syzbot |
sign-in | mailing list | source | docs |
------------[ cut here ]------------ ================================================================== BUG: KASAN: global-out-of-bounds in string_nocheck lib/vsprintf.c:646 [inline] BUG: KASAN: global-out-of-bounds in string+0x398/0x3d0 lib/vsprintf.c:728 Read of size 1 at addr ffffffff8b6d26fa by task kworker/1:1/55 CPU: 1 PID: 55 Comm: kworker/1:1 Not tainted 6.9.0-syzkaller-07370-g33e02dc69afb #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 Workqueue: xfs-inodegc/loop0 xfs_inodegc_worker Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0xc3/0x620 mm/kasan/report.c:488 kasan_report+0xd9/0x110 mm/kasan/report.c:601 string_nocheck lib/vsprintf.c:646 [inline] string+0x398/0x3d0 lib/vsprintf.c:728 vsnprintf+0xc67/0x1870 lib/vsprintf.c:2824 vprintk_store+0x3a2/0xbb0 kernel/printk/printk.c:2228 vprintk_emit kernel/printk/printk.c:2329 [inline] vprintk_emit+0xac/0x5a0 kernel/printk/printk.c:2303 vprintk+0x7f/0xa0 kernel/printk/printk_safe.c:45 __warn_printk+0x181/0x350 kernel/panic.c:741 look_up_lock_class+0x132/0x140 kernel/locking/lockdep.c:932 register_lock_class+0xb1/0x1230 kernel/locking/lockdep.c:1284 __lock_acquire+0x111/0x3b30 kernel/locking/lockdep.c:5014 lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x560 kernel/locking/lockdep.c:5719 process_one_work+0x86e/0x1a30 kernel/workqueue.c:3243 process_scheduled_works kernel/workqueue.c:3348 [inline] worker_thread+0x6c8/0xf70 kernel/workqueue.c:3429 kthread+0x2c1/0x3a0 kernel/kthread.c:389 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> The buggy address belongs to the variable: xstats.0+0x18fa/0x2640 The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb6d2 flags: 0xfff00000004000(reserved|node=0|zone=1|lastcpupid=0x7ff) page_type: 0xffffffff() raw: 00fff00000004000 ffffea00002db488 ffffea00002db488 0000000000000000 raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner info is not present (never set?) Memory state around the buggy address: ffffffff8b6d2580: f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9 00 00 00 00 ffffffff8b6d2600: f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9 00 00 00 07 >ffffffff8b6d2680: f9 f9 f9 f9 00 00 00 00 06 f9 f9 f9 f9 f9 f9 f9 ^ ffffffff8b6d2700: 00 00 04 f9 f9 f9 f9 f9 00 00 00 00 00 00 06 f9 ffffffff8b6d2780: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 02 f9 ==================================================================
Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2024/05/16 00:53 | upstream | 33e02dc69afb | ef5d53ed | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | KASAN: global-out-of-bounds Read in process_one_work |