* general protection fault in add_wait_queue
@ 2022-06-20 14:13 Dae R. Jeong
0 siblings, 0 replies; only message in thread
From: Dae R. Jeong @ 2022-06-20 14:13 UTC (permalink / raw)
To: bryantan, rjalisatgi, vdasa, pv-drivers, arnd, gregkh,
linux-kernel
Hi,
We observed a crash "general protection fault in add_wait_queue"
during fuzzing.
Unfortunately, we have not found a reproducer for the crash yet. We
will inform you if we have any update on this crash.
Detailed crash information is as follows.
------
- Kernel commit:
b13baccc3850ca
- Crash report:
general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf]
CPU: 2 PID: 27483 Comm: syz-executor.0 Not tainted 5.19.0-rc1-31595-gdf1bbda1a939 #13
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
RIP: 0010:__lock_acquire+0xf3/0x5e00 kernel/locking/lockdep.c:4926
Code: 89 bc 24 88 00 00 00 0f 85 02 27 00 00 83 3d 9b 05 66 10 00 0f 84 97 43 00 00 83 3d 46 ea f9 0e 00 74 31 48 89 f8 48 c1 e8 03 <42> 80 3c 00 00 74 17 e8 b1 5e 86 00 48 8b bc 24 88 00 00 00 49 b8
RSP: 0018:ffffc900082af260 EFLAGS: 00010002
RAX: 0000000000000019 RBX: 0000000000000001 RCX: 1ffff92001055e6c
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000c8
RBP: ffffc900082af5f0 R08: dffffc0000000000 R09: 0000000000000001
R10: fffffbfff2394b3e R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001
FS: 00007f36801c0700(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055fdf32207d0 CR3: 000000005af57000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
lock_acquire+0x1a4/0x4a0 kernel/locking/lockdep.c:5672
__raw_spin_lock_irqsave include/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xb3/0x100 kernel/locking/spinlock.c:162
add_wait_queue+0x3d/0x260 kernel/sched/wait.c:22
poll_wait include/poll.h:49 [inline]
vmci_host_poll+0xf8/0x2b0 drivers/misc/vmw_vmci/vmci_host.c:174
vfs_poll include/poll.h:88 [inline]
do_pollfd fs/select.c:873 [inline]
do_poll fs/select.c:921 [inline]
do_sys_poll+0xc7c/0x1aa0 fs/select.c:1015
__do_sys_ppoll fs/select.c:1121 [inline]
__se_sys_ppoll+0x2cc/0x330 fs/select.c:1101
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x4e/0xa0 arch/x86/entry/common.c:82
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x478db9
Code: f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f36801bfbe8 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
RAX: ffffffffffffffda RBX: 0000000000781408 RCX: 0000000000478db9
RDX: 00000000200000c0 RSI: 0000000000000001 RDI: 0000000020000100
RBP: 00000000f477909a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000007815c0
R13: 0000000000781414 R14: 0000000000781408 R15: 00007fffb85f7830
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__lock_acquire+0xf3/0x5e00 kernel/locking/lockdep.c:4926
RSP: 0018:ffffc900082af260 EFLAGS: 00010002
RAX: 0000000000000019 RBX: 0000000000000001 RCX: 1ffff92001055e6c
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000c8
RBP: ffffc900082af5f0 R08: dffffc0000000000 R09: 0000000000000001
R10: fffffbfff2394b3e R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001
FS: 00007f36801c0700(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055fdf32207d0 CR3: 000000005af57000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-06-20 14:55 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-06-20 14:13 general protection fault in add_wait_queue Dae R. Jeong
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.