BUG: KASAN: stack-out-of-bounds in acpi_ns_lookup+0x16f/0x86b
From: Andrea Gelmini
Date: Wed Nov 18 2015 - 07:55:49 EST
Hi everybody,
and thanks a lot for your work.
I'm using my main laptop (no virtualized environment) with Kasan
enabled. Kernel it's the Linus latest commit,¹ plus a few pulls
from different git trees (BTRFS, drm-intel, ecc.). You can find
a detailed list in the attached file: added_commit.txt.gz
Anyway, after a suspend/resume I've got this:
[ 4576.788539] ACPI: Low-level resume complete
[ 4576.788571] ==================================================================
[ 4576.788582] BUG: KASAN: stack-out-of-bounds in acpi_ns_lookup+0x16f/0x86b at addr ffff8802279ff820
[ 4576.788585] Read of size 8 by task systemd-sleep/7762
[ 4576.788588] page:ffffea00089e7fc0 count:0 mapcount:0 mapping: (null) index:0x0
[ 4576.788590] flags: 0x8000000000000000()
[ 4576.788590] page dumped because: kasan: bad access detected
[ 4576.788594] CPU: 0 PID: 7762 Comm: systemd-sleep Tainted: G OE 4.4.0-rc1Kasan-00497-g8f91a43 #23
[ 4576.788595] Hardware name: LENOVO 2356LRG/2356LRG, BIOS G7ETA3WW (2.63 ) 04/16/2015
[ 4576.788599] ffff8802279ff820 ffff8802279ff5b0 ffffffff819ba777 ffffffff82ef87e0
[ 4576.788601] ffff8802279ff638 ffffffff813ea321 ffff8802279ff6a0 0000000000000082
[ 4576.788603] 0000000000000046 0000000000000082 ffffffff02088020 0000000000000082
[ 4576.788603] Call Trace:
[ 4576.788607] [<ffffffff819ba777>] dump_stack+0x4b/0x74
[ 4576.788611] [<ffffffff813ea321>] kasan_report_error+0x511/0x540
[ 4576.788614] [<ffffffff813e2e3f>] ? set_track+0x6f/0x120
[ 4576.788617] [<ffffffff813ea44e>] __asan_report_load8_noabort+0x3e/0x40
[ 4576.788619] [<ffffffff81bb6cda>] ? acpi_ns_lookup+0x16f/0x86b
[ 4576.788621] [<ffffffff81bb6cda>] acpi_ns_lookup+0x16f/0x86b
[ 4576.788623] [<ffffffff813e97ae>] ? kasan_kmalloc+0x5e/0x70
[ 4576.788626] [<ffffffff81bb6b6b>] ? acpi_enter_sleep_state+0xed/0xed
[ 4576.788629] [<ffffffff81bc02af>] ? acpi_ns_internalize_name+0xf6/0x15b
[ 4576.788631] [<ffffffff81bc01b9>] ? acpi_ns_build_internal_name+0x42d/0x42d
[ 4576.788635] [<ffffffff81029c36>] ? dump_trace+0x116/0x310
[ 4576.788638] [<ffffffff81b60024>] ? acpi_os_wait_semaphore+0x47/0x62
[ 4576.788641] [<ffffffff81bc0a72>] acpi_ns_get_node+0x1e3/0x239
[ 4576.788643] [<ffffffff81bc088f>] ? acpi_ns_opens_scope+0x64/0x64
[ 4576.788646] [<ffffffff813e62ef>] ? alloc_debug_processing+0x14f/0x180
[ 4576.788648] [<ffffffff81bb4461>] ? acpi_hw_write+0x10b/0x137
[ 4576.788650] [<ffffffff81bb4356>] ? acpi_hw_read_multiple+0x177/0x177
[ 4576.788653] [<ffffffff81bb9523>] acpi_ns_evaluate+0xb3/0x853
[ 4576.788655] [<ffffffff81bb9523>] ? acpi_ns_evaluate+0xb3/0x853
[ 4576.788657] [<ffffffff813e97ae>] ? kasan_kmalloc+0x5e/0x70
[ 4576.788660] [<ffffffff813e9a8d>] ? kasan_slab_alloc+0xd/0x10
[ 4576.788662] [<ffffffff813e9736>] ? kasan_unpoison_shadow+0x36/0x50
[ 4576.788664] [<ffffffff81bb6018>] acpi_get_sleep_type_data+0x11a/0x58a
[ 4576.788667] [<ffffffff81bb4e6e>] acpi_hw_legacy_wake_prep+0x74/0x204
[ 4576.788669] [<ffffffff81bb4dfa>] ? acpi_hw_legacy_sleep+0x39f/0x39f
