| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Nov 2022 14:54:01 +0800
From: kernel test robot <yujie.liu@...el.com>
To: Yury Norov <yury.norov@...il.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
<linux-kernel@...r.kernel.org>, <ltp@...ts.linux.it>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Yury Norov <yury.norov@...il.com>
Subject: Re: [PATCH 2/6] bitmap: replace _reg_op(REG_OP_ALLOC) with
bitmap_set()
Greeting,
FYI, we noticed BUG:KASAN:slab-out-of-bounds_in__bitmap_set due to commit (built with gcc-11):
commit: 8cbe83be2e63293c368eb2d580f2f69cb8b35e43 ("[PATCH 2/6] bitmap: replace _reg_op(REG_OP_ALLOC) with bitmap_set()")
url: https://github.com/intel-lab-lkp/linux/commits/Yury-Norov/bitmap-remove-_reg_op/20221028-095005
base: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git 23758867219c8d84c8363316e6dd2f9fd7ae3049
patch subject: [PATCH 2/6] bitmap: replace _reg_op(REG_OP_ALLOC) with bitmap_set()
in testcase: ltp
version: ltp-x86_64-14c1f76-1_20221009
with following parameters:
disk: 1HDD
fs: f2fs
test: writev03.writev03
test-description: The LTP testsuite contains a collection of tools for testing the Linux kernel and related features.
test-url: http://linux-test-project.github.io/
on test machine: 4 threads Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (Skylake) with 32G memory
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
[ 8.260699][ T1] BUG: KASAN: slab-out-of-bounds in __bitmap_set (lib/bitmap.c:370)
[ 8.260699][ T1] Read of size 8 at addr ffff88810023a000 by task swapper/0/1
[ 8.260699][ T1]
[ 8.260699][ T1] CPU: 2 PID: 1 Comm: swapper/0 Tainted: G I 6.1.0-rc2-00194-g8cbe83be2e63 #1
[ 8.260699][ T1] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.1.1 10/07/2015
[ 8.260699][ T1] Call Trace:
[ 8.260699][ T1] <TASK>
[ 8.260699][ T1] dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1))
[ 8.260699][ T1] print_address_description+0x87/0x2a1
[ 8.260699][ T1] print_report (mm/kasan/report.c:396)
[ 8.260699][ T1] ? kasan_addr_to_slab (mm/kasan/common.c:35)
[ 8.260699][ T1] ? __bitmap_set (lib/bitmap.c:370)
[ 8.260699][ T1] kasan_report (mm/kasan/report.c:497)
[ 8.260699][ T1] ? __bitmap_set (lib/bitmap.c:370)
[ 8.260699][ T1] __bitmap_set (lib/bitmap.c:370)
[ 8.260699][ T1] bitmap_find_free_region (lib/bitmap.c:1321)
[ 8.260699][ T1] intel_irq_remapping_alloc (drivers/iommu/intel/irq_remapping.c:129 drivers/iommu/intel/irq_remapping.c:1358)
[ 8.260699][ T1] ? local_pci_probe (drivers/pci/pci-driver.c:324)
[ 8.260699][ T1] ? pci_call_probe (drivers/pci/pci-driver.c:392)
[ 8.260699][ T1] ? driver_probe_device (drivers/base/dd.c:808)
[ 8.260699][ T1] ? __driver_attach (drivers/base/dd.c:1191)
[ 8.260699][ T1] ? bus_add_driver (drivers/base/bus.c:618)
[ 8.260699][ T1] ? do_one_initcall (init/main.c:1303)
[ 8.260699][ T1] ? do_initcalls (init/main.c:1375 init/main.c:1392)
[ 8.260699][ T1] ? kernel_init_freeable (init/main.c:1635)
[ 8.260699][ T1] ? kernel_init (init/main.c:1521)
[ 8.260699][ T1] ? ret_from_fork (arch/x86/entry/entry_64.S:312)
[ 8.260699][ T1] ? intel_irq_remapping_free (drivers/iommu/intel/irq_remapping.c:1327)
