[avpatel:riscv_acpi_b2_v1] [swnode] f6c8bb7f93: BUG:KASAN:global-out-of-bounds_in_is_software_node

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hello,

kernel test robot noticed "BUG:KASAN:global-out-of-bounds_in_is_software_node" on:

commit: f6c8bb7f93ce0e2d0640e0ea73b33145d849f0d8 ("swnode: Add support to create early during boot")
https://github.com/avpatel/linux.git riscv_acpi_b2_v1

in testcase: boot

compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202308301642.aac23f05-oliver.sang@xxxxxxxxx



[   43.426753][    T1] ==================================================================
[   43.428570][    T1] BUG: KASAN: global-out-of-bounds in is_software_node+0x9a/0xc0
[   43.429100][    T1] Read of size 8 at addr ffffffff8628d220 by task swapper/0/1
[   43.429100][    T1] 
[   43.429100][    T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G                 N 6.5.0-00106-gf6c8bb7f93ce #1
[   43.429100][    T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   43.429100][    T1] Call Trace:
[   43.429100][    T1]  <TASK>
[   43.429100][    T1]  dump_stack_lvl+0x86/0x100
[   43.429100][    T1]  print_address_description+0x57/0x3c0
[   43.429100][    T1]  print_report+0xcc/0x2c0
[   43.429100][    T1]  ? kasan_complete_mode_report_info+0x93/0xc0
[   43.429100][    T1]  ? is_software_node+0x9a/0xc0
[   43.429100][    T1]  kasan_report+0xf8/0x140
[   43.429100][    T1]  ? is_software_node+0x9a/0xc0
[   43.429100][    T1]  __asan_report_load8_noabort+0x14/0x40
[   43.429100][    T1]  is_software_node+0x9a/0xc0
[   43.429100][    T1]  software_node_unregister_node_group+0xb2/0x100
[   43.441192][    T1]  software_node_register_node_group+0x87/0x100
[   43.441192][    T1]  fwnode_pointer+0x110/0x240
[   43.441192][    T1]  ? flags+0x380/0x380
[   43.441192][    T1]  ? test_hashed+0x104/0x1c0
[   43.441192][    T1]  ? fwnode_pointer+0x240/0x240
[   43.441192][    T1]  test_pointer+0x70b/0x980
[   43.441192][    T1]  ? test_hashed+0x1c0/0x1c0
[   43.441192][    T1]  ? __kmem_cache_free+0x172/0x2c0
[   43.441192][    T1]  ? kfree+0x11d/0x280
[   43.441192][    T1]  ? __test+0x150/0x1c0
[   43.441192][    T1]  ? do_test+0x340/0x340
[   43.441192][    T1]  ? kasan_set_track+0x25/0x40
[   43.441192][    T1]  ? test_pointer+0x980/0x980
[   43.441192][    T1]  test_printf_init+0x3c2/0x480
[   43.441192][    T1]  ? test_printf_init+0x3c2/0x480
[   43.441192][    T1]  ? test_pointer+0x980/0x980
[   43.441192][    T1]  ? ida_checks+0x18e/0x200
[   43.441192][    T1]  do_one_initcall+0x1be/0x7c0
[   43.441192][    T1]  ? trace_initcall_level+0x280/0x280
[   43.441192][    T1]  ? do_initcalls+0x30/0x540
[   43.441192][    T1]  do_initcalls+0x230/0x540
[   43.441192][    T1]  kernel_init_freeable+0x2e6/0x400
[   43.441192][    T1]  ? rest_init+0x240/0x240
[   43.441192][    T1]  kernel_init+0x1f/0x200
[   43.441192][    T1]  ? rest_init+0x240/0x240
[   43.441192][    T1]  ret_from_fork+0x58/0xc0
[   43.441192][    T1]  ? rest_init+0x240/0x240
[   43.441192][    T1]  ret_from_fork_asm+0x11/0x40
[   43.441192][    T1]  </TASK>
[   43.441192][    T1] 
[   43.441192][    T1] The buggy address belongs to the variable:
[   43.441192][    T1]  dev_attr_id+0x2200/0x22a0
[   43.441192][    T1] 
[   43.441192][    T1] The buggy address belongs to the physical page:
[   43.441192][    T1] page:ffffea000018a340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x628d
[   43.441192][    T1] flags: 0xfffffc0001000(reserved|node=0|zone=1|lastcpupid=0x1fffff)
[   43.441192][    T1] page_type: 0xffffffff()
[   43.441192][    T1] raw: 000fffffc0001000 ffffea000018a348 ffffea000018a348 0000000000000000
[   43.441192][    T1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   43.441192][    T1] page dumped because: kasan: bad access detected
[   43.441192][    T1] page_owner info is not present (never set?)
[   43.441192][    T1] 
[   43.441192][    T1] Memory state around the buggy address:
[   43.441192][    T1]  ffffffff8628d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   43.441192][    T1]  ffffffff8628d180: 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9
[   43.441192][    T1] >ffffffff8628d200: 00 00 00 00 f9 f9 f9 f9 00 06 f9 f9 f9 f9 f9 f9
[   43.441192][    T1]                                ^
[   43.441192][    T1]  ffffffff8628d280: 00 02 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9
[   43.441192][    T1]  ffffffff8628d300: 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9
[   43.441192][    T1] ==================================================================
[   43.478039][    T1] Disabling lock debugging due to kernel taint
[   43.478860][    T1] test_printf: cannot register softnodes; rval -17



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20230830/202308301642.aac23f05-oliver.sang@xxxxxxxxx



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
[Index of Archives]     [Linux IBM ACPI]     [Linux Power Management]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]
  Powered by Linux