From: kernel test robot <oliver.sang@intel.com>
To: "Rafael J. Wysocki" <rjw@rjwysocki.net>
Cc: <oe-lkp@lists.linux.dev>, <lkp@intel.com>,
"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
<linux-acpi@vger.kernel.org>, <acpica-devel@lists.linux.dev>,
LKML <linux-kernel@vger.kernel.org>,
"Bob Moore" <robert.moore@intel.com>,
Saket Dumbre <saket.dumbre@intel.com>, <oliver.sang@intel.com>
Subject: Re: [PATCH v1 18/19] ACPICA: Replace strncpy() with memcpy()
Date: Wed, 7 May 2025 13:42:10 +0800 [thread overview]
Message-ID: <202505071055.2de34dd7-lkp@intel.com> (raw)
In-Reply-To: <1910878.atdPhlSkOF@rjwysocki.net>
Hello,
kernel test robot noticed "BUG:KASAN:global-out-of-bounds_in_acpi_ut_safe_strncpy" on:
commit: 42d0e849d2f0848ac665486c5b38b5321bce299e ("[PATCH v1 18/19] ACPICA: Replace strncpy() with memcpy()")
url: https://github.com/intel-lab-lkp/linux/commits/Rafael-J-Wysocki/ACPICA-Drop-stale-comment-about-the-header-file-content/20250426-034340
base: https://git.kernel.org/cgit/linux/kernel/git/rafael/linux-pm.git linux-next
patch link: https://lore.kernel.org/all/1910878.atdPhlSkOF@rjwysocki.net/
patch subject: [PATCH v1 18/19] ACPICA: Replace strncpy() with memcpy()
in testcase: boot
config: x86_64-randconfig-103-20250426
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+--------------------------------------------------------+------------+------------+
| | 2d3714d918 | 42d0e849d2 |
+--------------------------------------------------------+------------+------------+
| BUG:KASAN:global-out-of-bounds_in_acpi_ut_safe_strncpy | 0 | 18 |
+--------------------------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202505071055.2de34dd7-lkp@intel.com
[ 11.237174][ T1] BUG: KASAN: global-out-of-bounds in acpi_ut_safe_strncpy (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utnonansi.c:172)
[ 11.237174][ T1] Read of size 16 at addr ffffffffb92c19e0 by task swapper/0/1
[ 11.237174][ T1]
[ 11.237174][ T1] CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.15.0-rc3-00082-g42d0e849d2f0 #1 PREEMPTLAZY
[ 11.237174][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 11.237174][ T1] Call Trace:
[ 11.237174][ T1] <TASK>
[ 11.237174][ T1] dump_stack_lvl (kbuild/obj/consumer/x86_64-randconfig-103-20250426/lib/dump_stack.c:123)
[ 11.237174][ T1] print_address_description+0x33/0x3d0
[ 11.237174][ T1] print_report (kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/report.c:522)
[ 11.237174][ T1] ? acpi_ut_safe_strncpy (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utnonansi.c:172)
[ 11.237174][ T1] ? kasan_addr_to_slab (kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/common.c:37)
[ 11.237174][ T1] ? acpi_ut_safe_strncpy (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utnonansi.c:172)
[ 11.237174][ T1] kasan_report (kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/report.c:636)
[ 11.237174][ T1] ? acpi_ut_safe_strncpy (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utnonansi.c:172)
[ 11.237174][ T1] kasan_check_range (kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/generic.c:183 kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/generic.c:189)
[ 11.237174][ T1] __asan_memcpy (kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/shadow.c:105)
[ 11.237174][ T1] acpi_ut_safe_strncpy (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utnonansi.c:172)
[ 11.237174][ T1] acpi_ps_alloc_op (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/psutils.c:122)
[ 11.237174][ T1] acpi_ps_create_scope_op (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/psutils.c:34)
[ 11.237174][ T1] acpi_ps_execute_table (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/psxface.c:249)
[ 11.237174][ T1] ? acpi_ns_get_normalized_pathname (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/nsnames.c:321 (discriminator 1))
[ 11.237174][ T1] acpi_ns_execute_table (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/nsparse.c:120 (discriminator 5))
[ 11.237174][ T1] ? acpi_ns_get_attached_data (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/nsparse.c:45)
[ 11.237174][ T1] ? acpi_ut_add_address_range (kbuild/obj/consumer/x86_64-randconfig-103-20250426/include/linux/sched.h:2268 kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utaddress.c:56)
[ 11.237174][ T1] ? acpi_os_signal_semaphore (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/osl.c:1334)
[ 11.237174][ T1] ? __sanitizer_cov_trace_const_cmp4 (kbuild/obj/consumer/x86_64-randconfig-103-20250426/kernel/kcov.c:316)
[ 11.237174][ T1] ? acpi_ut_status_exit (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/utdebug.c:474)
[ 11.237174][ T1] acpi_ns_parse_table (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/nsparse.c:270 (discriminator 5))
[ 11.237174][ T1] acpi_ns_load_table (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/nsload.c:72)
[ 11.237174][ T1] acpi_tb_load_namespace (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/tbxfload.c:159)
[ 11.237174][ T1] ? acpi_ev_install_region_handlers (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/evhandler.c:101 (discriminator 1))
[ 11.237174][ T1] acpi_load_tables (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/acpica/tbxfload.c:63)
[ 11.237174][ T1] acpi_bus_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/bus.c:1344)
[ 11.237174][ T1] ? acpi_sleep_proc_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/bus.c:1337)
[ 11.237174][ T1] ? kset_create_and_add (kbuild/obj/consumer/x86_64-randconfig-103-20250426/lib/kobject.c:412)
[ 11.237174][ T1] ? __kasan_kmalloc (kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/common.c:377 kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/kasan/common.c:394)
[ 11.237174][ T1] ? __sanitizer_cov_trace_const_cmp4 (kbuild/obj/consumer/x86_64-randconfig-103-20250426/kernel/kcov.c:316)
[ 11.237174][ T1] acpi_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/acpi/bus.c:1455)
[ 11.237174][ T1] ? acpi_arch_init+0x20/0x20
[ 11.237174][ T1] ? fb_console_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/drivers/video/fbdev/core/fbcon.c:3368)
[ 11.237174][ T1] ? acpi_arch_init+0x20/0x20
[ 11.237174][ T1] do_one_initcall (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1257)
[ 11.237174][ T1] ? rdinit_setup (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1303)
[ 11.237174][ T1] ? trace_event_raw_event_initcall_level (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1248)
[ 11.237174][ T1] ? __kmalloc_noprof (kbuild/obj/consumer/x86_64-randconfig-103-20250426/include/trace/events/kmem.h:54 kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/slub.c:4342 kbuild/obj/consumer/x86_64-randconfig-103-20250426/mm/slub.c:4353)
[ 11.237174][ T1] do_initcalls (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1318 kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1335)
[ 11.237174][ T1] kernel_init_freeable (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1569)
[ 11.237174][ T1] ? rest_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1449)
[ 11.237174][ T1] kernel_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1459)
[ 11.237174][ T1] ? rest_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1449)
[ 11.237174][ T1] ret_from_fork (kbuild/obj/consumer/x86_64-randconfig-103-20250426/arch/x86/kernel/process.c:153)
[ 11.237174][ T1] ? rest_init (kbuild/obj/consumer/x86_64-randconfig-103-20250426/init/main.c:1449)
[ 11.237174][ T1] ret_from_fork_asm (kbuild/obj/consumer/x86_64-randconfig-103-20250426/arch/x86/entry/entry_64.S:255)
[ 11.237174][ T1] RIP: 2e66:0x0
[ 11.237174][ T1] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
Code starting with the faulting instruction
===========================================
[ 11.237174][ T1] RSP: 0084:0000000000000000 EFLAGS: 841f0f2e660000 ORIG_RAX: 2e66000000000084
[ 11.237174][ T1] RAX: 0000000000000000 RBX: 2e66000000000084 RCX: 0000000000841f0f
[ 11.237174][ T1] RDX: 000000841f0f2e66 RSI: 00841f0f2e660000 RDI: 1f0f2e6600000000
[ 11.237174][ T1] RBP: 1f0f2e6600000000 R08: 1f0f2e6600000000 R09: 00841f0f2e660000
[ 11.237174][ T1] R10: 000000841f0f2e66 R11: 0000000000841f0f R12: 00841f0f2e660000
[ 11.237174][ T1] R13: 000000841f0f2e66 R14: 0000000000841f0f R15: 2e66000000000084
[ 11.237174][ T1] </TASK>
[ 11.237174][ T1]
[ 11.237174][ T1] The buggy address belongs to the variable:
[ 11.237174][ T1] _acpi_module_name+0x240/0x20c0
[ 11.237174][ T1]
[ 11.237174][ T1] The buggy address belongs to the physical page:
[ 11.237174][ T1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x890c1
[ 11.237174][ T1] flags: 0x100000000002000(reserved|node=0|zone=1)
[ 11.237174][ T1] raw: 0100000000002000 ffffea0002243048 ffffea0002243048 0000000000000000
[ 11.237174][ T1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 11.237174][ T1] page dumped because: kasan: bad access detected
[ 11.237174][ T1] page_owner info is not present (never set?)
