syzbot


KASAN: out-of-bounds Read in __switch_to

Status: fixed on 2019/03/06 07:43
Subsystems: kernel
[Documentation on labels]
Fix commit: 44039e00171b fou6: Prevent unbounded recursion in GUE error handler
First crash: 1995d, last: 1995d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: out-of-bounds Read in __switch_to (2) kernel syz done done 1 1362d 1358d 15/27 fixed on 2020/11/16 12:12

Sample crash report:
==================================================================
BUG: KASAN: out-of-bounds in __switch_to+0xed0/0x1270 arch/x86/kernel/process_64.c:562
Read of size 2 at addr ffff8880a9473620 by task syz-executor427/2445

CPU: 1 PID: 2445 Comm: syz-executor427 Not tainted 4.20.0-next-20190103 #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:

Allocated by task 1102416563:
(stack is not available)

Freed by task 2302333392:
------------[ cut here ]------------
Bad or missing usercopy whitelist? Kernel memory overwrite attempt detected to SLAB object 'vm_area_struct' (offset 32, size 1)!
WARNING: CPU: 1 PID: 2445 at mm/usercopy.c:78 usercopy_warn+0xeb/0x110 mm/usercopy.c:78
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 2445 Comm: syz-executor427 Not tainted 4.20.0-next-20190103 #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
Shutting down cpus with NMI
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/01/04 23:29 linux-next a4983672f9ca 0127e3ba .config console log report syz C ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.