Re: [syzbot] [kernel?] KASAN: stack-out-of-bounds Read in __show_regs (2)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello.

This report is triggered by my debug printk() patch at
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/net/core/rtnetlink.c?id=5210cbe9a47fc5c1f43ba16d481e6335f3e2f345
but I can't find where the bug is (x86 bug or mm bug or kasan bug or my bug).

On 2024/06/15 16:06, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    a957267fa7e9 Add linux-next specific files for 20240611
> git tree:       linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=171e6e56980000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=9a880e96898e79f8
> dashboard link: https://syzkaller.appspot.com/bug?extid=e9be5674af5e3a0b9ecc
> compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40

Quoting from https://syzkaller.appspot.com/text?tag=CrashReport&x=17786fb1980000
and https://syzkaller.appspot.com/text?tag=CrashLog&x=15e0202a980000 :

----------------------------------------
BUG: KASAN: stack-out-of-bounds in __show_regs+0xa6/0x610 arch/x86/kernel/process_64.c:83
Read of size 8 at addr ffffc90008807618 by task syz.0.1430/9588

CPU: 0 UID: 0 PID: 9588 Comm: syz.0.1430 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:377 [inline]
 print_report+0x169/0x550 mm/kasan/report.c:488
 kasan_report+0x143/0x180 mm/kasan/report.c:601
 __show_regs+0xa6/0x610 arch/x86/kernel/process_64.c:83
 show_trace_log_lvl+0x3d4/0x520 arch/x86/kernel/dumpstack.c:301
 sched_show_task+0x578/0x740 kernel/sched/core.c:7506
 report_rtnl_holders+0x1ba/0x2d0 net/core/rtnetlink.c:104
 call_timer_fn+0x18e/0x650 kernel/time/timer.c:1792
 expire_timers kernel/time/timer.c:1843 [inline]
 __run_timers kernel/time/timer.c:2417 [inline]
 __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2428
 run_timer_base kernel/time/timer.c:2437 [inline]
 run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2447
 handle_softirqs+0x2c4/0x970 kernel/softirq.c:554
 __do_softirq kernel/softirq.c:588 [inline]
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:649
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 kernel/locking/spinlock.c:194
Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 94 61 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 10 ca f5 65 8b 05 b4 54 6b 74 85 c0 74 43 48 c7 04 24 0e 36
RSP: 0018:ffffc9000407f600 EFLAGS: 00000206
RAX: 13958dc9d919f000 RBX: 1ffff9200080fec4 RCX: ffffffff816fd2da
RDX: dffffc0000000000 RSI: ffffffff8bcac820 RDI: 0000000000000001
RBP: ffffc9000407f690 R08: ffffffff92fe47ef R09: 1ffffffff25fc8fd
R10: dffffc0000000000 R11: fffffbfff25fc8fe R12: dffffc0000000000
R13: 1ffff9200080fec0 R14: ffffc9000407f620 R15: 0000000000000246
 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
 __wake_up_common_lock+0x18c/0x1e0 kernel/sched/wait.c:108
 __unix_dgram_recvmsg+0x5f4/0x12f0 net/unix/af_unix.c:2415
 sock_recvmsg_nosec+0x18e/0x1d0 net/socket.c:1046
 ____sys_recvmsg+0x3c0/0x470 net/socket.c:2814
 ___sys_recvmsg net/socket.c:2858 [inline]
 do_recvmmsg+0x474/0xae0 net/socket.c:2952
 __sys_recvmmsg net/socket.c:3031 [inline]
 __do_sys_recvmmsg net/socket.c:3054 [inline]
 __se_sys_recvmmsg net/socket.c:3047 [inline]
 __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3047
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fdfbaf75d39
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fdfbbc7e048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
RAX: ffffffffffffffda RBX: 00007fdfbb104070 RCX: 00007fdfbaf75d39
RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
RBP: 00007fdfbaff6766 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007fdfbb104070 R15: 00007ffeafeb36a8
 </TASK>

The buggy address belongs to the virtual mapping at
 [ffffc90008800000, ffffc90008809000) created by:
 copy_process+0x5d1/0x3d90 kernel/fork.c:2206

