syzbot

 sign-in | mailing list | source | docs
🐞 Open [979] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12499] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel panic: stack is corrupted in mpol_to_str

Status: closed as dup on 2020/03/26 11:21
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+b636fe4123f39f69c35b@syzkaller.appspotmail.com
First crash: 1491d, last: 1482d
Cause bisection: introduced by (bisect log) [merge commit]:
commit d72619706abc4aa7e540ea882dae883cee7cc3b3
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Thu Jul 11 22:38:21 2019 +0000

  Merge tag 'tty-5.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

Crash: general protection fault in send_hsr_supervision_frame (log)
Repro: C syz .config
  
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
KASAN: stack-out-of-bounds Write in mpol_to_str mm C done 23 1486d 1490d
Discussions (1)
Title Replies (including bot) Last reply
kernel panic: stack is corrupted in mpol_to_str 1 (2) 2020/03/26 11:21

Sample crash report:
Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: mpol_to_str+0x3ec/0x3f0 mm/mempolicy.c:2962
CPU: 1 PID: 1 Comm: systemd Not tainted 5.6.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1e9/0x30e lib/dump_stack.c:118
 panic+0x264/0x7a0 kernel/panic.c:221
 __stack_chk_fail+0x1c/0x20 kernel/panic.c:667
 mpol_to_str+0x3ec/0x3f0 mm/mempolicy.c:2962
 shmem_show_mpol mm/shmem.c:1406 [inline]
 shmem_show_options+0x3d9/0x4c0 mm/shmem.c:3609
 show_mountinfo+0x68d/0x790 fs/proc_namespace.c:187
 seq_read+0x9df/0xd20 fs/seq_file.c:268
 __vfs_read+0xa7/0x6f0 fs/read_write.c:425
 vfs_read+0x1c0/0x3f0 fs/read_write.c:461
 ksys_read+0x115/0x220 fs/read_write.c:587
 do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f83e3f3f92d
Code: 2d 2c 00 00 75 10 b8 00 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 de 9b 01 00 48 89 04 24 b8 00 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 27 9c 01 00 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:00007ffe6d4b18c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 000055840db5f6d0 RCX: 00007f83e3f3f92d
RDX: 0000000000000400 RSI: 000055840db5f900 RDI: 000000000000002b
RBP: 0000000000000d68 R08: 00007f83e5975500 R09: 00000000000000e0
R10: 000055840db5fce2 R11: 0000000000000293 R12: 00007f83e41fa440
R13: 00007f83e41f9900 R14: 000000000000001e R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (11):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/03/25 21:24 upstream e2cf67f6689a 41f049cc .config console log report syz C ci-upstream-kasan-gce-smack-root
2020/04/03 00:12 upstream 7be97138e727 a34e2c33 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/31 01:38 upstream 7111951b8d49 c8d1cc20 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/30 18:25 upstream 7111951b8d49 c8d1cc20 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/29 22:14 upstream e595dd94515e 05736b29 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/29 21:52 upstream e595dd94515e 05736b29 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/28 19:34 upstream 69c5eea3128e f1ebdfba .config console log report ci-upstream-kasan-gce-smack-root
2020/03/27 01:28 upstream 9420e8ade435 6d25c5a0 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/26 11:57 upstream 1b649e0bcae7 e8e6c7d2 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/25 18:50 upstream e2cf67f6689a 41f049cc .config console log report ci-upstream-kasan-gce-smack-root
2020/03/25 18:33 upstream e2cf67f6689a 41f049cc .config console log report ci-upstream-kasan-gce-smack-root
* Struck through repros no longer work on HEAD.