http://bugzilla.suse.com/show_bug.cgi?id=1105536 http://bugzilla.suse.com/show_bug.cgi?id=1105536#c26 Jiri Slaby changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED CC| |jslaby@suse.com Resolution|FIXED |--- --- Comment #26 from Jiri Slaby --- UBSAN reports an error in SLE15:

[ 0.380060] Speculative Store Bypass: Vulnerable [ 0.388072] ================================================================================ [ 0.392000] UBSAN: Undefined behaviour in ./arch/x86/include/asm/processor.h:189:9 [ 0.392000] shift exponent -13 is negative [ 0.392000] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.12.14-default #3 SLE15 (unreleased) [ 0.392000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 [ 0.392000] Call Trace: [ 0.392000] dump_stack+0x104/0x1c0 [ 0.392000] ubsan_epilogue+0xe/0x8a [ 0.392000] __ubsan_handle_shift_out_of_bounds+0x2ba/0x348 [ 0.392000] check_bugs+0x125d/0x139a [ 0.392000] start_kernel+0x7e0/0x865 [ 0.392000] x86_64_start_kernel+0x181/0x190 [ 0.392000] secondary_startup_64+0xa5/0xb0 [ 0.392000] ================================================================================

This is l1tf_pfn_limit: BIT(boot_cpu_data.x86_cache_bits - 1 - PAGE_SHIFT); boot_cpu_data.x86_cache_bits is apparently 0 when called from check_bugs -> l1tf_select_mitigation -> l1tf_pfn_limit We found out that the hunk to copy the bits: c->x86_cache_bits = c->x86_phys_bits; is misapplied to identify_cpu_without_cpuid which is called only on some CPUs. It looks like it should be in early_identify_cpu, given we have no get_cpu_address_sizes in SLE15 yet. -- You are receiving this mail because: You are on the CC list for the bug.