Re: PANIC: double fault in fixup_bad_iret

From: Thomas Gleixner
Date: Fri May 29 2020 - 12:06:11 EST

Next message: Marcelo Ricardo Leitner: "Re: [PATCH 3/4] net: add a new bind_add method"
Previous message: Qais Yousef: "Re: [PATCH 1/2] sched/uclamp: Add a new sysctl to control RT default boost value"
In reply to: Thomas Gleixner: "Re: PANIC: double fault in fixup_bad_iret"
Next in thread: Peter Zijlstra: "Re: PANIC: double fault in fixup_bad_iret"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thomas Gleixner <tglx@xxxxxxxxxxxxx> writes:
> Dmitry Vyukov <dvyukov@xxxxxxxxxx> writes:
>> On Fri, May 29, 2020 at 3:14 PM syzbot
>> <syzbot+dc1fa714cb070b184db5@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>
>> From the reproducer it seems to be either x86 related or ptrace
>> related.
>>
>>> RIP: 0010:fixup_bad_iret+0x24/0x170 arch/x86/kernel/traps.c:665
>
> as a quick assumption that's related to KASAN in fixup_bad_iret() which
> is a frightenly bad idea. I'm about to verify.

Exactly as I assumed. With KASAN off, no problem, with KASAN on, insta
crash.

This function needs to be excluded from KASAN or any other of those
magic function. I need to walk the dogs first and will look into fixing
it later.

Thanks,

tglx

Next message: Marcelo Ricardo Leitner: "Re: [PATCH 3/4] net: add a new bind_add method"
Previous message: Qais Yousef: "Re: [PATCH 1/2] sched/uclamp: Add a new sysctl to control RT default boost value"
In reply to: Thomas Gleixner: "Re: PANIC: double fault in fixup_bad_iret"
Next in thread: Peter Zijlstra: "Re: PANIC: double fault in fixup_bad_iret"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]