• Christian Borntraeger's avatar
    s390/dasd: avoid undefined behaviour · 0f02c4e7
    Christian Borntraeger authored
    the mdc value can be quite big (like 65535), so we are in undefined
    territory when doing the multiplication with the (also signed)
    FCX_MAX_DATA_FACTOR as outlined by UBSAN:
    
    UBSAN: Undefined behaviour in drivers/s390/block/dasd_eckd.c:1678:14
    signed integer overflow:
    65535 * 65536 cannot be represented in type 'int'
    CPU: 5 PID: 183 Comm: kworker/u512:1 Not tainted 4.7.0+ #150
    Workqueue: events_unbound async_run_entry_fn
    000000fb8b59f900 000000fb8b59f990 0000000000000002 0000000000000000
    000000fb8b59fa30 000000fb8b59f9a8 000000fb8b59f9a8 000000000011732e
    00000000000000a4 0000000000a309e2 0000000000a4c072 000000000000000b
    000000fb8b59f9f0 000000fb8b59f990 0000000000000000 0000000000000000
    0400000000d83238 000000000011732e 000000fb8b59f990 000000fb8b59f9f0
    Call Trace:
    ([<0000000000117260>] show_trace+0x98/0xa8)
    ([<00000000001172e0>] show_stack+0x70/0xf0)
    ([<000000000053ac96>] dump_stack+0x86/0xb8)
    ([<000000000057f5f8>] ubsan_epilogue+0x28/0x70)
    ([<000000000057fe9e>] handle_overflow+0xde/0xf0)
    ([<00000000006c322a>] dasd_eckd_check_characteristics+0x50a/0x550)
    ([<00000000006b42ca>] dasd_generic_set_online+0xba/0x380)
    ([<0000000000693d82>] ccw_device_set_online+0x192/0x550)
    ([<00000000006ac1ae>] dasd_generic_auto_online+0x2e/0x70)
    ([<0000000000172130>] async_run_entry_fn+0x70/0x270)
    ([<0000000000165a72>] process_one_work+0x26a/0x638)
    ([<0000000000165e8a>] worker_thread+0x4a/0x658)
    ([<000000000016dd9c>] kthread+0x10c/0x110)
    ([<00000000008963ae>] kernel_thread_starter+0x6/0xc)
    ([<00000000008963a8>] kernel_thread_starter+0x0/0xc)
    
    As this is a runtime value there is actually no risk of any sane
    compiler to detect and (ab)use this undefinedness, but let's make
    the multiplication defined by making mdc unsigned.
    Signed-off-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
    Acked-by: default avatarStefan Haberland <sth@linux.vnet.ibm.com>
    Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
    0f02c4e7
dasd_eckd.c 160 KB