The buggy address belongs to the physical page:
page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x295f2
flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 1052, tgid 1052 (kworker/u8:5), ts 20453244600, free_ts 0
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1500
 prep_new_page mm/page_alloc.c:1508 [inline]
 get_page_from_freelist+0x2ccb/0x2d80 mm/page_alloc.c:3487
 __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4745
 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2263
 vm_area_alloc_pages mm/vmalloc.c:3576 [inline]
 __vmalloc_area_node mm/vmalloc.c:3652 [inline]
 __vmalloc_node_range_noprof+0x971/0x1460 mm/vmalloc.c:3833
 alloc_thread_stack_node kernel/fork.c:313 [inline]
 dup_task_struct+0x444/0x8c0 kernel/fork.c:1114
 copy_process+0x5d1/0x3d90 kernel/fork.c:2206
 kernel_clone+0x226/0x8f0 kernel/fork.c:2788
 user_mode_thread+0x132/0x1a0 kernel/fork.c:2866
 call_usermodehelper_exec_work+0x5c/0x230 kernel/umh.c:172
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:144
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
page_owner free stack trace missing

Memory state around the buggy address:
 ffffc90008807500: 00 00 00 00 00 f3 f3 f3 f3 f3 f3 f3 00 00 00 00
 ffffc90008807580: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2
>ffffc90008807600: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
                            ^
 ffffc90008807680: 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2 00 f3 f3 f3
 ffffc90008807700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
----------------------------------------

