API tools faq
paste
Advertisement
qaqaq

Untitled

qaqaq
Aug 10th, 2022
126
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.24 KB | None | 0 0
raw download clone embed print report
  1.  
  2. [ 376.525249][ T34] audit: type=1800 audit(1659966769.469:505): pid=7756 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed comm="syz-executor.6" name="UDC" dev="configfs" ino=19016 res=0 errno=0
  3. [ 376.575298][ T34] audit: type=1800 audit(1659966769.519:506): pid=7757 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed comm="syz-executor.6" name="UDC" dev="configfs" ino=18362 res=0 errno=0
  4. [ 376.578306][ T34] audit: type=1800 audit(1659966769.519:507): pid=7757 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed comm="syz-executor.6" name="UDC" dev="configfs" ino=18368 res=0 errno=0
  5. [ 376.959155][ T6] smsmdtv:smscore_unregister_device: exiting although not all buffers released.
  6. [ 376.960586][ T6] smsusb:smsusb_probe: Device initialized with return code -110
  7. [ 376.969102][ C0] ==================================================================
  8. [ 376.970417][ C0] BUG: KASAN: use-after-free in dummy_timer+0x2a37/0x33b0
  9. [ 376.971416][ C0] Read of size 4 at addr ffff88801aa1e814 by task syz-fuzzer/2931
  10. [ 376.972515][ C0]
  11. [ 376.972919][ C0] CPU: 0 PID: 2931 Comm: syz-fuzzer Not tainted 5.18.0 #3
  12. [ 376.974454][ C0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
  13. [ 376.976232][ C0] Call Trace:
  14. [ 376.976625][ C0] <IRQ>
  15. [ 376.976970][ C0] dump_stack_lvl+0xcd/0x134
  16. [ 376.977535][ C0] print_report.cold+0xe5/0x659
  17. [ 376.978120][ C0] ? dummy_timer+0x2a37/0x33b0
  18. [ 376.978727][ C0] kasan_report+0x8a/0x1b0
  19. [ 376.979270][ C0] ? dummy_timer+0x2a37/0x33b0
  20. [ 376.979879][ C0] dummy_timer+0x2a37/0x33b0
  21. [ 376.980446][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
  22. [ 376.981207][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
  23. [ 376.981944][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  24. [ 376.982633][ C0] ? dummy_dequeue+0x500/0x500
  25. [ 376.983210][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  26. [ 376.983884][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  27. [ 376.984530][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  28. [ 376.985173][ C0] ? dummy_dequeue+0x500/0x500
  29. [ 376.985755][ C0] call_timer_fn+0x1a5/0x6b0
  30. [ 376.986325][ C0] ? enqueue_timer+0x5d0/0x5d0
  31. [ 376.986923][ C0] ? lock_downgrade+0x690/0x690
  32. [ 376.987524][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
  33. [ 376.988169][ C0] ? dummy_dequeue+0x500/0x500
  34. [ 376.988757][ C0] run_timer_softirq+0x1084/0x16d0
  35. [ 376.989390][ C0] ? call_timer_fn+0x6b0/0x6b0
  36. [ 376.989969][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  37. [ 376.990669][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  38. [ 376.991318][ C0] __do_softirq+0x1c0/0x8ee
  39. [ 376.991886][ C0] irq_exit_rcu+0xe2/0x120
  40. [ 376.992429][ C0] sysvec_apic_timer_interrupt+0x8e/0xc0
  41. [ 376.993127][ C0] </IRQ>
  42. [ 376.993489][ C0] <TASK>
  43. [ 376.993848][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
  44. [ 376.994612][ C0] RIP: 0010:unwind_get_return_address+0x5a/0xa0
  45. [ 376.995373][ C0] Code: 05 5b 31 c0 5d c3 48 8d 6b 48 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 75 32 48 8b 7b 48 e8 56 5d 0b 00 <85> c0 74 d3 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80
  46. [ 376.997731][ C0] RSP: 0018:ffffc90000e9f5f8 EFLAGS: 00000202
  47. [ 376.998483][ C0] RAX: 0000000000000001 RBX: ffffc90000e9f610 RCX: 0000000000000000
  48. [ 376.999456][ C0] RDX: 1ffff920001d3ecb RSI: 0000000000000000 RDI: ffffffff81ed3c4f
  49. [ 377.000432][ C0] RBP: ffffc90000e9f658 R08: 0000000000000001 R09: 0000000000000001
  50. [ 377.001473][ C0] R10: ffffc90000e9f66f R11: 000000000005203e R12: ffffc90000e9f6c8
  51. [ 377.003042][ C0] R13: 0000000000000000 R14: ffff888104ce5580 R15: 0000000000001000
