Ivan Orlov writes:
> On 8/15/24 00:26, Ivan Orlov wrote:
>>
>> As you can see, the device name is defined as a local variable, which
>> means that it doesn't exist out of the 'overflow_allocation_test'
>> function scope. This patch:
>>
>> diff --git a/lib/overflow_kunit.c b/lib/overflow_kunit.
On 8/15/24 00:26, Ivan Orlov wrote:
As you can see, the device name is defined as a local variable, which
means that it doesn't exist out of the 'overflow_allocation_test'
function scope. This patch:
diff --git a/lib/overflow_kunit.c b/lib/overflow_kunit.c
index f314a0c15a6d..fa7ca8c94eee 10
sense_test
# overflow_allocation_test: 11 allocation overflow tests finished
======
BUG: KASAN: stack-out-of-bounds in string_nocheck+0x168/0x1c8
Read of size 1 at addr c976be40 by task kunit_try_catch/1843
CPU: 0 UID: 0 PID: 1843 Comm: kunit
# overflow_allocation_test: 11 allocation overflow tests finished
> > ======================
> > BUG: KASAN: stack-out-of-bounds in string_nocheck+0x168/0x1c8
> > Read of size 1 at addr c976be40 by task kunit_try_catch/1843
&g
erflow tests finished
> ==============
> BUG: KASAN: stack-out-of-bounds in string_nocheck+0x168/0x1c8
> Read of size 1 at addr c976be40 by task kunit_try_catch/1843
>
> CPU: 0 UID: 0 PID: 1843 Comm: kunit_try_catch Tainted: G N
> 6.11.0-rc2-PMacG4 #1
> Tain
https://bugzilla.kernel.org/show_bug.cgi?id=208181
Erhard F. (erhar...@mailbox.org) changed:
What|Removed |Added
Status|NEW |RESOLVED
Resol
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #18 from Erhard F. (erhar...@mailbox.org) ---
Created attachment 292339
--> https://bugzilla.kernel.org/attachment.cgi?id=292339&action=edit
kernel .config (5.9-rc3, PowerMac G4 DP)
--
You are receiving this mail because:
You are w
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #17 from Erhard F. (erhar...@mailbox.org) ---
Created attachment 292337
--> https://bugzilla.kernel.org/attachment.cgi?id=292337&action=edit
dmesg (5.9-rc3, INLINE KASAN, PowerMac G4 DP)
Re-tried with 5.9-rc3 (inline KASAN). The ori
https://bugzilla.kernel.org/show_bug.cgi?id=208181
Erhard F. (erhar...@mailbox.org) changed:
What|Removed |Added
Attachment #289937|0 |1
is obsolete|
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #15 from Christophe Leroy (christophe.le...@csgroup.eu) ---
Ah yes, having init_text above the 24 bits limit might be a problem for
function calls. I'm surprised that the linker doesn't complain.
Anyway, it is not a problem in itself,
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #14 from Erhard F. (erhar...@mailbox.org) ---
Ah, I've overlooked that...
To set CONFIG_DATA_SHIFT=25 I needed to set ADVANCED_OPTIONS=y,
DATA_SHIFT_BOOL=y first.
But with CONFIG_DATA_SHIFT=25 this kernel won't boot at all. OpenFirmw
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #13 from Christophe Leroy (christophe.le...@csgroup.eu) ---
Thanks for testing.
Regarding the two BATs, I suggest you increase CONFIG_DATA_SHIFT as explained
in a previous comment.
--
You are receiving this mail because:
You are wat
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #12 from Erhard F. (erhar...@mailbox.org) ---
Successfully applied your 2 patches. The kernel still complains about these 2
BATs, but the KASAN hit at early boot is gone with the patches. Thanks!
--
You are receiving this mail becaus
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #11 from Christophe Leroy (christophe.le...@csgroup.eu) ---
The issue is that that commit moved more code than described into kasan_init():
Kasan Pages allocation have to be moved into kasan_init() but page tables
allocation must rema
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #10 from Christophe Leroy (christophe.le...@csgroup.eu) ---
I reproduced the problem and bisected it to commit
https://github.com/torvalds/linux/commit/d2a91cef9bbdeb87b7449fdab1a6be6000930210
I'll investigate the issue
Can you confi
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #9 from Erhard F. (erhar...@mailbox.org) ---
Ok, thanks for the clarification! So if KASAN works properly something else
must cause this hit. I will start a bisect the next few days and see how that
turns out...
