lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 2 Apr 2024 18:35:28 +0100
From: Mark Rutland <mark.rutland@....com>
To: kernel test robot <oliver.sang@...el.com>
Cc: Paul Heidekr"uger <paul.heidekrueger@....de>,
	oe-lkp@...ts.linux.dev, lkp@...el.com, linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Marco Elver <elver@...gle.com>,
	Andrey Konovalov <andreyknvl@...il.com>,
	Alexander Potapenko <glider@...gle.com>,
	Andrey Ryabinin <ryabinin.a.a@...il.com>,
	Dmitry Vyukov <dvyukov@...gle.com>,
	Vincenzo Frascino <vincenzo.frascino@....com>,
	kasan-dev@...glegroups.com
Subject: Re: [linus:master] [kasan]  4e76c8cc33:
 BUG:KASAN:slab-out-of-bounds_in_kasan_atomics_helper

On Sun, Mar 31, 2024 at 10:18:17AM +0800, kernel test robot wrote:
> 
> 
> Hello,
> 
> kernel test robot noticed "BUG:KASAN:slab-out-of-bounds_in_kasan_atomics_helper" on:
> 
> commit: 4e76c8cc3378a20923965e3345f40f6b8ae0bdba ("kasan: add atomic tests")
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master

This is expected; it's the point of the test...

Is there something this should depend on such that the test robot doesn't build
this? Otherwise, can we please avoid reporting KASAN splates from this KASAN test module?

Mark.

> [test failed on linus/master 8d025e2092e29bfd13e56c78e22af25fac83c8ec]
> [test failed on linux-next/master a6bd6c9333397f5a0e2667d4d82fef8c970108f2]
> 
> in testcase: kunit
> version: 
> with following parameters:
> 
> 	group: group-00
> 
> 
> 
> compiler: gcc-12
> test machine: 16 threads 1 sockets Intel(R) Xeon(R) CPU D-1541 @ 2.10GHz (Broadwell-DE) with 48G memory
> 
> (please refer to attached dmesg/kmsg for entire log/backtrace)
> 
> 
> 
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <oliver.sang@...el.com>
> | Closes: https://lore.kernel.org/oe-lkp/202403310849.3bb9f3d2-lkp@intel.com
> 
> 
> The kernel config and materials to reproduce are available at:
> https://download.01.org/0day-ci/archive/20240331/202403310849.3bb9f3d2-lkp@intel.com
> 
> 
> 
> [  306.028382][ T4480] ==================================================================
> [  306.047117][ T4480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [  306.057673][ T4480] Read of size 4 at addr ffff888168de7330 by task kunit_try_catch/4480
> [  306.067074][ T4480] 
> [  306.070605][ T4480] CPU: 2 PID: 4480 Comm: kunit_try_catch Tainted: G S  B            N 6.8.0-rc5-00151-g4e76c8cc3378 #1
> [  306.082834][ T4480] Hardware name: Supermicro SYS-5018D-FN4T/X10SDV-8C-TLN4F, BIOS 1.1 03/02/2016
> [  306.093195][ T4480] Call Trace:
> [  306.097725][ T4480]  <TASK>
> [  306.101846][ T4480]  dump_stack_lvl+0x36/0x50
> [  306.107696][ T4480]  print_address_description+0x2c/0x3a0
> [  306.115489][ T4480]  ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [  306.123367][ T4480]  print_report+0xba/0x2b0
> [  306.129115][ T4480]  ? kasan_addr_to_slab+0xd/0x90
> [  306.135383][ T4480]  ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [  306.143412][ T4480]  kasan_report+0xe7/0x120
> [  306.149087][ T4480]  ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [  306.157076][ T4480]  kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [  306.164966][ T4480]  ? kmalloc_oob_right+0x3e0/0x3e0 [kasan_test]
> [  306.172608][ T4480]  ? kasan_save_track+0x14/0x30
> [  306.178787][ T4480]  kasan_atomics+0xeb/0x190 [kasan_test]
> [  306.185724][ T4480]  ? kasan_bitops_generic+0x140/0x140 [kasan_test]
> [  306.193520][ T4480]  ? ktime_get_ts64+0x83/0x1b0
> [  306.199669][ T4480]  kunit_try_run_case+0x1ab/0x480
> [  306.206017][ T4480]  ? kunit_try_run_case_cleanup+0xe0/0xe0
> [  306.213174][ T4480]  ? _raw_read_unlock_irqrestore+0x50/0x50
> [  306.220337][ T4480]  ? set_cpus_allowed_ptr+0x85/0xb0
> [  306.226821][ T4480]  ? migrate_enable+0x2a0/0x2a0
> [  306.232966][ T4480]  ? kunit_try_catch_throw+0x80/0x80
> [  306.239549][ T4480]  ? kunit_try_run_case_cleanup+0xe0/0xe0
> [  306.246540][ T4480]  kunit_generic_run_threadfn_adapter+0x4e/0xa0
> [  306.254054][ T4480]  kthread+0x2dd/0x3c0
> [  306.259312][ T4480]  ? kthread_complete_and_exit+0x30/0x30
> [  306.266147][ T4480]  ret_from_fork+0x31/0x70
> [  306.271775][ T4480]  ? kthread_complete_and_exit+0x30/0x30
> [  306.278575][ T4480]  ret_from_fork_asm+0x11/0x20
> [  306.284413][ T4480]  </TASK>
> [  306.288653][ T4480] 
> [  306.292149][ T4480] Allocated by task 4480:
> [  306.297686][ T4480]  kasan_save_stack+0x33/0x50
> [  306.303495][ T4480]  kasan_save_track+0x14/0x30
> [  306.309255][ T4480]  __kasan_kmalloc+0xa2/0xb0
> [  306.314945][ T4480]  kasan_atomics+0x8c/0x190 [kasan_test]
> [  306.321745][ T4480]  kunit_try_run_case+0x1ab/0x480
> [  306.327860][ T4480]  kunit_generic_run_threadfn_adapter+0x4e/0xa0
> [  306.335239][ T4480]  kthread+0x2dd/0x3c0
> [  306.340469][ T4480]  ret_from_fork+0x31/0x70
> [  306.346020][ T4480]  ret_from_fork_asm+0x11/0x20
> [  306.351815][ T4480] 
> [  306.355163][ T4480] The buggy address belongs to the object at ffff888168de7300
> [  306.355163][ T4480]  which belongs to the cache kmalloc-64 of size 64
> [  306.371174][ T4480] The buggy address is located 0 bytes to the right of
> [  306.371174][ T4480]  allocated 48-byte region [ffff888168de7300, ffff888168de7330)
> [  306.387688][ T4480] 
> [  306.390884][ T4480] The buggy address belongs to the physical page:
> [  306.398313][ T4480] page:000000005ccb3a22 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x168de7
> [  306.409549][ T4480] flags: 0x17ffffc0000800(slab|node=0|zone=2|lastcpupid=0x1fffff)
> [  306.418339][ T4480] page_type: 0xffffffff()
> [  306.423762][ T4480] raw: 0017ffffc0000800 ffff888100042640 dead000000000100 dead000000000122
> [  306.433384][ T4480] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
> [  306.443077][ T4480] page dumped because: kasan: bad access detected
> [  306.450608][ T4480] 
> [  306.454016][ T4480] Memory state around the buggy address:
> [  306.460748][ T4480]  ffff888168de7200: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
> [  306.469821][ T4480]  ffff888168de7280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
> [  306.478894][ T4480] >ffff888168de7300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
> [  306.488019][ T4480]                                      ^
> [  306.494672][ T4480]  ffff888168de7380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
> [  306.503812][ T4480]  ffff888168de7400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
> [  306.512946][ T4480] ==================================================================
> 
> 
> -- 
> 0-DAY CI Kernel Test Service
> https://github.com/intel/lkp-tests/wiki
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