  52. [ 377.004488][ C0] ? security_inode_getattr+0xcf/0x140
  53. [ 377.005484][ C0] ? unwind_get_return_address+0x5a/0xa0
  54. [ 377.006392][ C0] ? create_prof_cpu_mask+0x20/0x20
  55. [ 377.007027][ C0] arch_stack_walk+0x93/0xe0
  56. [ 377.007601][ C0] ? security_inode_getattr+0xcf/0x140
  57. [ 377.008268][ C0] ? tomoyo_realpath_from_path+0x191/0x620
  58. [ 377.008974][ C0] stack_trace_save+0x8c/0xc0
  59. [ 377.009560][ C0] ? filter_irq_stacks+0x80/0x80
  60. [ 377.010164][ C0] ? slab_post_alloc_hook+0x130/0x4d0
  61. [ 377.010826][ C0] ? tomoyo_path_perm+0x219/0x420
  62. [ 377.011432][ C0] kasan_save_stack+0x1e/0x40
  63. [ 377.012010][ C0] ? kasan_save_stack+0x1e/0x40
  64. [ 377.012602][ C0] ? kasan_set_track+0x21/0x30
  65. [ 377.013180][ C0] ? kasan_set_free_info+0x20/0x30
  66. [ 377.013797][ C0] ? __kasan_slab_free+0x105/0x170
  67. [ 377.014439][ C0] ? kfree+0xcd/0x450
  68. [ 377.014931][ C0] ? tomoyo_realpath_from_path+0x191/0x620
  69. [ 377.015645][ C0] ? tomoyo_path_perm+0x219/0x420
  70. [ 377.016257][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  71. [ 377.016929][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  72. [ 377.017579][ C0] ? find_held_lock+0x2d/0x110
  73. [ 377.018167][ C0] ? debug_check_no_obj_freed+0x28a/0x470
  74. [ 377.018884][ C0] ? lock_downgrade+0x690/0x690
  75. [ 377.019472][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70
  76. [ 377.020181][ C0] ? lockdep_hardirqs_on+0x79/0x100
  77. [ 377.020821][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70
  78. [ 377.021528][ C0] ? debug_check_no_obj_freed+0x28a/0x470
  79. [ 377.022214][ C0] kasan_set_track+0x21/0x30
  80. [ 377.022793][ C0] kasan_set_free_info+0x20/0x30
  81. [ 377.023388][ C0] __kasan_slab_free+0x105/0x170
  82. [ 377.023980][ C0] ? tomoyo_realpath_from_path+0x191/0x620
  83. [ 377.024669][ C0] kfree+0xcd/0x450
  84. [ 377.025125][ C0] tomoyo_realpath_from_path+0x191/0x620
  85. [ 377.025797][ C0] tomoyo_path_perm+0x219/0x420
  86. [ 377.026384][ C0] ? tomoyo_path_perm+0x1c1/0x420
  87. [ 377.026978][ C0] ? terminate_walk+0x2e9/0x5b0
  88. [ 377.027549][ C0] ? tomoyo_check_open_permission+0x370/0x370
  89. [ 377.028261][ C0] ? path_lookupat.isra.0+0x21e/0x580
  90. [ 377.028939][ C0] ? find_held_lock+0x2d/0x110
  91. [ 377.029551][ C0] ? __might_fault+0xd1/0x170
  92. [ 377.030116][ C0] security_inode_getattr+0xcf/0x140
  93. [ 377.030779][ C0] vfs_getattr+0x22/0x60
  94. [ 377.031292][ C0] vfs_statx+0x170/0x360
  95. [ 377.031811][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
  96. [ 377.032486][ C0] ? vfs_getattr+0x60/0x60
  97. [ 377.033018][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
  98. [ 377.033681][ C0] ? getname_flags+0x275/0x5b0
  99. [ 377.034261][ C0] vfs_fstatat+0x8c/0xb0
  100. [ 377.034805][ C0] __do_sys_newfstatat+0x91/0x110
  101. [ 377.035414][ C0] ? __do_compat_sys_newlstat+0x110/0x110
  102. [ 377.036103][ C0] ? syscall_enter_from_user_mode+0x1c/0x70
  103. [ 377.036826][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  104. [ 377.037499][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  105. [ 377.038155][ C0] ? syscall_enter_from_user_mode+0x21/0x70
  106. [ 377.038883][ C0] do_syscall_64+0x35/0xb0
  107. [ 377.039434][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
  108. [ 377.040159][ C0] RIP: 0033:0x49d50a
  109. [ 377.040653][ C0] Code: e8 1b 99 fc ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
  110. [ 377.043024][ C0] RSP: 002b:000000c0000e5d20 EFLAGS: 00000206 ORIG_RAX: 0000000000000106
  111. [ 377.044105][ C0] RAX: ffffffffffffffda RBX: 000000c000026f00 RCX: 000000000049d50a
  112. [ 377.045077][ C0] RDX: 000000c000e7c1d8 RSI: 000000c000e6d770 RDI: ffffffffffffff9c
  113. [ 377.046043][ C0] RBP: 000000c0000e5db0 R08: 0000000000000000 R09: 0000000000000000
  114. [ 377.047028][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 0000000000000000
  115. [ 377.047987][ C0] R13: 0000000000000000 R14: 000000c00b596820 R15: 0000000000000177
  116. [ 377.048934][ C0] </TASK>