--
You are receiving
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #8 from Christophe Leroy (christophe.le...@csgroup.eu) ---
block_address_translation contains funny sizes. But the adresses seems ok.
So it shows you have a 24 Mb text+rodata area. 8 BATs are used
(16+8+8+32+64+128+256+256)
By increasi
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #7 from Erhard F. (erhar...@mailbox.org) ---
Created attachment 289947
--> https://bugzilla.kernel.org/attachment.cgi?id=289947&action=edit
segment_registers
--
You are receiving this mail because:
You are watching the assignee of
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #6 from Erhard F. (erhar...@mailbox.org) ---
Created attachment 289945
--> https://bugzilla.kernel.org/attachment.cgi?id=289945&action=edit
block_address_translation
Sure.
--
You are receiving this mail because:
You are watching t
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #5 from Christophe Leroy (christophe.le...@csgroup.eu) ---
Can we get a dump of /sys/kernel/debug/powerpc/block_address_translation
--
You are receiving this mail because:
You are watching the assignee of the bug.
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #4 from Erhard F. (erhar...@mailbox.org) ---
Erm wait... there is some change.
In 5.8-rc1 stacktrace was:
BUG: KASAN: stack-out-of-bounds in strcmp+0x58/0xd8
Read of size 1 at addr c11c1a80 by task swapper/0
CPU: 0 PID: 0 Comm
https://bugzilla.kernel.org/show_bug.cgi?id=208181
Erhard F. (erhar...@mailbox.org) changed:
What|Removed |Added
Attachment #289661|0 |1
is obsolete|
https://bugzilla.kernel.org/show_bug.cgi?id=208181
Erhard F. (erhar...@mailbox.org) changed:
What|Removed |Added
Attachment #289659|0 |1
is obsolete|
https://bugzilla.kernel.org/show_bug.cgi?id=208181
--- Comment #1 from Erhard F. (erhar...@mailbox.org) ---
Created attachment 289661
--> https://bugzilla.kernel.org/attachment.cgi?id=289661&action=edit
kernel .config (5.8-rc1, PowerMac G4 DP)
--
You are receiving this mail because:
You are wa
https://bugzilla.kernel.org/show_bug.cgi?id=208181
Bug ID: 208181
Summary: BUG: KASAN: stack-out-of-bounds in strcmp+0x58/0xd8
Product: Platform Specific/Hardware
Version: 2.5
Kernel Version: 5.8-rc1
Hardware: PPC-32
OS
https://bugzilla.kernel.org/show_bug.cgi?id=206525
Erhard F. (erhar...@mailbox.org) changed:
What|Removed |Added
Status|NEW |RESOLVED
Resol
https://bugzilla.kernel.org/show_bug.cgi?id=206525
--- Comment #6 from Nikolay Aleksandrov (niko...@cumulusnetworks.com) ---
Note that the bug wasn't introduced by my commit, but instead has been there
since:
commit 4f520900522f
Author: Richard Guy Briggs
Date: Tue Apr 22 21:31:54 2014 -0400
https://bugzilla.kernel.org/show_bug.cgi?id=206525
Erhard F. (erhar...@mailbox.org) changed:
What|Removed |Added
Component|PPC-32 |Other
Hardwa
https://bugzilla.kernel.org/show_bug.cgi?id=206525
--- Comment #5 from Christophe Leroy (christophe.le...@c-s.fr) ---
That's not a PPC32 bug but a Network bug affecting all 32 bits architectures.