[ 4576.788671] [<ffffffff81bb5afa>] ? acpi_write_bit_register+0x279/0x2ab
[ 4576.788673] [<ffffffff81bb5881>] ? acpi_read_bit_register+0x173/0x173
[ 4576.788676] [<ffffffff81bb673a>] acpi_hw_sleep_dispatch+0xb0/0xb5
[ 4576.788678] [<ffffffff81bb6751>] acpi_leave_sleep_state_prep+0x12/0x14
[ 4576.788680] [<ffffffff81b62dc2>] acpi_suspend_enter+0x123/0x19c
[ 4576.788682] [<ffffffff81b62c9f>] ? acpi_hibernation_enter+0x2f/0x2f
[ 4576.788686] [<ffffffff811c5e58>] suspend_devices_and_enter+0x7d8/0x980
[ 4576.788689] [<ffffffff81319808>] ? printk+0x94/0xb0
[ 4576.788692] [<ffffffff811c5680>] ? arch_suspend_enable_irqs+0x10/0x10
[ 4576.788694] [<ffffffff811b41df>] ? __wake_up+0x3f/0x50
[ 4576.788697] [<ffffffff811c6480>] pm_suspend+0x480/0x600
[ 4576.788699] [<ffffffff811c3e1d>] state_store+0x9d/0x110
[ 4576.788701] [<ffffffff819bfa90>] ? kobj_attr_show+0x60/0x60
[ 4576.788704] [<ffffffff815749b0>] ? sysfs_kf_bin_read+0x2c0/0x2c0
[ 4576.788706] [<ffffffff819bfac6>] kobj_attr_store+0x36/0x70
[ 4576.788708] [<ffffffff81574adc>] sysfs_kf_write+0x12c/0x1f0
[ 4576.788710] [<ffffffff81572938>] kernfs_fop_write+0x1f8/0x3a0
[ 4576.788713] [<ffffffff8142758b>] __vfs_write+0xdb/0x4a0
[ 4576.788716] [<ffffffff813442c8>] ? lru_cache_add_active_or_unevictable+0x48/0x110
[ 4576.788718] [<ffffffff814274b0>] ? __vfs_read+0x490/0x490
[ 4576.788721] [<ffffffff8138b2e4>] ? handle_mm_fault+0x14e4/0x3430
[ 4576.788723] [<ffffffff8139c77e>] ? do_mmap+0x61e/0x900
[ 4576.788727] [<ffffffff818c56ad>] ? security_mmap_file+0x6d/0x180
[ 4576.788729] [<ffffffff81389e00>] ? vm_insert_page+0x4e0/0x4e0
[ 4576.788731] [<ffffffff81361ab4>] ? vm_mmap_pgoff+0x144/0x190
[ 4576.788733] [<ffffffff81428977>] ? rw_verify_area+0xb7/0x290
[ 4576.788735] [<ffffffff81434c11>] ? vfs_getattr+0x21/0x30
[ 4576.788737] [<ffffffff81428f47>] vfs_write+0x137/0x4b0
[ 4576.788740] [<ffffffff8142bbb3>] SyS_write+0x103/0x220
[ 4576.788742] [<ffffffff8142bab0>] ? SyS_read+0x220/0x220
[ 4576.788745] [<ffffffff8254abf6>] entry_SYSCALL_64_fastpath+0x16/0x75
[ 4576.788746] Memory state around the buggy address:
[ 4576.788749] ffff8802279ff700: f4 f4 f2 f2 f2 f2 00 f4 f4 f4 f3 f3 f3 f3 00 00
[ 4576.788750] ffff8802279ff780: 00 00 00 00 00 00 f1 f1 f1 f1 00 f4 f4 f4 f2 f2
[ 4576.788752] >ffff8802279ff800: f2 f2 00 00 f3 f3 00 00 00 00 00 00 f4 f4 f3 f3
[ 4576.788753] ^
[ 4576.788754] ffff8802279ff880: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 f4
[ 4576.788755] ffff8802279ff900: f4 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00
[ 4576.788756] ==================================================================
[ 4576.788757] Disabling lock debugging due to kernel taint
Thanks a lot,
Andrea
---
¹ 7f151f1d8abb7d5930b49d4796b463dca1673cb7
Attachment:
added_commit.txt.gz
Description: application/gzip
Attachment:
dmesg.txt.gz
Description: application/gzip
Attachment:
dmidecode.txt.gz
Description: application/gzip
Attachment:
kernel-config.txt.gz
Description: application/gzip
Attachment:
lspci.txt.gz
Description: application/gzip
Attachment:
signature.asc
Description: Digital signature