x86: Mark the trapframe as initialized in ipi_bitmap_handler()

Otherwise KASAN may generate false positives if the trapframe was written into a poisoned region of the stack. Reported by: pho Reported by: syzbot+ee60455cd58e6eed20c9@syzkaller.appspotmail.com Reported by: syzbot+be5f9df26426ace3a00c@syzkaller.appspotmail.com Sponsored by: The FreeBSD Foundation
2026-06-09 00:32:25 -04:00 · 2021-07-09 20:38:18 -04:00 · 2021-07-09 20:38:18 -04:00 · 36226163fa
commit 36226163fa
parent 5d243d41b1
1 changed files with 3 additions and 0 deletions
--- a/sys/x86/x86/mp_x86.c
+++ b/sys/x86/x86/mp_x86.c
@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$");

 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/asan.h>
 #include <sys/bus.h>
 #include <sys/cons.h>	/* cngetc() */
 #include <sys/cpuset.h>
@ -1279,6 +1280,8 @@ ipi_bitmap_handler(struct trapframe frame)
 	int cpu = PCPU_GET(cpuid);
 	u_int ipi_bitmap;

+	kasan_mark(&frame, sizeof(frame), sizeof(frame), 0);
+
 	td = curthread;
 	ipi_bitmap = atomic_readandclear_int(&cpuid_to_pcpu[cpu]->
 	    pc_ipi_bitmap);