Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3101160pxk; Mon, 28 Sep 2020 08:23:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxE9rc17TSiufR84dxtnaJs42QqnC3VUJZi98vuTYxQ/JqwFbz1LwuXJYKOAxrqgKL7Fq9w X-Received: by 2002:a17:907:377:: with SMTP id rs23mr2250974ejb.415.1601306592422; Mon, 28 Sep 2020 08:23:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1601306592; cv=none; d=google.com; s=arc-20160816; b=aRz18/1IMQqSmAdSU+fHdQT0bxQEGr1Q4uTY3JwyjQ7vE0+/5IV/gh9arYD2eOZRLs DC13So3PlA8ykcp710Qq9+n0yDBIZmWuMRndjBqvIQXrCIXLCeoPUzuNaAxWqUJ2szUa Hj+/PnJWOtK1JKHJF3V6KIJeonzNiBczIXjxMtrHIbuiw6StXytqgBQYcTyPZrwomC5o cKLktff1pGa70b4d30NIBZ7v992wLMZ0StYbBc0dVUlL/de4faNuZvMjw5tFMlICeUpm rIG4zfwtWal2YYhzO4bhP8QcL3vfKDi2E2CGIOO89ZLpXzebEb+hCJVc3lFEQgypU3Fm WYuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=DiQxcNdSKTL4LFMJd3hbbRecxYouci1Kwmh5tVTLtig=; b=QpdMC5EeSR/udGpYgDR+rXc4laT6A/U4OyaklB1VlhyPDnUykO9MCw0p5/FimsoTZj PeXbYbMXYAempiQJ9Z1dwzGyCoBDJOUcaxD/qMtSJm3lQjLvyisMLiE4x1NegLV3ahFZ wZ8MYyFySSIixzME+CuTE8dOO3Gnq36Y5pSKQsCc3gkWrQ6u66ljQryY9PixZ1zQ0nit 7I+Ht6K3jh8T5yLKvTVXBxhtDbk1YQK8A9Czj9wEXL+GSpq1DSDOHPgpnY+WOl0MnDbI YLyKUvWx7xOhDRAA9QqRKxgmT/xjfNRFPf01mPYyRhNzSRmCno2qGyZ7j8PiKJlGaJjO 8IQw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m3si802161eje.124.2020.09.28.08.22.48; Mon, 28 Sep 2020 08:23:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726722AbgI1PTU (ORCPT + 99 others); Mon, 28 Sep 2020 11:19:20 -0400 Received: from mail.kernel.org ([198.145.29.99]:44520 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726564AbgI1PTT (ORCPT ); Mon, 28 Sep 2020 11:19:19 -0400 Received: from home.goodmis.org (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 84A6D2158C; Mon, 28 Sep 2020 15:19:18 +0000 (UTC) Date: Mon, 28 Sep 2020 11:19:11 -0400 From: Steven Rostedt To: Dmitry Vyukov Cc: Petr Mladek , Sergey Senozhatsky , LKML Subject: Re: KASAN: global-out-of-bounds in console_unlock Message-ID: <20200928151911.GA964@home.goodmis.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Sep 27, 2020 at 11:12:23AM +0200, Dmitry Vyukov wrote: > Hi printk maintainers, > > I've got the following out-of-bounds in printk code. > This is on next-20200925. Config is attached. > This is just on pr_cont("\n"). Something overreads the string. > > ================================================================== > BUG: KASAN: global-out-of-bounds in memchr+0x65/0x80 lib/string.c:1058 > Read of size 1 at addr ffffffff8c68c860 by task swapper/0/0 Would be helpful to show the text before this, so we have a better idea of where it happened. -- Steve > > CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.9.0-rc6-next-20200925+ #43 > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1 04/01/2014 > Call Trace: > > __dump_stack lib/dump_stack.c:77 [inline] > dump_stack+0x14b/0x18f lib/dump_stack.c:118 > print_address_description.constprop.0.cold+0x5/0x4c5 mm/kasan/report.c:385 > __kasan_report mm/kasan/report.c:545 [inline] > kasan_report.cold+0x1f/0x37 mm/kasan/report.c:562 > memchr+0x65/0x80 lib/string.c:1058 > memchr include/linux/string.h:450 [inline] > record_print_text+0x22d/0x310 kernel/printk/printk.c:1369 > console_unlock+0x350/0xbc0 kernel/printk/printk.c:2477 > vprintk_emit+0x348/0x4b0 kernel/printk/printk.c:2021 > vprintk_func+0x8d/0x1e0 kernel/printk/printk_safe.c:393 > printk+0xba/0xed kernel/printk/printk.c:2069 > show_pwq+0x74d/0x7ee kernel/workqueue.c:4745 > show_workqueue_state.cold+0xd0/0x3c9 kernel/workqueue.c:4784 > wq_watchdog_timer_fn+0x2e5/0x370 kernel/workqueue.c:5798 > call_timer_fn+0x38/0x2d0 kernel/time/timer.c:1413 > expire_timers kernel/time/timer.c:1458 [inline] > __run_timers kernel/time/timer.c:1755 [inline] > __run_timers kernel/time/timer.c:1731 [inline] > run_timer_softirq+0xad2/0x1440 kernel/time/timer.c:1770 > __do_softirq+0x1f0/0x6c4 kernel/softirq.c:298 > asm_call_irq_on_stack+0xf/0x20