ci starts bisection 2025-01-20 11:18:39.872782806 +0000 UTC m=+207456.204884020 bisecting cause commit starting from 9528d418de4d83c7ada69314ddd8d4427b1f703a building syzkaller on f2cb035c8f931efff4a020b164e657f16f51934b ensuring issue is reproducible on original commit 9528d418de4d83c7ada69314ddd8d4427b1f703a testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 541a35bc78d425f603c74869639413609c61e5206d7ff366735f4b3dc59384c0 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] check whether we can drop unnecessary instrumentation disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e21198628d5a174dfbb15871ad8934334a9ac048909f6b45e208372a96844e64 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] the bug reproduces without the instrumentation disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed kconfig minimization: base=4046 full=8242 leaves diff=2121 split chunks (needed=false): <2121> split chunk #0 of len 2121 into 5 parts testing without sub-chunk 1/5 disabling configs for [BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK UBSAN], they are not needed testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 99a63c129ce2ab1791eae17657122977b716c6e17412a82b29880c7e7247cc55 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [ATOMIC_SLEEP HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 failed building 9528d418de4d83c7ada69314ddd8d4427b1f703a: drivers/gpu/drm/bridge/aux-bridge.c:116: undefined reference to `devm_drm_of_get_bridge' testing without sub-chunk 3/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP], they are not needed testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 10eaaccfff65da179bc1bcf06c829a133213b4372e1ea08d1136cd6b3f0d41bd all runs: OK false negative chance: 0.000 testing without sub-chunk 4/5 disabling configs for [UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f13c9336451055374c3f7440d49dd2949535b4d8ded405f177af7a630f6d294d all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed testing commit 9528d418de4d83c7ada69314ddd8d4427b1f703a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: fe72140065fd451440db3e396e8f7088e5bf9beec211f6d03b21cf9cd832e5e1 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] the chunk can be dropped minimized to 850 configs; suspects: [6LOWPAN ARCH_ENABLE_MEMORY_HOTREMOVE ASUS_WMI AX25 BRIDGE BRIDGE_NETFILTER CAN CFG80211 CHARGER_BQ24190 CHECKPOINT_RESTORE CMA COMMON_CLK DAX DLM DRM DRM_BRIDGE DRM_MIPI_DSI DRM_PANEL DRM_PANEL_BRIDGE DRM_PANEL_EDP DRM_PANEL_ORIENTATION_QUIRKS DRM_SIMPLEDRM DRM_TTM DRM_TTM_HELPER DRM_UDL DRM_VGEM DRM_VIRTIO_GPU DRM_VIRTIO_GPU_KMS DRM_VKMS DRM_VMWGFX DUMMY DVB_AF9013 DVB_AF9033 DVB_AS102 DVB_AS102_FE DVB_B2C2_FLEXCOP DVB_B2C2_FLEXCOP_USB DVB_CORE DVB_DIB3000MB DVB_DIB3000MC DVB_EC100 DVB_GP8PSK_FE DVB_RTL2830 DVB_RTL2832 DVB_RTL2832_SDR DVB_TEST_DRIVERS DVB_TTUSB_BUDGET DVB_TTUSB_DEC DVB_USB DVB_USB_A800 DVB_USB_AF9005 DVB_USB_AF9005_REMOTE DVB_USB_AF9015 DVB_USB_AF9035 DVB_USB_ANYSEE DVB_USB_AU6610 DVB_USB_AZ6007 DVB_USB_AZ6027 DVB_USB_CE6230 DVB_USB_CINERGY_T2 DVB_USB_CXUSB DVB_USB_CXUSB_ANALOG DVB_USB_DIB0700 DVB_USB_DIB3000MC DVB_USB_DIBUSB_MB DVB_USB_DIBUSB_MC DVB_USB_DIGITV DVB_USB_DTT200U DVB_USB_DTV5100 DVB_USB_DVBSKY DVB_USB_DW2102 DVB_USB_EC168 DVB_USB_GL861 DVB_USB_GP8PSK DVB_USB_LME2510 DVB_USB_M920X DVB_USB_MXL111SF DVB_USB_NOVA_T_USB2 DVB_USB_OPERA1 DVB_USB_PCTV452E DVB_USB_RTL28XXU DVB_USB_TECHNISAT_USB2 DVB_USB_TTUSB2 DVB_USB_UMT_010 DVB_USB_V2 DVB_USB_VP702X DVB_USB_VP7045 DVB_USB_ZD1301 DVB_VIDTV DVB_ZL10353 ECRYPT_FS ECRYPT_FS_MESSAGING EDAC EEPROM_93CX6 EFS_FS ENCRYPTED_KEYS EQUALIZER EROFS_FS EROFS_FS_BACKED_BY_FILE EROFS_FS_POSIX_ACL EROFS_FS_SECURITY EROFS_FS_XATTR EROFS_FS_ZIP EVM EVM_ADD_XATTRS EVM_ATTR_FSUUID EXFAT_FS EXPORTFS_BLOCK_OPS EXT3_FS EXT3_FS_POSIX_ACL EXT3_FS_SECURITY EXTCON EXTCON_INTEL_CHT_WC EXTCON_PTN5150 EXTCON_USBC_TUSB320 F2FS_CHECK_FS F2FS_FAULT_INJECTION F2FS_FS F2FS_FS_COMPRESSION F2FS_FS_LZ4 F2FS_FS_LZ4HC F2FS_FS_LZO F2FS_FS_LZORLE F2FS_FS_POSIX_ACL F2FS_FS_SECURITY F2FS_FS_XATTR F2FS_FS_ZSTD F2FS_STAT_FS FANOTIFY FANOTIFY_ACCESS_PERMISSIONS FB FB_CFB_COPYAREA FB_CFB_FILLRECT FB_CFB_IMAGEBLIT FB_CORE FB_DEFERRED_IO FB_DEVICE FB_IOMEM_FOPS FB_IOMEM_HELPERS FB_NOTIFY FB_SYSMEM_FOPS FB_SYSMEM_HELPERS FB_SYSMEM_HELPERS_DEFERRED FB_SYS_COPYAREA FB_SYS_FILLRECT FB_SYS_IMAGEBLIT FB_TILEBLITTING FB_VESA FB_VGA16 FB_VIRTUAL FDDI FIREWIRE FIREWIRE_NET FIREWIRE_OHCI FIREWIRE_SBP2 FONT_8x16 FONT_8x8 FONT_SUPPORT FRAMEBUFFER_CONSOLE FRAMEBUFFER_CONSOLE_DETECT_PRIMARY FRAMEBUFFER_CONSOLE_ROTATION FS_DAX FS_DAX_PMD FS_ENCRYPTION FS_ENCRYPTION_ALGS FS_STACK FS_VERITY FS_VERITY_BUILTIN_SIGNATURES FTL FUSE_DAX FUSE_FS FW_LOADER_COMPRESS FW_LOADER_PAGED_BUF FW_LOADER_SYSFS FW_LOADER_USER_HELPER FW_LOADER_USER_HELPER_FALLBACK GACT_PROB GARP GENERIC_PHY GET_FREE_REGION GFS2_FS GFS2_FS_LOCKING_DLM GNSS GNSS_USB GOOGLE_COREBOOT_TABLE GOOGLE_FIRMWARE GOOGLE_MEMCONSOLE GOOGLE_MEMCONSOLE_COREBOOT GOOGLE_VPD GPIOLIB GPIOLIB_IRQCHIP GPIO_ACPI GPIO_DLN2 GPIO_LJCA GPIO_VIPERBOARD GREENASIA_FF GREYBUS GREYBUS_BRIDGED_PHY GREYBUS_ES2 GREYBUS_HID GREYBUS_USB GROUP_SCHED_WEIGHT GTP GUEST_PERF_EVENTS GVE HAMRADIO HAVE_ARCH_NODE_DEV_GROUP HAVE_ARCH_USERFAULTFD_MINOR HAVE_ARCH_USERFAULTFD_WP HAVE_BOOTMEM_INFO_NODE HAVE_CLK_PREPARE HAVE_KVM_CPU_RELAX_INTERCEPT HAVE_KVM_DIRTY_RING HAVE_KVM_DIRTY_RING_ACQ_REL HAVE_KVM_DIRTY_RING_TSO HAVE_KVM_IRQCHIP HAVE_KVM_IRQ_BYPASS HAVE_KVM_IRQ_ROUTING HAVE_KVM_MSI HAVE_KVM_NO_POLL HAVE_KVM_PFNCACHE HAVE_KVM_PM_NOTIFIER HAVE_KVM_READONLY_MEM HAVE_SCHED_AVG_IRQ HDLC HDLC_CISCO HDLC_FR HDLC_PPP HDLC_RAW HDLC_RAW_ETH HDLC_X25 HDMI HFSPLUS_FS HFS_FS HID_ACCUTOUCH HID_ACRUX HID_ACRUX_FF HID_ALPS HID_APPLEIR HID_ASUS HID_AUREAL HID_BATTERY_STRENGTH HID_BETOP_FF HID_BIGBEN_FF HID_CMEDIA HID_CORSAIR HID_COUGAR HID_CP2112 HID_CREATIVE_SB0540 HID_ELAN HID_ELECOM HID_ELO HID_EMS_FF HID_EVISION HID_FT260 HID_GEMBIRD HID_GFRM HID_GLORIOUS HID_GOOGLE_STADIA_FF HID_GREENASIA HID_GT683R HID_HOLTEK HID_ICADE HID_JABRA HID_KEYTOUCH HID_KYE HID_LCPOWER HID_LED HID_LENOVO HID_LETSKETCH HID_LOGITECH_DJ HID_LOGITECH_HIDPP HID_MACALLY HID_MAGICMOUSE HID_MALTRON HID_MAYFLASH HID_MCP2200 HID_MCP2221 HID_MEGAWORLD_FF HID_MULTITOUCH HID_NINTENDO HID_NTI HID_ORTEK HID_PENMOUNT HID_PICOLCD HID_PICOLCD_BACKLIGHT HID_PICOLCD_CIR HID_PICOLCD_FB HID_PICOLCD_LCD HID_PICOLCD_LEDS HID_PLANTRONICS HID_PRIMAX HID_PRODIKEYS HID_PXRC HID_RAZER HID_RETRODE HID_RMI HID_ROCCAT HID_SAITEK HID_SEMITEK HID_SENSOR_ACCEL_3D HID_SENSOR_ALS HID_SENSOR_CUSTOM_INTEL_HINGE HID_SENSOR_CUSTOM_SENSOR HID_SENSOR_DEVICE_ROTATION HID_SENSOR_GYRO_3D HID_SENSOR_HUB HID_SENSOR_HUMIDITY HID_SENSOR_IIO_COMMON HID_SENSOR_IIO_TRIGGER HID_SENSOR_INCLINOMETER_3D HID_SENSOR_MAGNETOMETER_3D HID_SENSOR_PRESS HID_SENSOR_PROX HID_SENSOR_TEMP HID_SIGMAMICRO HID_SPEEDLINK HID_STEELSERIES HID_THINGM HID_TIVO HID_TOPRE HID_TWINHAN HID_U2FZERO HID_UCLOGIC HID_UDRAW_PS3 HID_VIEWSONIC HID_VIVALDI HID_VIVALDI_COMMON HID_VRC2 HID_WACOM HID_WALTOP HID_WIIMOTE HID_XIAOMI HID_XINMO HID_ZYDACRON HMM_MIRROR HOLTEK_FF HOTPLUG_PCI_PCIE HPET_MMAP HPET_MMAP_DEFAULT HPFS_FS HSR I2C_ALGOBIT I2C_CHARDEV I2C_CP2615 I2C_DESIGNWARE_CORE I2C_DESIGNWARE_PLATFORM I2C_DIOLAN_U2C I2C_DLN2 I2C_HID_ACPI I2C_HID_CORE I2C_HID_OF I2C_LJCA I2C_MUX I2C_MUX_REG I2C_ROBOTFUZZ_OSIF I2C_SI4713 I2C_SLAVE I2C_SLAVE_EEPROM I2C_TINY_USB I2C_VIPERBOARD IEEE802154 IEEE802154_6LOWPAN IEEE802154_ATUSB IEEE802154_DRIVERS IEEE802154_HWSIM IEEE802154_NL802154_EXPERIMENTAL IEEE802154_SOCKET IFB IIO IIO_BUFFER IIO_KFIFO_BUF IIO_TRIGGER IIO_TRIGGERED_BUFFER IKCONFIG IKCONFIG_PROC IMA IMA_APPRAISE IMA_APPRAISE_MODSIG IMA_DEFAULT_HASH_SHA256 IMA_LSM_RULES IMA_MEASURE_ASYMMETRIC_KEYS IMA_NG_TEMPLATE IMA_QUEUE_EARLY_BOOT_KEYS IMA_READ_POLICY IMA_WRITE_POLICY INET6_ESPINTCP INET6_ESP_OFFLOAD INET6_IPCOMP INET6_TUNNEL INET6_XFRM_TUNNEL INET_AH INET_DCCP_DIAG INET_DIAG INET_DIAG_DESTROY INET_ESP INET_ESPINTCP INET_ESP_OFFLOAD INET_IPCOMP INET_MPTCP_DIAG INET_RAW_DIAG INET_SCTP_DIAG INET_TCP_DIAG INET_UDP_DIAG INET_XFRM_TUNNEL INFINIBAND INFINIBAND_ADDR_TRANS INFINIBAND_ADDR_TRANS_CONFIGFS INFINIBAND_IPOIB INFINIBAND_IPOIB_CM INFINIBAND_IPOIB_DEBUG INFINIBAND_ISER INFINIBAND_ON_DEMAND_PAGING INFINIBAND_RTRS INFINIBAND_SRP INFINIBAND_USER_ACCESS INFINIBAND_USER_MAD INFINIBAND_USER_MEM INPUT_ATI_REMOTE2 INPUT_CM109 INPUT_IMS_PCU INPUT_JOYDEV INPUT_JOYSTICK INPUT_KEYSPAN_REMOTE INPUT_LEDS INPUT_MOUSE INPUT_MOUSEDEV INPUT_MOUSEDEV_PSAUX INPUT_POWERMATE INPUT_UINPUT INPUT_YEALINK INTEGRITY INTEGRITY_ASYMMETRIC_KEYS INTEGRITY_AUDIT INTEGRITY_SIGNATURE INTEGRITY_TRUSTED_KEYRING INTEL_CHTWC_INT33FE INTEL_IDMA64 INTEL_IOATDMA INTEL_IOMMU_DEFAULT_ON INTEL_IOMMU_SVM INTEL_ISHTP_ECLITE INTEL_ISH_FIRMWARE_DOWNLOADER INTEL_ISH_HID INTEL_SOC_PMIC_CHTWC INTERVAL_TREE_SPAN_ITER IOMMUFD IOMMUFD_DRIVER IOMMUFD_DRIVER_CORE IOMMUFD_TEST IP6_NF_MATCH_AH IP6_NF_MATCH_EUI64 IP6_NF_MATCH_FRAG IP6_NF_MATCH_HL IP6_NF_MATCH_MH IP6_NF_MATCH_OPTS IP6_NF_MATCH_RPFILTER IP6_NF_MATCH_RT IP6_NF_MATCH_SRH IP6_NF_NAT IP6_NF_RAW IP6_NF_SECURITY IP6_NF_TARGET_HL IP6_NF_TARGET_MASQUERADE IP6_NF_TARGET_NPT IP6_NF_TARGET_SYNPROXY IPV6_FOU IPV6_FOU_TUNNEL IPV6_GRE IPV6_ILA IPV6_MIP6 IPV6_MROUTE IPV6_MROUTE_MULTIPLE_TABLES IPV6_MULTIPLE_TABLES IPV6_OPTIMISTIC_DAD IPV6_PIMSM_V2 IPV6_ROUTER_PREF IPV6_ROUTE_INFO IPV6_RPL_LWTUNNEL IPV6_SEG6_BPF IPV6_SEG6_HMAC IPV6_SEG6_LWTUNNEL IPV6_SIT_6RD IPV6_SUBTREES IPV6_TUNNEL IPV6_VTI IPVLAN IPVLAN_L3S IPVTAP IP_DCCP IP_DCCP_CCID3 IP_DCCP_TFRC_LIB IP_FIB_TRIE_STATS IP_MROUTE_MULTIPLE_TABLES IP_NF_ARPFILTER IP_NF_ARPTABLES IP_NF_ARP_MANGLE IP_NF_MATCH_AH IP_NF_MATCH_ECN IP_NF_MATCH_RPFILTER IP_NF_MATCH_TTL IP_NF_RAW IP_NF_SECURITY IP_NF_TARGET_ECN IP_NF_TARGET_NETMAP IP_NF_TARGET_REDIRECT IP_NF_TARGET_SYNPROXY IP_NF_TARGET_TTL IP_ROUTE_CLASSID IP_SCTP IP_SET IP_SET_BITMAP_IP IP_SET_BITMAP_IPMAC IP_SET_BITMAP_PORT IP_SET_HASH_IP IP_SET_HASH_IPMAC IP_SET_HASH_IPMARK IP_SET_HASH_IPPORT IP_SET_HASH_IPPORTIP IP_SET_HASH_IPPORTNET IP_SET_HASH_MAC IP_SET_HASH_NET IP_SET_HASH_NETIFACE IP_SET_HASH_NETNET IP_SET_HASH_NETPORT IP_SET_HASH_NETPORTNET IP_SET_LIST_SET IP_VS IP_VS_DH IP_VS_FO IP_VS_FTP IP_VS_IPV6 IP_VS_LBLC IP_VS_LBLCR IP_VS_LC IP_VS_MH IP_VS_NFCT IP_VS_NQ IP_VS_OVF IP_VS_PE_SIP IP_VS_PROTO_AH IP_VS_PROTO_AH_ESP IP_VS_PROTO_ESP IP_VS_PROTO_SCTP IP_VS_PROTO_TCP IP_VS_PROTO_UDP IP_VS_RR IP_VS_SED IP_VS_SH IP_VS_TWOS IP_VS_WLC IP_VS_WRR IRQ_BYPASS_MANAGER IRQ_POLL IRQ_TIME_ACCOUNTING IR_IGORPLUGUSB IR_IGUANA IR_IMON IR_IMON_RAW IR_MCEUSB IR_REDRAT3 IR_STREAMZAP IR_TOY IR_TTUSBIR ISDN ISDN_CAPI JFFS2_CMODE_PRIORITY JFFS2_COMPRESSION_OPTIONS JFFS2_FS JFFS2_FS_POSIX_ACL JFFS2_FS_SECURITY JFFS2_FS_WRITEBUFFER JFFS2_FS_XATTR JFFS2_LZO JFFS2_RTIME JFFS2_RUBIN JFFS2_SUMMARY JFFS2_ZLIB JFS_DEBUG JFS_FS JFS_POSIX_ACL JFS_SECURITY JOYSTICK_IFORCE JOYSTICK_IFORCE_USB JOYSTICK_PXRC JOYSTICK_XPAD JOYSTICK_XPAD_FF JOYSTICK_XPAD_LEDS KARMA_PARTITION KCOV KCOV_ENABLE_COMPARISONS KCOV_INSTRUMENT_ALL KEYS_REQUEST_CACHE KEY_DH_OPERATIONS KEY_NOTIFICATIONS KSM KVM KVM_AMD KVM_ASYNC_PF KVM_COMMON KVM_COMPAT KVM_ELIDE_TLB_FLUSH_IF_YOUNG KVM_GENERIC_DIRTYLOG_READ_PROTECT KVM_GENERIC_HARDWARE_ENABLING KVM_GENERIC_MEMORY_ATTRIBUTES KVM_GENERIC_MMU_NOTIFIER KVM_GENERIC_PRE_FAULT_MEMORY KVM_GENERIC_PRIVATE_MEM KVM_HYPERV KVM_MMIO KVM_PRIVATE_MEM KVM_PROVE_MMU KVM_SW_PROTECTED_VM KVM_VFIO KVM_X86 KVM_XEN KVM_XFER_TO_GUEST_WORK L2TP L2TP_ETH L2TP_IP L2TP_V3 LAPB LAPBETHER LCD_CLASS_DEVICE LDM_PARTITION LEGACY_PTYS LIBCRC32C LIBNVDIMM LINEAR_RANGES LLC LLC2 LOGIG940_FF LOGIRUMBLEPAD2_FF LOGO LOGO_LINUX_MONO LOGO_LINUX_VGA16 LPC_ICH LWTUNNEL LWTUNNEL_BPF LZ4HC_COMPRESS LZ4_COMPRESS MAC80211 MAC80211_HAS_RC MAC80211_HWSIM MAC80211_MESH MAC80211_RC_DEFAULT_MINSTREL MAC80211_RC_MINSTREL MAC802154 MACSEC MACVLAN MACVTAP MAC_PARTITION MAPPING_DIRTY_HELPERS MDIO_MVUSB MD_RAID0 MD_RAID1 MD_RAID10 MD_RAID456 MEDIA_ANALOG_TV_SUPPORT MEDIA_ATTACH MEDIA_CONTROLLER MEDIA_CONTROLLER_DVB MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_SDR_SUPPORT MEDIA_SUPPORT MEDIA_SUPPORT_FILTER MEDIA_TEST_SUPPORT MEDIA_TUNER MEDIA_TUNER_MSI001 MEDIA_USB_SUPPORT MEMORY_BALLOON MEMORY_HOTPLUG MEMORY_HOTPLUG_DEFAULT_ONLINE MEMORY_HOTREMOVE MEMORY_ISOLATION MEMREGION MEMSTICK MEMSTICK_REALTEK_USB MEM_SOFT_DIRTY MFD_CORE MFD_DLN2 MFD_SYSCON MFD_VIPERBOARD MHI_BUS MHI_WWAN_CTRL MHP_MEMMAP_ON_MEMORY MICROCHIP_PHY MINIX_FS MINIX_SUBPARTITION MIN_HEAP MISC_RTSX MISC_RTSX_USB MISDN MISDN_DSP MISDN_HFCUSB MISDN_L1OIP MKISS MLX4_CORE MLX4_INFINIBAND MMC MMC_REALTEK_USB MMC_USHC MMC_VUB300 MODULE_SRCVERSION_ALL MODVERSIONS MOST MOST_USB_HDM MOUSE_APPLETOUCH MOUSE_BCM5974 MOUSE_PS2 MOUSE_PS2_ALPS MOUSE_PS2_BYD MOUSE_PS2_CYPRESS MOUSE_PS2_FOCALTECH MOUSE_PS2_LIFEBOOK MOUSE_PS2_LOGIPS2PP MOUSE_PS2_SMBUS MOUSE_PS2_SYNAPTICS MOUSE_PS2_SYNAPTICS_SMBUS MOUSE_PS2_TRACKPOINT MOUSE_SYNAPTICS_USB MPLS MPLS_IPTUNNEL MPLS_ROUTING MPTCP MPTCP_IPV6 MRP MTD MTD_BLKDEVS MTD_BLOCK MTD_BLOCK2MTD MTD_CFI_I1 MTD_CFI_I2 MTD_MAP_BANK_WIDTH_1 MTD_MAP_BANK_WIDTH_2 MTD_MAP_BANK_WIDTH_4 MTD_MTDRAM MTD_PHRAM MTD_SLRAM MUSB_PIO_ONLY ND_BTT ND_CLAIM ND_PFN NETDEVSIM NETFILTER_ADVANCED NETFILTER_BPF_LINK NETFILTER_FAMILY_ARP NETFILTER_FAMILY_BRIDGE NETFILTER_NETLINK_ACCT NETFILTER_NETLINK_GLUE_CT NETFILTER_NETLINK_OSF NETFILTER_NETLINK_QUEUE NETFILTER_SYNPROXY NETFILTER_XTABLES_COMPAT NETFILTER_XT_CONNMARK NETFILTER_XT_MATCH_BPF NETFILTER_XT_MATCH_CGROUP NETFILTER_XT_MATCH_CLUSTER NETFILTER_XT_MATCH_COMMENT NETFILTER_XT_MATCH_CONNBYTES NETFILTER_XT_MATCH_CONNLABEL NETFILTER_XT_MATCH_CONNLIMIT NETFILTER_XT_MATCH_CONNMARK NETFILTER_XT_MATCH_CPU NETFILTER_XT_MATCH_DCCP NETFILTER_XT_MATCH_DEVGROUP NETFILTER_XT_MATCH_DSCP NETFILTER_XT_MATCH_ECN NETFILTER_XT_MATCH_ESP NETFILTER_XT_MATCH_HASHLIMIT NETFILTER_XT_MATCH_HELPER NETFILTER_XT_MATCH_HL NETFILTER_XT_MATCH_IPCOMP NETFILTER_XT_MATCH_IPRANGE NETFILTER_XT_MATCH_IPVS NETFILTER_XT_MATCH_L2TP NETFILTER_XT_MATCH_LENGTH NETFILTER_XT_MATCH_LIMIT NETFILTER_XT_MATCH_MAC NETFILTER_XT_MATCH_MARK NETFILTER_XT_MATCH_MULTIPORT NETFILTER_XT_MATCH_NFACCT NETFILTER_XT_MATCH_OSF NETFILTER_XT_MATCH_OWNER NETFILTER_XT_MATCH_PHYSDEV NETFILTER_XT_MATCH_PKTTYPE NETFILTER_XT_MATCH_QUOTA NETFILTER_XT_MATCH_RATEEST NETFILTER_XT_MATCH_REALM NETFILTER_XT_MATCH_RECENT NETFILTER_XT_MATCH_SCTP NETFILTER_XT_MATCH_SOCKET NETFILTER_XT_MATCH_STATISTIC NETFILTER_XT_MATCH_STRING NETFILTER_XT_MATCH_TCPMSS NETFILTER_XT_MATCH_TIME NETFILTER_XT_MATCH_U32 NETFILTER_XT_SET NETFILTER_XT_TARGET_AUDIT NETFILTER_XT_TARGET_CHECKSUM NETFILTER_XT_TARGET_CLASSIFY NETFILTER_XT_TARGET_CONNMARK NETFILTER_XT_TARGET_CT NETFILTER_XT_TARGET_DSCP NETFILTER_XT_TARGET_HL NETFILTER_XT_TARGET_HMARK NETFILTER_XT_TARGET_IDLETIMER NETFILTER_XT_TARGET_LED NETFILTER_XT_TARGET_MARK NETFILTER_XT_TARGET_NETMAP NETFILTER_XT_TARGET_NFQUEUE NETFILTER_XT_TARGET_NOTRACK NETFILTER_XT_TARGET_RATEEST NETFILTER_XT_TARGET_REDIRECT NETFILTER_XT_TARGET_TCPOPTSTRIP NETFILTER_XT_TARGET_TEE NETFILTER_XT_TARGET_TPROXY NETFILTER_XT_TARGET_TRACE NETLABEL NETLINK_DIAG NETROM NET_9P_RDMA NET_ACT_BPF NET_ACT_CONNMARK NET_ACT_CSUM NET_ACT_CT NET_ACT_CTINFO NET_ACT_GACT NET_ACT_GATE NET_ACT_IFE NET_ACT_MIRRED NET_ACT_MPLS NET_ACT_NAT NET_ACT_PEDIT NET_ACT_POLICE NET_ACT_SAMPLE NET_ACT_SIMP NET_ACT_SKBEDIT NET_ACT_SKBMOD NET_ACT_TUNNEL_KEY NET_ACT_VLAN NET_CLS_BASIC NET_CLS_BPF NET_CLS_FLOW NET_CLS_FLOWER NET_CLS_FW NET_CLS_MATCHALL NET_CLS_ROUTE4 NET_DEVLINK NET_DEVMEM NET_DROP_MONITOR NET_DSA NET_DSA_TAG_BRCM NET_DSA_TAG_BRCM_COMMON NET_DSA_TAG_BRCM_PREPEND NET_DSA_TAG_MTK NET_DSA_TAG_QCA NET_DSA_TAG_RTL4_A NET_EMATCH_CANID NET_EMATCH_CMP NET_EMATCH_IPSET NET_EMATCH_IPT NET_EMATCH_META NET_EMATCH_NBYTE NET_EMATCH_TEXT NET_EMATCH_U32 NET_FC NET_FOU NET_FOU_IP_TUNNELS NET_IFE NET_IFE_SKBMARK NET_IFE_SKBPRIO NET_IFE_SKBTCINDEX NET_IPGRE NET_IPGRE_BROADCAST NET_IPGRE_DEMUX NET_IPIP NET_IPVTI NET_KEY NET_KEY_MIGRATE NET_L3_MASTER_DEV NET_MPLS_GSO NET_NCSI NET_NSH NET_REDIRECT NET_SCH_CAKE NET_SCH_CBS NET_SCH_CHOKE NET_SCH_CODEL NET_SCH_DRR NET_SCH_ETF NET_SCH_ETS NET_SCH_FQ NET_SCH_FQ_CODEL NET_SCH_FQ_PIE NET_SCH_GRED NET_SCH_HFSC NET_SCH_HHF NET_SCH_HTB NET_SCH_INGRESS NET_SCH_MQPRIO NET_SCH_MQPRIO_LIB NET_SCH_MULTIQ NET_SCH_NETEM NET_SCH_PIE NET_SCH_PLUG NET_SCH_PRIO NET_SCH_QFQ NET_SCH_RED NET_SCH_SFB NET_SCH_SFQ NET_SCH_SKBPRIO NET_SCH_TAPRIO NET_SCH_TBF NET_SCH_TEQL NET_SHAPER NET_SOCK_MSG NET_SWITCHDEV NET_TC_SKB_EXT NET_TEAM NET_TEAM_MODE_ACTIVEBACKUP NET_TEAM_MODE_BROADCAST NET_TEAM_MODE_LOADBALANCE NET_TEAM_MODE_RANDOM NET_TEAM_MODE_ROUNDROBIN NET_UDP_TUNNEL NET_VENDOR_HISILICON NET_VRF NFC NFC_DIGITAL NFC_FDP NFC_HCI NFC_MRVL NFC_MRVL_USB NFC_NCI NFC_NCI_UART NFC_PN533 NFC_PN533_USB NFC_PORT100 NFC_SHDLC NFC_SIM NFC_VIRTUAL_NCI NFSD NFSD_BLOCKLAYOUT NFSD_FLEXFILELAYOUT NFSD_PNFS NFSD_SCSILAYOUT NFSD_V3_ACL NFSD_V4 NFSD_V4_2_INTER_SSC NFSD_V4_SECURITY_LABEL NFS_FSCACHE NFS_V4_1 NFS_V4_2 NFS_V4_2_READ_PLUS NFS_V4_2_SSC_HELPER NFS_V4_SECURITY_LABEL NFT_BRIDGE_META NFT_BRIDGE_REJECT NFT_COMPAT NFT_COMPAT_ARP NFT_CONNLIMIT NFT_CT NFT_DUP_IPV4 NFT_DUP_IPV6 NFT_DUP_NETDEV NFT_FIB NFT_FIB_INET NFT_FIB_IPV4 NFT_FIB_IPV6 NFT_FIB_NETDEV NFT_FLOW_OFFLOAD NFT_FWD_NETDEV NFT_HASH NFT_LIMIT NFT_LOG NFT_MASQ NFT_NAT NFT_NUMGEN NFT_OSF NFT_QUEUE NFT_QUOTA NFT_REDIR NFT_REJECT NFT_REJECT_INET NFT_REJECT_IPV4 NFT_REJECT_IPV6 NFT_REJECT_NETDEV NFT_SOCKET NFT_SYNPROXY NFT_TPROXY NFT_TUNNEL NFT_XFRM NF_CONNTRACK_AMANDA NF_CONNTRACK_BRIDGE NF_CONNTRACK_BROADCAST NF_CONNTRACK_EVENTS NF_CONNTRACK_H323 NF_CONNTRACK_LABELS NF_CONNTRACK_MARK NF_CONNTRACK_NETBIOS_NS NF_CONNTRACK_OVS NF_CONNTRACK_PPTP NF_CONNTRACK_SANE NF_CONNTRACK_SNMP NF_CONNTRACK_TFTP NF_CONNTRACK_TIMEOUT NF_CONNTRACK_TIMESTAMP NF_CONNTRACK_ZONES NF_CT_NETLINK_HELPER NF_CT_NETLINK_TIMEOUT NF_CT_PROTO_DCCP NF_CT_PROTO_GRE NF_CT_PROTO_SCTP NF_CT_PROTO_UDPLITE NF_DUP_IPV4 NF_DUP_IPV6 NF_DUP_NETDEV NF_FLOW_TABLE NF_FLOW_TABLE_INET NF_NAT_AMANDA NF_NAT_H323 NF_NAT_OVS NF_NAT_PPTP NF_NAT_REDIRECT NF_NAT_SNMP_BASIC NF_NAT_TFTP NF_SOCKET_IPV4 NF_SOCKET_IPV6 NF_TABLES NF_TABLES_ARP NF_TABLES_BRIDGE NF_TABLES_INET NF_TABLES_IPV4 NF_TABLES_IPV6 NF_TABLES_NETDEV NF_TPROXY_IPV4 NF_TPROXY_IPV6 NILFS2_FS NINTENDO_FF NLMON NLS_CODEPAGE_1250 NLS_CODEPAGE_1251 NLS_CODEPAGE_737 NLS_CODEPAGE_775 NLS_CODEPAGE_850 PAGE_POOL PARTITION_ADVANCED PSAMPLE RADIO_ADAPTERS RADIO_SI4713 RAS RC_CORE RC_DEVICES REGULATOR RFKILL SND SOUND SPI STAGING TRANSPARENT_HUGEPAGE TYPEC TYPEC_MUX_PI3USB30532 USB_GADGET USB_LJCA USB_MUSB_HDRC USB_ROLES_INTEL_XHCI USB_ROLE_SWITCH VIDEO_DEV VIRTIO_FS WAN WATCH_QUEUE WIRELESS WLAN WWAN X25 X86_X32_ABI ZONE_DEVICE] disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP ATOMIC_SLEEP HANG], they are not needed picked [v6.12 v6.11 v6.10 v6.8 v6.6 v6.4 v6.2 v6.0 v5.17 v5.14 v5.11 v5.8 v5.5 v5.2 v4.20 v4.19] out of 35 release tags testing release v6.12 testing commit adc218676eef25575469234709c2d87185ca223a gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 591a50c6a40892eef437019a426f0609ec1a95cc07781f8e129cb7f3a56672d7 all runs: OK false negative chance: 0.000 # git bisect start 9528d418de4d83c7ada69314ddd8d4427b1f703a adc218676eef25575469234709c2d87185ca223a Bisecting: 6417 revisions left to test after this (roughly 13 steps) [28eb75e178d389d325f1666e422bc13bbbb9804c] Merge tag 'drm-next-2024-11-21' of https://gitlab.freedesktop.org/drm/kernel testing commit 28eb75e178d389d325f1666e422bc13bbbb9804c gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: dcf0614ae3ed3fd2a1cce49fd9f457fc7611f6c784960c381320583f806382c3 all runs: OK false negative chance: 0.000 # git bisect good 28eb75e178d389d325f1666e422bc13bbbb9804c Bisecting: 3249 revisions left to test after this (roughly 12 steps) [e33a6d83e1786d5e310ae746c67f5f4e2f93ba35] Merge tag 'usb-6.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb testing commit e33a6d83e1786d5e310ae746c67f5f4e2f93ba35 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 8d235c8602f34ea108bb349af7939ff897ec679bda21a829dc8c779f84e01aa4 all runs: OK false negative chance: 0.000 # git bisect good e33a6d83e1786d5e310ae746c67f5f4e2f93ba35 Bisecting: 1621 revisions left to test after this (roughly 11 steps) [553c89ec31746ff96fc5562943fe5b1c9b1e9276] Merge tag 'mm-hotfixes-stable-2024-12-07-22-39' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm testing commit 553c89ec31746ff96fc5562943fe5b1c9b1e9276 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 809ed0eab9a333a3eecd3bf66addfd1da70ad68b87a0e792438e6b36037d3d24 all runs: OK false negative chance: 0.000 # git bisect good 553c89ec31746ff96fc5562943fe5b1c9b1e9276 Bisecting: 812 revisions left to test after this (roughly 10 steps) [059dd502b263d8a4e2a84809cf1068d6a3905e6f] Merge tag 'block-6.13-20241228' of git://git.kernel.dk/linux testing commit 059dd502b263d8a4e2a84809cf1068d6a3905e6f gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f6462904e7a7b38da2ac75b2fb14e470f88802f16558107b1e06cc7044ba5d89 all runs: OK false negative chance: 0.000 # git bisect good 059dd502b263d8a4e2a84809cf1068d6a3905e6f Bisecting: 406 revisions left to test after this (roughly 9 steps) [a50da36562cd62b41de9bef08edbb3e8af00f118] netdev: avoid CFI problems with sock priv helpers testing commit a50da36562cd62b41de9bef08edbb3e8af00f118 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f55d9d018896aec41b700ef70710a19e80882912411d4c8cd6c4ee52cf2b4027 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] # git bisect bad a50da36562cd62b41de9bef08edbb3e8af00f118 Bisecting: 201 revisions left to test after this (roughly 8 steps) [4460e45700e77b455b64b604c6acb5a2fd2fd66b] Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue testing commit 4460e45700e77b455b64b604c6acb5a2fd2fd66b gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 013244cce451e3b555bd488aacda596c22809649bdff73405819d3037b2ac57b all runs: OK false negative chance: 0.000 # git bisect good 4460e45700e77b455b64b604c6acb5a2fd2fd66b Bisecting: 100 revisions left to test after this (roughly 7 steps) [fbfd64d25c7af3b8695201ebc85efe90be28c5a3] Merge tag 'vfs-6.13-rc7.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs testing commit fbfd64d25c7af3b8695201ebc85efe90be28c5a3 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c726a79f408ba4c3fbe175ffc71a8124653eda4d02319a8b2b2fb9244614b1f5 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] # git bisect bad fbfd64d25c7af3b8695201ebc85efe90be28c5a3 Bisecting: 42 revisions left to test after this (roughly 6 steps) [5635d8bad221701188017a6087fbe25ab245c226] Merge tag 'mm-hotfixes-stable-2025-01-04-18-02' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm testing commit 5635d8bad221701188017a6087fbe25ab245c226 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: f714c3820b6d1a4251a3f5aa015f85c290fb4d9c0cee6b6cf0a6ed0b80f0735c all runs: OK false negative chance: 0.000 # git bisect good 5635d8bad221701188017a6087fbe25ab245c226 Bisecting: 21 revisions left to test after this (roughly 5 steps) [d0327c824338cdccad058723a31d038ecd553409] netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled testing commit d0327c824338cdccad058723a31d038ecd553409 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 1965b24873d1304ff55f5c1bd11f8e69670e8041bb36000a59f9cff469265b87 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] # git bisect bad d0327c824338cdccad058723a31d038ecd553409 Bisecting: 10 revisions left to test after this (roughly 3 steps) [2b2fc0be98a828cf33a88a28e9745e8599fb05cf] fs: fix missing declaration of init_files testing commit 2b2fc0be98a828cf33a88a28e9745e8599fb05cf gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 41c2b306a904c3091e3d8db01a416008013648db01ef6a85640a3754a9d6f03d all runs: OK false negative chance: 0.000 # git bisect good 2b2fc0be98a828cf33a88a28e9745e8599fb05cf Bisecting: 5 revisions left to test after this (roughly 3 steps) [86ad1a58f6a9453f49e06ef957a40a8dac00a13f] nfs: Fix oops in nfs_netfs_init_request() when copying to cache testing commit 86ad1a58f6a9453f49e06ef957a40a8dac00a13f gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 271b4a11078dd15f83254ae4aac87cb2b7ef89df376e8995998e88fae8f097b1 all runs: OK false negative chance: 0.000 # git bisect good 86ad1a58f6a9453f49e06ef957a40a8dac00a13f Bisecting: 2 revisions left to test after this (roughly 2 steps) [aa3956418985bda1f68313eadde3267921847978] netfs: Fix missing barriers by using clear_and_wake_up_bit() testing commit aa3956418985bda1f68313eadde3267921847978 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d524e7b4b7ceb8a7541ce89f219b0737a5b32f8d2c50168cc9980e295ab6049d all runs: OK false negative chance: 0.000 # git bisect good aa3956418985bda1f68313eadde3267921847978 Bisecting: 0 revisions left to test after this (roughly 1 step) [38cf8e945721ffe708fa675507465da7f4f2a9f7] netfs: Fix ceph copy to cache on write-begin testing commit 38cf8e945721ffe708fa675507465da7f4f2a9f7 gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 38846d23cbd1481fae37642aabb640fe1c081c8e6f1e53438014b5328a46b9f2 all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] # git bisect bad 38cf8e945721ffe708fa675507465da7f4f2a9f7 Bisecting: 0 revisions left to test after this (roughly 0 steps) [4acb665cf4f3e5436844f17ece0a8a55ce688c7b] netfs: Work around recursion by abandoning retry if nothing read testing commit 4acb665cf4f3e5436844f17ece0a8a55ce688c7b gcc compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: bc81401a12f9c7126f0a6a09b493b962b49c1a9466a58a6d6211cca45d5b632c all runs: crashed: BUG: stack guard page was hit in sys_openat representative crash: BUG: stack guard page was hit in sys_openat, types: [UNKNOWN] # git bisect bad 4acb665cf4f3e5436844f17ece0a8a55ce688c7b 4acb665cf4f3e5436844f17ece0a8a55ce688c7b is the first bad commit commit 4acb665cf4f3e5436844f17ece0a8a55ce688c7b Author: David Howells Date: Fri Dec 13 13:50:08 2024 +0000 netfs: Work around recursion by abandoning retry if nothing read syzkaller reported recursion with a loop of three calls (netfs_rreq_assess, netfs_retry_reads and netfs_rreq_terminated) hitting the limit of the stack during an unbuffered or direct I/O read. There are a number of issues: (1) There is no limit on the number of retries. (2) A subrequest is supposed to be abandoned if it does not transfer anything (NETFS_SREQ_NO_PROGRESS), but that isn't checked under all circumstances. (3) The actual root cause, which is this: if (atomic_dec_and_test(&rreq->nr_outstanding)) netfs_rreq_terminated(rreq, ...); When we do a retry, we bump the rreq->nr_outstanding counter to prevent the final cleanup phase running before we've finished dispatching the retries. The problem is if we hit 0, we have to do the cleanup phase - but we're in the cleanup phase and end up repeating the retry cycle, hence the recursion. Work around the problem by limiting the number of retries. This is based on Lizhi Xu's patch[1], and makes the following changes: (1) Replace NETFS_SREQ_NO_PROGRESS with NETFS_SREQ_MADE_PROGRESS and make the filesystem set it if it managed to read or write at least one byte of data. Clear this bit before issuing a subrequest. (2) Add a ->retry_count member to the subrequest and increment it any time we do a retry. (3) Remove the NETFS_SREQ_RETRYING flag as it is superfluous with ->retry_count. If the latter is non-zero, we're doing a retry. (4) Abandon a subrequest if retry_count is non-zero and we made no progress. (5) Use ->retry_count in both the write-side and the read-size. [?] Question: Should I set a hard limit on retry_count in both read and write? Say it hits 50, we always abandon it. The problem is that these changes only mitigate the issue. As long as it made at least one byte of progress, the recursion is still an issue. This patch mitigates the problem, but does not fix the underlying cause. I have patches that will do that, but it's an intrusive fix that's currently pending for the next merge window. The oops generated by KASAN looks something like: BUG: TASK stack guard page was hit at ffffc9000482ff48 (stack is ffffc90004830000..ffffc90004838000) Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN NOPTI ... RIP: 0010:mark_lock+0x25/0xc60 kernel/locking/lockdep.c:4686 ... mark_usage kernel/locking/lockdep.c:4646 [inline] __lock_acquire+0x906/0x3ce0 kernel/locking/lockdep.c:5156 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5825 local_lock_acquire include/linux/local_lock_internal.h:29 [inline] ___slab_alloc+0x123/0x1880 mm/slub.c:3695 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3908 __slab_alloc_node mm/slub.c:3961 [inline] slab_alloc_node mm/slub.c:4122 [inline] kmem_cache_alloc_noprof+0x2a7/0x2f0 mm/slub.c:4141 radix_tree_node_alloc.constprop.0+0x1e8/0x350 lib/radix-tree.c:253 idr_get_free+0x528/0xa40 lib/radix-tree.c:1506 idr_alloc_u32+0x191/0x2f0 lib/idr.c:46 idr_alloc+0xc1/0x130 lib/idr.c:87 p9_tag_alloc+0x394/0x870 net/9p/client.c:321 p9_client_prepare_req+0x19f/0x4d0 net/9p/client.c:644 p9_client_zc_rpc.constprop.0+0x105/0x880 net/9p/client.c:793 p9_client_read_once+0x443/0x820 net/9p/client.c:1570 p9_client_read+0x13f/0x1b0 net/9p/client.c:1534 v9fs_issue_read+0x115/0x310 fs/9p/vfs_addr.c:74 netfs_retry_read_subrequests fs/netfs/read_retry.c:60 [inline] netfs_retry_reads+0x153a/0x1d00 fs/netfs/read_retry.c:232 netfs_rreq_assess+0x5d3/0x870 fs/netfs/read_collect.c:371 netfs_rreq_terminated+0xe5/0x110 fs/netfs/read_collect.c:407 netfs_retry_reads+0x155e/0x1d00 fs/netfs/read_retry.c:235 netfs_rreq_assess+0x5d3/0x870 fs/netfs/read_collect.c:371 netfs_rreq_terminated+0xe5/0x110 fs/netfs/read_collect.c:407 netfs_retry_reads+0x155e/0x1d00 fs/netfs/read_retry.c:235 netfs_rreq_assess+0x5d3/0x870 fs/netfs/read_collect.c:371 ... netfs_rreq_terminated+0xe5/0x110 fs/netfs/read_collect.c:407 netfs_retry_reads+0x155e/0x1d00 fs/netfs/read_retry.c:235 netfs_rreq_assess+0x5d3/0x870 fs/netfs/read_collect.c:371 netfs_rreq_terminated+0xe5/0x110 fs/netfs/read_collect.c:407 netfs_retry_reads+0x155e/0x1d00 fs/netfs/read_retry.c:235 netfs_rreq_assess+0x5d3/0x870 fs/netfs/read_collect.c:371 netfs_rreq_terminated+0xe5/0x110 fs/netfs/read_collect.c:407 netfs_dispatch_unbuffered_reads fs/netfs/direct_read.c:103 [inline] netfs_unbuffered_read fs/netfs/direct_read.c:127 [inline] netfs_unbuffered_read_iter_locked+0x12f6/0x19b0 fs/netfs/direct_read.c:221 netfs_unbuffered_read_iter+0xc5/0x100 fs/netfs/direct_read.c:256 v9fs_file_read_iter+0xbf/0x100 fs/9p/vfs_file.c:361 do_iter_readv_writev+0x614/0x7f0 fs/read_write.c:832 vfs_readv+0x4cf/0x890 fs/read_write.c:1025 do_preadv fs/read_write.c:1142 [inline] __do_sys_preadv fs/read_write.c:1192 [inline] __se_sys_preadv fs/read_write.c:1187 [inline] __x64_sys_preadv+0x22d/0x310 fs/read_write.c:1187 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 Fixes: ee4cdf7ba857 ("netfs: Speed up buffered reading") Closes: https://syzkaller.appspot.com/bug?extid=1fc6f64c40a9d143cfb6 Signed-off-by: David Howells Link: https://lore.kernel.org/r/20241108034020.3695718-1-lizhi.xu@windriver.com/ [1] Link: https://lore.kernel.org/r/20241213135013.2964079-9-dhowells@redhat.com Tested-by: syzbot+885c03ad650731743489@syzkaller.appspotmail.com Suggested-by: Lizhi Xu cc: Dominique Martinet cc: Jeff Layton cc: v9fs@lists.linux.dev cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Reported-by: syzbot+885c03ad650731743489@syzkaller.appspotmail.com Signed-off-by: Christian Brauner fs/9p/vfs_addr.c | 6 +++++- fs/afs/write.c | 5 ++++- fs/netfs/read_collect.c | 15 +++++++++------ fs/netfs/read_retry.c | 6 ++++-- fs/netfs/write_collect.c | 5 ++--- fs/netfs/write_issue.c | 2 ++ fs/smb/client/cifssmb.c | 13 +++++++++---- fs/smb/client/smb2pdu.c | 9 ++++++--- include/linux/netfs.h | 6 +++--- 9 files changed, 44 insertions(+), 23 deletions(-) accumulated error probability: 0.00 culprit signature: bc81401a12f9c7126f0a6a09b493b962b49c1a9466a58a6d6211cca45d5b632c parent signature: d524e7b4b7ceb8a7541ce89f219b0737a5b32f8d2c50168cc9980e295ab6049d revisions tested: 21, total time: 4h58m38.074547109s (build: 2h24m18.458472336s, test: 2h17m14.831337184s) first bad commit: 4acb665cf4f3e5436844f17ece0a8a55ce688c7b netfs: Work around recursion by abandoning retry if nothing read recipients (to): ["brauner@kernel.org" "dhowells@redhat.com" "syzbot+885c03ad650731743489@syzkaller.appspotmail.com"] recipients (cc): [] crash: BUG: stack guard page was hit in sys_openat BUG: TASK stack guard page was hit at ffffc900022cfff8 (stack is ffffc900022d0000..ffffc900022d4000) Oops: stack guard page: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 UID: 0 PID: 5420 Comm: syz.2.16 Not tainted 6.13.