From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756672AbcK3TJZ (ORCPT ); Wed, 30 Nov 2016 14:09:25 -0500 Received: from mga05.intel.com ([192.55.52.43]:34070 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754223AbcK3TJR (ORCPT ); Wed, 30 Nov 2016 14:09:17 -0500 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,574,1473145200"; d="scan'208";a="197547715" Date: Wed, 30 Nov 2016 12:02:17 -0700 From: Scott Bauer To: Josh Poimboeuf Cc: linux-kernel@vger.kernel.org, peterz@infradead.org, mingo@kernel.org, luto@amacapital.net Subject: Re: BUG: KASAN: stack-out-of-bounds in unwind_get_return_address Message-ID: <20161130190217.GA2756@sbauer-Z170X-UD5> References: <20161129181300.GA29095@sbauer-Z170X-UD5> <20161130183507.syv3cdpp3hzxi77k@treble> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20161130183507.syv3cdpp3hzxi77k@treble> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Nov 30, 2016 at 12:35:07PM -0600, Josh Poimboeuf wrote: > On Tue, Nov 29, 2016 at 11:13:01AM -0700, Scott Bauer wrote: > > This is super easy to repro ontop of 4.9-rc7: > > run pm-suspend and it hits every time > > > > > > [ 968.667086] ================================================================== > > [ 968.667091] BUG: KASAN: stack-out-of-bounds in unwind_get_return_address+0x11d/0x130 at addr ffff8803867d7878 > > [ 968.667092] Read of size 8 by task pm-suspend/7774 > > [ 968.667095] page:ffffea000e19f5c0 count:0 mapcount:0 mapping: (null) index:0x0 > > [ 968.667096] flags: 0x2ffff0000000000() > > [ 968.667097] page dumped because: kasan: bad access detected > > Thanks for reporting this. I think it's a false positive caused by the > fact that the suspend and resume happen at different contexts. > > Can you test if this patch fixes it? > > diff --git a/arch/x86/kernel/acpi/sleep.c b/arch/x86/kernel/acpi/sleep.c > index 4858733..62bd046 100644 > --- a/arch/x86/kernel/acpi/sleep.c > +++ b/arch/x86/kernel/acpi/sleep.c > @@ -115,6 +115,9 @@ int x86_acpi_suspend_lowlevel(void) > pause_graph_tracing(); > do_suspend_lowlevel(); > unpause_graph_tracing(); > + > + kasan_unpoison_stack_below_sp(); > + > return 0; > } > > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index 820c0ad..ca36126 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h > @@ -45,6 +45,12 @@ void kasan_unpoison_shadow(const void *address, size_t size); > > void kasan_unpoison_task_stack(struct task_struct *task); > void kasan_unpoison_stack_above_sp_to(const void *watermark); > +asmlinkage void kasan_unpoison_task_stack_below(const void *watermark); > + > +static inline void kasan_unpoison_stack_below_sp(void) > +{ > + kasan_unpoison_task_stack_below(__builtin_frame_address(0)); > +} > > void kasan_alloc_pages(struct page *page, unsigned int order); > void kasan_free_pages(struct page *page, unsigned int order); Thanks for the quick turn-around. This patch worked for me. You can add me as tested by if you need.