Hi Andrey, First bad commit (maybe != root cause): tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master head: 044b771be9c5de9d817dfafb829d2f049c71c3b4 commit: 9d72007f43e209ca4de65acbb8e8e13568b6c0c9 [6573/6679] kasan: move tests to mm/kasan/ config: x86_64-buildonly-randconfig-r004-20220912 (https://download.01.org/0day-ci/archive/20220913/202209131555.dMFROX4C-lkp@xxxxxxxxx/config) compiler: gcc-11 (Debian 11.3.0-5) 11.3.0 reproduce (this is a W=1 build): # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=9d72007f43e209ca4de65acbb8e8e13568b6c0c9 git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git git fetch --no-tags linux-next master git checkout 9d72007f43e209ca4de65acbb8e8e13568b6c0c9 # save the config file mkdir build_dir && cp config build_dir/.config make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash mm/kasan/ If you fix the issue, kindly add following tag where applicable Reported-by: kernel test robot <lkp@xxxxxxxxx> All warnings (new ones prefixed by >>): mm/kasan/kasan_test.c: In function 'krealloc_less_oob_helper.constprop': >> mm/kasan/kasan_test.c:335:59: warning: array subscript 201 is outside array bounds of 'char[201]' [-Warray-bounds] 335 | KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size2] = 'x'); | ~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:327:16: note: referencing an object of size 201 allocated by 'krealloc' 327 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/kasan/kasan_test.c:339:59: warning: array subscript 208 is outside array bounds of 'char[201]' [-Warray-bounds] 339 | ptr2[round_up(size2, KASAN_GRANULE_SIZE)] = 'x'); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:327:16: note: referencing an object of size 201 allocated by 'krealloc' 327 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/kasan/kasan_test.c:349:52: warning: array subscript 218 is outside array bounds of 'char[201]' [-Warray-bounds] 349 | KUNIT_EXPECT_KASAN_FAIL(test, ptr2[middle] = 'x'); | ~~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:327:16: note: referencing an object of size 201 allocated by 'krealloc' 327 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/kasan/kasan_test.c:350:55: warning: array subscript 234 is outside array bounds of 'char[201]' [-Warray-bounds] 350 | KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size1 - 1] = 'x'); | ~~~~~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:327:16: note: referencing an object of size 201 allocated by 'krealloc' 327 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/kasan/kasan_test.c:351:51: warning: array subscript 235 is outside array bounds of 'char[201]' [-Warray-bounds] 351 | KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size1] = 'x'); | ~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:327:16: note: referencing an object of size 201 allocated by 'krealloc' 327 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/kasan/kasan_test.c: In function 'krealloc_more_oob_helper.constprop': mm/kasan/kasan_test.c:306:59: warning: array subscript 235 is outside array bounds of 'char[235]' [-Warray-bounds] 306 | KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size2] = 'x'); | ~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:295:16: note: referencing an object of size 235 allocated by 'krealloc' 295 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mm/kasan/kasan_test.c:310:59: warning: array subscript 240 is outside array bounds of 'char[235]' [-Warray-bounds] 310 | ptr2[round_up(size2, KASAN_GRANULE_SIZE)] = 'x'); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~ mm/kasan/kasan_test.c:97:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 97 | expression; \ | ^~~~~~~~~~ mm/kasan/kasan_test.c:295:16: note: referencing an object of size 235 allocated by 'krealloc' 295 | ptr2 = krealloc(ptr1, size2, GFP_KERNEL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Kconfig warnings: (for reference only) WARNING: unmet direct dependencies detected for PM_GENERIC_DOMAINS_OF Depends on [n]: PM_GENERIC_DOMAINS [=y] && OF [=n] Selected by [y]: - QCOM_RPMPD [=y] && PM [=y] && QCOM_SMD_RPM [=y] vim +335 mm/kasan/kasan_test.c 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 314 b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 315 static void krealloc_less_oob_helper(struct kunit *test, b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 316 size_t size1, size_t size2) 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 317 { 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 318 char *ptr1, *ptr2; b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 319 size_t middle; b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 320 b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 321 KUNIT_ASSERT_LT(test, size2, size1); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 322 middle = size2 + (size1 - size2) / 2; 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 323 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 324 ptr1 = kmalloc(size1, GFP_KERNEL); 73228c7ecc5e40 lib/test_kasan.c Patricia Alfonso 2020-10-13 325 KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr1); f33a01492a24a2 lib/test_kasan.c Walter Wu 2020-08-06 326 73228c7ecc5e40 lib/test_kasan.c Patricia Alfonso 2020-10-13 327 ptr2 = krealloc(ptr1, size2, GFP_KERNEL); 73228c7ecc5e40 lib/test_kasan.c Patricia Alfonso 2020-10-13 328 KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr2); f33a01492a24a2 lib/test_kasan.c Walter Wu 2020-08-06 329 b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 330 /* Must be accessible for all modes. */ b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 331 ptr2[size2 - 1] = 'x'; b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 332 b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 333 /* Generic mode is precise, so unaligned size2 must be inaccessible. */ b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 334 if (IS_ENABLED(CONFIG_KASAN_GENERIC)) b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 @335 KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size2] = 'x'); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 336 b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 337 /* For all modes first aligned offset after size2 must be inaccessible. */ b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 338 KUNIT_EXPECT_KASAN_FAIL(test, b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 339 ptr2[round_up(size2, KASAN_GRANULE_SIZE)] = 'x'); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 340 b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 341 /* b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 342 * For all modes all size2, middle, and size1 should land in separate b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 343 * granules and thus the latter two offsets should be inaccessible. b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 344 */ b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 345 KUNIT_EXPECT_LE(test, round_up(size2, KASAN_GRANULE_SIZE), b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 346 round_down(middle, KASAN_GRANULE_SIZE)); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 347 KUNIT_EXPECT_LE(test, round_up(middle, KASAN_GRANULE_SIZE), b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 348 round_down(size1, KASAN_GRANULE_SIZE)); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 349 KUNIT_EXPECT_KASAN_FAIL(test, ptr2[middle] = 'x'); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 350 KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size1 - 1] = 'x'); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 351 KUNIT_EXPECT_KASAN_FAIL(test, ptr2[size1] = 'x'); b87c28b9a7ef64 lib/test_kasan.c Andrey Konovalov 2021-02-25 352 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 353 kfree(ptr2); 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 354 } 3f15801cdc2379 lib/test_kasan.c Andrey Ryabinin 2015-02-13 355 :::::: The code at line 335 was first introduced by commit :::::: b87c28b9a7ef64590943435ea59f40092f2376d5 kasan: rework krealloc tests :::::: TO: Andrey Konovalov <andreyknvl@xxxxxxxxxx> :::::: CC: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> -- 0-DAY CI Kernel Test Service https://01.org/lkp