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 RIP: 0010:__lock_acquire.constprop.0+0x6/0x570 kernel/locking/lockdep.c:5073 Code: 41 5f c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 <41> 54 55 53 48 83 ec 10 44 8b 15 bf 85 b5 03 65 48 8b 1d a3 92 df RSP: 0018:ffffc900022d0000 EFLAGS: 00010006 RAX: 0000000000000001 RBX: ffffffff84a373e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff84a373e0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000200 FS: 00007f4728f4b6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc900022cfff8 CR3: 0000000171536000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <#DF> lock_acquire kernel/locking/lockdep.c:5849 [inline] lock_acquire+0xac/0x190 kernel/locking/lockdep.c:5814 fs_reclaim_acquire mm/page_alloc.c:3868 [inline] fs_reclaim_acquire+0x63/0xd0 mm/page_alloc.c:3859 might_alloc include/linux/sched/mm.h:318 [inline] slab_pre_alloc_hook mm/slub.c:4055 [inline] slab_alloc_node mm/slub.c:4133 [inline] kmem_cache_alloc_noprof+0x4f/0x420 mm/slub.c:4160 p9_tag_alloc+0x4c/0x3e0 net/9p/client.c:281 p9_client_prepare_req+0x109/0x280 net/9p/client.c:644 p9_client_rpc+0xc5/0x710 net/9p/client.c:691 p9_client_read_once+0xdf/0x4e0 net/9p/client.c:1575 p9_client_read+0x94/0xc0 net/9p/client.c:1534 v9fs_issue_read+0x59/0x120 fs/9p/vfs_addr.c:76 netfs_retry_read_subrequests fs/netfs/read_retry.c:62 [inline] netfs_retry_reads+0xcb3/0xe40 fs/netfs/read_retry.c:234 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_retry_reads+0xd04/0xe40 fs/netfs/read_retry.c:237 netfs_rreq_assess+0x51b/0x5b0 fs/netfs/read_collect.c:372 netfs_rreq_terminated+0x9c/0xb0 fs/netfs/read_collect.c:407 netfs_dispatch_unbuffered_reads fs/netfs/direct_read.c:103 [inline] netfs_unbuffered_read fs/netfs/direct_read.c:127 [inline] netfs_unbuffered_read_iter_locked+0x9f6/0xbf0 fs/netfs/direct_read.c:221 netfs_unbuffered_read_iter+0x74/0xa0 fs/netfs/direct_read.c:256 v9fs_file_read_iter+0x64/0x80 fs/9p/vfs_file.c:361 __kernel_read+0x275/0x4d0 fs/read_write.c:523 integrity_kernel_read+0x2f/0x40 security/integrity/iint.c:28 ima_calc_file_hash_tfm+0x13c/0x1f0 security/integrity/ima/ima_crypto.c:480 ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline] ima_calc_file_hash+0xd4/0x240 security/integrity/ima/ima_crypto.c:568 ima_collect_measurement+0x483/0x4d0 security/integrity/ima/ima_api.c:293 process_measurement+0x99b/0x1290 security/integrity/ima/ima_main.c:372 ima_file_check+0x60/0x90 security/integrity/ima/ima_main.c:572 security_file_post_open+0x1b1/0x1e0 security/security.c:3121 do_open fs/namei.c:3830 [inline] path_openat+0x944/0x15d0 fs/namei.c:3987 do_filp_open+0xfe/0x1f0 fs/namei.c:4014 do_sys_openat2+0xf8/0x150 fs/open.c:1402 do_sys_open fs/open.c:1417 [inline] __do_sys_openat fs/open.c:1433 [inline] __se_sys_openat fs/open.c:1428 [inline] __x64_sys_openat+0xb3/0x100 fs/open.c:1428 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x6d/0x1a0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f4728185d29 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f4728f4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00007f4728375fa0 RCX: 00007f4728185d29 RDX: 0000000000020842 RSI: 000000002000c380 RDI: ffffffffffffff9c RBP: 00007f4728201b08 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f4728375fa0 R15: 00007fff0d9dad58 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__lock_acquire.constprop.0+0x6/0x570 kernel/locking/lockdep.c:5073 Code: 41 5f c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 <41> 54 55 53 48 83 ec 10 44 8b 15 bf 85 b5 03 65 48 8b 1d a3 92 df RSP: 0018:ffffc900022d0000 EFLAGS: 00010006 RAX: 0000000000000001 RBX: ffffffff84a373e0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff84a373e0 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000200 FS: 00007f4728f4b6c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffc900022cfff8 CR3: 0000000171536000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 41 5f pop %r15 2: c3 ret 3: cc int3 4: cc int3 5: cc int3 6: cc int3 7: 66 66 2e 0f 1f 84 00 data16 cs nopw 0x0(%rax,%rax,1) e: 00 00 00 00 12: 66 90 xchg %ax,%ax 14: 90 nop 15: 90 nop 16: 90 nop 17: 90 nop 18: 90 nop 19: 90 nop 1a: 90 nop 1b: 90 nop 1c: 90 nop 1d: 90 nop 1e: 90 nop 1f: 90 nop 20: 90 nop 21: 90 nop 22: 90 nop 23: 90 nop 24: 41 57 push %r15 26: 41 56 push %r14 28: 41 55 push %r13 * 2a: 41 54 push %r12 <-- trapping instruction 2c: 55 push %rbp 2d: 53 push %rbx 2e: 48 83 ec 10 sub $0x10,%rsp 32: 44 8b 15 bf 85 b5 03 mov 0x3b585bf(%rip),%r10d # 0x3b585f8 39: 65 gs 3a: 48 rex.W 3b: 8b .byte 0x8b 3c: 1d .byte 0x1d 3d: a3 .byte 0xa3 3e: 92 xchg %eax,%edx 3f: df .byte 0xdf