Hello,
kernel test robot noticed "BUG:KASAN:slab-out-of-bounds_in_kasan_atomics_helper" on:
commit: 4e76c8cc3378a20923965e3345f40f6b8ae0bdba ("kasan: add atomic tests")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
[test failed on linus/master 8d025e2092e29bfd13e56c78e22af25fac83c8ec]
[test failed on linux-next/master a6bd6c9333397f5a0e2667d4d82fef8c970108f2]
in testcase: kunit
version:
with following parameters:
group: group-00
compiler: gcc-12
test machine: 16 threads 1 sockets Intel(R) Xeon(R) CPU D-1541 @ 2.10GHz (Broadwell-DE) with 48G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <[email protected]>
| Closes: https://lore.kernel.org/oe-lkp/[email protected]
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240331/[email protected]
[ 306.028382][ T4480] ==================================================================
[ 306.047117][ T4480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
[ 306.057673][ T4480] Read of size 4 at addr ffff888168de7330 by task kunit_try_catch/4480
[ 306.067074][ T4480]
[ 306.070605][ T4480] CPU: 2 PID: 4480 Comm: kunit_try_catch Tainted: G S B N 6.8.0-rc5-00151-g4e76c8cc3378 #1
[ 306.082834][ T4480] Hardware name: Supermicro SYS-5018D-FN4T/X10SDV-8C-TLN4F, BIOS 1.1 03/02/2016
[ 306.093195][ T4480] Call Trace:
[ 306.097725][ T4480] <TASK>
[ 306.101846][ T4480] dump_stack_lvl+0x36/0x50
[ 306.107696][ T4480] print_address_description+0x2c/0x3a0
[ 306.115489][ T4480] ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
[ 306.123367][ T4480] print_report+0xba/0x2b0
[ 306.129115][ T4480] ? kasan_addr_to_slab+0xd/0x90
[ 306.135383][ T4480] ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
[ 306.143412][ T4480] kasan_report+0xe7/0x120
[ 306.149087][ T4480] ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
[ 306.157076][ T4480] kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
[ 306.164966][ T4480] ? kmalloc_oob_right+0x3e0/0x3e0 [kasan_test]
[ 306.172608][ T4480] ? kasan_save_track+0x14/0x30
[ 306.178787][ T4480] kasan_atomics+0xeb/0x190 [kasan_test]
[ 306.185724][ T4480] ? kasan_bitops_generic+0x140/0x140 [kasan_test]
[ 306.193520][ T4480] ? ktime_get_ts64+0x83/0x1b0
[ 306.199669][ T4480] kunit_try_run_case+0x1ab/0x480
[ 306.206017][ T4480] ? kunit_try_run_case_cleanup+0xe0/0xe0
[ 306.213174][ T4480] ? _raw_read_unlock_irqrestore+0x50/0x50
[ 306.220337][ T4480] ? set_cpus_allowed_ptr+0x85/0xb0
[ 306.226821][ T4480] ? migrate_enable+0x2a0/0x2a0
[ 306.232966][ T4480] ? kunit_try_catch_throw+0x80/0x80
[ 306.239549][ T4480] ? kunit_try_run_case_cleanup+0xe0/0xe0
[ 306.246540][ T4480] kunit_generic_run_threadfn_adapter+0x4e/0xa0
[ 306.254054][ T4480] kthread+0x2dd/0x3c0
[ 306.259312][ T4480] ? kthread_complete_and_exit+0x30/0x30
[ 306.266147][ T4480] ret_from_fork+0x31/0x70
[ 306.271775][ T4480] ? kthread_complete_and_exit+0x30/0x30
[ 306.278575][ T4480] ret_from_fork_asm+0x11/0x20
[ 306.284413][ T4480] </TASK>
[ 306.288653][ T4480]
[ 306.292149][ T4480] Allocated by task 4480:
[ 306.297686][ T4480] kasan_save_stack+0x33/0x50
[ 306.303495][ T4480] kasan_save_track+0x14/0x30
[ 306.309255][ T4480] __kasan_kmalloc+0xa2/0xb0
[ 306.314945][ T4480] kasan_atomics+0x8c/0x190 [kasan_test]
[ 306.321745][ T4480] kunit_try_run_case+0x1ab/0x480
[ 306.327860][ T4480] kunit_generic_run_threadfn_adapter+0x4e/0xa0
[ 306.335239][ T4480] kthread+0x2dd/0x3c0
[ 306.340469][ T4480] ret_from_fork+0x31/0x70
[ 306.346020][ T4480] ret_from_fork_asm+0x11/0x20
[ 306.351815][ T4480]
[ 306.355163][ T4480] The buggy address belongs to the object at ffff888168de7300
[ 306.355163][ T4480] which belongs to the cache kmalloc-64 of size 64
[ 306.371174][ T4480] The buggy address is located 0 bytes to the right of
[ 306.371174][ T4480] allocated 48-byte region [ffff888168de7300, ffff888168de7330)
[ 306.387688][ T4480]
