it looks a bit weird as well. I still tend to ignore it. The code is safe from the security point of view. The warning would trigger only when completely misused. Best Regards, Petr ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 2018-11-13 19:23 ` Steven Rostedt 2018-11-13 23:05 ` Petr Mladek @ 2018-11-14 20:35 ` Qian Cai 1 sibling, 0 replies; 10+ messages in thread From: Qian Cai @ 2018-11-14 20:35 UTC (permalink / raw) To: Steven Rostedt Cc: Andy Shevchenko, linux-kernel, Petr Mladek, Tobin C. Harding, Geert Uytterhoeven, Rasmus Villemoes On Tue, 2018-11-13 at 14:23 -0500, Steven Rostedt wrote: > On Tue, 13 Nov 2018 13:58:18 -0500 > Qian Cai <cai@gmx.us> wrote: > > > > Care to print the len and name parameters before this line? > > > > len = 60612; name = > > How big are pages on arm64? Because we shouldn't get to this path if # getconf PAGESIZE 65536 > the string is bigger than PAGE_SIZE. But I know that on PPC64, > PAGE_SIZE can be 64K, and 60612 is less than that. Thus, if we get > there, the test is against signed int:16 (16 bit signed integer) that > can go up to most 32768. If the string size is bigger than that, you > would get this error. > > I would just say to ignore it. The only thing that can happen if > someone does this is to trigger the warning. Unless if it is considered > a form of DOS, where userspace just bombards the console by triggering > this waring. But I don't see a problem with the actual design. There's > no reason we should be processing string variables bigger than 32768 in > vsprintf. > > -- Steve > > > > %d%d%d%d%d%d%s%s%s%d%s%d%d%d%s%s%s%s%s%d%s%d%s%s%s%d%s%d%d%s%s%d%s%s%d%d%s%s > > %s%s > > %s%d%s%d%d%s%s%s%d%d%d%d%d%s%s%s%s%d%s%s%s%s%d%d%d%d%d%d%d%s%s%s%s%d%s%d%s%d > > %s%d > > %s%s%d%s%d%s%s%s%s%d%s%d%s%s%d%d%s%s%d%s%d%s%s%d%s%d%d%s%s%s%s%d%s%s%s%s%d%d > > %s%s > > %s%d%s%d%s%s%d%d%d%d%d%s%s%s%s%s%s%s%d%d%d%s%d%s%d%d%s%d%d%d%s%s%d%d%d%s%s%d > > %s%d > > %s%s%s%d%d%d%s%d%s%s%d%s%d%s%s%d%s%d%d%s%d%s%s%d%s%s%s%s%s%d%s%d%d%d%s%d%d%d > > %d%s > > %d%s%d%d%d%s%s%s%s%s%d%s%s%s%s%d%d%d%s%d%s%d%d%s%d%s%s%d%d%d%s%d%s%d%d%s%s%s > > %d%s > > %s%d%d%d%d%d%d%d%d%d%d%s%d%s%d%s%d%d%s%d%d%s%d%s%s%s%d%d%d%d%s%s%d%d%s%d%d%d > > %s%d > > %d%s%d%d%d%d%s%s%d%s%s%d%d%d%s%s%s%s%s%s%s%s%s%d%s%d%d%s%d%s%s%d%s%s%s%s%d%d > > %d%d > > %s%d%s%s%d%d%d%s%d%d%d%s%s%s%s%d%d%d%s%d%s%d%s%d%d%d%d%d%d%d%d%d%d%s%s%d%d%d > > %s%d > > %d%d%s%s%s%s%s%s%s%d%d%d%d%s%s%d%s%s%d%s%s%s%s%d%d%s%d%d%s%d%d%s%d%d%d%s%s%s > > %s%d > > %s%s%d%s%d%s%d%s%d%d%d%d%s%d%d%d%s%d%d%d%d%s%s%d%s%s%d%d%d%s%d%s%d%d%d%d%d%d > > %s%d > > %s%s%d%d%s%d%d%d%s%s%d%s%d%s%d%s%d%d%s%d%s%s%s%s%s%d%s%s%d%d%d%s%s%d%d%s%s%d > > %s%d > > %s%d%s%s%s% > > [ 833.044728] ------------[ cut here ]------------ > > [ 833.137184] precision 60612 too large > > > ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2018-11-14 20:35 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2018-11-13 16:55 WARNING: CPU: 26 PID: 64391 at lib/vsprintf.c:2193 set_precision+0x84/0x90 Qian Cai 2018-11-13 17:20 ` Geert Uytterhoeven 2018-11-13 17:32 ` Andy Shevchenko 2018-11-13 17:29 ` Andy Shevchenko 2018-11-13 18:58 ` Qian Cai 2018-11-13 19:23 ` Steven Rostedt 2018-11-13 23:05 ` Petr Mladek 2018-11-14 9:38 ` Andy Shevchenko 2018-11-14 19:29 ` Petr Mladek 2018-11-14 20:35 ` Qian Cai
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).