[syzbot] KASAN: slab-out-of-bounds Read in riscv_intc_irq

Dmitry Vyukov dvyukov at google.com
Thu Mar 18 15:00:05 GMT 2021


On Thu, Mar 18, 2021 at 3:50 PM Kefeng Wang <wangkefeng.wang at huawei.com> wrote:
> >> On 2021/3/14 18:47, Dmitry Vyukov wrote:
> >>> On Sun, Mar 14, 2021 at 11:14 AM syzbot
> >>> <syzbot+005654dd9b8f26bd4c07 at syzkaller.appspotmail.com> wrote:
> >>>> Hello,
> >>>>
> >>>> syzbot found the following issue on:
> >>>>
> >>>> HEAD commit:    0d7588ab riscv: process: Fix no prototype for arch_dup_tas..
> >>>> git tree:       git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes
> >>>> console output: https://syzkaller.appspot.com/x/log.txt?x=15a35756d00000
> >>>> kernel config:  https://syzkaller.appspot.com/x/.config?x=81c0b708b31626cc
> >>>> dashboard link: https://syzkaller.appspot.com/bug?extid=005654dd9b8f26bd4c07
> >>>> userspace arch: riscv64
> >>>>
> >>>> Unfortunately, I don't have any reproducer for this issue yet.
> >>>>
> >>>> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> >>>> Reported-by: syzbot+005654dd9b8f26bd4c07 at syzkaller.appspotmail.com
> >>>>
> >>>> ==================================================================
> >>>> BUG: KASAN: slab-out-of-bounds in riscv_intc_irq+0x24/0xcc drivers/irqchip/irq-riscv-intc.c:24
> >>>> Read of size 8 at addr ffffffe00c963bd0 by task kworker/1:1/4388
> >>>>
> >>>> CPU: 1 PID: 4388 Comm: kworker/1:1 Not tainted 5.12.0-rc2-syzkaller-00467-g0d7588ab9ef9 #0
> >>>> Hardware name: riscv-virtio,qemu (DT)
> >>>> Workqueue: events nsim_dev_trap_report_work
> >>>> Call Trace:
> >>>> [<ffffffe0000096c0>] walk_stackframe+0x0/0x23c arch/riscv/kernel/traps.c:201
> >>>>
> >>>> Allocated by task 76347056:
> >>>> (stack is not available)
> >>>>
> >>>> Last potentially related work creation:
> >>> There seems to be some issue with riscv stack unwinder.
> >>> This does not have stacks.
> >> Hi, could you test with the following  patch about the no stack
> >> issue(from v5.11-rc4), I made a mistake when do some cleanup...
> >>
> >> https://lore.kernel.org/linux-riscv/ce5b3533-b75d-c31c-4319-9d29769bbbd5@huawei.com/T/#t
> > Hi Kefeng,
> >
> > Please see:
> > http://bit.do/syzbot#no-custom-patches
> >
> > Is a unit-test for this possible? Fuzzing is not a replacement for unit testing.
>
> ok, I mean that the issue about stack unwinder which may cause by my
> previous patch,
>
> if some one want the stack back, it could try the bugfix.

Everybody wants the stack back!
Good, let's wait when it's merged and we will see stacks in all kernel
testing systems.





> --
> You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe at googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/093ff4d1-3977-1085-404f-ec46a3b1d8f0%40huawei.com.



More information about the linux-riscv mailing list