bisecting cause commit starting from 614cb5894306cfa2c7d9b6168182876ff5948735 building syzkaller on 04201c0669446145fd9c347c5538da0ca13ff29b testing commit 614cb5894306cfa2c7d9b6168182876ff5948735 with gcc (GCC) 10.2.1 20210217 kernel signature: e273d458208550be7f50d0cc1133a58160d4c3b1324a7cf181a8bc88dadfab4f all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in call_rcu testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 10.2.1 20210217 kernel signature: 69f712e8ff26dff693baa88e40bae71cf91591232c8e5c7768725efc07b62ea1 all runs: OK # git bisect start 614cb5894306cfa2c7d9b6168182876ff5948735 2c85ebc57b3e1817b6ce1a6b703928e113a90442 Bisecting: 6592 revisions left to test after this (roughly 13 steps) [7240153a9bdb77217b99b76fd73105bce12770be] Merge tag 'driver-core-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core testing commit 7240153a9bdb77217b99b76fd73105bce12770be with gcc (GCC) 10.2.1 20210217 kernel signature: 3ba21af39bae1e4e493f0cb4ef6ee1c3770b0c361c9385d778f8bc5807baa80f all runs: OK # git bisect good 7240153a9bdb77217b99b76fd73105bce12770be Bisecting: 3291 revisions left to test after this (roughly 12 steps) [a701262c02cec71dc29b10fe910ba3c2298f5ba3] Merge tag 'mtd/for-5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux testing commit a701262c02cec71dc29b10fe910ba3c2298f5ba3 with gcc (GCC) 10.2.1 20210217 kernel signature: dce99990c1d9bdd339273b5bd0948ac699f4c615b65c0d6f895aff2eee4f69eb all runs: OK # git bisect good a701262c02cec71dc29b10fe910ba3c2298f5ba3 Bisecting: 1642 revisions left to test after this (roughly 11 steps) [09c0796adf0c793462fda1d7c8c43324551405c7] Merge tag 'trace-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace testing commit 09c0796adf0c793462fda1d7c8c43324551405c7 with gcc (GCC) 10.2.1 20210217 kernel signature: 790096b31a07c1c0750b7fff4b39b7b749c75c7036402a8905c0a97ef65c8e37 all runs: OK # git bisect good 09c0796adf0c793462fda1d7c8c43324551405c7 Bisecting: 793 revisions left to test after this (roughly 10 steps) [d56154c7e8ba090126a5a2cb76098628bc2216a2] Merge tag 'pwm/for-5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm testing commit d56154c7e8ba090126a5a2cb76098628bc2216a2 with gcc (GCC) 10.2.1 20210217 kernel signature: 994080bc53dc312913012b54bcdbbf6670477a422de162adf3c563d1ea589417 all runs: OK # git bisect good d56154c7e8ba090126a5a2cb76098628bc2216a2 Bisecting: 357 revisions left to test after this (roughly 9 steps) [48342fc07272eec454fc5b400ed3ce3739c7e950] Merge tag 'perf-tools-2020-12-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux testing commit 48342fc07272eec454fc5b400ed3ce3739c7e950 with gcc (GCC) 10.2.1 20210217 kernel signature: 35ebafe4b654e8b83fc55ad0678cc3253c9caa6359565bc7204a37024c72cd5a all runs: OK # git bisect good 48342fc07272eec454fc5b400ed3ce3739c7e950 Bisecting: 178 revisions left to test after this (roughly 8 steps) [affc3f07759cfdcb1ffd87f2847b1c27d8781d65] kasan: define KASAN_MEMORY_PER_SHADOW_PAGE testing commit affc3f07759cfdcb1ffd87f2847b1c27d8781d65 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip affc3f07759cfdcb1ffd87f2847b1c27d8781d65 Bisecting: 178 revisions left to test after this (roughly 8 steps) [3fade566c07abd54ad8324326a4a14f2b6c13e3d] clk: qcom: Add SDX55 GCC support testing commit 3fade566c07abd54ad8324326a4a14f2b6c13e3d with gcc (GCC) 10.2.1 20210217 kernel signature: 07dad47d5cd3054918df26ef87e16b61556451d712dd3c21acd5f64f83dd7305 all runs: OK # git bisect good 3fade566c07abd54ad8324326a4a14f2b6c13e3d Bisecting: 169 revisions left to test after this (roughly 7 steps) [6882464faf74666dbce86b77686d78ff4e506af3] kasan: rename addr_has_shadow to addr_has_metadata testing commit 6882464faf74666dbce86b77686d78ff4e506af3 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 6882464faf74666dbce86b77686d78ff4e506af3 Bisecting: 169 revisions left to test after this (roughly 7 steps) [043577518f027544e8f9e9568140a1fe87ee01a0] clk: qcom: gcc-sc7180: Add 50 MHz clock rate for SDC2 testing commit 043577518f027544e8f9e9568140a1fe87ee01a0 with gcc (GCC) 10.2.1 20210217 kernel signature: 07dad47d5cd3054918df26ef87e16b61556451d712dd3c21acd5f64f83dd7305 all runs: OK # git bisect good 043577518f027544e8f9e9568140a1fe87ee01a0 Bisecting: 166 revisions left to test after this (roughly 7 steps) [96e0279df6d8f2a1394de2b41815b0065c031950] kasan: separate metadata_fetch_row for each mode testing commit 96e0279df6d8f2a1394de2b41815b0065c031950 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 96e0279df6d8f2a1394de2b41815b0065c031950 Bisecting: 166 revisions left to test after this (roughly 7 steps) [98c970da8b35e919f985818eda7c1bcbcec8f4c4] arm64: mte: add in-kernel tag fault handler testing commit 98c970da8b35e919f985818eda7c1bcbcec8f4c4 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 98c970da8b35e919f985818eda7c1bcbcec8f4c4 Bisecting: 166 revisions left to test after this (roughly 7 steps) [7a110b9107ed8fe27277988cdb4d18e7043b7252] clk: at91: clk-master: re-factor master clock testing commit 7a110b9107ed8fe27277988cdb4d18e7043b7252 with gcc (GCC) 10.2.1 20210217 kernel signature: 07dad47d5cd3054918df26ef87e16b61556451d712dd3c21acd5f64f83dd7305 all runs: OK # git bisect good 7a110b9107ed8fe27277988cdb4d18e7043b7252 Bisecting: 161 revisions left to test after this (roughly 7 steps) [3bcf906b194cebb6817cbb2f07b69e12aa5d7f51] ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET testing commit 3bcf906b194cebb6817cbb2f07b69e12aa5d7f51 with gcc (GCC) 10.2.1 20210217 kernel signature: 07dad47d5cd3054918df26ef87e16b61556451d712dd3c21acd5f64f83dd7305 all runs: OK # git bisect good 3bcf906b194cebb6817cbb2f07b69e12aa5d7f51 Bisecting: 152 revisions left to test after this (roughly 7 steps) [28ab35841ce0262b41074464d9fb6709bb26348f] kasan, arm64: move initialization message testing commit 28ab35841ce0262b41074464d9fb6709bb26348f with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 28ab35841ce0262b41074464d9fb6709bb26348f Bisecting: 152 revisions left to test after this (roughly 7 steps) [1f600626b3a9b77001b3ef90a79bf68c9f7e4cda] kasan: rename KASAN_SHADOW_* to KASAN_GRANULE_* testing commit 1f600626b3a9b77001b3ef90a79bf68c9f7e4cda with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 1f600626b3a9b77001b3ef90a79bf68c9f7e4cda Bisecting: 152 revisions left to test after this (roughly 7 steps) [421015713b306e47af95d4d61cdfbd96d462e4cb] ARM: 9017/2: Enable KASan for ARM testing commit 421015713b306e47af95d4d61cdfbd96d462e4cb with gcc (GCC) 10.2.1 20210217 kernel signature: 07dad47d5cd3054918df26ef87e16b61556451d712dd3c21acd5f64f83dd7305 all runs: OK # git bisect good 421015713b306e47af95d4d61cdfbd96d462e4cb Bisecting: 148 revisions left to test after this (roughly 7 steps) [97fc712232368ddeabd91cdabf40da9b2155c033] kasan: decode stack frame only with KASAN_STACK_ENABLE testing commit 97fc712232368ddeabd91cdabf40da9b2155c033 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 97fc712232368ddeabd91cdabf40da9b2155c033 Bisecting: 148 revisions left to test after this (roughly 7 steps) [c3a74f8e25e97166ca0f954414825ae98a3209f6] Merge branch 'pm-cpufreq' testing commit c3a74f8e25e97166ca0f954414825ae98a3209f6 with gcc (GCC) 10.2.1 20210217 kernel signature: 20036ef9f6ffd4e0a1972b3386f64ecaaacede6bee73f6fefc842a8cfe1ab108 all runs: OK # git bisect good c3a74f8e25e97166ca0f954414825ae98a3209f6 Bisecting: 143 revisions left to test after this (roughly 7 steps) [b266e8fee9630d1e5a9144f33222a49c06ad6976] kasan: only build init.c for software modes testing commit b266e8fee9630d1e5a9144f33222a49c06ad6976 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip b266e8fee9630d1e5a9144f33222a49c06ad6976 Bisecting: 143 revisions left to test after this (roughly 7 steps) [97593cad003c668e2532cb2939a24a031f8de52d] kasan: sanitize objects when metadata doesn't fit testing commit 97593cad003c668e2532cb2939a24a031f8de52d with gcc (GCC) 10.2.1 20210217 kernel signature: 014a8bc92f874a04d1d13eaf479177ab658d6a1464baa150d0a14508747021ed all runs: crashed: BUG: unable to handle kernel NULL pointer dereference in call_rcu # git bisect bad 97593cad003c668e2532cb2939a24a031f8de52d Bisecting: 100 revisions left to test after this (roughly 7 steps) [699eda2814f28fca34f3540e56cf10467c9bf48b] Merge branches 'clk-tegra', 'clk-imx', 'clk-sifive', 'clk-mediatek' and 'clk-summary' into clk-next testing commit 699eda2814f28fca34f3540e56cf10467c9bf48b with gcc (GCC) 10.2.1 20210217 kernel signature: d621957cf50b22db443331ebe9451b907fe3c0868a65fa9d049ea443eded5d85 all runs: OK # git bisect good 699eda2814f28fca34f3540e56cf10467c9bf48b Bisecting: 50 revisions left to test after this (roughly 6 steps) [478ba09edc1f2f2ee27180a06150cb2d1a686f9c] fs/9p: search open fids first testing commit 478ba09edc1f2f2ee27180a06150cb2d1a686f9c with gcc (GCC) 10.2.1 20210217 kernel signature: 18a30ffe2120accf36cd2c32659e46398b769ee579123aa0859f65d17ad1db0f all runs: OK # git bisect good 478ba09edc1f2f2ee27180a06150cb2d1a686f9c Bisecting: 48 revisions left to test after this (roughly 6 steps) [11f094e312ae834531672aee711079c00ca39ff8] kasan: drop unnecessary GPL text from comment headers testing commit 11f094e312ae834531672aee711079c00ca39ff8 with gcc (GCC) 10.2.1 20210217 kernel signature: 6cf848af914dca6cd56cf41af32fd9e70028a90442f4e3b8e32b721f41c7083e all runs: OK # git bisect good 11f094e312ae834531672aee711079c00ca39ff8 Bisecting: 28 revisions left to test after this (roughly 5 steps) [bad1e1c663e0a72f9cf7b230a00d821678f80455] arm64: mte: switch GCR_EL1 in kernel entry and exit testing commit bad1e1c663e0a72f9cf7b230a00d821678f80455 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip bad1e1c663e0a72f9cf7b230a00d821678f80455 Bisecting: 28 revisions left to test after this (roughly 5 steps) [afe6ef80dcecf2cf7ccab0d94257b985e4c47d80] kasan, arm64: only init shadow for software modes testing commit afe6ef80dcecf2cf7ccab0d94257b985e4c47d80 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip afe6ef80dcecf2cf7ccab0d94257b985e4c47d80 Bisecting: 28 revisions left to test after this (roughly 5 steps) [dc09b29fd0718300fad79d327d275b6ffb6d3315] arm64: kasan: align allocations for HW_TAGS testing commit dc09b29fd0718300fad79d327d275b6ffb6d3315 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip dc09b29fd0718300fad79d327d275b6ffb6d3315 Bisecting: 28 revisions left to test after this (roughly 5 steps) [d73b49365ee65ac48074bdb5aa717bb4644dbbb7] kasan, arm64: only use kasan_depth for software modes testing commit d73b49365ee65ac48074bdb5aa717bb4644dbbb7 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip d73b49365ee65ac48074bdb5aa717bb4644dbbb7 Bisecting: 28 revisions left to test after this (roughly 5 steps) [620954a67bcec6ca6b902baaaa1e3f2601b371a7] arm64: mte: convert gcr_user into an exclude mask testing commit 620954a67bcec6ca6b902baaaa1e3f2601b371a7 with gcc (GCC) 10.2.1 20210217 ./include/linux/kasan.h:48:41: error: 'KASAN_SHADOW_SCALE_SHIFT' undeclared (first use in this function) ./include/linux/kasan.h:49:5: error: 'KASAN_SHADOW_OFFSET' undeclared (first use in this function); did you mean 'KASAN_SHADOW_INIT'? # git bisect skip 620954a67bcec6ca6b902baaaa1e3f2601b371a7 Bisecting: 28 revisions left to test after this (roughly 5 steps) [6476792f1015a356e6864076c210b328b64d08cc] kasan: rename get_alloc/free_info testing commit 6476792f1015a356e6864076c210b328b64d08cc with gcc (GCC) 10.2.1 20210217 kernel signature: c39181d7351e32e3aa1aa7a86eba7b5997df138f2d982cc51632f7c8077a3d07 all runs: OK # git bisect good 6476792f1015a356e6864076c210b328b64d08cc Bisecting: 6 revisions left to test after this (roughly 3 steps) [57345fa68a2769e3bd2b6ca01794fba74e6fa938] kasan: inline (un)poison_range and check_invalid_free testing commit 57345fa68a2769e3bd2b6ca01794fba74e6fa938 with gcc (GCC) 10.2.1 20210217 kernel signature: c39181d7351e32e3aa1aa7a86eba7b5997df138f2d982cc51632f7c8077a3d07 all runs: OK # git bisect good 57345fa68a2769e3bd2b6ca01794fba74e6fa938 Bisecting: 2 revisions left to test after this (roughly 2 steps) [d99f6a10c161227ae7a698470b1cff7b33734d4a] kasan: don't round_up too much testing commit d99f6a10c161227ae7a698470b1cff7b33734d4a with gcc (GCC) 10.2.1 20210217 kernel signature: d7fec78e1e67a8167e7faed30303df05e59bccdf1d815d76253959b5bcedd17b all runs: OK # git bisect good d99f6a10c161227ae7a698470b1cff7b33734d4a Bisecting: 1 revision left to test after this (roughly 1 step) [1ef3133bd3b8627a99af2535a923a488563737a6] kasan: simplify assign_tag and set_tag calls testing commit 1ef3133bd3b8627a99af2535a923a488563737a6 with gcc (GCC) 10.2.1 20210217 kernel signature: d7fec78e1e67a8167e7faed30303df05e59bccdf1d815d76253959b5bcedd17b all runs: OK # git bisect good 1ef3133bd3b8627a99af2535a923a488563737a6 Bisecting: 0 revisions left to test after this (roughly 0 steps) [3933c1757163e8fb471a2d306ba769a04a698900] kasan: clarify comment in __kasan_kfree_large testing commit 3933c1757163e8fb471a2d306ba769a04a698900 with gcc (GCC) 10.2.1 20210217 kernel signature: d7fec78e1e67a8167e7faed30303df05e59bccdf1d815d76253959b5bcedd17b all runs: OK # git bisect good 3933c1757163e8fb471a2d306ba769a04a698900 97593cad003c668e2532cb2939a24a031f8de52d is the first bad commit commit 97593cad003c668e2532cb2939a24a031f8de52d Author: Andrey Konovalov Date: Tue Dec 22 12:03:28 2020 -0800 kasan: sanitize objects when metadata doesn't fit KASAN marks caches that are sanitized with the SLAB_KASAN cache flag. Currently if the metadata that is appended after the object (stores e.g. stack trace ids) doesn't fit into KMALLOC_MAX_SIZE (can only happen with SLAB, see the comment in the patch), KASAN turns off sanitization completely. With this change sanitization of the object data is always enabled. However the metadata is only stored when it fits. Instead of checking for SLAB_KASAN flag accross the code to find out whether the metadata is there, use cache->kasan_info.alloc/free_meta_offset. As 0 can be a valid value for free_meta_offset, introduce KASAN_NO_FREE_META as an indicator that the free metadata is missing. Without this change all sanitized KASAN objects would be put into quarantine with generic KASAN. With this change, only the objects that have metadata (i.e. when it fits) are put into quarantine, the rest is freed right away. Along the way rework __kasan_cache_create() and add claryfying comments. Link: https://lkml.kernel.org/r/aee34b87a5e4afe586c2ac6a0b32db8dc4dcc2dc.1606162397.git.andreyknvl@google.com Link: https://linux-review.googlesource.com/id/Icd947e2bea054cb5cfbdc6cf6652227d97032dcb Co-developed-by: Vincenzo Frascino Signed-off-by: Vincenzo Frascino Signed-off-by: Andrey Konovalov Reviewed-by: Marco Elver Tested-by: Vincenzo Frascino Cc: Alexander Potapenko Cc: Andrey Ryabinin Cc: Branislav Rankov Cc: Catalin Marinas Cc: Dmitry Vyukov Cc: Evgenii Stepanov Cc: Kevin Brodsky Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds mm/kasan/common.c | 116 +++++++++++++++++++++++++++++----------------- mm/kasan/generic.c | 9 ++-- mm/kasan/hw_tags.c | 6 ++- mm/kasan/kasan.h | 17 +++++-- mm/kasan/quarantine.c | 18 ++++++- mm/kasan/report.c | 43 +++++++++-------- mm/kasan/report_sw_tags.c | 9 ++-- mm/kasan/sw_tags.c | 4 ++ 8 files changed, 147 insertions(+), 75 deletions(-) culprit signature: 014a8bc92f874a04d1d13eaf479177ab658d6a1464baa150d0a14508747021ed parent signature: d7fec78e1e67a8167e7faed30303df05e59bccdf1d815d76253959b5bcedd17b revisions tested: 22, total time: 7h21m39.237221016s (build: 3h22m42.089342956s, test: 3h55m20.613672054s) first bad commit: 97593cad003c668e2532cb2939a24a031f8de52d kasan: sanitize objects when metadata doesn't fit recipients (to): ["akpm@linux-foundation.org" "andreyknvl@google.com" "elver@google.com" "torvalds@linux-foundation.org" "vincenzo.frascino@arm.com"] recipients (cc): [] crash: BUG: unable to handle kernel NULL pointer dereference in call_rcu BUG: kernel NULL pointer dereference, address: 0000000000000008 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 1bf38067 P4D 1bf38067 PUD 1bf39067 PMD 0 Oops: 0000 [#1] PREEMPT SMP KASAN CPU: 0 PID: 8697 Comm: kworker/0:3 Not tainted 5.10.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events free_ipc RIP: 0010:kasan_record_aux_stack+0x77/0xb0 mm/kasan/generic.c:341 Code: 48 f7 fe 8b 47 24 49 89 f0 48 29 d3 8d 70 ff 41 0f af f0 48 01 ce 48 39 f3 48 0f 46 f3 e8 81 e9 ff ff bf 00 08 00 00 48 89 c3 <8b> 40 08 89 43 0c e8 2e e6 ff ff 89 43 08 5b c3 48 8b 50 08 48 c7 RSP: 0018:ffffc90001f27b30 EFLAGS: 00010046 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888044c00000 RDX: 0000000000000078 RSI: ffff888044c00000 RDI: 0000000000000800 RBP: ffffffff8334abf0 R08: 0000000000400000 R09: ffffffff8e62e887 R10: fffffbfff1cc5d10 R11: 0000000000000000 R12: 0000000000035b00 R13: ffffc90001f27c20 R14: ffff888044c000c8 R15: 0000000000000200 FS: 0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 000000001bce6000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __call_rcu kernel/rcu/tree.c:2965 [inline] call_rcu+0xbb/0x710 kernel/rcu/tree.c:3038 freeary+0x10b4/0x1870 ipc/sem.c:1188 free_ipcs+0x7a/0x140 ipc/namespace.c:112 sem_exit_ns+0x13/0x30 ipc/sem.c:260 free_ipc_ns ipc/namespace.c:124 [inline] free_ipc+0xbf/0x1a0 ipc/namespace.c:141 process_one_work+0x84c/0x13d0 kernel/workqueue.c:2275 worker_thread+0x598/0xf80 kernel/workqueue.c:2421 kthread+0x36f/0x450 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 Modules linked in: CR2: 0000000000000008 ---[ end trace 14d8209fcfd0a489 ]--- RIP: 0010:kasan_record_aux_stack+0x77/0xb0 mm/kasan/generic.c:341 Code: 48 f7 fe 8b 47 24 49 89 f0 48 29 d3 8d 70 ff 41 0f af f0 48 01 ce 48 39 f3 48 0f 46 f3 e8 81 e9 ff ff bf 00 08 00 00 48 89 c3 <8b> 40 08 89 43 0c e8 2e e6 ff ff 89 43 08 5b c3 48 8b 50 08 48 c7 RSP: 0018:ffffc90001f27b30 EFLAGS: 00010046 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888044c00000 RDX: 0000000000000078 RSI: ffff888044c00000 RDI: 0000000000000800 RBP: ffffffff8334abf0 R08: 0000000000400000 R09: ffffffff8e62e887 R10: fffffbfff1cc5d10 R11: 0000000000000000 R12: 0000000000035b00 R13: ffffc90001f27c20 R14: ffff888044c000c8 R15: 0000000000000200 FS: 0000000000000000(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 000000001bce6000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400