----------------------------------------
[  560.831831][    C0] DEBUG: holding rtnl_mutex for 937 jiffies.
[  560.838015][    C0] task:kworker/u8:9    state:R  running task     stack:20216 pid:2460  tgid:2460  ppid:2      flags:0x00004000
[  560.849882][    C0] Workqueue: netns cleanup_net
[  560.854770][    C0] Call Trace:
[  560.854789][    C0]  <TASK>
[  560.872376][    C0]  __schedule+0x17e8/0x4a20
[  560.877336][    C0]  ? mark_lock+0x9a/0x360
[  560.881823][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  560.887887][    C0]  ? __virt_addr_valid+0x183/0x520
[  560.893171][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  560.899593][    C0]  ? lock_release+0xbf/0x9f0
[  560.904330][    C0]  ? __pfx___schedule+0x10/0x10
[  560.909271][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  560.914617][    C0]  ? mark_lock+0x9a/0x360
[  560.919119][    C0]  preempt_schedule_irq+0xfb/0x1c0
[  560.924392][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  560.931783][    C0]  irqentry_exit+0x5e/0x90
[  560.936590][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  560.942783][    C0] RIP: 0010:synchronize_rcu+0x0/0x360
[  560.948403][    C0] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 15 50 80 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[  560.968242][    C0] RSP: 76c0:0000000000000a06 EFLAGS: 1ffff92001100ed4
[  560.975129][    C0] ==================================================================
[  560.994479][    C0] BUG: KASAN: stack-out-of-bounds in __show_regs+0xa6/0x610
[  561.002642][    C0] Read of size 8 at addr ffffc90008807618 by task syz.0.1430/9588
[  561.014598][    C0] 
[  561.017321][    C0] CPU: 0 UID: 0 PID: 9588 Comm: syz.0.1430 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
[  561.028952][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  561.043847][    C0] Call Trace:
[  561.047213][    C0]  <IRQ>
[  561.050101][    C0]  dump_stack_lvl+0x241/0x360
[  561.054963][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  561.073046][    C0]  ? __pfx__printk+0x10/0x10
[  561.077786][    C0]  ? _printk+0xd5/0x120
[  561.082123][    C0]  print_report+0x169/0x550
[  561.086775][    C0]  ? __virt_addr_valid+0xbd/0x520
[  561.091947][    C0]  ? __show_regs+0xa6/0x610
[  561.096544][    C0]  kasan_report+0x143/0x180
[  561.101170][    C0]  ? show_opcodes+0x148/0x170
[  561.105909][    C0]  ? __show_regs+0xa6/0x610
[  561.110457][    C0]  __show_regs+0xa6/0x610
[  561.114858][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  561.120539][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  561.126227][    C0]  show_trace_log_lvl+0x3d4/0x520
[  561.131292][    C0]  ? __pfx_synchronize_rcu+0x10/0x10
[  561.136630][    C0]  sched_show_task+0x578/0x740
[  561.141466][    C0]  ? report_rtnl_holders+0x183/0x2d0
[  561.147055][    C0]  ? __pfx__printk+0x10/0x10
[  561.151699][    C0]  ? __pfx_sched_show_task+0x10/0x10
[  561.157153][    C0]  report_rtnl_holders+0x1ba/0x2d0
[  561.162519][    C0]  ? report_rtnl_holders+0x20/0x2d0
[  561.167755][    C0]  call_timer_fn+0x18e/0x650
[  561.172361][    C0]  ? call_timer_fn+0xc0/0x650
[  561.177086][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  561.182785][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  561.187939][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  561.193631][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  561.199303][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  561.204994][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  561.210231][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  561.215469][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  561.221120][    C0]  __run_timer_base+0x66a/0x8e0
[  561.226093][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  561.231493][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  561.237874][    C0]  run_timer_softirq+0xb7/0x170
[  561.242832][    C0]  handle_softirqs+0x2c4/0x970
[  561.247626][    C0]  ? __irq_exit_rcu+0xf4/0x1c0
[  561.252429][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  561.257856][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  561.263090][    C0]  __irq_exit_rcu+0xf4/0x1c0
[  561.267711][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  561.272931][    C0]  irq_exit_rcu+0x9/0x30
[  561.277231][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  561.283185][    C0]  </IRQ>
[  561.286769][    C0]  <TASK>
[  561.289972][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  561.297172][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  561.307112][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 0e 94 61 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 10 ca f5 65 8b 05 b4 54 6b 74 85 c0 74 43 48 c7 04 24 0e 36
[  561.327228][    C0] RSP: 0018:ffffc9000407f600 EFLAGS: 00000206
[  561.333355][    C0] RAX: 13958dc9d919f000 RBX: 1ffff9200080fec4 RCX: ffffffff816fd2da
[  561.341352][    C0] RDX: dffffc0000000000 RSI: ffffffff8bcac820 RDI: 0000000000000001
[  561.349458][    C0] RBP: ffffc9000407f690 R08: ffffffff92fe47ef R09: 1ffffffff25fc8fd
[  561.357460][    C0] R10: dffffc0000000000 R11: fffffbfff25fc8fe R12: dffffc0000000000
[  561.365478][    C0] R13: 1ffff9200080fec0 R14: ffffc9000407f620 R15: 0000000000000246
[  561.373533][    C0]  ? mark_lock+0x9a/0x360
[  561.378221][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  561.385142][    C0]  ? autoremove_wake_function+0x37/0x110