[ 11.237174][ T1]
[ 11.237174][ T1] Memory state around the buggy address:
[ 11.237174][ T1] ffffffffb92c1880: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9
[ 11.237174][ T1] ffffffffb92c1900: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 00 03 f9 f9
[ 11.237174][ T1] >ffffffffb92c1980: f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 06 f9 f9 f9
[ 11.237174][ T1] ^
[ 11.237174][ T1] ffffffffb92c1a00: f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
[ 11.237174][ T1] ffffffffb92c1a80: f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 07 f9 f9 f9
[ 11.237174][ T1] ==================================================================
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250507/202505071055.2de34dd7-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
next prev parent reply other threads:[~2025-05-07 5:42 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-25 19:19 [PATCH v1 00/19] ACPICA: ACPICA 20250404 Rafael J. Wysocki
2025-04-25 19:20 ` [PATCH v1 01/19] ACPICA: Drop stale comment about the header file content Rafael J. Wysocki
2025-04-25 19:21 ` [PATCH v1 02/19] ACPICA: Apply pack(1) to union aml_resource Rafael J. Wysocki
2025-04-30 18:48 ` Tamir Duberstein
2025-04-30 18:48 ` [PATCH 0/0] Cover letter only Tamir Duberstein
2025-04-30 18:52 ` Tamir Duberstein
2025-04-25 19:21 ` [PATCH v1 03/19] ACPICA: utilities: Fix overflow check in vsnprintf() Rafael J. Wysocki
2025-05-09 21:41 ` gldrk
2025-04-25 19:22 ` [PATCH v1 04/19] ACPICA: Interpret SIDP structures in DMAR Rafael J. Wysocki
2025-04-25 19:23 ` [PATCH v1 05/19] ACPICA: infrastructure: Add new header and ACPI_DMT_BUF26 types Rafael J. Wysocki
2025-04-25 19:24 ` [PATCH v1 06/19] ACPICA: actbl2.h: MRRM: Add typedef and other definitions Rafael J. Wysocki
2025-04-25 19:24 ` [PATCH v1 07/19] ACPICA: actbl2: Add definitions for RIMT Rafael J. Wysocki
2025-04-25 19:25 ` [PATCH v1 08/19] ACPICA: MRRM: Some cleanups Rafael J. Wysocki
2025-04-25 19:26 ` [PATCH v1 09/19] ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" Rafael J. Wysocki
2025-04-25 19:26 ` [PATCH v1 10/19] ACPICA: infrastructure: Add new DMT_BUF types and shorten a long name Rafael J. Wysocki
2025-04-25 19:27 ` [PATCH v1 11/19] ACPICA: actbl2.h: ERDT: Add typedef and other definitions Rafael J. Wysocki
2025-04-25 19:27 ` [PATCH v1 12/19] ACPICA: Introduce ACPI_NONSTRING Rafael J. Wysocki
2025-04-30 18:35 ` Kees Cook
2025-04-30 18:49 ` Rafael J. Wysocki
2025-04-25 19:28 ` [PATCH v1 13/19] ACPICA: Apply ACPI_NONSTRING Rafael J. Wysocki
2025-04-25 19:29 ` [PATCH v1 14/19] ACPICA: actbl2.h: ACPI 6.5: RAS2: Rename structure and field names of the RAS2 table Rafael J. Wysocki
2025-04-25 19:29 ` [PATCH v1 15/19] ACPICA: Adjust the position of code lines Rafael J. Wysocki
2025-04-25 19:30 ` [PATCH v1 16/19] ACPICA: Avoid sequence overread in call to strncmp() Rafael J. Wysocki
2025-04-25 19:31 ` [PATCH v1 17/19] ACPICA: Apply ACPI_NONSTRING in more places Rafael J. Wysocki
2025-04-25 19:32 ` [PATCH v1 18/19] ACPICA: Replace strncpy() with memcpy() Rafael J. Wysocki
2025-05-07 5:42 ` kernel test robot [this message]
2025-04-25 19:33 ` [PATCH v1 19/19] ACPICA: Logfile: Changes for version 20250404 Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202505071055.2de34dd7-lkp@intel.com \
--to=oliver.sang@intel.com \
--cc=acpica-devel@lists.linux.dev \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@intel.com \
--cc=oe-lkp@lists.linux.dev \
--cc=rafael.j.wysocki@intel.com \
--cc=rjw@rjwysocki.net \
--cc=robert.moore@intel.com \
--cc=saket.dumbre@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).