[ 306.390884][ T4480] The buggy address belongs to the physical page:
[ 306.398313][ T4480] page:000000005ccb3a22 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x168de7
[ 306.409549][ T4480] flags: 0x17ffffc0000800(slab|node=0|zone=2|lastcpupid=0x1fffff)
[ 306.418339][ T4480] page_type: 0xffffffff()
[ 306.423762][ T4480] raw: 0017ffffc0000800 ffff888100042640 dead000000000100 dead000000000122
[ 306.433384][ T4480] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 306.443077][ T4480] page dumped because: kasan: bad access detected
[ 306.450608][ T4480]
[ 306.454016][ T4480] Memory state around the buggy address:
[ 306.460748][ T4480] ffff888168de7200: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 306.469821][ T4480] ffff888168de7280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 306.478894][ T4480] >ffff888168de7300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[ 306.488019][ T4480] ^
[ 306.494672][ T4480] ffff888168de7380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 306.503812][ T4480] ffff888168de7400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 306.512946][ T4480] ==================================================================
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
On Sun, Mar 31, 2024 at 10:18:17AM +0800, kernel test robot wrote:
>
>
> Hello,
>
> kernel test robot noticed "BUG:KASAN:slab-out-of-bounds_in_kasan_atomics_helper" on:
>
> commit: 4e76c8cc3378a20923965e3345f40f6b8ae0bdba ("kasan: add atomic tests")
> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
This is expected; it's the point of the test...
Is there something this should depend on such that the test robot doesn't build
this? Otherwise, can we please avoid reporting KASAN splates from this KASAN test module?
Mark.
> [test failed on linus/master 8d025e2092e29bfd13e56c78e22af25fac83c8ec]
> [test failed on linux-next/master a6bd6c9333397f5a0e2667d4d82fef8c970108f2]
>
> in testcase: kunit
> version:
> with following parameters:
>
> group: group-00
>
>
>
> compiler: gcc-12
> test machine: 16 threads 1 sockets Intel(R) Xeon(R) CPU D-1541 @ 2.10GHz (Broadwell-DE) with 48G memory
>
> (please refer to attached dmesg/kmsg for entire log/backtrace)
>
>
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <[email protected]>
> | Closes: https://lore.kernel.org/oe-lkp/[email protected]
>
>
> The kernel config and materials to reproduce are available at:
> https://download.01.org/0day-ci/archive/20240331/[email protected]
>
>
>
> [ 306.028382][ T4480] ==================================================================
> [ 306.047117][ T4480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [ 306.057673][ T4480] Read of size 4 at addr ffff888168de7330 by task kunit_try_catch/4480
> [ 306.067074][ T4480]
> [ 306.070605][ T4480] CPU: 2 PID: 4480 Comm: kunit_try_catch Tainted: G S B N 6.8.0-rc5-00151-g4e76c8cc3378 #1
> [ 306.082834][ T4480] Hardware name: Supermicro SYS-5018D-FN4T/X10SDV-8C-TLN4F, BIOS 1.1 03/02/2016
> [ 306.093195][ T4480] Call Trace:
> [ 306.097725][ T4480] <TASK>
> [ 306.101846][ T4480] dump_stack_lvl+0x36/0x50
> [ 306.107696][ T4480] print_address_description+0x2c/0x3a0
> [ 306.115489][ T4480] ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [ 306.123367][ T4480] print_report+0xba/0x2b0
> [ 306.129115][ T4480] ? kasan_addr_to_slab+0xd/0x90
> [ 306.135383][ T4480] ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [ 306.143412][ T4480] kasan_report+0xe7/0x120
> [ 306.149087][ T4480] ? kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [ 306.157076][ T4480] kasan_atomics_helper+0x25d0/0x26b0 [kasan_test]
> [ 306.164966][ T4480] ? kmalloc_oob_right+0x3e0/0x3e0 [kasan_test]
> [ 306.172608][ T4480] ? kasan_save_track+0x14/0x30
> [ 306.178787][ T4480] kasan_atomics+0xeb/0x190 [kasan_test]
> [ 306.185724][ T4480] ? kasan_bitops_generic+0x140/0x140 [kasan_test]
> [ 306.193520][ T4480] ? ktime_get_ts64+0x83/0x1b0
> [ 306.199669][ T4480] kunit_try_run_case+0x1ab/0x480
> [ 306.206017][ T4480] ? kunit_try_run_case_cleanup+0xe0/0xe0
> [ 306.213174][ T4480] ? _raw_read_unlock_irqrestore+0x50/0x50
> [ 306.220337][ T4480] ? set_cpus_allowed_ptr+0x85/0xb0
> [ 306.226821][ T4480] ? migrate_enable+0x2a0/0x2a0
> [ 306.232966][ T4480] ? kunit_try_catch_throw+0x80/0x80
> [ 306.239549][ T4480] ? kunit_try_run_case_cleanup+0xe0/0xe0
> [ 306.246540][ T4480] kunit_generic_run_threadfn_adapter+0x4e/0xa0
> [ 306.254054][ T4480] kthread+0x2dd/0x3c0
> [ 306.259312][ T4480] ? kthread_complete_and_exit+0x30/0x30
> [ 306.266147][ T4480] ret_from_fork+0x31/0x70
> [ 306.271775][ T4480] ? kthread_complete_and_exit+0x30/0x30
> [ 306.278575][ T4480] ret_from_fork_asm+0x11/0x20
> [ 306.284413][ T4480] </TASK>
> [ 306.288653][ T4480]
> [ 306.292149][ T4480] Allocated by task 4480:
> [ 306.297686][ T4480] kasan_save_stack+0x33/0x50
> [ 306.303495][ T4480] kasan_save_track+0x14/0x30
> [ 306.309255][ T4480] __kasan_kmalloc+0xa2/0xb0
> [ 306.314945][ T4480] kasan_atomics+0x8c/0x190 [kasan_test]
> [ 306.321745][ T4480] kunit_try_run_case+0x1ab/0x480
> [ 306.327860][ T4480] kunit_generic_run_threadfn_adapter+0x4e/0xa0
> [ 306.335239][ T4480] kthread+0x2dd/0x3c0
> [ 306.340469][ T4480] ret_from_fork+0x31/0x70
> [ 306.346020][ T4480] ret_from_fork_asm+0x11/0x20
> [ 306.351815][ T4480]
> [ 306.355163][ T4480] The buggy address belongs to the object at ffff888168de7300
> [ 306.355163][ T4480] which belongs to the cache kmalloc-64 of size 64
> [ 306.371174][ T4480] The buggy address is located 0 bytes to the right of
> [ 306.371174][ T4480] allocated 48-byte region [ffff888168de7300, ffff888168de7330)
> [ 306.387688][ T4480]
> [ 306.390884][ T4480] The buggy address belongs to the physical page:
> [ 306.398313][ T4480] page:000000005ccb3a22 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x168de7
> [ 306.409549][ T4480] flags: 0x17ffffc0000800(slab|node=0|zone=2|lastcpupid=0x1fffff)
> [ 306.418339][ T4480] page_type: 0xffffffff()
> [ 306.423762][ T4480] raw: 0017ffffc0000800 ffff888100042640 dead000000000100 dead000000000122
> [ 306.433384][ T4480] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
> [ 306.443077][ T4480] page dumped because: kasan: bad access detected
> [ 306.450608][ T4480]
> [ 306.454016][ T4480] Memory state around the buggy address:
> [ 306.460748][ T4480] ffff888168de7200: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
> [ 306.469821][ T4480] ffff888168de7280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
> [ 306.478894][ T4480] >ffff888168de7300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
> [ 306.488019][ T4480] ^
> [ 306.494672][ T4480] ffff888168de7380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
> [ 306.503812][ T4480] ffff888168de7400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
> [ 306.512946][ T4480] ==================================================================
>
>
> --
> 0-DAY CI Kernel Test Service
> https://github.com/intel/lkp-tests/wiki
>
>
hi, Mark,
On Tue, Apr 02, 2024 at 06:35:28PM +0100, Mark Rutland wrote:
> On Sun, Mar 31, 2024 at 10:18:17AM +0800, kernel test robot wrote:
> >
> >
> > Hello,
> >
> > kernel test robot noticed "BUG:KASAN:slab-out-of-bounds_in_kasan_atomics_helper" on:
> >
> > commit: 4e76c8cc3378a20923965e3345f40f6b8ae0bdba ("kasan: add atomic tests")
> > https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
>
> This is expected; it's the point of the test...
>
> Is there something this should depend on such that the test robot doesn't build
> this? Otherwise, can we please avoid reporting KASAN splates from this KASAN test module?
got it. we will ignore KASAN issues from this module.
>
> Mark.
>