================================================================== BUG: KASAN: stack-out-of-bounds in unwind_get_return_address+0x96/0xa0 arch/x86/kernel/unwind_frame.c:17 Read of size 8 at addr ffff8801d39a72c0 by task syz-executor5/11473 CPU: 0 PID: 11473 Comm: syz-executor5 Not tainted 4.9.148+ #1 ffff8801d39a7070 ffffffff81b44d01 0000000000000000 ffffea00074e69c0 ffff8801d39a72c0 0000000000000008 ffffffff810ab576 ffff8801d39a70a8 ffffffff815020d5 0000000000000000 ffff8801d39a72c0 ffff8801d39a72c0 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [] print_address_description+0x6f/0x238 mm/kasan/report.c:256 [] kasan_report_error mm/kasan/report.c:355 [inline] [] kasan_report mm/kasan/report.c:412 [inline] [] kasan_report.cold+0x8c/0x2ba mm/kasan/report.c:397 [] __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:433 [] unwind_get_return_address+0x96/0xa0 arch/x86/kernel/unwind_frame.c:17 [] perf_callchain_kernel+0x3b0/0x540 arch/x86/events/core.c:2278 [] get_perf_callchain+0x30b/0x7e0 kernel/events/callchain.c:215 [] perf_callchain+0x153/0x1a0 kernel/events/callchain.c:188 [] perf_prepare_sample+0xa4f/0xea0 kernel/events/core.c:5967 [] __perf_event_output kernel/events/core.c:6080 [inline] [] perf_event_output_forward+0xfe/0x240 kernel/events/core.c:6098 [] __perf_event_overflow+0x121/0x330 kernel/events/core.c:7198 [] perf_swevent_overflow+0x17c/0x210 kernel/events/core.c:7274 [] perf_swevent_event+0x1ac/0x280 kernel/events/core.c:7307 [] do_perf_sw_event kernel/events/core.c:7415 [inline] [] ___perf_sw_event+0x299/0x4c0 kernel/events/core.c:7446 [] perf_sw_event_sched include/linux/perf_event.h:1057 [inline] [] perf_event_task_sched_out include/linux/perf_event.h:1095 [inline] [] prepare_task_switch kernel/sched/core.c:2757 [inline] [] context_switch kernel/sched/core.c:2919 [inline] [] __schedule+0x1150/0x1b50 kernel/sched/core.c:3498 [] preempt_schedule_common+0x4f/0xe0 kernel/sched/core.c:3608 [] preempt_schedule+0x26/0x30 kernel/sched/core.c:3634 [] ___preempt_schedule+0x16/0x18 [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:163 [inline] [] _raw_spin_unlock_irqrestore+0x6b/0x70 kernel/locking/spinlock.c:191 [] try_to_wake_up+0x5da/0xfb0 kernel/sched/core.c:2134 [] wake_up_process kernel/sched/core.c:2205 [inline] [] wake_up_q+0x95/0xf0 kernel/sched/core.c:483 [] futex_wake+0x3b9/0x460 kernel/futex.c:1454 [] do_futex+0x2bf/0x1a70 kernel/futex.c:3274 [] SYSC_futex kernel/futex.c:3330 [inline] [] SyS_futex+0x253/0x360 kernel/futex.c:3298 [] do_syscall_64+0x1ad/0x570 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb The buggy address belongs to the page: page:ffffea00074e69c0 count:0 mapcount:0 mapping: (null) index:0x0 flags: 0x4000000000000000() page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8801d39a7180: f1 00 00 00 00 00 00 00 00 f3 f3 f3 f3 00 00 00 ffff8801d39a7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 >ffff8801d39a7280: f1 f1 f1 00 00 00 f3 f3 f3 f3 f3 00 00 00 00 00 ^ ffff8801d39a7300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8801d39a7380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 ==================================================================