  117. [ 377.049298][ C0]
  118. [ 377.049580][ C0] Allocated by task 6:
  119. [ 377.050064][ C0] kasan_save_stack+0x1e/0x40
  120. [ 377.050657][ C0] __kasan_kmalloc+0x81/0xa0
  121. [ 377.051214][ C0] kmem_cache_alloc_trace+0x20b/0x450
  122. [ 377.051860][ C0] smsusb_init_device+0xb2/0xb07
  123. [ 377.052460][ C0] smsusb_probe+0xda2/0xe3f
  124. [ 377.052997][ C0] usb_probe_interface+0x310/0x800
  125. [ 377.053606][ C0] really_probe+0x23e/0xa00
  126. [ 377.054145][ C0] __driver_probe_device+0x338/0x4d0
  127. [ 377.054791][ C0] driver_probe_device+0x4c/0x1a0
  128. [ 377.055395][ C0] __device_attach_driver+0x20b/0x2f0
  129. [ 377.056033][ C0] bus_for_each_drv+0x15f/0x1e0
  130. [ 377.056624][ C0] __device_attach+0x26d/0x3f0
  131. [ 377.057192][ C0] bus_probe_device+0x1e4/0x290
  132. [ 377.057776][ C0] device_add+0xc45/0x1d40
  133. [ 377.058323][ C0] usb_set_configuration+0x1019/0x1900
  134. [ 377.059004][ C0] usb_generic_driver_probe+0x9d/0xe0
  135. [ 377.059661][ C0] usb_probe_device+0xd9/0x2a0
  136. [ 377.060247][ C0] really_probe+0x23e/0xa00
  137. [ 377.060798][ C0] __driver_probe_device+0x338/0x4d0
  138. [ 377.061439][ C0] driver_probe_device+0x4c/0x1a0
  139. [ 377.062039][ C0] __device_attach_driver+0x20b/0x2f0
  140. [ 377.062710][ C0] bus_for_each_drv+0x15f/0x1e0
  141. [ 377.063294][ C0] __device_attach+0x26d/0x3f0
  142. [ 377.063863][ C0] bus_probe_device+0x1e4/0x290
  143. [ 377.064458][ C0] device_add+0xc45/0x1d40
  144. [ 377.064995][ C0] usb_new_device.cold+0x4b8/0x10ca
  145. [ 377.065626][ C0] hub_event+0x231e/0x4170
  146. [ 377.066158][ C0] process_one_work+0x9cc/0x1650
  147. [ 377.066772][ C0] worker_thread+0x623/0x1070
  148. [ 377.067346][ C0] kthread+0x2ef/0x3a0
  149. [ 377.067841][ C0] ret_from_fork+0x1f/0x30
  150. [ 377.068382][ C0]
  151. [ 377.068665][ C0] Freed by task 6:
  152. [ 377.069117][ C0] kasan_save_stack+0x1e/0x40
  153. [ 377.069684][ C0] kasan_set_track+0x21/0x30
  154. [ 377.070248][ C0] kasan_set_free_info+0x20/0x30
  155. [ 377.070866][ C0] __kasan_slab_free+0x105/0x170
  156. [ 377.071471][ C0] kfree+0xcd/0x450
  157. [ 377.071934][ C0] smsusb_term_device+0xd6/0x160
  158. [ 377.072537][ C0] smsusb_init_device+0xa80/0xb07
  159. [ 377.073149][ C0] smsusb_probe+0xda2/0xe3f
  160. [ 377.073702][ C0] usb_probe_interface+0x310/0x800
  161. [ 377.074329][ C0] really_probe+0x23e/0xa00
  162. [ 377.074867][ C0] __driver_probe_device+0x338/0x4d0
  163. [ 377.075536][ C0] driver_probe_device+0x4c/0x1a0
  164. [ 377.076179][ C0] __device_attach_driver+0x20b/0x2f0
  165. [ 377.076889][ C0] bus_for_each_drv+0x15f/0x1e0
  166. [ 377.077539][ C0] __device_attach+0x26d/0x3f0
  167. [ 377.078169][ C0] bus_probe_device+0x1e4/0x290
  168. [ 377.078826][ C0] device_add+0xc45/0x1d40
  169. [ 377.079405][ C0] usb_set_configuration+0x1019/0x1900
  170. [ 377.080129][ C0] usb_generic_driver_probe+0x9d/0xe0
  171. [ 377.080837][ C0] usb_probe_device+0xd9/0x2a0
  172. [ 377.081465][ C0] really_probe+0x23e/0xa00
  173. [ 377.082052][ C0] __driver_probe_device+0x338/0x4d0
  174. [ 377.082731][ C0] driver_probe_device+0x4c/0x1a0
  175. [ 377.083337][ C0] __device_attach_driver+0x20b/0x2f0
  176. [ 377.083992][ C0] bus_for_each_drv+0x15f/0x1e0
  177. [ 377.084574][ C0] __device_attach+0x26d/0x3f0
  178. [ 377.085166][ C0] bus_probe_device+0x1e4/0x290
  179. [ 377.085792][ C0] device_add+0xc45/0x1d40
  180. [ 377.086387][ C0] usb_new_device.cold+0x4b8/0x10ca
  181. [ 377.087036][ C0] hub_event+0x231e/0x4170
  182. [ 377.087621][ C0] process_one_work+0x9cc/0x1650
  183. [ 377.088229][ C0] worker_thread+0x623/0x1070
  184. [ 377.088834][ C0] kthread+0x2ef/0x3a0
  185. [ 377.089337][ C0] ret_from_fork+0x1f/0x30
  186. [ 377.089892][ C0]
  187. [ 377.090188][ C0] Last potentially related work creation:
  188. [ 377.090928][ C0] kasan_save_stack+0x1e/0x40
  189. [ 377.091508][ C0] __kasan_record_aux_stack+0xa1/0xb0
  190. [ 377.092166][ C0] insert_work+0x4a/0x390
  191. [ 377.092711][ C0] __queue_work+0x4dd/0x1140
  192. [ 377.093322][ C0] queue_work_on+0xee/0x110
