Re: BUG: KASAN: slab-out-of-bounds in print_synth_event+0xa68/0xa78
From: Sven Schnelle
Date: Fri Aug 04 2023 - 12:33:05 EST
Steven Rostedt <rostedt@xxxxxxxxxxx> writes:
> On Fri, 04 Aug 2023 08:20:23 +0200
> Sven Schnelle <svens@xxxxxxxxxxxxx> wrote:
>
>> Hi Steven,
>>
>> i noticed the following KASAN splat in CI (on s390):
>>
>> [ 218.586476] /home/svens/linux/tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-synthetic-event-stack.tc
>> [ 221.610410] ==================================================================
>> [ 221.610424] BUG: KASAN: slab-out-of-bounds in print_synth_event+0xa68/0xa78
>> [ 221.610440] Read of size 8 at addr 0000000087753ebc by task grep/1321
>> [ 221.610445]
>> [ 221.610451] CPU: 9 PID: 1321 Comm: grep Not tainted 6.4.0-rc3-00008-g4b512860bdbd #716
>> [ 221.610457] Hardware name: IBM 3906 M04 704 (z/VM 7.1.0)
>> [ 221.610462] Call Trace:
>> [ 221.610466] [<00000000026026e6>] dump_stack_lvl+0x106/0x1c8
>> [ 221.610479] [<00000000009cdbbc>] print_address_description.constprop.0+0x34/0x378
>> [ 221.610488] [<00000000009cdfac>] print_report+0xac/0x240
>> [ 221.610494] [<00000000009ce32a>] kasan_report+0xf2/0x130
>> [ 221.610501] [<00000000005e4f60>] print_synth_event+0xa68/0xa78
>
> Can you show where exactly the above line is?
It is:
(gdb) list *(print_synth_event+0xa68)
0x5e4f60 is in print_synth_event (/home/svens/ibmgit/linux/kernel/trace/trace_events_synth.c:410).
405 p = (void *)entry + data_offset;
406 end = (void *)p + len - (sizeof(long) - 1);
407
408 trace_seq_printf(s, "%s=STACK:\n", se->fields[i]->name);
409
410 for (; *p && p < end; p++)
411 trace_seq_printf(s, "=> %pS\n", (void *)*p);
412 n_u64++;
413
414 } else {
>> For reproducing, the following script is good enough to trigger it
>> reliably on my system:
>>
>> cd /home/svens/linux/tools/testing/selftests/ftrace
>> for i in $(seq 1 10); do
>> ./ftracetest -v /home/svens/linux/tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-synthetic-event-stack.tc
>
> It's probably because that code has:
>
> #!/bin/sh
> # SPDX-License-Identifier: GPL-2.0
> # description: event trigger - test inter-event histogram trigger trace action with dynamic string param
> # requires: set_event synthetic_events events/sched/sched_process_exec/hist "can be any field, or the special string 'common_stacktrace'":README
>
> Where it looks for "common_stacktrace" in the README file, and will not run
> if it does not exist. That "common_stacktrace" was added to the README file
> by that commit.
Thanks, i'll try to bisect again with the changed test.