[  561.391145][    C0]  __wake_up_common_lock+0x18c/0x1e0
[  561.396936][    C0]  __unix_dgram_recvmsg+0x5f4/0x12f0
[  561.403018][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  561.409788][    C0]  ? __pfx___might_resched+0x10/0x10
[  561.415745][    C0]  ? iovec_from_user+0x61/0x240
[  561.421927][    C0]  ? unix_dgram_recvmsg+0xb6/0xe0
[  561.427965][    C0]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  561.435584][    C0]  sock_recvmsg_nosec+0x18e/0x1d0
[  561.441322][    C0]  ____sys_recvmsg+0x3c0/0x470
[  561.446583][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  561.455788][    C0]  ? __might_fault+0xaa/0x120
[  561.460634][    C0]  do_recvmmsg+0x474/0xae0
[  561.465088][    C0]  ? __pfx___futex_wait+0x10/0x10
[  561.470148][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  561.475130][    C0]  ? __pfx_futex_wake_mark+0x10/0x10
[  561.480509][    C0]  ? futex_wait+0x285/0x360
[  561.485124][    C0]  ? __pfx_futex_wait+0x10/0x10
[  561.490014][    C0]  ? fd_install+0x9c/0x5d0
[  561.494459][    C0]  ? __pfx_lock_release+0x10/0x10
[  561.499504][    C0]  ? __pfx_do_futex+0x10/0x10
[  561.504229][    C0]  __x64_sys_recvmmsg+0x199/0x250
[  561.510481][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  561.517399][    C0]  ? do_syscall_64+0x100/0x230
[  561.522660][    C0]  ? do_syscall_64+0xb6/0x230
[  561.529823][    C0]  do_syscall_64+0xf3/0x230
[  561.534742][    C0]  ? clear_bhb_loop+0x35/0x90
[  561.540096][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.546133][    C0] RIP: 0033:0x7fdfbaf75d39
[  561.550744][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  561.571064][    C0] RSP: 002b:00007fdfbbc7e048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  561.580376][    C0] RAX: ffffffffffffffda RBX: 00007fdfbb104070 RCX: 00007fdfbaf75d39
[  561.588397][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  561.596400][    C0] RBP: 00007fdfbaff6766 R08: 0000000000000000 R09: 0000000000000000
[  561.604404][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  561.612415][    C0] R13: 000000000000006e R14: 00007fdfbb104070 R15: 00007ffeafeb36a8
[  561.620458][    C0]  </TASK>
[  561.623517][    C0] 
[  561.625876][    C0] The buggy address belongs to the virtual mapping at
[  561.625876][    C0]  [ffffc90008800000, ffffc90008809000) created by:
[  561.625876][    C0]  copy_process+0x5d1/0x3d90
[  561.643549][    C0] 
[  561.645879][    C0] The buggy address belongs to the physical page:
[  561.652306][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x295f2
[  561.661135][    C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  561.668346][    C0] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  561.677050][    C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  561.685659][    C0] page dumped because: kasan: bad access detected
[  561.692219][    C0] page_owner tracks the page as allocated
[  561.697979][    C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 1052, tgid 1052 (kworker/u8:5), ts 20453244600, free_ts 0
[  561.716523][    C0]  post_alloc_hook+0x1f3/0x230
[  561.721344][    C0]  get_page_from_freelist+0x2ccb/0x2d80
[  561.727009][    C0]  __alloc_pages_noprof+0x256/0x6c0
[  561.732233][    C0]  alloc_pages_mpol_noprof+0x3e8/0x680
[  561.737727][    C0]  __vmalloc_node_range_noprof+0x971/0x1460
[  561.743664][    C0]  dup_task_struct+0x444/0x8c0
[  561.748479][    C0]  copy_process+0x5d1/0x3d90
[  561.753128][    C0]  kernel_clone+0x226/0x8f0
[  561.757766][    C0]  user_mode_thread+0x132/0x1a0
[  561.762660][    C0]  call_usermodehelper_exec_work+0x5c/0x230
[  561.768674][    C0]  process_scheduled_works+0xa2c/0x1830
[  561.774240][    C0]  worker_thread+0x86d/0xd40
[  561.778849][    C0]  kthread+0x2f0/0x390
[  561.782979][    C0]  ret_from_fork+0x4b/0x80
[  561.787453][    C0]  ret_from_fork_asm+0x1a/0x30
[  561.792332][    C0] page_owner free stack trace missing
[  561.797698][    C0] 
[  561.800029][    C0] Memory state around the buggy address:
[  561.805664][    C0]  ffffc90008807500: 00 00 00 00 00 f3 f3 f3 f3 f3 f3 f3 00 00 00 00
[  561.813728][    C0]  ffffc90008807580: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2
[  561.821814][    C0] >ffffc90008807600: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[  561.829912][    C0]                             ^
[  561.834781][    C0]  ffffc90008807680: 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2 00 f3 f3 f3
[  561.842858][    C0]  ffffc90008807700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  561.851024][    C0] ==================================================================
[  561.859206][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  561.866452][    C0] CPU: 0 UID: 0 PID: 9588 Comm: syz.0.1430 Not tainted 6.10.0-rc5-next-20240624-syzkaller #0
----------------------------------------

arch/x86/kernel/process_64.c:83 is

	printk("%sRAX: %016lx RBX: %016lx RCX: %016lx\n",
	       log_lvl, regs->ax, regs->bx, regs->cx);

(which looks nothing special), and kernel stack area [ffffc90008800000, ffffc90008809000) is
32768 bytes + 4096 bytes (which looks sane to me), and ffffc90008807618 is within the 32768
bytes (which looks sane to me).

Kernel config is https://syzkaller.appspot.com/text?tag=KernelConfig&x=6221d1071c39b052 .
Can somebody find what is wrong?





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux