bisecting cause commit starting from 2fcd14d0f78090f57aecd7f424e2b0373cd631a7 building syzkaller on 8cac236e8c3741446e540b2fe0702086a4ae4c17 testing commit 2fcd14d0f78090f57aecd7f424e2b0373cd631a7 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: af01fd083f795d22d349a408b32d2d50925be35d6858d34e8a08e8bf020e1a65 run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: general protection fault in nf_tables_dump_tables run #2: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #3: crashed: general protection fault in nf_tables_dump_tables run #4: crashed: general protection fault in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #7: crashed: general protection fault in nf_tables_dump_tables run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: general protection fault in nf_tables_dump_tables run #10: crashed: general protection fault in nf_tables_dump_tables run #11: crashed: general protection fault in nf_tables_dump_tables run #12: crashed: general protection fault in nf_tables_dump_tables run #13: crashed: general protection fault in nf_tables_dump_tables run #14: crashed: general protection fault in nf_tables_dump_tables run #15: crashed: general protection fault in nf_tables_dump_tables run #16: crashed: general protection fault in nf_tables_dump_tables run #17: crashed: general protection fault in nf_tables_dump_tables run #18: crashed: general protection fault in nf_tables_dump_tables run #19: crashed: general protection fault in nf_tables_dump_tables testing release v5.14 testing commit 7d2a07b769330c34b4deabeed939325c77a7ec2f compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8c219514f33cf5f7e995cffb6643e798eb9f0e406da2dbcbb7423680d5a3f503 run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: general protection fault in nf_tables_dump_tables run #4: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #7: crashed: general protection fault in nf_tables_dump_tables run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info testing release v5.13 testing commit 62fb9874f5da54fdb243003b386128037319b219 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f0d89eb8f9d4c9864735171e2eb3e5feeaf7d26439e5a7bae1ef45fb8f9578ab run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: general protection fault in nf_tables_dump_tables run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: KASAN: use-after-free Read in nf_tables_dump_tables run #4: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #7: crashed: KASAN: use-after-free Read in nf_tables_dump_tables run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info testing release v5.12 testing commit 9f4ad9e425a1d3b6a34617b8ea226d56a119a717 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f3685dd148c0d7f62ec2c26b6ccd338a86cdce80e434ce6a225cc94922f0c2db run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: general protection fault in nf_tables_dump_tables run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #4: crashed: KASAN: use-after-free Read in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: general protection fault in nf_tables_dump_tables run #7: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: general protection fault in nf_tables_dump_tables testing release v5.11 testing commit f40ddce88593482919761f74910f42f4b84c004b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1f5c2551444cc5a9717d44acd7d59dea64de831f0ec6d140c76c393b1a8be7b9 all runs: OK # git bisect start 9f4ad9e425a1d3b6a34617b8ea226d56a119a717 f40ddce88593482919761f74910f42f4b84c004b Bisecting: 6798 revisions left to test after this (roughly 13 steps) [d99676af540c2dc829999928fb81c58c80a1dce4] Merge tag 'drm-next-2021-02-19' of git://anongit.freedesktop.org/drm/drm testing commit d99676af540c2dc829999928fb81c58c80a1dce4 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6f3d7c2a5333e4c522d981291137fd9131da31963a9eedd6165473c81a05a0d6 run #0: basic kernel testing failed: WARNING in kvm_wait run #1: crashed: general protection fault in nf_tables_dump_tables run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: general protection fault in nf_tables_dump_tables run #4: boot failed: WARNING in kvm_wait run #5: boot failed: WARNING in kvm_wait run #6: boot failed: WARNING in kvm_wait run #7: boot failed: WARNING in kvm_wait run #8: boot failed: WARNING in kvm_wait run #9: boot failed: WARNING in kvm_wait # git bisect bad d99676af540c2dc829999928fb81c58c80a1dce4 Bisecting: 3717 revisions left to test after this (roughly 12 steps) [f9d58de23152f2c16f326d7e014cfa2933b00304] Merge tag 'affs-for-5.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux testing commit f9d58de23152f2c16f326d7e014cfa2933b00304 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1c209b729132e5faaa9b418f3f9ff2c1e1c5f7bd858924daa5d216bdea8a8714 run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: general protection fault in nf_tables_dump_tables run #4: crashed: general protection fault in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: general protection fault in nf_tables_dump_tables run #7: crashed: general protection fault in nf_tables_dump_tables run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: KASAN: use-after-free Read in nla_put # git bisect bad f9d58de23152f2c16f326d7e014cfa2933b00304 Bisecting: 1819 revisions left to test after this (roughly 11 steps) [b8af417e4d93caeefb89bbfbd56ec95dedd8dab5] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next testing commit b8af417e4d93caeefb89bbfbd56ec95dedd8dab5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8ae29a79e0a71ee1a30f208a57f204e928f6b44b6cef8e42e6cf1146b40d8279 all runs: OK # git bisect good b8af417e4d93caeefb89bbfbd56ec95dedd8dab5 Bisecting: 948 revisions left to test after this (roughly 10 steps) [82851fce6107d5a3e66d95aee2ae68860a732703] Merge tag 'arm-dt-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit 82851fce6107d5a3e66d95aee2ae68860a732703 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2a173be1afcfe89497f5c6f6e4e38c264c1a9615cba1113466079989622ddf89 run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #4: crashed: general protection fault in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: general protection fault in nf_tables_dump_tables run #7: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: general protection fault in nf_tables_dump_tables # git bisect bad 82851fce6107d5a3e66d95aee2ae68860a732703 Bisecting: 431 revisions left to test after this (roughly 9 steps) [b7976dcf363be984b8a33242f8e6b3b196f9c329] Merge tag 'qcom-dts-for-5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into arm/dt testing commit b7976dcf363be984b8a33242f8e6b3b196f9c329 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: d952d16f217758f8ca8b7dd3a1f1b9074a8c55a8a10b138fa2a4f1977d6287ea all runs: OK # git bisect good b7976dcf363be984b8a33242f8e6b3b196f9c329 Bisecting: 189 revisions left to test after this (roughly 8 steps) [56bf6fc266ca14d2b9276c8a62e4ff6783bfe68b] Merge tag 'arm-defconfig-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit 56bf6fc266ca14d2b9276c8a62e4ff6783bfe68b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 2a173be1afcfe89497f5c6f6e4e38c264c1a9615cba1113466079989622ddf89 run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: general protection fault in nf_tables_dump_tables run #4: crashed: general protection fault in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: KASAN: use-after-free Read in nla_put run #7: crashed: general protection fault in nf_tables_dump_tables run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info # git bisect bad 56bf6fc266ca14d2b9276c8a62e4ff6783bfe68b Bisecting: 120 revisions left to test after this (roughly 7 steps) [797d3186544fcd5bfd7a03b9ef3e20c1db3802b8] ptp: ptp_clockmatrix: Add wait_for_sys_apll_dpll_lock. testing commit 797d3186544fcd5bfd7a03b9ef3e20c1db3802b8 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1c11c07851156214ce8aebdeb0ae33f97ef0ba10b5450ba16bb8ffe4cc5ebe27 all runs: crashed: general protection fault in nf_tables_dump_tables # git bisect bad 797d3186544fcd5bfd7a03b9ef3e20c1db3802b8 Bisecting: 61 revisions left to test after this (roughly 6 steps) [3af409ca278d4a8d50e91f9f7c4c33b175645cf3] net: enetc: fix destroyed phylink dereference during unbind testing commit 3af409ca278d4a8d50e91f9f7c4c33b175645cf3 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: db958d3c015f823553be2e4ca05e7331667dfc01f5e2b3cf1cb56eb3ffc98e4f all runs: OK # git bisect good 3af409ca278d4a8d50e91f9f7c4c33b175645cf3 Bisecting: 33 revisions left to test after this (roughly 5 steps) [18af77c50fede5b3fc22aa9f0a9b255a5c5285c9] drivers: net: xilinx_emaclite: remove arch limitation testing commit 18af77c50fede5b3fc22aa9f0a9b255a5c5285c9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f0408f0b69cae4858cf4dbf0868ac7d85c8c0c1a92701af654d82a4ee4e6a368 all runs: OK # git bisect good 18af77c50fede5b3fc22aa9f0a9b255a5c5285c9 Bisecting: 16 revisions left to test after this (roughly 4 steps) [c544fcb4cbae77f7c6106c5e12c39c7c52f4de00] Merge branch 'broadcom-next' testing commit c544fcb4cbae77f7c6106c5e12c39c7c52f4de00 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: ae9570a5b3631f7d9e70a131ab8d5aadd8dfd525699b23dbcee54a2e0d95f536 all runs: OK # git bisect good c544fcb4cbae77f7c6106c5e12c39c7c52f4de00 Bisecting: 7 revisions left to test after this (roughly 3 steps) [32511f8e498045a82f603454b21b34ad892a79c6] Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next testing commit 32511f8e498045a82f603454b21b34ad892a79c6 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1c11c07851156214ce8aebdeb0ae33f97ef0ba10b5450ba16bb8ffe4cc5ebe27 run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: general protection fault in nf_tables_dump_tables run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: general protection fault in nf_tables_dump_tables run #4: crashed: general protection fault in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: KASAN: use-after-free Read in nla_put run #7: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: general protection fault in nf_tables_dump_tables # git bisect bad 32511f8e498045a82f603454b21b34ad892a79c6 Bisecting: 4 revisions left to test after this (roughly 2 steps) [597565556581d59641c0be50acaae87f7391a91b] net: mscc: ocelot: select PACKING in the Kconfig testing commit 597565556581d59641c0be50acaae87f7391a91b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3ad360b58db98fe3a8964a17f7cf6e00c84733e3f46e21df978a2b199a149760 all runs: OK # git bisect good 597565556581d59641c0be50acaae87f7391a91b Bisecting: 2 revisions left to test after this (roughly 1 step) [00dfe9bebdf09c37827fb71db89c66a396f1a38c] netfilter: nftables: add helper function to release hooks of one single table testing commit 00dfe9bebdf09c37827fb71db89c66a396f1a38c compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c595e7190de34655f18e664dc4413b6fa90a49253e0f5d72feb3c4e506a0847e all runs: OK # git bisect good 00dfe9bebdf09c37827fb71db89c66a396f1a38c Bisecting: 1 revision left to test after this (roughly 1 step) [6001a930ce0378b62210d4f83583fc88a903d89d] netfilter: nftables: introduce table ownership testing commit 6001a930ce0378b62210d4f83583fc88a903d89d compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5f86e6297b9b3edc85c0a32efa941c8d36e28b451ed25394d920ff923712350a run #0: crashed: general protection fault in nf_tables_dump_tables run #1: crashed: general protection fault in nf_tables_dump_tables run #2: crashed: general protection fault in nf_tables_dump_tables run #3: crashed: general protection fault in nf_tables_dump_tables run #4: crashed: general protection fault in nf_tables_dump_tables run #5: crashed: general protection fault in nf_tables_dump_tables run #6: crashed: KASAN: use-after-free Read in nla_put run #7: crashed: KASAN: use-after-free Read in nf_tables_fill_table_info run #8: crashed: general protection fault in nf_tables_dump_tables run #9: crashed: general protection fault in nf_tables_dump_tables # git bisect bad 6001a930ce0378b62210d4f83583fc88a903d89d 6001a930ce0378b62210d4f83583fc88a903d89d is the first bad commit commit 6001a930ce0378b62210d4f83583fc88a903d89d Author: Pablo Neira Ayuso Date: Mon Feb 15 12:28:07 2021 +0100 netfilter: nftables: introduce table ownership A userspace daemon like firewalld might need to monitor for netlink updates to detect its ruleset removal by the (global) flush ruleset command to ensure ruleset persistency. This adds extra complexity from userspace and, for some little time, the firewall policy is not in place. This patch adds the NFT_TABLE_F_OWNER flag which allows a userspace program to own the table that creates in exclusivity. Tables that are owned... - can only be updated and removed by the owner, non-owners hit EPERM if they try to update it or remove it. - are destroyed when the owner closes the netlink socket or the process is gone (implicit netlink socket closure). - are skipped by the global flush ruleset command. - are listed in the global ruleset. The userspace process that sets on the NFT_TABLE_F_OWNER flag need to leave open the netlink socket. A new NFTA_TABLE_OWNER netlink attribute specifies the netlink port ID to identify the owner from userspace. This patch also updates error reporting when an unknown table flag is specified to change it from EINVAL to EOPNOTSUPP given that EINVAL is usually reserved to report for malformed netlink messages to userspace. Signed-off-by: Pablo Neira Ayuso include/net/netfilter/nf_tables.h | 6 ++ include/uapi/linux/netfilter/nf_tables.h | 5 + net/netfilter/nf_tables_api.c | 163 ++++++++++++++++++++++--------- 3 files changed, 128 insertions(+), 46 deletions(-) culprit signature: 5f86e6297b9b3edc85c0a32efa941c8d36e28b451ed25394d920ff923712350a parent signature: c595e7190de34655f18e664dc4413b6fa90a49253e0f5d72feb3c4e506a0847e revisions tested: 19, total time: 4h25m11.445309469s (build: 2h8m23.086663484s, test: 2h14m15.334183277s) first bad commit: 6001a930ce0378b62210d4f83583fc88a903d89d netfilter: nftables: introduce table ownership recipients (to): ["coreteam@netfilter.org" "davem@davemloft.net" "fw@strlen.de" "kadlec@netfilter.org" "kuba@kernel.org" "netdev@vger.kernel.org" "netfilter-devel@vger.kernel.org" "pablo@netfilter.org" "pablo@netfilter.org"] recipients (cc): ["linux-kernel@vger.kernel.org"] crash: general protection fault in nf_tables_dump_tables general protection fault, probably for non-canonical address 0xfbd59c0000000058: 0000 [#1] PREEMPT SMP KASAN KASAN: maybe wild-memory-access in range [0xdead0000000002c0-0xdead0000000002c7] CPU: 0 PID: 20072 Comm: syz-executor.2 Not tainted 5.11.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:nf_tables_dump_tables+0x204/0x6d0 net/netfilter/nf_tables_api.c:766 Code: 24 18 48 c1 e8 03 48 01 e8 48 89 44 24 20 4c 89 f8 4d 89 f7 49 89 c6 45 85 e4 74 3a 48 8d bb c4 01 00 00 48 89 f8 48 c1 e8 03 <0f> b6 14 28 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 4f RSP: 0018:ffffc90003227298 EFLAGS: 00010a03 RAX: 1bd5a00000000058 RBX: dead000000000100 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff88802ed8f584 RDI: dead0000000002c4 RBP: dffffc0000000000 R08: 0000000000000000 R09: ffff8880281ec043 R10: ffffed100503d808 R11: dffffc0000000000 R12: 0000000000000002 R13: 0000000000000001 R14: ffff88802ed8f540 R15: ffff88801eab1dc0 FS: 00007f894f0f2700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f4c2afa0de4 CR3: 000000003ea01000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: netlink_dump+0x41e/0xaa0 net/netlink/af_netlink.c:2276 __netlink_dump_start+0x570/0x810 net/netlink/af_netlink.c:2381 netlink_dump_start include/linux/netlink.h:262 [inline] nft_netlink_dump_start_rcu+0x61/0x120 net/netfilter/nf_tables_api.c:803 nf_tables_gettable+0x2c5/0x430 net/netfilter/nf_tables_api.c:829 nfnetlink_rcv_msg+0x424/0xc90 net/netfilter/nfnetlink.c:241 netlink_rcv_skb+0x118/0x370 net/netlink/af_netlink.c:2502 nfnetlink_rcv+0x143/0x340 net/netfilter/nfnetlink.c:600 netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline] netlink_unicast+0x42e/0x700 net/netlink/af_netlink.c:1338 netlink_sendmsg+0x70e/0xbe0 net/netlink/af_netlink.c:1927 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg+0xab/0xe0 net/socket.c:672 ____sys_sendmsg+0x5bf/0x7a0 net/socket.c:2345 ___sys_sendmsg+0xd3/0x150 net/socket.c:2399 __sys_sendmsg+0xb2/0x140 net/socket.c:2432 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7f894f97b709 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f894f0f2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f894fa7ff60 RCX: 00007f894f97b709 RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000004 RBP: 00007f894f9d5cb4 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffdf4f08baf R14: 00007f894f0f2300 R15: 0000000000022000 Modules linked in: ---[ end trace 1710f149f8d69378 ]--- RIP: 0010:nf_tables_dump_tables+0x204/0x6d0 net/netfilter/nf_tables_api.c:766 Code: 24 18 48 c1 e8 03 48 01 e8 48 89 44 24 20 4c 89 f8 4d 89 f7 49 89 c6 45 85 e4 74 3a 48 8d bb c4 01 00 00 48 89 f8 48 c1 e8 03 <0f> b6 14 28 48 89 f8 83 e0 07 83 c0 01 38 d0 7c 08 84 d2 0f 85 4f RSP: 0018:ffffc90003227298 EFLAGS: 00010a03 RAX: 1bd5a00000000058 RBX: dead000000000100 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff88802ed8f584 RDI: dead0000000002c4 RBP: dffffc0000000000 R08: 0000000000000000 R09: ffff8880281ec043 R10: ffffed100503d808 R11: dffffc0000000000 R12: 0000000000000002 R13: 0000000000000001 R14: ffff88802ed8f540 R15: ffff88801eab1dc0 FS: 00007f894f0f2700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc2241ed000 CR3: 000000003ea01000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 24 18 and $0x18,%al 2: 48 c1 e8 03 shr $0x3,%rax 6: 48 01 e8 add %rbp,%rax 9: 48 89 44 24 20 mov %rax,0x20(%rsp) e: 4c 89 f8 mov %r15,%rax 11: 4d 89 f7 mov %r14,%r15 14: 49 89 c6 mov %rax,%r14 17: 45 85 e4 test %r12d,%r12d 1a: 74 3a je 0x56 1c: 48 8d bb c4 01 00 00 lea 0x1c4(%rbx),%rdi 23: 48 89 f8 mov %rdi,%rax 26: 48 c1 e8 03 shr $0x3,%rax * 2a: 0f b6 14 28 movzbl (%rax,%rbp,1),%edx <-- trapping instruction 2e: 48 89 f8 mov %rdi,%rax 31: 83 e0 07 and $0x7,%eax 34: 83 c0 01 add $0x1,%eax 37: 38 d0 cmp %dl,%al 39: 7c 08 jl 0x43 3b: 84 d2 test %dl,%dl 3d: 0f .byte 0xf 3e: 85 .byte 0x85 3f: 4f rex.WRXB