* invalid opcode in __get_vm_area_node
@ 2026-06-26 21:26 sanan.hasanou
0 siblings, 0 replies; only message in thread
From: sanan.hasanou @ 2026-06-26 21:26 UTC (permalink / raw)
To: akpm, urezki, linux-mm, linux-kernel; +Cc: syzkaller, contact
Good day, dear maintainers,
We found a bug using a modified version of syzkaller.
Kernel Branch: 7.0-rc1
Kernel Config: <https://drive.google.com/open?id=1SkS9U2y8MGrnaXhjJJI5n5SymSSMyYnS>
Unfortunately, we don't have any reproducer for this bug yet.
Thank you!
Best regards,
Sanan Hasanov
UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
Oops: invalid opcode: 0000 [#1] SMP KASAN
CPU: 0 UID: 0 PID: 11561 Comm: syz.4.66 Not tainted 7.0.0-rc1 #1 PREEMPT_{RT,(full)}
Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:__get_vm_area_node+0x34d/0x350 mm/vmalloc.c:3212
Code: be 01 00 00 00 48 c7 c7 c0 95 66 8d 48 89 da e8 39 7b ad 02 49 c7 c7 ff ff ff ff 48 8b 5d d0 e9 7c fd ff ff e8 a4 ed a7 ff 90 <0f> 0b 90 0f 1f 40 d6 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55
RSP: 0018:ffffc90026d56630 EFLAGS: 00010246
RAX: ffffffff821e820c RBX: 000000000000000c RCX: 0000000000080000
RDX: ffffc90011a4b000 RSI: 000000000007ffff RDI: 0000000000080000
RBP: ffffc90026d56678 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffffbfff1db024d R12: 0000000000000000
R13: 0000000000000022 R14: 0000000000000200 R15: ffff888025c3c4bc
FS: 00007fc6f9c366c0(0000) GS:ffff8880dc0a8000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f071644d660 CR3: 0000000069586000 CR4: 00000000000006f0
Call Trace:
<TASK>
__vmalloc_node_range_noprof+0x373/0x1500 mm/vmalloc.c:4024
__kvmalloc_node_noprof+0x509/0x7c0 mm/slub.c:6739
bucket_table_alloc+0x69/0x380 lib/rhashtable.c:186
rhashtable_insert_rehash lib/rhashtable.c:470 [inline]
rhashtable_try_insert lib/rhashtable.c:637 [inline]
rhashtable_insert_slow+0x1b92/0x1f00 lib/rhashtable.c:650
__rhashtable_insert_fast include/linux/rhashtable.h:794 [inline]
rhashtable_lookup_insert_fast include/linux/rhashtable.h:970 [inline]
fdb_create+0xd24/0x13d0 net/bridge/br_fdb.c:411
fdb_add_local+0x13e/0x410 net/bridge/br_fdb.c:446
br_fdb_add_local+0x5d/0x90 net/bridge/br_fdb.c:977
__vlan_add+0x630/0x2a10 net/bridge/br_vlan.c:335
nbp_vlan_add+0x24f/0xa80 net/bridge/br_vlan.c:1343
br_vlan_info+0xff/0x460 net/bridge/br_netlink.c:705
br_process_vlan_info+0x600/0x890 net/bridge/br_netlink.c:768
br_afspec+0x39a/0x5f0 net/bridge/br_netlink.c:836
br_setlink+0x271/0x800 net/bridge/br_netlink.c:1135
rtnl_bridge_setlink+0x5b6/0x7d0 net/core/rtnetlink.c:5534
rtnetlink_rcv_msg+0x77a/0xb60 net/core/rtnetlink.c:6967
netlink_rcv_skb+0x206/0x460 net/netlink/af_netlink.c:2550
rtnetlink_rcv+0x25/0x30 net/core/rtnetlink.c:6985
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x811/0x9c0 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x847/0xb50 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0x5a5/0x900 net/socket.c:2592
___sys_sendmsg+0x224/0x2a0 net/socket.c:2646
__sys_sendmsg net/socket.c:2678 [inline]
__do_sys_sendmsg net/socket.c:2683 [inline]
__se_sys_sendmsg net/socket.c:2681 [inline]
__x64_sys_sendmsg+0x1a6/0x270 net/socket.c:2681
x64_sys_call+0x17a2/0x2900 arch/x86/include/generated/asm/syscalls_64.h:47
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x11c/0x810 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x4b/0x53
RIP: 0033:0x7fc6fb9e3b6d
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fc6f9c36018 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fc6fbc55fa0 RCX: 00007fc6fb9e3b6d
RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
RBP: 00007fc6fba87c3e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fc6fbc56038 R14: 00007fc6fbc55fa0 R15: 00007fffd78dbe70
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__get_vm_area_node+0x34d/0x350 mm/vmalloc.c:3212
Code: be 01 00 00 00 48 c7 c7 c0 95 66 8d 48 89 da e8 39 7b ad 02 49 c7 c7 ff ff ff ff 48 8b 5d d0 e9 7c fd ff ff e8 a4 ed a7 ff 90 <0f> 0b 90 0f 1f 40 d6 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55
RSP: 0018:ffffc90026d56630 EFLAGS: 00010246
RAX: ffffffff821e820c RBX: 000000000000000c RCX: 0000000000080000
RDX: ffffc90011a4b000 RSI: 000000000007ffff RDI: 0000000000080000
RBP: ffffc90026d56678 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffffbfff1db024d R12: 0000000000000000
R13: 0000000000000022 R14: 0000000000000200 R15: ffff888025c3c4bc
FS: 00007fc6f9c366c0(0000) GS:ffff8880dc0a8000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f071644d660 CR3: 0000000069586000 CR4: 00000000000006f0
<<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>>
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-26 21:26 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-26 21:26 invalid opcode in __get_vm_area_node sanan.hasanou
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox