================================================================== BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0 arch/x86/kernel/time.c:42 Read of size 8 at addr ffff8881f6f09b40 by task syz-executor150/2295 CPU: 1 PID: 2295 Comm: syz-executor150 Not tainted 5.4.268-syzkaller-00012-g51cf29fc2bfc #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d8/0x241 lib/dump_stack.c:118 print_address_description+0x8c/0x600 mm/kasan/report.c:384 __kasan_report+0xf3/0x120 mm/kasan/report.c:516 kasan_report+0x30/0x60 mm/kasan/common.c:653 profile_pc+0xa4/0xe0 arch/x86/kernel/time.c:42 profile_tick+0xb9/0x100 kernel/profile.c:416 tick_sched_handle kernel/time/tick-sched.c:206 [inline] tick_sched_timer+0x237/0x3c0 kernel/time/tick-sched.c:1342 __run_hrtimer kernel/time/hrtimer.c:1581 [inline] __hrtimer_run_queues+0x3e9/0xb90 kernel/time/hrtimer.c:1643 hrtimer_interrupt+0x38a/0x890 kernel/time/hrtimer.c:1705 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1122 [inline] smp_apic_timer_interrupt+0x110/0x460 arch/x86/kernel/apic/apic.c:1147 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:834 The buggy address belongs to the page: page:ffffea0007dbc240 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 flags: 0x8000000000001000(reserved) raw: 8000000000001000 ffffea0007dbc248 ffffea0007dbc248 0000000000000000 raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner info is not present (never set?) Memory state around the buggy address: ffff8881f6f09a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8881f6f09a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff8881f6f09b00: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04 f3 f3 f3 ^ ffff8881f6f09b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8881f6f09c00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 ==================================================================