[avpatel:riscv_acpi_b2_v1] [swnode] f6c8bb7f93: BUG:KASAN:global-out-of-bounds_in_is_software_node

linux-acpi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: kernel test robot <oliver.sang@intel.com>
To: Anup Patel <apatel@ventanamicro.com>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>,
	Anup Patel <anup@brainfault.org>,
	Sunil V L <sunilvl@ventanamicro.com>,
	<linux-acpi@vger.kernel.org>, <oliver.sang@intel.com>
Subject: [avpatel:riscv_acpi_b2_v1] [swnode]  f6c8bb7f93: BUG:KASAN:global-out-of-bounds_in_is_software_node
Date: Wed, 30 Aug 2023 21:03:41 +0800	[thread overview]
Message-ID: <202308301642.aac23f05-oliver.sang@intel.com> (raw)



Hello,

kernel test robot noticed "BUG:KASAN:global-out-of-bounds_in_is_software_node" on:

commit: f6c8bb7f93ce0e2d0640e0ea73b33145d849f0d8 ("swnode: Add support to create early during boot")
https://github.com/avpatel/linux.git riscv_acpi_b2_v1

in testcase: boot

compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202308301642.aac23f05-oliver.sang@intel.com



[   43.426753][    T1] ==================================================================
[   43.428570][    T1] BUG: KASAN: global-out-of-bounds in is_software_node+0x9a/0xc0
[   43.429100][    T1] Read of size 8 at addr ffffffff8628d220 by task swapper/0/1
[   43.429100][    T1] 
[   43.429100][    T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G                 N 6.5.0-00106-gf6c8bb7f93ce #1
[   43.429100][    T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   43.429100][    T1] Call Trace:
[   43.429100][    T1]  <TASK>
[   43.429100][    T1]  dump_stack_lvl+0x86/0x100
[   43.429100][    T1]  print_address_description+0x57/0x3c0
[   43.429100][    T1]  print_report+0xcc/0x2c0
[   43.429100][    T1]  ? kasan_complete_mode_report_info+0x93/0xc0
[   43.429100][    T1]  ? is_software_node+0x9a/0xc0
[   43.429100][    T1]  kasan_report+0xf8/0x140
[   43.429100][    T1]  ? is_software_node+0x9a/0xc0
[   43.429100][    T1]  __asan_report_load8_noabort+0x14/0x40
[   43.429100][    T1]  is_software_node+0x9a/0xc0
[   43.429100][    T1]  software_node_unregister_node_group+0xb2/0x100
[   43.441192][    T1]  software_node_register_node_group+0x87/0x100
[   43.441192][    T1]  fwnode_pointer+0x110/0x240
[   43.441192][    T1]  ? flags+0x380/0x380
[   43.441192][    T1]  ? test_hashed+0x104/0x1c0
[   43.441192][    T1]  ? fwnode_pointer+0x240/0x240
[   43.441192][    T1]  test_pointer+0x70b/0x980
[   43.441192][    T1]  ? test_hashed+0x1c0/0x1c0
[   43.441192][    T1]  ? __kmem_cache_free+0x172/0x2c0
[   43.441192][    T1]  ? kfree+0x11d/0x280
[   43.441192][    T1]  ? __test+0x150/0x1c0
[   43.441192][    T1]  ? do_test+0x340/0x340
[   43.441192][    T1]  ? kasan_set_track+0x25/0x40
[   43.441192][    T1]  ? test_pointer+0x980/0x980
[   43.441192][    T1]  test_printf_init+0x3c2/0x480
[   43.441192][    T1]  ? test_printf_init+0x3c2/0x480
[   43.441192][    T1]  ? test_pointer+0x980/0x980
[   43.441192][    T1]  ? ida_checks+0x18e/0x200
[   43.441192][    T1]  do_one_initcall+0x1be/0x7c0
[   43.441192][    T1]  ? trace_initcall_level+0x280/0x280
[   43.441192][    T1]  ? do_initcalls+0x30/0x540
[   43.441192][    T1]  do_initcalls+0x230/0x540
[   43.441192][    T1]  kernel_init_freeable+0x2e6/0x400
[   43.441192][    T1]  ? rest_init+0x240/0x240
[   43.441192][    T1]  kernel_init+0x1f/0x200
[   43.441192][    T1]  ? rest_init+0x240/0x240
[   43.441192][    T1]  ret_from_fork+0x58/0xc0
[   43.441192][    T1]  ? rest_init+0x240/0x240
[   43.441192][    T1]  ret_from_fork_asm+0x11/0x40
[   43.441192][    T1]  </TASK>
[   43.441192][    T1] 
[   43.441192][    T1] The buggy address belongs to the variable:
[   43.441192][    T1]  dev_attr_id+0x2200/0x22a0
[   43.441192][    T1] 
[   43.441192][    T1] The buggy address belongs to the physical page:
[   43.441192][    T1] page:ffffea000018a340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x628d
[   43.441192][    T1] flags: 0xfffffc0001000(reserved|node=0|zone=1|lastcpupid=0x1fffff)
[   43.441192][    T1] page_type: 0xffffffff()
[   43.441192][    T1] raw: 000fffffc0001000 ffffea000018a348 ffffea000018a348 0000000000000000
[   43.441192][    T1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   43.441192][    T1] page dumped because: kasan: bad access detected
[   43.441192][    T1] page_owner info is not present (never set?)
[   43.441192][    T1] 
[   43.441192][    T1] Memory state around the buggy address:
[   43.441192][    T1]  ffffffff8628d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   43.441192][    T1]  ffffffff8628d180: 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9
[   43.441192][    T1] >ffffffff8628d200: 00 00 00 00 f9 f9 f9 f9 00 06 f9 f9 f9 f9 f9 f9
[   43.441192][    T1]                                ^
[   43.441192][    T1]  ffffffff8628d280: 00 02 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9
[   43.441192][    T1]  ffffffff8628d300: 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9
[   43.441192][    T1] ==================================================================
[   43.478039][    T1] Disabling lock debugging due to kernel taint
[   43.478860][    T1] test_printf: cannot register softnodes; rval -17



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20230830/202308301642.aac23f05-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

                 reply	other threads:[~2023-08-30 18:47 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202308301642.aac23f05-oliver.sang@intel.com \
    --to=oliver.sang@intel.com \
    --cc=anup@brainfault.org \
    --cc=apatel@ventanamicro.com \
    --cc=linux-acpi@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=oe-lkp@lists.linux.dev \
    --cc=sunilvl@ventanamicro.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).