Greeting,
FYI, we noticed the following commit (built with clang-14):
commit: cbf7464bcc349a9c42687fc123d2d7e3fbfb3fbe ("lib/find_bit: optimize find_next_bit() functions")
https://github.com/norov/linux cpumask
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
[ 8.673137][ T29] ==================================================================
[ 8.673988][ T29] BUG: KASAN: global-out-of-bounds in _find_next_bit+0xa2/0xdd
[ 8.674779][ T29] Read of size 8 at addr ffffffff86681160 by task kworker/0:2/29
[ 8.675558][ T29]
[ 8.675792][ T29] CPU: 0 PID: 29 Comm: kworker/0:2 Not tainted 6.0.0-rc4-00003-gcbf7464bcc34 #1
[ 8.676736][ T29] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 8.677812][ T29] Workqueue: events pwq_unbound_release_workfn
[ 8.678450][ T29] Call Trace:
[ 8.678787][ T29]
[ 8.679087][ T29] dump_stack_lvl+0x7f/0x11b
[ 8.679560][ T29] print_report+0xae/0x575
[ 8.680013][ T29] ? start_report+0x2c/0x3c
[ 8.680477][ T29] ? _find_next_bit+0xa2/0xdd
[ 8.680954][ T29] kasan_report+0xc0/0xea
[ 8.681397][ T29] ? _find_next_bit+0xa2/0xdd
[ 8.681874][ T29] _find_next_bit+0xa2/0xdd
[ 8.682334][ T29] zap_class+0x1d2/0x7eb
[ 8.682770][ T29] __lockdep_free_key_range+0xa2/0xe1
[ 8.683319][ T29] lockdep_unregister_key+0x26c/0x3c0
[ 8.683869][ T29] pwq_unbound_release_workfn+0x2a9/0x2ea
[ 8.684456][ T29] process_one_work+0x775/0xda3
[ 8.684954][ T29] worker_thread+0xb7c/0x11a5
[ 8.685434][ T29] kthread+0x2af/0x30f
[ 8.685849][ T29] ? pool_mayday_timeout+0x42a/0x42a
[ 8.686389][ T29] ? kthread_unuse_mm+0x1cb/0x1cb
[ 8.686902][ T29] ret_from_fork+0x1f/0x30
[ 8.687354][ T29]
[ 8.687662][ T29]
[ 8.687899][ T29] The buggy address belongs to the variable:
[ 8.688511][ T29] list_entries_in_use+0x1000/0x1400
[ 8.689051][ T29]
[ 8.689287][ T29] Memory state around the buggy address:
[ 8.689863][ T29] ffffffff86681000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 8.690693][ T29] ffffffff86681080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 8.691525][ T29] >ffffffff86681100: 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9
[ 8.692356][ T29] ^
[ 8.693095][ T29] ffffffff86681180: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[ 8.693930][ T29] ffffffff86681200: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[ 8.694758][ T29] ==================================================================
+-------------------------------------------------+------------+------------+
| | 1ec4703982 | cbf7464bcc |
+-------------------------------------------------+------------+------------+
| boot_successes | 3 | 0 |
| boot_failures | 0 | 12 |
| BUG:KASAN:global-out-of-bounds_in_find_next_bit | 0 | 12 |
+-------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot
To reproduce:
# build kernel
cd linux
cp config-6.0.0-rc4-00003-gcbf7464bcc34 .config
make HOSTCC=clang-14 CC=clang-14 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=clang-14 CC=clang-14 ARCH=x86_64 INSTALL_MOD_PATH= modules_install
cd
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp