[arm] lib: bitmap.sh: BUG: KFENCE: out-of-bounds read in _find_next_bit_le+0x10/0x48

Naresh Kamboju naresh.kamboju at linaro.org
Mon May 2 04:54:01 PDT 2022


Following kernel BUG KFENCE noticed on qemu_arm while testing lib: bitmap.sh
with kselftest merge config build image [1] & [2].

metadata:
  git_ref: master
  git_repo: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline
  git_sha: 672c0c5173427e6b3e2a9bbb7be51ceeec78093a
  git_describe: v5.18-rc5
  kernel_version: 5.18.0-rc5
  kernel-config: https://builds.tuxbuild.com/28a2wdk3XzmLVGqD5njLS4uX1tm/config
  artifact-location: https://builds.tuxbuild.com/28a2wdk3XzmLVGqD5njLS4uX1tm
  toolchain: gcc-10


Test log:
---------
# selftests: lib: bitmap.sh
[   36.266913] test_bitmap: loaded.
[   36.269151] test_bitmap: parselist: 14: input is '0-2047:128/256'
OK, Time: 4600
[   36.273024] ==================================================================
[   36.275942] BUG: KFENCE: out-of-bounds read in _find_next_bit_le+0x10/0x48
[   36.275942]
[   36.279808] Out-of-bounds read at 0x9ec8e937 (4096B right of kfence-#29):
[   36.283046]  _find_next_bit_le+0x10/0x48
[   36.285030]
[   36.285816] kfence-#29: 0xf28dd28d-0x0b305c8e, size=4096, cache=kmalloc-4k
[   36.285816]
[   36.289807] allocated by task 498 on cpu 1 at 36.272960s:
[   36.292432]  test_bitmap_printlist+0x2c/0x13c [test_bitmap]
[   36.295174]  test_bitmap_init+0x5c/0xefc [test_bitmap]
[   36.297709]  do_one_initcall+0x70/0x330
[   36.299605]  do_init_module+0x4c/0x26c
[   36.301484]  sys_finit_module+0xdc/0x138
[   36.303452]  ret_fast_syscall+0x0/0x1c
[   36.305294]  0xbebec788
[   36.306516]
[   36.307264] CPU: 1 PID: 498 Comm: modprobe Not tainted 5.18.0-rc5 #1
[   36.310304] Hardware name: Generic DT based system
[   36.312658] ==================================================================
[   36.316609] test_bitmap: bitmap_print_to_pagebuf: input is '0-32767
[   36.316609] ', Time: 43635540
[   36.333605] test_bitmap: all 1945 tests passed
[   36.360116] test_bitmap: unloaded.
# bitmap: ok

Reported-by: Linux Kernel Functional Testing <lkft at linaro.org>

--
Linaro LKFT
https://lkft.linaro.org

[1] https://lkft.validation.linaro.org/scheduler/job/4975877#L995
[2] https://qa-reports.linaro.org/lkft/linux-mainline-master/build/v5.18-rc5/testrun/9320073/suite/linux-log-parser/test/check-kernel-bug-4975877/log



More information about the linux-arm-kernel mailing list