[ 8.260699][ T1] ? __irq_domain_alloc_irqs (include/linux/slab.h:598 include/linux/slab.h:723 kernel/irq/irqdomain.c:1158 kernel/irq/irqdomain.c:1285 kernel/irq/irqdomain.c:1475)
[ 8.260699][ T1] ? __irq_domain_alloc_irqs (include/linux/slab.h:598 include/linux/slab.h:723 kernel/irq/irqdomain.c:1158 kernel/irq/irqdomain.c:1285 kernel/irq/irqdomain.c:1475)
[ 8.260699][ T1] msi_domain_alloc (kernel/irq/msi.c:543)
[ 8.260699][ T1] ? msi_domain_free (kernel/irq/msi.c:532)
[ 8.260699][ T1] ? __mutex_lock_slowpath (kernel/locking/mutex.c:282)
[ 8.260699][ T1] __irq_domain_alloc_irqs (kernel/irq/irqdomain.c:1482)
[ 8.260699][ T1] __msi_domain_alloc_irqs (kernel/irq/msi.c:896)
[ 8.260699][ T1] ? _raw_write_lock_irq (kernel/locking/spinlock.c:153)
[ 8.260699][ T1] ? msi_domain_prepare_irqs (kernel/irq/msi.c:855)
[ 8.260699][ T1] ? xa_find (lib/xarray.c:2024)
[ 8.260699][ T1] msi_domain_alloc_irqs_descs_locked (kernel/irq/msi.c:952)
[ 8.260699][ T1] ? msi_find_desc (kernel/irq/msi.c:248)
[ 8.260699][ T1] __pci_enable_msi_range (drivers/pci/msi/msi.c:458 drivers/pci/msi/msi.c:905)
[ 8.260699][ T1] ? pci_disable_msi (drivers/pci/msi/msi.c:866)
[ 8.260699][ T1] ? irq_spurious_proc_show (kernel/irq/proc.c:292)
[ 8.260699][ T1] ? __pci_enable_msix_range (drivers/pci/msi/msi.c:359 drivers/pci/msi/msi.c:941)
[ 8.260699][ T1] pci_alloc_irq_vectors_affinity (drivers/pci/msi/msi.c:1029)
[ 8.260699][ T1] ? pci_conf1_read (arch/x86/pci/direct.c:49)
[ 8.260699][ T1] ? pci_enable_msix_range (drivers/pci/msi/msi.c:1008)
[ 8.260699][ T1] ? pci_bus_read_config_word (drivers/pci/access.c:67 (discriminator 2))
[ 8.260699][ T1] ? pci_bus_find_capability (drivers/pci/pci.c:544)
[ 8.260699][ T1] pcie_port_enable_irq_vec (include/linux/pci.h:1907 drivers/pci/pcie/portdrv_core.c:107)
[ 8.260699][ T1] ? get_port_device_capability (drivers/pci/pcie/portdrv_core.c:102)
[ 8.260699][ T1] ? __pci_set_master (drivers/pci/pci.c:4383)
[ 8.260699][ T1] ? pci_ea_read (drivers/pci/pci.c:4378)
[ 8.260699][ T1] ? pci_address_to_pio+0x20/0x20
[ 8.260699][ T1] ? pci_enable_device_flags (drivers/pci/pci.c:2005)
[ 8.260699][ T1] pcie_port_device_register (drivers/pci/pcie/portdrv_core.c:181 drivers/pci/pcie/portdrv_core.c:334)
[ 8.260699][ T1] ? rpm_callback (drivers/base/power/runtime.c:755)
[ 8.260699][ T1] ? pcie_port_service_unregister (drivers/pci/pcie/portdrv_core.c:312)
[ 8.260699][ T1] ? _raw_read_unlock_irqrestore (kernel/locking/spinlock.c:161)
[ 8.260699][ T1] ? __cond_resched (kernel/sched/core.c:8325)
[ 8.260699][ T1] ? pcie_portdrv_remove (drivers/pci/pcie/portdrv_pci.c:103)
[ 8.260699][ T1] pcie_portdrv_probe (drivers/pci/pcie/portdrv_pci.c:117)
[ 8.260699][ T1] ? pcie_portdrv_remove (drivers/pci/pcie/portdrv_pci.c:103)
[ 8.260699][ T1] local_pci_probe (drivers/pci/pci-driver.c:324)
[ 8.260699][ T1] pci_call_probe (drivers/pci/pci-driver.c:392)
[ 8.260699][ T1] ? _raw_spin_lock (arch/x86/include/asm/atomic.h:202 include/linux/atomic/atomic-instrumented.h:543 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:186 include/linux/spinlock_api_smp.h:134 kernel/locking/spinlock.c:154)
