Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Re: KASAN: slab-out-of-bounds Read in ntfs_attr_find
13 views
Skip to first unread message
syzbot
Aug 7, 2020, 11:42:06āÆPM8/7/20
to rkov...@gmail.com, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
KASAN: use-after-free Read in ntfs_attr_find
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
ntfs: (device loop4): is_boot_sector_ntfs(): Invalid end of sector marker.
==================================================================
BUG: KASAN: use-after-free in ntfs_attr_find+0x9b8/0xae0 fs/ntfs/attrib.c:599
Read of size 4 at addr ffff8881c76c4d35 by task syz-executor4/3747
ntfs: (device loop3): is_boot_sector_ntfs(): Invalid end of sector marker.
CPU: 0 PID: 3747 Comm: syz-executor4 Not tainted 5.8.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1a2/0x21e lib/dump_stack.c:118
print_address_description.constprop.0+0x21/0x1f0 mm/kasan/report.c:383
__kasan_report mm/kasan/report.c:513 [inline]
kasan_report.cold+0x20/0x37 mm/kasan/report.c:530
__asan_report_load_n_noabort+0xf/0x20 mm/kasan/generic_report.c:157
ntfs_attr_find+0x9b8/0xae0 fs/ntfs/attrib.c:599
ntfs_attr_lookup+0x118f/0x22e0 fs/ntfs/attrib.c:1189
ntfs_read_inode_mount+0x72d/0x22f0 fs/ntfs/inode.c:1833
ntfs_fill_super+0x1825/0x96a0 fs/ntfs/super.c:2857
mount_bdev+0x331/0x3f0 fs/super.c:1417
ntfs_mount+0x35/0x40 fs/ntfs/super.c:3051
legacy_get_tree+0x10c/0x220 fs/fs_context.c:592
vfs_get_tree+0x93/0x300 fs/super.c:1547
do_new_mount fs/namespace.c:2871 [inline]
path_mount+0x1439/0x21b0 fs/namespace.c:3188
do_mount fs/namespace.c:3201 [inline]
__do_sys_mount fs/namespace.c:3409 [inline]
__se_sys_mount fs/namespace.c:3386 [inline]
__x64_sys_mount+0x2b8/0x340 fs/namespace.c:3386
do_syscall_64+0x38/0x90 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x457e6a
Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 5d 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 3a 8f fb ff c3 66 0f 1f 84 00 00 00 00 00
RSP: 002b:00007f05b938dbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457e6a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f05b938dc00
RBP: 0000000000000002 R08: 000000002007e200 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 000000000000066c R14: 00000000006fcac0 R15: 0000000000000000
The buggy address belongs to the page:
page:0000000087dadc7a refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881c76c4a00 pfn:0x1c76c4
flags: 0x2fffc0000000000()
raw: 02fffc0000000000 dead000000000100 dead000000000122 0000000000000000
raw: ffff8881c76c4a00 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff8881c76c4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8881c76c4c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8881c76c4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
ffff8881c76c4d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8881c76c4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
Tested on:
commit: 049eb096 Merge tag 'pci-v5.9-changes' of git://git.kernel...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12c65584900000
kernel config: https://syzkaller.appspot.com/x/.config?x=e7f29c5367e70280
dashboard link: https://syzkaller.appspot.com/bug?extid=aed06913f36eff9b544e
compiler: gcc (GCC) 10.1.0-syz 20200507
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
KASAN: use-after-free Read in ntfs_attr_find
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
ntfs: (device loop4): is_boot_sector_ntfs(): Invalid end of sector marker.
==================================================================
BUG: KASAN: use-after-free in ntfs_attr_find+0x9b8/0xae0 fs/ntfs/attrib.c:599
Read of size 4 at addr ffff8881c76c4d35 by task syz-executor4/3747
ntfs: (device loop3): is_boot_sector_ntfs(): Invalid end of sector marker.
CPU: 0 PID: 3747 Comm: syz-executor4 Not tainted 5.8.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1a2/0x21e lib/dump_stack.c:118
print_address_description.constprop.0+0x21/0x1f0 mm/kasan/report.c:383
__kasan_report mm/kasan/report.c:513 [inline]
kasan_report.cold+0x20/0x37 mm/kasan/report.c:530
__asan_report_load_n_noabort+0xf/0x20 mm/kasan/generic_report.c:157
ntfs_attr_find+0x9b8/0xae0 fs/ntfs/attrib.c:599
ntfs_attr_lookup+0x118f/0x22e0 fs/ntfs/attrib.c:1189
ntfs_read_inode_mount+0x72d/0x22f0 fs/ntfs/inode.c:1833
ntfs_fill_super+0x1825/0x96a0 fs/ntfs/super.c:2857
mount_bdev+0x331/0x3f0 fs/super.c:1417
ntfs_mount+0x35/0x40 fs/ntfs/super.c:3051
legacy_get_tree+0x10c/0x220 fs/fs_context.c:592
vfs_get_tree+0x93/0x300 fs/super.c:1547
do_new_mount fs/namespace.c:2871 [inline]
path_mount+0x1439/0x21b0 fs/namespace.c:3188
do_mount fs/namespace.c:3201 [inline]
__do_sys_mount fs/namespace.c:3409 [inline]
__se_sys_mount fs/namespace.c:3386 [inline]
__x64_sys_mount+0x2b8/0x340 fs/namespace.c:3386
do_syscall_64+0x38/0x90 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x457e6a
Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 5d 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 3a 8f fb ff c3 66 0f 1f 84 00 00 00 00 00
RSP: 002b:00007f05b938dbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457e6a
RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f05b938dc00
RBP: 0000000000000002 R08: 000000002007e200 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 000000000000066c R14: 00000000006fcac0 R15: 0000000000000000
The buggy address belongs to the page:
page:0000000087dadc7a refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881c76c4a00 pfn:0x1c76c4
flags: 0x2fffc0000000000()
raw: 02fffc0000000000 dead000000000100 dead000000000122 0000000000000000
raw: ffff8881c76c4a00 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected
Memory state around the buggy address:
ffff8881c76c4c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8881c76c4c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8881c76c4d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
ffff8881c76c4d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8881c76c4e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
Tested on:
commit: 049eb096 Merge tag 'pci-v5.9-changes' of git://git.kernel...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12c65584900000
kernel config: https://syzkaller.appspot.com/x/.config?x=e7f29c5367e70280
dashboard link: https://syzkaller.appspot.com/bug?extid=aed06913f36eff9b544e
compiler: gcc (GCC) 10.1.0-syz 20200507
Rustam Kovhaev
Aug 22, 2020, 6:56:16āÆPM8/22/20
to syzbot, syzkall...@googlegroups.com
#syz test: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
syzbot
Aug 22, 2020, 7:12:09āÆPM8/22/20
to rkov...@gmail.com, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING: kernel stack regs has bad 'bp' value
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING: kernel stack regs at 00000000c78460cd in kworker/u4:0:15589 has bad 'bp' value 0000000000000000
unwind stack type:0 next_sp:0000000000000000 mask:0x6 graph_idx:0
0000000047036adc: ffff8881dae09ad8 (0xffff8881dae09ad8)
000000009f85920e: ffffffff812cc177 (arch_stack_walk+0x87/0xf0)
0000000071e428ae: 0000000000000000 ...
000000001b37c2cc: ffff8881c36a0000 (0xffff8881c36a0000)
0000000041f86c9c: ffff8881c36a8000 (0xffff8881c36a8000)
00000000b4faa615: 0000000000000000 ...
00000000a609708e: 0000000000000006 (0x6)
000000005d6b9a42: ffff8881c5aaa480 (0xffff8881c5aaa480)
00000000d3b87362: 0000010100000000 (0x10100000000)
00000000cb610916: 0000000000000000 ...
000000002f56d7f9: ffff8881dae09a40 (0xffff8881dae09a40)
00000000fd96c4e3: ffffffff810078ea (ret_from_fork+0x1a/0x30)
000000005635d59a: 0000000000000000 ...
00000000b66f2f2f: ffff8881c36a7ea8 (0xffff8881c36a7ea8)
00000000737c9807: 06475b8439dfdb00 (0x6475b8439dfdb00)
0000000099119c32: ffffed103b5c135d (0xffffed103b5c135d)
000000004aa02efd: 0000000000000800 (0x800)
000000007fd8c4c5: ffff8881d9db8000 (0xffff8881d9db8000)
0000000035448b71: ffffffff81b3724e (kmem_cache_free+0xe/0x20)
0000000034d6da8f: ffff8881dae09b70 (0xffff8881dae09b70)
0000000061a26ff9: ffffffff816408df (stack_trace_save+0x8f/0xc0)
00000000aa659b58: 0000000041b58ab3 (0x41b58ab3)
0000000041fbcb10: ffffffff8898e894 (MASK_YMM_LO+0x9434/0x12a00)
0000000028814122: ffffffff81640850 (stack_trace_consume_entry+0x170/0x170)
000000009d6de4e8: ffffffff815b10cc (__lock_acquire+0x17fc/0x5ad0)
00000000f62b26c6: ffff8881dae09b80 (0xffff8881dae09b80)
0000000081f2b662: 0000000000000040 (0x40)
00000000a8f8b931: 0000000000000011 (0x11)
000000002bc24ead: ffff8881c5aaad18 (0xffff8881c5aaad18)
00000000d1d213fb: ffff8881ffffffff (0xffff8881ffffffff)
000000003a45e37a: ffff8881c5aaad18 (0xffff8881c5aaad18)
00000000d531603d: fffffbff9366fca4 (0xfffffbff9366fca4)
00000000ce8288a5: ffff88816095c3d4 (0xffff88816095c3d4)
00000000e1b1d5f8: ffff8881f3fcc078 (0xffff8881f3fcc078)
00000000db467c93: ffff8881c5aaad68 (0xffff8881c5aaad68)
00000000cb415613: ffff8881366fca49 (0xffff8881366fca49)
00000000918a015e: 06475b8439dfdb00 (0x6475b8439dfdb00)
00000000e9a3dd2f: ffff8881c8668288 (0xffff8881c8668288)
0000000073a8a813: ffff8881dae09d88 (0xffff8881dae09d88)
000000009d077e0e: ffffffff81b38e23 (kasan_save_stack+0x23/0x50)
00000000550de88c: ffffffff81b38e23 (kasan_save_stack+0x23/0x50)
0000000028703e85: ffffffff81b38e70 (kasan_set_track+0x20/0x30)
00000000dcf7d809: ffffffff81b3b8ff (kasan_set_free_info+0x1f/0x40)
00000000603431c8: ffffffff81b38daf (__kasan_slab_free+0xef/0x140)
0000000057e07e18: ffffffff81b3954e (kasan_slab_free+0xe/0x10)
000000008c66552e: ffffffff81b370ee (kmem_cache_free.part.0+0x6e/0x1c0)
0000000064a93eae: ffffffff81b3724e (kmem_cache_free+0xe/0x20)
000000000e168e6a: ffffffff81bd10d8 (file_free_rcu+0x78/0xa0)
000000004d541bde: ffffffff8162aa74 (rcu_core+0x534/0x11d0)
00000000175f3461: ffffffff8162b9c9 (rcu_core_si+0x9/0x10)
0000000031466a3a: ffffffff878001d4 (__do_softirq+0x1d4/0x92e)
000000005e1b48a2: ffffffff87600f42 (asm_call_on_stack+0x12/0x20)
00000000e25693e1: ffffffff812a2629 (do_softirq_own_stack+0x79/0xa0)
000000005a929c1c: ffffffff814791f4 (irq_exit_rcu+0xd4/0x200)
00000000ca43585c: ffffffff875d41ef (sysvec_apic_timer_interrupt+0x4f/0xa0)
00000000277afd01: ffffffff87600c42 (asm_sysvec_apic_timer_interrupt+0x12/0x20)
0000000063584906: ffffffff810078ea (ret_from_fork+0x1a/0x30)
00000000c01fccbf: ffff8881dae33250 (0xffff8881dae33250)
000000006a49a21e: dffffc0000000000 (0xdffffc0000000000)
00000000e747a890: ffff8881dae09d70 (0xffff8881dae09d70)
000000004fcd2ff1: ffffffff831c325f (__free_object+0x58f/0xf80)
000000000f5ca98d: ffff8881dae09d48 (0xffff8881dae09d48)
00000000cc309b4e: ffffffff815b6e78 (lock_acquire+0x208/0xb60)
00000000417c94ca: ffffffff815a4a05 (find_held_lock+0x35/0x130)
000000007c75af1c: ffff8881dae09ce8 (0xffff8881dae09ce8)
000000000add0352: ffff8881c5aaa480 (0xffff8881c5aaa480)
00000000e120e8b8: ffffffff8a878270 (obj_hash+0xe750/0x120020)
00000000925e9704: ffffffff831c580d (debug_check_no_obj_freed+0x1ed/0x3d4)
0000000027f23bdb: ffff8881dae09d28 (0xffff8881dae09d28)
0000000038901dd1: ffff8881c5aaa480 (0xffff8881c5aaa480)
000000006164f04d: ffff8881dae09d50 (0xffff8881dae09d50)
0000000073d9ee98: 0000000000000082 (0x82)
0000000031ffa9fc: 1ffff1103b5c1398 (0x1ffff1103b5c1398)
0000000034b09b05: ffff8881c5aaad20 (0xffff8881c5aaad20)
000000000abd4f34: ffffffff00000002 (0xffffffff00000002)
00000000b8f8996b: 0000000000000082 (0x82)
0000000085132fe5: 1ffff1103b5c1395 (0x1ffff1103b5c1395)
00000000109d5a67: 0000000041b58ab3 (0x41b58ab3)
000000001da0ea0c: ffffffff8898b9e8 (MASK_YMM_LO+0x6588/0x12a00)
00000000ac26f734: ffffffff815b6290 (lock_downgrade+0xa00/0xa00)
00000000baac8523: 0000000041b58ab3 (0x41b58ab3)
00000000743e357b: ffffffff88981bcd (msr_save_dmi_table+0x3e1a2d/0x3e3d80)
00000000f6476fda: ffffffff815c67c0 (rwlock_bug.part.0+0x90/0x90)
00000000cffe3fef: 0000000000000001 (0x1)
000000004cfda87d: ffff888100000000 (0xffff888100000000)
00000000c4981bea: ffffffff00000001 (0xffffffff00000001)
00000000f8f83170: 0000000000000082 (0x82)
00000000846c77f8: ffff8881dae09d10 (0xffff8881dae09d10)
0000000027bb6724: ffffffff875d4961 (lockdep_hardirqs_off+0x91/0xd0)
0000000058a724cd: ffffffff81756e06 (__sanitizer_cov_trace_const_cmp4+0x16/0x20)
0000000056d5dba6: ffff8881dae09d50 (0xffff8881dae09d50)
00000000ece19053: ffffffff817b5c42 (trace_hardirqs_off+0x62/0x1e0)
00000000df72cf77: dffffc0000000000 (0xdffffc0000000000)
0000000096a0f9d9: 0000000000000082 (0x82)
00000000d61bdbfa: ffffffff8a878258 (obj_hash+0xe738/0x120020)
0000000056662b57: ffff8881c8668280 (0xffff8881c8668280)
00000000574f006c: 0000000000000002 (0x2)
000000002d823a0e: dffffc0000000000 (0xdffffc0000000000)
0000000086577f0b: ffff8881dae09d70 (0xffff8881dae09d70)
00000000f8bd545c: ffffffff875f149b (_raw_spin_unlock_irqrestore+0x5b/0xc0)
000000005851a602: 0000000000000002 (0x2)
00000000a5b5a47e: ffff8881c8668468 (0xffff8881c8668468)
000000005ffe9a36: ffff8881dae09df0 (0xffff8881dae09df0)
0000000023f96040: ffffffff831c580d (debug_check_no_obj_freed+0x1ed/0x3d4)
00000000901129c5: ffff8881c8668280 (0xffff8881c8668280)
0000000048287570: ffff8881dae09da0 (0xffff8881dae09da0)
000000004ec0407d: ffffffff81b38e70 (kasan_set_track+0x20/0x30)
00000000b0f0509d: 1ffff110390cd050 (0x1ffff110390cd050)
00000000f6357113: ffff8881dae09db8 (0xffff8881dae09db8)
0000000046d0ce10: ffffffff81b3b8ff (kasan_set_free_info+0x1f/0x40)
000000006256b81e: 0000000000000001 (0x1)
000000004b47753b: ffff8881dae09de0 (0xffff8881dae09de0)
00000000c0c88651: ffffffff81b38daf (__kasan_slab_free+0xef/0x140)
000000004669bf92: ffff8881c8668280 (0xffff8881c8668280)
00000000b4edccf2: ffff8881d9db8000 (0xffff8881d9db8000)
00000000a3fb7d1b: 0000000000000282 (0x282)
000000000ff8672d: ffff8881dae09df0 (0xffff8881dae09df0)
000000001d138f5b: ffffffff81b3954e (kasan_slab_free+0xe/0x10)
00000000af6969db: ffff8881dae09e20 (0xffff8881dae09e20)
00000000ffb6f12c: ffffffff81b370ee (kmem_cache_free.part.0+0x6e/0x1c0)
0000000083ff9e13: ffff8881c5aaa400 (0xffff8881c5aaa400)
00000000b39b7924: ffff8881c8668280 (0xffff8881c8668280)
00000000e99cf430: ffff8881c9586700 (0xffff8881c9586700)
000000008cff1bdd: ffff8881c8668280 (0xffff8881c8668280)
00000000bc25a137: ffff8881dae09e30 (0xffff8881dae09e30)
00000000a3d3616e: ffffffff81b3724e (kmem_cache_free+0xe/0x20)
00000000060ec5f8: ffff8881dae09e58 (0xffff8881dae09e58)
00000000a3d6d761: ffffffff81bd10d8 (file_free_rcu+0x78/0xa0)
00000000fcb64c72: ffff8881c5aaa480 (0xffff8881c5aaa480)
00000000faba8da6: ffff8881dae09f28 (0xffff8881dae09f28)
000000002788ff1f: ffff8881dae09ec8 (0xffff8881dae09ec8)
000000002f2e0fda: ffff8881dae09f50 (0xffff8881dae09f50)
00000000b7ab4f29: ffffffff8162aa74 (rcu_core+0x534/0x11d0)
0000000079b715e0: ffffffff88d4d408 (pv_ops+0x128/0x2c0)
0000000068f0ff16: ffff8881dae36790 (0xffff8881dae36790)
00000000202f410c: ffff8881dae36800 (0xffff8881dae36800)
000000006125c8b4: ffff8881dae36740 (0xffff8881dae36740)
0000000079c7ec7d: ffff8881dae367d8 (0xffff8881dae367d8)
0000000089120a05: ffffed1038b55490 (0xffffed1038b55490)
00000000c770c969: 1ffff1103b5c13d5 (0x1ffff1103b5c13d5)
000000002927c0d7: 000000000000000a (0xa)
00000000c5a11bfe: 0000000041b58ab3 (0x41b58ab3)
000000000506bff4: ffffffff8898df2d (MASK_YMM_LO+0x8acd/0x12a00)
0000000009ebec79: ffffffff8162a540 (rcu_barrier+0x460/0x460)
000000009fb62de4: ffff8881dae09ef0 (0xffff8881dae09ef0)
000000002d402481: ffff8881cbf5da80 (0xffff8881cbf5da80)
00000000b396bbc1: ffff8881c8d09098 (0xffff8881c8d09098)
0000000047f8e78f: ffffffffffffffff (0xffffffffffffffff)
00000000535760ef: ffff8881c5aaa480 (0xffff8881c5aaa480)
00000000d41554dd: ffffffff87600f42 (asm_call_on_stack+0x12/0x20)
0000000002084e89: 0000000000000282 (0x282)
00000000034a9449: ffff8881c5aaa480 (0xffff8881c5aaa480)
000000000eebc8a6: ffff8881dae09f48 (0xffff8881dae09f48)
00000000cfe7bfbf: ffffffff875d4be1 (lock_is_held_type+0xc1/0xf0)
00000000c5f8ef42: ffffffff00000000 (0xffffffff00000000)
00000000be451946: 0000000000000282 (0x282)
000000009fc4b172: 06475b8439dfdb00 (0x6475b8439dfdb00)
00000000ee49f860: 0000000000000009 (0x9)
000000004970d8cc: ffffffff88c09108 (softirq_vec+0x48/0x80)
00000000115dcdc6: 0000000000000000 ...
000000002b797847: dffffc0000000000 (0xdffffc0000000000)
00000000c3dcc1ba: 0000000000000000 ...
000000006ae91837: ffff8881dae09f60 (0xffff8881dae09f60)
0000000094c162de: ffffffff8162b9c9 (rcu_core_si+0x9/0x10)
00000000c8266f01: ffff8881dae09fe8 (0xffff8881dae09fe8)
00000000a6960785: ffffffff878001d4 (__do_softirq+0x1d4/0x92e)
000000000ba8932d: 0100000004208040 (0x100000004208040)
0000000012ac5ddc: ffffed1038b55490 (0xffffed1038b55490)
00000000dc003c61: 00000000fffd0560 (0xfffd0560)
00000000c474002a: ffff8881c5aaa480 (0xffff8881c5aaa480)
00000000904a02f4: 0000000000000009 (0x9)
00000000da76b09c: 0000000000000009 (0x9)
0000000080a25d18: 0000000000000050 (0x50)
00000000039fc231: 000001000000000a (0x1000000000a)
00000000481cb02a: ffffffff88c090c0 (tasklist_lock+0x40/0x40)
00000000d9c4da8e: 000002000000000a (0x2000000000a)
000000009984db67: 0000000000000000 ...
00000000b8cf5cdc: ffff8881d9f42240 (0xffff8881d9f42240)
0000000082284d3e: 0000000000000000 ...
000000005be3e2e5: ffff8881c36a7e48 (0xffff8881c36a7e48)
00000000d3842d90: ffffffff87600f42 (asm_call_on_stack+0x12/0x20)
00000000873adb0b: ffff8881c36a7e48 (0xffff8881c36a7e48)
00000000205c9096: ffff8881c36a7e58 (0xffff8881c36a7e58)
000000003405edf5: ffffffff812a2629 (do_softirq_own_stack+0x79/0xa0)
00000000e650dc76: ffff8881c36a7e78 (0xffff8881c36a7e78)
0000000068e06a9b: ffffffff814791f4 (irq_exit_rcu+0xd4/0x200)
00000000aef102a2: 0000000000000000 ...
000000005b4ec5bf: ffff8881c36a7ea8 (0xffff8881c36a7ea8)
0000000068ded3f7: ffff8881c36a7e98 (0xffff8881c36a7e98)
00000000c6022263: ffffffff875d41ef (sysvec_apic_timer_interrupt+0x4f/0xa0)
000000000b31efb2: 0000000000000000 ...
000000000b572454: ffff8881c36a7ea9 (0xffff8881c36a7ea9)
00000000cd8f0457: ffffffff87600c42 (asm_sysvec_apic_timer_interrupt+0x12/0x20)
00000000c78460cd: 0000000000000000 ...
000000005d1baa9d: ffff8881d7365200 (0xffff8881d7365200)
000000005bc03dc8: 0000000000000000 ...
000000008bd7acef: ffffffff814c22a0 (umh_complete+0xa0/0xa0)
00000000c5c21aee: 0000000000000001 (0x1)
000000002ed4d82c: 0000000000000000 ...
00000000ffddacb8: 0000000000000001 (0x1)
000000004a792316: 0000000000000001 (0x1)
00000000a6d63667: 1ffffffff11a9a83 (0x1ffffffff11a9a83)
00000000f2f3c771: 1ffffffff133dd51 (0x1ffffffff133dd51)
000000001492aa18: dffffc0000000000 (0xdffffc0000000000)
00000000432e99d7: 0000000000000000 ...
00000000b4ddd32d: ffffffff875f11a3 (_raw_spin_unlock_irq+0x23/0x70)
0000000048ce1d2f: ffffffffffffffff (0xffffffffffffffff)
0000000046d3b6ad: ffffffff810078ea (ret_from_fork+0x1a/0x30)
000000001e1ef1ff: 0000000000000010 (0x10)
00000000cd9dc12f: 0000000000000286 (0x286)
00000000619cf9ff: ffff8881c36a7f58 (0xffff8881c36a7f58)
000000008bef3707: 0000000000000018 (0x18)
000000002deadb2c: ffffffff810078d8 (ret_from_fork+0x8/0x30)
000000006fa9ca6f: 0000000000000000 ...
__ntfs_warning: 798 callbacks suppressed
ntfs: (device loop1): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop1): ntfs_read_inode_mount(): Incorrect mft record size [2164275200] in superblock, should be [1024].
ntfs: (device loop1): ntfs_read_inode_mount(): Failed. Marking inode as bad.
ntfs: (device loop1): ntfs_fill_super(): Failed to load essential metadata.
ntfs: (device loop2): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop2): ntfs_read_inode_mount(): Incorrect mft record size [2164275200] in superblock, should be [1024].
ntfs: (device loop2): ntfs_read_inode_mount(): Failed. Marking inode as bad.
ntfs: (device loop2): ntfs_fill_super(): Failed to load essential metadata.
ntfs: (device loop3): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop5): is_boot_sector_ntfs(): Invalid end of sector marker.
__ntfs_warning: 1010 callbacks suppressed
ntfs: (device loop2): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop2): ntfs_read_inode_mount(): Incorrect mft record size [2164275200] in superblock, should be [1024].
ntfs: (device loop2): ntfs_read_inode_mount(): Failed. Marking inode as bad.
ntfs: (device loop2): ntfs_fill_super(): Failed to load essential metadata.
ntfs: (device loop1): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop5): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop0): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop4): is_boot_sector_ntfs(): Invalid end of sector marker.
ntfs: (device loop0): ntfs_read_inode_mount(): Incorrect mft record size [2164275200] in superblock, should be [1024].
ntfs: (device loop0): ntfs_read_inode_mount(): Failed. Marking inode as bad.
Tested on:
commit: c3d8f220 Merge tag 'kbuild-fixes-v5.9' of git://git.kernel..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1380775e900000
kernel config: https://syzkaller.appspot.com/x/.config?x=a0a5ad403d48507d
dashboard link: https://syzkaller.appspot.com/bug?extid=aed06913f36eff9b544e
compiler: gcc (GCC) 10.1.0-syz 20200507
patch: https://syzkaller.appspot.com/x/patch.diff?x=1125b649900000
compiler: gcc (GCC) 10.1.0-syz 20200507
Reply all
Reply to author
Forward
0 new messages