On Thu, Apr 11, 2024 at 11:11:05AM -0700, Nathan Chancellor wrote:
> [ 0.189542] Internal error: UBSAN: unrecognized failure code:
> 00000000f2005515 [#1] PREEMPT SMP
Oops! Yes, I didn't update the (arm64) trap handler to notice integer
overflows. I think I need something like:
diff --git a/lib/ubsan.c b/lib/ubsan.c
index 5fc107f61934..a2fb19f75825 100644
--- a/lib/ubsan.c
+++ b/lib/ubsan.c
@@ -77,6 +77,14 @@ const char *report_ubsan_failure(struct pt_regs *regs, u32
check_type)
return "UBSAN: alignment assumption";
case ubsan_type_mismatch:
return "UBSAN: type mismatch";
+#endif
+#ifdef CONFIG_UBSAN_SIGNED_INTEGER_WRAP
+ case ubsan_add_overflow:
+ return "UBSAN: integer addition overflow";
+ case ubsan_sub_overflow:
+ return "UBSAN: integer subtraction overflow";
+ case ubsan_mul_overflow:
+ return "UBSAN: integer multiplication overflow";
#endif
default:
return "UBSAN: unrecognized failure code";
> [ 0.198326] Call trace:
> [ 0.198544] cancel_delayed_work+0x54/0x94
> [ 0.198810] deferred_probe_extend_timeout+0x20/0x6c
> [ 0.198988] driver_register+0xa8/0x10c
> [ 0.199122] __platform_driver_register+0x28/0x38
> [ 0.199258] tegra194_cbb_init+0x24/0x34
Justin, does this trace match anything you found running syzkaller
against SIO? (I assume not -- this seems to be a tegra code path...)
--
Kees Cook
