* KASAN: out-of-bounds Read in __switch_to (2)
@ 2020-10-03 11:09 syzbot
2020-10-29 14:10 ` syzbot
0 siblings, 1 reply; 3+ messages in thread
From: syzbot @ 2020-10-03 11:09 UTC (permalink / raw)
To: 0x7f454c46, bp, chang.seok.bae, hpa, linux-kernel, luto, mingo,
sashal, syzkaller-bugs, tglx, x86
Hello,
syzbot found the following issue on:
HEAD commit: fb0155a0 Merge tag 'nfs-for-5.9-3' of git://git.linux-nfs...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=15147bc3900000
kernel config: https://syzkaller.appspot.com/x/.config?x=41b736b7ce1b3ea4
dashboard link: https://syzkaller.appspot.com/bug?extid=2667188e965125ab6e7a
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11743a37900000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2667188e965125ab6e7a@syzkaller.appspotmail.com
==================================================================
BUG: KASAN: out-of-bounds in arch_end_context_switch arch/x86/include/asm/paravirt.h:625 [inline]
BUG: KASAN: out-of-bounds in __switch_to+0xddc/0xfe0 arch/x86/kernel/process_64.c:566
Read of size 8 at addr ffffffff89fc6bd8 by task swapper/1/0
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.9.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
The buggy address belongs to the variable:
pv_ops+0x118/0x2c0
Memory state around the buggy address:
ffffffff89fc6a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffffffff89fc6b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffffffff89fc6b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
ffffffff89fc6c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffffffff89fc6c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.9.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: KASAN: out-of-bounds Read in __switch_to (2)
2020-10-03 11:09 KASAN: out-of-bounds Read in __switch_to (2) syzbot
@ 2020-10-29 14:10 ` syzbot
2020-11-11 11:09 ` Dmitry Vyukov
0 siblings, 1 reply; 3+ messages in thread
From: syzbot @ 2020-10-29 14:10 UTC (permalink / raw)
To: 0x7f454c46, anant.thazhemadam, b.zolnierkie, bp, chang.seok.bae,
dan.carpenter, george.kennedy, hpa, linux-kernel, luto, mingo,
sashal, syzkaller-bugs, tglx, x86
syzbot suspects this issue was fixed by commit:
commit a49145acfb975d921464b84fe00279f99827d816
Author: George Kennedy <george.kennedy@oracle.com>
Date: Tue Jul 7 19:26:03 2020 +0000
fbmem: add margin check to fb_check_caps()
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=174684b8500000
start commit: fb0155a0 Merge tag 'nfs-for-5.9-3' of git://git.linux-nfs...
git tree: upstream
kernel config: https://syzkaller.appspot.com/x/.config?x=41b736b7ce1b3ea4
dashboard link: https://syzkaller.appspot.com/bug?extid=2667188e965125ab6e7a
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11743a37900000
If the result looks correct, please mark the issue as fixed by replying with:
#syz fix: fbmem: add margin check to fb_check_caps()
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: KASAN: out-of-bounds Read in __switch_to (2)
2020-10-29 14:10 ` syzbot
@ 2020-11-11 11:09 ` Dmitry Vyukov
0 siblings, 0 replies; 3+ messages in thread
From: Dmitry Vyukov @ 2020-11-11 11:09 UTC (permalink / raw)
To: syzbot
Cc: Dmitry Safonov, Anant Thazhemadam, Bartlomiej Zolnierkiewicz,
Borislav Petkov, chang.seok.bae, Dan Carpenter, George Kennedy,
H. Peter Anvin, LKML, Andy Lutomirski, Ingo Molnar, Sasha Levin,
syzkaller-bugs, Thomas Gleixner, the arch/x86 maintainers
On Thu, Oct 29, 2020 at 3:10 PM syzbot
<syzbot+2667188e965125ab6e7a@syzkaller.appspotmail.com> wrote:
>
> syzbot suspects this issue was fixed by commit:
>
> commit a49145acfb975d921464b84fe00279f99827d816
> Author: George Kennedy <george.kennedy@oracle.com>
> Date: Tue Jul 7 19:26:03 2020 +0000
>
> fbmem: add margin check to fb_check_caps()
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=174684b8500000
> start commit: fb0155a0 Merge tag 'nfs-for-5.9-3' of git://git.linux-nfs...
> git tree: upstream
> kernel config: https://syzkaller.appspot.com/x/.config?x=41b736b7ce1b3ea4
> dashboard link: https://syzkaller.appspot.com/bug?extid=2667188e965125ab6e7a
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11743a37900000
>
> If the result looks correct, please mark the issue as fixed by replying with:
>
> #syz fix: fbmem: add margin check to fb_check_caps()
>
> For information about bisection process see: https://goo.gl/tpsmEJ#bisection
#syz fix: fbmem: add margin check to fb_check_caps()
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-11-11 11:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-10-03 11:09 KASAN: out-of-bounds Read in __switch_to (2) syzbot
2020-10-29 14:10 ` syzbot
2020-11-11 11:09 ` Dmitry Vyukov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox