IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 ================================================================== BUG: KASAN: stack-out-of-bounds in __read_once_size include/linux/compiler.h:178 [inline] BUG: KASAN: stack-out-of-bounds in update_stack_state+0x5d9/0x670 arch/x86/kernel/unwind_frame.c:270 Read of size 8 at addr ffff8801d8266a18 by task syz-executor1/3788 CPU: 0 PID: 3788 Comm: syz-executor1 Not tainted 4.14.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x145/0x1f0 lib/dump_stack.c:53 print_address_description+0x6c/0x20b mm/kasan/report.c:252 kasan_report_error mm/kasan/report.c:351 [inline] kasan_report.cold.7+0x11a/0x2d3 mm/kasan/report.c:409 __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:430 __read_once_size include/linux/compiler.h:178 [inline] update_stack_state+0x5d9/0x670 arch/x86/kernel/unwind_frame.c:270 __unwind_start+0xf9/0x330 arch/x86/kernel/unwind_frame.c:404 unwind_start arch/x86/include/asm/unwind.h:51 [inline] perf_callchain_kernel+0x23f/0x5a0 arch/x86/events/core.c:2350 get_perf_callchain+0x436/0xe10 kernel/events/callchain.c:220 perf_callchain+0x125/0x170 kernel/events/callchain.c:193 perf_prepare_sample+0xdb6/0x1940 kernel/events/core.c:6004 __perf_event_output kernel/events/core.c:6120 [inline] perf_event_output_forward+0xdb/0x210 kernel/events/core.c:6138 __perf_event_overflow+0x1f1/0x4d0 kernel/events/core.c:7370 perf_swevent_overflow+0x1e9/0x310 kernel/events/core.c:7446 perf_swevent_event+0x15e/0x2f0 kernel/events/core.c:7474 do_perf_sw_event kernel/events/core.c:7587 [inline] ___perf_sw_event+0x3e5/0x620 kernel/events/core.c:7618 perf_sw_event_sched include/linux/perf_event.h:1043 [inline] perf_event_task_sched_out include/linux/perf_event.h:1081 [inline] prepare_task_switch kernel/sched/core.c:2592 [inline] context_switch kernel/sched/core.c:2764 [inline] __schedule+0xff3/0x1f70 kernel/sched/core.c:3375 schedule+0xef/0x430 kernel/sched/core.c:3434 freezable_schedule include/linux/freezer.h:172 [inline] futex_wait_queue_me+0x3ce/0x850 kernel/futex.c:2494 futex_wait+0x3e7/0x930 kernel/futex.c:2609 do_futex+0x8b1/0x2620 kernel/futex.c:3491 SYSC_futex kernel/futex.c:3551 [inline] SyS_futex+0xf0/0x3e7 kernel/futex.c:3519 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x453ef9 RSP: 002b:00007f97d0f81ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: ffffffffffffffda RBX: 000000000072bec8 RCX: 0000000000453ef9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000072bec8 RBP: 0000000000000086 R08: 0000000000000000 R09: 000000000072bea0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc823a31df R14: 00007f97d0f829c0 R15: 0000000000000000 The buggy address belongs to the page: page:ffffea0007609980 count:0 mapcount:0 mapping: (null) index:0xffff8801d8266980 flags: 0x2fffc0000000000() raw: 02fffc0000000000 0000000000000000 ffff8801d8266980 00000000ffffffff raw: 0000000000000000 dead000000000200 ffff8801dac00dc0 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8801d8266900: 00 00 00 00 00 00 f2 f3 f3 f3 f3 00 00 00 00 00 ffff8801d8266980: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04 f2 >ffff8801d8266a00: f2 f2 f2 f2 f2 f2 f8 f2 f2 f2 f2 f2 f2 f2 00 00 ^ ffff8801d8266a80: 00 f2 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 ffff8801d8266b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 ==================================================================