--
You are receiving this mail because:
You are watching the assignee of the bug.
https://bugzilla.kernel.org/show_bug.cgi?id=206525
--- Comment #4 from Christophe Leroy (christophe.le...@c-s.fr) ---
Feedback from Nikolay:
I think we can just cap these at min(BITS_PER_TYPE(u32), nlk->ngroups) since
"groups" is coming from sockaddr_nl's "nl_groups" which is a u32, for any
group
https://bugzilla.kernel.org/show_bug.cgi?id=206525
--- Comment #3 from Christophe Leroy (christophe.le...@c-s.fr) ---
Bug introduced by commit ("cf5bddb95cbe net: bridge: vlan: add rtnetlink group
and notify support")
RTNLGRP_MAX is now 33.
'unsigned long groups' is 32 bits long on PPC32
Follow
https://bugzilla.kernel.org/show_bug.cgi?id=206525
Christophe Leroy (christophe.le...@c-s.fr) changed:
What|Removed |Added
CC||christophe.le
https://bugzilla.kernel.org/show_bug.cgi?id=206525
--- Comment #1 from Erhard F. (erhar...@mailbox.org) ---
Created attachment 287359
--> https://bugzilla.kernel.org/attachment.cgi?id=287359&action=edit
kernel .config (5.6.0-rc1, PowerMac G4 DP)
--
You are receiving this mail because:
You are
https://bugzilla.kernel.org/show_bug.cgi?id=206525
Bug ID: 206525
Summary: BUG: KASAN: stack-out-of-bounds in test_bit+0x30/0x44
(kernel 5.6-rc1)
Product: Platform Specific/Hardware
Version: 2.5
Kernel Version: 5.6.0-rc1
ade a try with the strong STACK_PROTECTOR compiled in, but no
difference and nothing detected by the stack protector.
======
BUG: KASAN: stack-out-of-bounds in memchr+0x24/0x74
Read of size 1 at addr c0ecdd40 by task swapper/0
CPU: 0 PID: 0
same report.
>>>>>
>>>>> Is that a real bug, in which case how could I spot it ? Or is it
>>>>> something wrong in my implementation of KASAN ?
>>>>>
>>>>> I checked that after kasan_init(), the entire shadow memory is full o
it
> >>> something wrong in my implementation of KASAN ?
> >>>
> >>> I checked that after kasan_init(), the entire shadow memory is full of 0
> >>> only.
> >>>
> >>> I also made a try with the strong STACK_PROTECTOR compil
y is full of 0
>>> only.
>>>
>>> I also made a try with the strong STACK_PROTECTOR compiled in, but no
>>> difference and nothing detected by the stack protector.
>>>
>>> ==
KASAN ?
I checked that after kasan_init(), the entire shadow memory is full of 0 only.
I also made a try with the strong STACK_PROTECTOR compiled in, but no
difference and nothing detected by the stack protector.
======
BUG: KASAN: stack-o
ss-sanitizer/tools/kasan_symbolize.py
>
> I get the following. It doesn't seem much interesting, does it ?
Yes, it does not seem to work for powerpc32.
Then please pass addresses through addr2line -fi.
> ==
> BUG
tizer/tools/kasan_symbolize.py
I get the following. It doesn't seem much interesting, does it ?
======
BUG: KASAN: stack-out-of-bounds in[<none>]
memchr+0x24/0x74 lib/string.c:958
Read of size 1 at addr c0ecdd40
ector.
======
BUG: KASAN: stack-out-of-bounds in memchr+0x24/0x74
Read of size 1 at addr c0ecdd40 by task swapper/0
CPU: 0 PID: 0 Comm: swapper Not tainted 5.0.0-rc7+ #1133
Call Trace:
[c0e9dca0] [c01c42a0] print_address_description+0x64/0x2bc (unreliable)
[c0e9dcd0] [c01
f KASAN ?
>
> I checked that after kasan_init(), the entire shadow memory is full of 0 only.
>
> I also made a try with the strong STACK_PROTECTOR compiled in, but no
> difference and nothing detected by the stack protector.
>
> ======================
^
> c0ecdd80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
> c0ecde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> ======
>
> ==
> BUG: KASAN: sta
ade a try with the strong STACK_PROTECTOR compiled in, but no
difference and nothing detected by the stack protector.
======
BUG: KASAN: stack-out-of-bounds in memchr+0x24/0x74
Read of size 1 at addr c0ecdd40 by task swapper/0
CPU: 0 P
45 matches
Mail list logo