[ 8.260699][ T1] ? local_pci_probe (drivers/pci/pci-driver.c:352)
[ 8.260699][ T1] ? pci_assign_irq (drivers/pci/setup-irq.c:25)
[ 8.260699][ T1] ? pci_match_device (drivers/pci/pci-driver.c:108 drivers/pci/pci-driver.c:159)
[ 8.260699][ T1] ? kernfs_put (arch/x86/include/asm/atomic.h:123 (discriminator 1) include/linux/atomic/atomic-instrumented.h:576 (discriminator 1) fs/kernfs/dir.c:531 (discriminator 1))
[ 8.260699][ T1] pci_device_probe (drivers/pci/pci-driver.c:461)
[ 8.260699][ T1] ? pci_dma_configure (drivers/pci/pci-driver.c:1647)
[ 8.260699][ T1] really_probe (drivers/base/dd.c:560 drivers/base/dd.c:639)
[ 8.260699][ T1] __driver_probe_device (drivers/base/dd.c:719 drivers/base/dd.c:776)
[ 8.260699][ T1] driver_probe_device (drivers/base/dd.c:808)
[ 8.260699][ T1] __driver_attach (drivers/base/dd.c:1191)
[ 8.260699][ T1] ? __device_attach_driver (drivers/base/dd.c:1135)
[ 8.260699][ T1] bus_for_each_dev (drivers/base/bus.c:301)
[ 8.260699][ T1] ? subsys_dev_iter_exit (drivers/base/bus.c:290)
[ 8.260699][ T1] ? __kmem_cache_alloc_node (mm/slub.c:3400 mm/slub.c:3437)
[ 8.260699][ T1] ? klist_add_tail (include/linux/list.h:69 include/linux/list.h:102 lib/klist.c:104 lib/klist.c:137)
[ 8.260699][ T1] bus_add_driver (drivers/base/bus.c:618)
[ 8.260699][ T1] driver_register (drivers/base/driver.c:246)
[ 8.260699][ T1] ? dmi_pcie_pme_disable_msi (drivers/pci/pcie/portdrv_pci.c:243)
[ 8.260699][ T1] do_one_initcall (init/main.c:1303)
[ 8.260699][ T1] ? trace_event_raw_event_initcall_level (init/main.c:1294)
[ 8.260699][ T1] ? parse_one (kernel/params.c:170)
[ 8.260699][ T1] ? do_initcalls (init/main.c:1386)
[ 8.260699][ T1] ? kasan_set_track (mm/kasan/common.c:52)
[ 8.260699][ T1] ? __kasan_kmalloc (mm/kasan/common.c:381)
[ 8.260699][ T1] do_initcalls (init/main.c:1375 init/main.c:1392)
[ 8.260699][ T1] kernel_init_freeable (init/main.c:1635)
[ 8.260699][ T1] ? console_on_rootfs (init/main.c:1601)
[ 8.260699][ T1] ? usleep_range_state (kernel/time/timer.c:1897)
[ 8.260699][ T1] ? _raw_spin_lock_bh (kernel/locking/spinlock.c:169)
[ 8.260699][ T1] ? rest_init (init/main.c:1511)
[ 8.260699][ T1] ? rest_init (init/main.c:1511)
[ 8.260699][ T1] kernel_init (init/main.c:1521)
[ 8.260699][ T1] ret_from_fork (arch/x86/entry/entry_64.S:312)
[ 8.260699][ T1] </TASK>
[ 8.260699][ T1]
If you fix the issue, kindly add following tag
| Reported-by: kernel test robot <yujie.liu@...el.com>
| Link: https://lore.kernel.org/oe-lkp/202211111357.9e363da2-yujie.liu@intel.com
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
sudo bin/lkp install job.yaml # job file is attached in this email
bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run
sudo bin/lkp run generated-yaml-file
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
View attachment "config-6.1.0-rc2-00194-g8cbe83be2e63" of type "text/plain" (170376 bytes)
View attachment "job-script" of type "text/plain" (5969 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (46324 bytes)
View attachment "ltp" of type "text/plain" (191362 bytes)
View attachment "job.yaml" of type "text/plain" (4708 bytes)
Powered by blists - more mailing lists