UBSAN complains this error
~~~
UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:369:16
shift exponent -66 is negative
Call Trace:
<TASK>
dump_stack_lvl+0x48/0x70
dump_stack+0x10/0x20
__ubsan_handle_shift_out_of_bounds+0x1ac/0x360
skx_get_dimm_info.cold+0x91/0x175 [i10nm_edac]
? kvasprintf_const+0x2a/0xb0
i10nm_get_dimm_config+0x23c/0x340 [i10nm_edac]
skx_register_mci+0x139/0x1e0 [i10nm_edac]
? __pfx_i10nm_get_dimm_config+0x10/0x10 [i10nm_edac]
i10nm_init+0x403/0xd10 [i10nm_edac]
? __pfx_i10nm_init+0x10/0x10 [i10nm_edac]
do_one_initcall+0x5b/0x250
do_init_module+0x68/0x260
load_module+0xb45/0xcd0
? kernel_read_file+0x2a4/0x320
__do_sys_finit_module+0xc4/0x140
? __do_sys_finit_module+0xc4/0x140
__x64_sys_finit_module+0x18/0x30
do_syscall_64+0x58/0x90
? syscall_exit_to_user_mode+0x29/0x50
? do_syscall_64+0x67/0x90
? syscall_exit_to_user_mode+0x29/0x50
? do_syscall_64+0x67/0x90
? do_syscall_64+0x67/0x90
? __flush_smp_call_function_queue+0x122/0x1f0
? exit_to_user_mode_prepare+0x30/0xb0
? irqentry_exit_to_user_mode+0x9/0x20
? irqentry_exit+0x43/0x50
? sysvec_call_function+0x4b/0xd0
entry_SYSCALL_64_after_hwframe+0x72/0xdc
~~~
when get rows, cols and ranks, the returned error value doesn't be
handled.
check the return value is EINVAL, if yes, directly return 0.
Signed-off-by: Koba Ko <[email protected]>
---
V2: make error-print explicitly
---
drivers/edac/skx_common.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/edac/skx_common.c b/drivers/edac/skx_common.c
index 2a00e0503f0d5..ac61db72d2e6b 100644
--- a/drivers/edac/skx_common.c
+++ b/drivers/edac/skx_common.c
@@ -330,7 +330,7 @@ static int skx_get_dimm_attr(u32 reg, int lobit, int hibit, int add,
u32 val = GET_BITFIELD(reg, lobit, hibit);
if (val < minval || val > maxval) {
- edac_dbg(2, "bad %s = %d (raw=0x%x)\n", name, val, reg);
+ skx_printk(KERN_ERR, "bad %s = %d (raw=0x%x)\n", name, val, reg);
return -EINVAL;
}
return val + add;
@@ -351,6 +351,8 @@ int skx_get_dimm_info(u32 mtr, u32 mcmtr, u32 amap, struct dimm_info *dimm,
ranks = numrank(mtr);
rows = numrow(mtr);
cols = imc->hbm_mc ? 6 : numcol(mtr);
+ if (ranks == -EINVAL || rows == -EINVAL || cols == -EINVAL)
+ return 0;
if (imc->hbm_mc) {
banks = 32;
--
2.34.1
Here is a better commit message. You can just copy and paste it.
------------------------------------------
[PATCH v3] EDAC/i10nm: Prevent negative shifts in skx_get_dimm_info().
UBSAN generated the following warning during a timeout:
UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:369:16
shift exponent -66 is negative
That most likely means that rows, cols, and ranks were all set to
-EINVAL. Address this in two ways.
1) Change the debug output in skx_get_dimm_attr() to KERN_ERR so that
users will know where exactly the error is.
2) Add a check for errors in skx_get_dimm_info().
Fixes: 88a242c98740 ("EDAC, skx_common: Separate common code out from skx_edac")
Signed-off-by:
-----------------------------------------------
> @@ -351,6 +351,8 @@ int skx_get_dimm_info(u32 mtr, u32 mcmtr, u32 amap, struct dimm_info *dimm,
> ranks = numrank(mtr);
> rows = numrow(mtr);
> cols = imc->hbm_mc ? 6 : numcol(mtr);
> + if (ranks == -EINVAL || rows == -EINVAL || cols == -EINVAL)
> + return 0;
Change this to:
if (rangks < 0 || rows < 0 || cols < 0)
return 0;
It's bad form to check for a specific error code unless there is a need.
regards,
dan carpenter
On Tue, Jul 4, 2023 at 8:02 PM Dan Carpenter <[email protected]> wrote:
>
> Here is a better commit message. You can just copy and paste it.
> ------------------------------------------
> [PATCH v3] EDAC/i10nm: Prevent negative shifts in skx_get_dimm_info().
>
> UBSAN generated the following warning during a timeout:
>
> UBSAN: shift-out-of-bounds in drivers/edac/skx_common.c:369:16
> shift exponent -66 is negative
>
> That most likely means that rows, cols, and ranks were all set to
> -EINVAL. Address this in two ways.
>
> 1) Change the debug output in skx_get_dimm_attr() to KERN_ERR so that
> users will know where exactly the error is.
> 2) Add a check for errors in skx_get_dimm_info().
>
> Fixes: 88a242c98740 ("EDAC, skx_common: Separate common code out from skx_edac")
> Signed-off-by:
> -----------------------------------------------
have sent V3 as per Markus' comments.
https://patchwork.kernel.org/project/linux-edac/patch/[email protected]/
Thanks
>
> > @@ -351,6 +351,8 @@ int skx_get_dimm_info(u32 mtr, u32 mcmtr, u32 amap, struct dimm_info *dimm,
> > ranks = numrank(mtr);
> > rows = numrow(mtr);
> > cols = imc->hbm_mc ? 6 : numcol(mtr);
> > + if (ranks == -EINVAL || rows == -EINVAL || cols == -EINVAL)
> > + return 0;
>
> Change this to:
>
> if (rangks < 0 || rows < 0 || cols < 0)
> return 0;
>
> It's bad form to check for a specific error code unless there is a need.
>
> regards,
> dan carpenter
>