  193. [ 377.093877][ C0] smsusb_onresponse+0x594/0x780
  194. [ 377.094518][ C0] __usb_hcd_giveback_urb+0x2c2/0x5a0
  195. [ 377.095165][ C0] usb_hcd_giveback_urb+0x367/0x410
  196. [ 377.095821][ C0] dummy_timer+0x1267/0x33b0
  197. [ 377.096423][ C0] call_timer_fn+0x1a5/0x6b0
  198. [ 377.097016][ C0] run_timer_softirq+0x1084/0x16d0
  199. [ 377.097634][ C0] __do_softirq+0x1c0/0x8ee
  200. [ 377.098187][ C0]
  201. [ 377.098486][ C0] Second to last potentially related work creation:
  202. [ 377.099306][ C0] kasan_save_stack+0x1e/0x40
  203. [ 377.099929][ C0] __kasan_record_aux_stack+0xa1/0xb0
  204. [ 377.100615][ C0] insert_work+0x4a/0x390
  205. [ 377.101138][ C0] __queue_work+0x4dd/0x1140
  206. [ 377.101743][ C0] queue_work_on+0xee/0x110
  207. [ 377.102527][ C0] smsusb_onresponse+0x594/0x780
  208. [ 377.103163][ C0] __usb_hcd_giveback_urb+0x2c2/0x5a0
  209. [ 377.103905][ C0] usb_hcd_giveback_urb+0x367/0x410
  210. [ 377.104930][ C0] dummy_timer+0x1267/0x33b0
  211. [ 377.105710][ C0] call_timer_fn+0x1a5/0x6b0
  212. [ 377.106460][ C0] run_timer_softirq+0x1084/0x16d0
  213. [ 377.107283][ C0] __do_softirq+0x1c0/0x8ee
  214. [ 377.108003][ C0]
  215. [ 377.108373][ C0] The buggy address belongs to the object at ffff88801aa1e000
  216. [ 377.108373][ C0] which belongs to the cache kmalloc-4k of size 4096
  217. [ 377.110570][ C0] The buggy address is located 2068 bytes inside of
  218. [ 377.110570][ C0] 4096-byte region [ffff88801aa1e000, ffff88801aa1f000)
  219. [ 377.112624][ C0]
  220. [ 377.112997][ C0] The buggy address belongs to the physical page:
  221. [ 377.113984][ C0] page:ffffea00006a8600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1aa18
  222. [ 377.115430][ C0] head:ffffea00006a8600 order:3 compound_mapcount:0 compound_pincount:0
  223. [ 377.116511][ C0] flags: 0x100000000010200(slab|head|node=0|zone=1)
  224. [ 377.117382][ C0] raw: 0100000000010200 0000000000000000 dead000000000001 ffff888100043040
  225. [ 377.118506][ C0] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
  226. [ 377.119607][ C0] page dumped because: kasan: bad access detected
  227. [ 377.120435][ C0] page_owner tracks the page as allocated
  228. [ 377.121184][ C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2918, tgid 2918 (syz-fuzzer), ts 369046599373, free_ts 368942090992
  229. [ 377.124661][ C0] prep_new_page+0x297/0x330
  230. [ 377.125403][ C0] get_page_from_freelist+0x122b/0x27d0
  231. [ 377.126275][ C0] __alloc_pages+0x2d5/0x6c0
  232. [ 377.127027][ C0] alloc_pages+0x119/0x250
  233. [ 377.127741][ C0] new_slab+0x2a9/0x3f0
  234. [ 377.128412][ C0] ___slab_alloc+0xc62/0x1080
  235. [ 377.129199][ C0] __slab_alloc.isra.0+0x4d/0xa0
  236. [ 377.129984][ C0] __kmalloc+0x3b6/0x4b0
  237. [ 377.130642][ C0] tomoyo_realpath_from_path+0xc3/0x620
  238. [ 377.131498][ C0] tomoyo_path_perm+0x219/0x420
  239. [ 377.132187][ C0] security_inode_getattr+0xcf/0x140
  240. [ 377.132980][ C0] vfs_getattr+0x22/0x60
  241. [ 377.133562][ C0] vfs_statx+0x170/0x360
  242. [ 377.134214][ C0] vfs_fstatat+0x8c/0xb0
  243. [ 377.134832][ C0] __do_sys_newfstatat+0x91/0x110
  244. [ 377.135596][ C0] do_syscall_64+0x35/0xb0
  245. [ 377.136249][ C0] page last free stack trace:
  246. [ 377.136918][ C0] free_pcp_prepare+0x4f3/0xb40
  247. [ 377.137596][ C0] free_unref_page+0x19/0x490
  248. [ 377.138278][ C0] __unfreeze_partials+0x3d2/0x3f0
  249. [ 377.139038][ C0] ___cache_free+0x12c/0x140
  250. [ 377.139697][ C0] qlist_free_all+0x6a/0x170
  251. [ 377.140369][ C0] kasan_quarantine_reduce+0x13d/0x180
  252. [ 377.141207][ C0] __kasan_slab_alloc+0x78/0x80
  253. [ 377.141896][ C0] slab_post_alloc_hook+0x4d/0x4d0
  254. [ 377.142635][ C0] __kmalloc+0x19e/0x4b0
  255. [ 377.143210][ C0] tomoyo_encode2.part.0+0xec/0x3b0
  256. [ 377.143832][ C0] tomoyo_encode+0x28/0x50
  257. [ 377.144371][ C0] tomoyo_realpath_from_path+0x186/0x620
  258. [ 377.145181][ C0] tomoyo_path_perm+0x219/0x420
  259. [ 377.146053][ C0] security_inode_getattr+0xcf/0x140
  260. [ 377.146848][ C0] vfs_getattr+0x22/0x60
  261. [ 377.147449][ C0] vfs_statx+0x170/0x360
  262. [ 377.148062][ C0]
  263. [ 377.148408][ C0] Memory state around the buggy address:
  264. [ 377.149200][ C0] ffff88801aa1e700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
  265. [ 377.150325][ C0] ffff88801aa1e780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
  266. [ 377.151440][ C0] >ffff88801aa1e800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
  267. [ 377.152410][ C0] ^
  268. [ 377.152989][ C0] ffff88801aa1e880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
  269. [ 377.154294][ C0] ffff88801aa1e900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
  270. [ 377.155367][ C0] ==================================================================
  271. [ 377.156308][ C0] Kernel panic - not syncing: panic_on_warn set ...
  272. [ 377.157275][ C0] CPU: 0 PID: 2931 Comm: syz-fuzzer Not tainted 5.18.0 #3
  273. [ 377.158190][ C0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
  274. [ 377.159491][ C0] Call Trace:
  275. [ 377.159976][ C0] <IRQ>
  276. [ 377.160424][ C0] dump_stack_lvl+0xcd/0x134
  277. [ 377.161146][ C0] panic+0x2d7/0x636
  278. [ 377.161682][ C0] ? panic_print_sys_info.part.0+0x10b/0x10b
  279. [ 377.162599][ C0] ? rcu_read_lock_held_common+0x9/0x90
  280. [ 377.163400][ C0] ? rcu_read_lock_sched_held+0x5a/0xd0
  281. [ 377.164141][ C0] ? dummy_timer+0x2a37/0x33b0
  282. [ 377.164888][ C0] end_report.part.0+0x3f/0x7c
  283. [ 377.165468][ C0] kasan_report.cold+0x8/0x12
  284. [ 377.166080][ C0] ? dummy_timer+0x2a37/0x33b0
  285. [ 377.166821][ C0] dummy_timer+0x2a37/0x33b0
  286. [ 377.167401][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
  287. [ 377.168244][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
  288. [ 377.169219][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  289. [ 377.169964][ C0] ? dummy_dequeue+0x500/0x500
  290. [ 377.170673][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  291. [ 377.171390][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  292. [ 377.172166][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  293. [ 377.172858][ C0] ? dummy_dequeue+0x500/0x500
  294. [ 377.173563][ C0] call_timer_fn+0x1a5/0x6b0
  295. [ 377.174155][ C0] ? enqueue_timer+0x5d0/0x5d0
  296. [ 377.174739][ C0] ? lock_downgrade+0x690/0x690
  297. [ 377.175410][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
  298. [ 377.176322][ C0] ? dummy_dequeue+0x500/0x500
  299. [ 377.177108][ C0] run_timer_softirq+0x1084/0x16d0
  300. [ 377.177908][ C0] ? call_timer_fn+0x6b0/0x6b0
  301. [ 377.178650][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  302. [ 377.179510][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  303. [ 377.180315][ C0] __do_softirq+0x1c0/0x8ee
  304. [ 377.180994][ C0] irq_exit_rcu+0xe2/0x120
  305. [ 377.181655][ C0] sysvec_apic_timer_interrupt+0x8e/0xc0
  306. [ 377.182520][ C0] </IRQ>
  307. [ 377.182948][ C0] <TASK>
  308. [ 377.183378][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
  309. [ 377.184261][ C0] RIP: 0010:unwind_get_return_address+0x5a/0xa0
  310. [ 377.185224][ C0] Code: 05 5b 31 c0 5d c3 48 8d 6b 48 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 75 32 48 8b 7b 48 e8 56 5d 0b 00 <85> c0 74 d3 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03 80
  311. [ 377.188058][ C0] RSP: 0018:ffffc90000e9f5f8 EFLAGS: 00000202
  312. [ 377.188933][ C0] RAX: 0000000000000001 RBX: ffffc90000e9f610 RCX: 0000000000000000
  313. [ 377.190111][ C0] RDX: 1ffff920001d3ecb RSI: 0000000000000000 RDI: ffffffff81ed3c4f
  314. [ 377.191294][ C0] RBP: ffffc90000e9f658 R08: 0000000000000001 R09: 0000000000000001
  315. [ 377.192460][ C0] R10: ffffc90000e9f66f R11: 000000000005203e R12: ffffc90000e9f6c8
  316. [ 377.193609][ C0] R13: 0000000000000000 R14: ffff888104ce5580 R15: 0000000000001000
  317. [ 377.194789][ C0] ? security_inode_getattr+0xcf/0x140
  318. [ 377.195585][ C0] ? unwind_get_return_address+0x5a/0xa0
  319. [ 377.196405][ C0] ? create_prof_cpu_mask+0x20/0x20
  320. [ 377.197192][ C0] arch_stack_walk+0x93/0xe0
  321. [ 377.197897][ C0] ? security_inode_getattr+0xcf/0x140
  322. [ 377.198719][ C0] ? tomoyo_realpath_from_path+0x191/0x620
  323. [ 377.199587][ C0] stack_trace_save+0x8c/0xc0
  324. [ 377.200298][ C0] ? filter_irq_stacks+0x80/0x80
  325. [ 377.200948][ C0] ? slab_post_alloc_hook+0x130/0x4d0
  326. [ 377.201584][ C0] ? tomoyo_path_perm+0x219/0x420
  327. [ 377.202168][ C0] kasan_save_stack+0x1e/0x40
  328. [ 377.202735][ C0] ? kasan_save_stack+0x1e/0x40
  329. [ 377.203301][ C0] ? kasan_set_track+0x21/0x30
  330. [ 377.203875][ C0] ? kasan_set_free_info+0x20/0x30
  331. [ 377.204488][ C0] ? __kasan_slab_free+0x105/0x170
  332. [ 377.205103][ C0] ? kfree+0xcd/0x450
  333. [ 377.205584][ C0] ? tomoyo_realpath_from_path+0x191/0x620
  334. [ 377.206290][ C0] ? tomoyo_path_perm+0x219/0x420
  335. [ 377.206931][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  336. [ 377.207677][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  337. [ 377.208418][ C0] ? find_held_lock+0x2d/0x110
  338. [ 377.209009][ C0] ? debug_check_no_obj_freed+0x28a/0x470
  339. [ 377.209702][ C0] ? lock_downgrade+0x690/0x690
  340. [ 377.210296][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70
  341. [ 377.211015][ C0] ? lockdep_hardirqs_on+0x79/0x100
  342. [ 377.211633][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70
  343. [ 377.212333][ C0] ? debug_check_no_obj_freed+0x28a/0x470
  344. [ 377.213012][ C0] kasan_set_track+0x21/0x30
  345. [ 377.213581][ C0] kasan_set_free_info+0x20/0x30
  346. [ 377.214185][ C0] __kasan_slab_free+0x105/0x170
  347. [ 377.214794][ C0] ? tomoyo_realpath_from_path+0x191/0x620
  348. [ 377.215579][ C0] kfree+0xcd/0x450
  349. [ 377.216062][ C0] tomoyo_realpath_from_path+0x191/0x620
  350. [ 377.216804][ C0] tomoyo_path_perm+0x219/0x420
  351. [ 377.217399][ C0] ? tomoyo_path_perm+0x1c1/0x420
  352. [ 377.218008][ C0] ? terminate_walk+0x2e9/0x5b0
  353. [ 377.218620][ C0] ? tomoyo_check_open_permission+0x370/0x370
  354. [ 377.219349][ C0] ? path_lookupat.isra.0+0x21e/0x580
  355. [ 377.220002][ C0] ? find_held_lock+0x2d/0x110
  356. [ 377.220813][ C0] ? __might_fault+0xd1/0x170
  357. [ 377.221684][ C0] security_inode_getattr+0xcf/0x140
  358. [ 377.222646][ C0] vfs_getattr+0x22/0x60
  359. [ 377.223332][ C0] vfs_statx+0x170/0x360
  360. [ 377.224019][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
  361. [ 377.224923][ C0] ? vfs_getattr+0x60/0x60
  362. [ 377.225637][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
  363. [ 377.226570][ C0] ? getname_flags+0x275/0x5b0
  364. [ 377.227360][ C0] vfs_fstatat+0x8c/0xb0
  365. [ 377.228045][ C0] __do_sys_newfstatat+0x91/0x110
  366. [ 377.228741][ C0] ? __do_compat_sys_newlstat+0x110/0x110
  367. [ 377.229430][ C0] ? syscall_enter_from_user_mode+0x1c/0x70
  368. [ 377.230151][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0
  369. [ 377.230838][ C0] ? rcu_read_lock_bh_held+0xb0/0xb0
  370. [ 377.231510][ C0] ? syscall_enter_from_user_mode+0x21/0x70
  371. [ 377.232242][ C0] do_syscall_64+0x35/0xb0
  372. [ 377.232770][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
  373. [ 377.233486][ C0] RIP: 0033:0x49d50a
  374. [ 377.233967][ C0] Code: e8 1b 99 fc ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48
  375. [ 377.236478][ C0] RSP: 002b:000000c0000e5d20 EFLAGS: 00000206 ORIG_RAX: 0000000000000106
  376. [ 377.238003][ C0] RAX: ffffffffffffffda RBX: 000000c000026f00 RCX: 000000000049d50a
  377. [ 377.239291][ C0] RDX: 000000c000e7c1d8 RSI: 000000c000e6d770 RDI: ffffffffffffff9c
  378. [ 377.240548][ C0] RBP: 000000c0000e5db0 R08: 0000000000000000 R09: 0000000000000000
  379. [ 377.241797][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 0000000000000000
  380. [ 377.243074][ C0] R13: 0000000000000000 R14: 000000c00b596820 R15: 0000000000000177
  381. [ 377.244358][ C0] </TASK>
  382. [ 377.244833][ C0] Kernel Offset: disabled
  383. [ 377.245377][ C0] Rebooting in 86400 seconds..
  384.  
  385. VM DIAGNOSIS:
  386. 21:52:50 Registers:
  387. info registers vcpu 0
  388. RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
  389. RSI=ffff888104ce5580 RDI=ffffffff8b943e60 RBP=ffffffff8b943e20 RSP=ffffc900000075e0
  390. R8 =ffffffff82575401 R9 =000000000000001f R10=0000000000000001 R11=fffff52000000eb7
  391. R12=0000000000000000 R13=000000000000003a R14=ffffffff8b943e20 R15=dffffc0000000000
  392. RIP=ffffffff8257542a RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
  393. ES =0000 0000000000000000 00000000 00000000
  394. CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
  395. SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
  396. DS =0000 0000000000000000 00000000 00000000
  397. FS =0000 000000c0007c0090 00000000 00000000
  398. GS =0000 ffff88811a800000 00000000 00000000
  399. LDT=0000 fffffe0000000000 00000000 00000000
  400. TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
  401. GDT= fffffe0000001000 0000007f
  402. IDT= fffffe0000000000 00000fff
  403. CR0=80050033 CR2=0000001b2c727000 CR3=0000000114d0f000 CR4=00350ef0
  404. DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
  405. DR6=00000000ffff0ff0 DR7=0000000000000400
  406. EFER=0000000000000d01
  407. FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
  408. FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
  409. FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
  410. FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
  411. FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
  412. XMM00=000000000000000040a30056fcee4c35 XMM01=00000000000000000000000000000000
  413. XMM02=00000000000000004160aa6f00000000 XMM03=000000000000000f000000c000e6d000
  414. XMM04=0000000000000010000000c000ed1b40 XMM05=000000000000000f000000c000e6d000
  415. XMM06=000000000000000f000000c000e6d020 XMM07=000000000000000f000000c000e6d040
  416. XMM08=000000000000000f000000c000e6d060 XMM09=000000000000000f000000c000e6d080
  417. XMM10=000000000000000d000000c000e6d0a0 XMM11=000000000000000d000000c000e6d0c0
  418. XMM12=000000000000000e000000c000e6d0e0 XMM13=0000000000000010000000c000e6cc00
  419. XMM14=000000000000000f000000c000e6cc10 XMM15=00000000000000000000000000000000
  420. info registers vcpu 1
  421. RAX=0000000000000000 RBX=0000000000000074 RCX=ffffffff81ef8066 RDX=0000000000000000
  422. RSI=ffff88810fa20000 RDI=0000000000000003 RBP=dffffc0000000000 RSP=ffffc9000d52f9a0
  423. R8 =0000000000000074 R9 =00000000000000ff R10=0000000000000003 R11=ffffed1020be8fb7
  424. R12=ffffc9000d52fad0 R13=ffff888105f47d00 R14=ffff888105f47db0 R15=0000000000000074
  425. RIP=ffffffff81ef8015 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
  426. ES =0000 0000000000000000 00000000 00000000
  427. CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
  428. SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
  429. DS =0000 0000000000000000 00000000 00000000
  430. FS =0000 000000c001260c90 00000000 00000000
  431. GS =0000 ffff88811a880000 00000000 00000000
  432. LDT=0000 fffffe0000000000 00000000 00000000
  433. TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
  434. GDT= fffffe0000048000 0000007f
  435. IDT= fffffe0000000000 00000fff
  436. CR0=80050033 CR2=00007ffe4727cc88 CR3=0000000114d0f000 CR4=00350ee0
  437. DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
  438. DR6=00000000ffff0ff0 DR7=0000000000000400
  439. EFER=0000000000000d01
  440. FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
  441. FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
  442. FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
  443. FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
  444. FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
  445. XMM00=0000000000000012000000c000ea0bd0 XMM01=0000000000000011000000c000ea0c30
  446. XMM02=0000000000000011000000c000ea0c90 XMM03=0000000000000011000000c000ea0cf0
  447. XMM04=0000000000000010000000c000dfa4b0 XMM05=0000000000000011000000c000ea0cf0
  448. XMM06=0000000000000011000000c000ea0d20 XMM07=0000000000000011000000c000ea0d50
  449. XMM08=0000000000000011000000c000ea0d80 XMM09=000000000000000e000000c000ee4990
  450. XMM10=000000000000000d000000c000ee49b0 XMM11=000000000000000d000000c000ee49d0
  451. XMM12=000000000000000d000000c000ee49f0 XMM13=0000000000000010000000c000dfa610
  452. XMM14=000000000000000f000000c000ee4910 XMM15=00000000000000000000000000000000
  453. info registers vcpu 2
  454. RAX=0000000000000001 RBX=0000000000000002 RCX=ffffffff81296781 RDX=0000000000000000
  455. RSI=0000000000000008 RDI=ffffffff89403a90 RBP=1ffff92001d3ff53 RSP=ffffc9000e9ffa88
  456. R8 =1ffff110213f1863 R9 =fffffbfff1280753 R10=ffffffff89403a97 R11=fffffbfff1280752
  457. R12=ffffffff880d0208 R13=dffffc0000000000 R14=ffffc9000e9ffd98 R15=0000000000000001
  458. RIP=ffffffff81296bb3 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
  459. ES =0000 0000000000000000 00000000 00000000
  460. CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
  461. SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
  462. DS =0000 0000000000000000 00000000 00000000
  463. FS =0000 0000555555e04980 00000000 00000000
  464. GS =0000 ffff88811a900000 00000000 00000000
  465. LDT=0000 fffffe0000000000 00000000 00000000
  466. TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
  467. GDT= fffffe000008f000 0000007f
  468. IDT= fffffe0000000000 00000fff
  469. CR0=80050033 CR2=00007ffc2a24fa90 CR3=00000001095a8000 CR4=00350ee0
  470. DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
  471. DR6=00000000ffff0ff0 DR7=0000000000000400
  472. EFER=0000000000000d01
  473. FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
  474. FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
  475. FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
  476. FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
  477. FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
  478. XMM00=00000000000f42400000000000000000 XMM01=000000000000000000000000000f4240
  479. XMM02=00007f5a45c5eb6000007f5a45c5eb48 XMM03=00007f5a45c5eb4000007f5a46bbc4e0
  480. XMM04=0000000000000000000000ff00000000 XMM05=00000000000000000000000000001000
  481. XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
  482. XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
  483. XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
  484. XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
  485. XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
  486. info registers vcpu 3
  487. RAX=1ffff92001adff72 RBX=0000000000000000 RCX=ffff88810f64d580 RDX=0000000000000081
  488. RSI=ffff88810f64d580 RDI=0000000000000002 RBP=ffff888104cd76c8 RSP=ffffc9000d6ff978
  489. R8 =ffffffff8180fd82 R9 =0000000000000000 R10=0000000000000005 R11=ffffed1022a836fe
  490. R12=0000000000000081 R13=ffffffff87956340 R14=000000044de31b79 R15=ffffc9000d6ffb60
  491. RIP=ffffffff814463a5 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
  492. ES =0000 0000000000000000 00000000 00000000
  493. CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
  494. SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
  495. DS =0000 0000000000000000 00000000 00000000
  496. FS =0000 000000c000ca0490 00000000 00000000
  497. GS =0000 ffff88811a980000 00000000 00000000
  498. LDT=0000 fffffe0000000000 00000000 00000000
  499. TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
  500. GDT= fffffe00000d6000 0000007f
  501. IDT= fffffe0000000000 00000fff
  502. CR0=80050033 CR2=00007f5a45bb6588 CR3=0000000114d0f000 CR4=00350ee0
  503. DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
  504. DR6=00000000ffff0ff0 DR7=0000000000000400
  505. EFER=0000000000000d01
  506. FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
  507. FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
  508. FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
  509. FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
  510. FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
  511. XMM00=000000000000000040a32df20a9205c0 XMM01=00000000000000000000000000000000
  512. XMM02=00000000000000004160d26f00000000 XMM03=000000000000000f000000c000f34bb0
  513. XMM04=0000000000000010000000c000f346d0 XMM05=000000000000000f000000c000f34bb0
  514. XMM06=000000000000000f000000c000f34bd0 XMM07=000000000000000f000000c000f34bf0
  515. XMM08=000000000000000f000000c000f34c10 XMM09=000000000000000f000000c000f34c30
  516. XMM10=000000000000000d000000c000f34c50 XMM11=000000000000000d000000c000f34c70
  517. XMM12=000000000000000e000000c000f34c90 XMM13=0000000000000010000000c000f347b0
  518. XMM14=000000000000000f000000c000f347c0 XMM15=00000000000000000000000000000000
  519.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!