On Fri, Jan 16 2015, Andrew Morton <a...@linux-foundation.org> wrote:
> On Fri, 16 Jan 2015 11:23:57 -0500 Johannes Weiner <han...@cmpxchg.org> wrote: > >> Hi Rasmus, >> >> I have trouble booting my test machine with this patch in -mm: >> >> commit bb2e066c6943e62e9650bb129f416dacf138f8b1 >> Author: Rasmus Villemoes <li...@rasmusvillemoes.dk> >> Date: Wed Jan 14 01:00:44 2015 +0000 >> >> lib/vsprintf.c: don't try to fix pointer wrap-around >> >> Actual kernel buffers can't wrap into the user address space. If someone >> manages to pass a buf/size combination that wraps, it is most likely due >> to a bug in the caller. Instead of trying to fix it by using a smaller >> part of the buffer, bail out. >> >> Signed-off-by: Rasmus Villemoes <li...@rasmusvillemoes.dk> >> Cc: Jiri Kosina <jkos...@suse.cz> >> Cc: Randy Dunlap <rdun...@infradead.org> >> Signed-off-by: Andrew Morton <a...@linux-foundation.org> >> >> After I get "Loading bzImage-new... ok" from the bootloader, the >> serial console remains quiet. >> >> A WARN_ON_ONCE() inside vsnprintf() looks like it would deadlock >> instantly when triggering this overflow from printk(), no? > > Dammit, I was starting at that printk, ended up deciding it was OK, > didn't think about deadlocks. logbuf_lock and recursion_bug, for a > start... > > I'll drop the patch. Good, because the bug is in my brain. I think the cause may be a sprintf or vsprintf call that doesn't actually print what it is supposed to, since they pass INT_MAX for size, and that can of course easily cause buf+size to wrap-around (it is basically guaranteed on 32 bit). Sorry about this. Thanks for reporting, Johannes. Rasmus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
