syzbot

 sign-in | mailing list | source | docs
🐞 Open [994] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12516] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:LINE

Status: fixed on 2018/01/27 03:35
Reported-by: syzbot+eb276410a47365e399ee50d68e73650cac178e0f@syzkaller.appspotmail.com
Fix commit: 4d772cb85f64 KVM: x86: fix em_fxstor() sleeping while in atomic
First crash: 2450d, last: 2344d

Sample crash report:
in_atomic(): 1, irqs_disabled(): 0, pid: 3016, name: syzkaller971759
INFO: lockdep is turned off.
CPU: 0 PID: 3016 Comm: syzkaller971759 Not tainted 4.13.0-rc4-next-20170811 #2
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:16 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:52
 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6014
 __might_sleep+0x95/0x190 kernel/sched/core.c:5967
 __might_fault+0xab/0x1d0 mm/memory.c:4383
 __copy_from_user include/linux/uaccess.h:71 [inline]
 paging32_walk_addr_generic+0x428/0x1e00 arch/x86/kvm/paging_tmpl.h:369
 paging32_walk_addr arch/x86/kvm/paging_tmpl.h:475 [inline]
 paging32_gva_to_gpa+0xa5/0x230 arch/x86/kvm/paging_tmpl.h:913
 kvm_read_guest_virt_helper+0xd8/0x140 arch/x86/kvm/x86.c:4399
 kvm_read_guest_virt_system+0x3c/0x50 arch/x86/kvm/x86.c:4466
 segmented_read_std+0x10c/0x180 arch/x86/kvm/emulate.c:819
 em_fxrstor+0x27b/0x410 arch/x86/kvm/emulate.c:4022
 x86_emulate_insn+0x55d/0x3c50 arch/x86/kvm/emulate.c:5471
 x86_emulate_instruction+0x411/0x1ca0 arch/x86/kvm/x86.c:5698
 kvm_mmu_page_fault+0x18b/0x2c0 arch/x86/kvm/mmu.c:4854
 handle_ept_violation+0x1fc/0x5e0 arch/x86/kvm/vmx.c:6400
 vmx_handle_exit+0x281/0x1aa0 arch/x86/kvm/vmx.c:8718
 vcpu_enter_guest arch/x86/kvm/x86.c:6999 [inline]
 vcpu_run arch/x86/kvm/x86.c:7061 [inline]
 kvm_arch_vcpu_ioctl_run+0x1cee/0x58b0 arch/x86/kvm/x86.c:7222
 kvm_vcpu_ioctl+0x64c/0x1010 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2591
 vfs_ioctl fs/ioctl.c:45 [inline]
 do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:685
 SYSC_ioctl fs/ioctl.c:700 [inline]
 SyS_ioctl+0x8f/0xc0 fs/ioctl.c:691
 entry_SYSCALL_64_fastpath+0x1f/0xbe
RIP: 0033:0x437fc9
RSP: 002b:00007ffea9688448 EFLAGS: 00000206 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000004002b0 RCX: 0000000000437fc9
RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000020ae8000
R10: 0000000000009120 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000004 R14: 0000000000000004 R15: 0000000020077000

Crashes (19609):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/08/14 18:59 linux-next 91dfed74eabc 6a0246bf .config console log report syz C ci-upstream-next-kasan-gce
2017/08/11 21:48 linux-next 91dfed74eabc 360f0528 .config console log report syz C ci-upstream-next-kasan-gce
2017/11/26 10:32 upstream 844056fd74eb 4bd70f88 .config console log report ci-upstream-kasan-gce-386
2017/11/23 06:46 net-next-old 0c86a6bd85ff ddf7b3e0 .config console log report ci-upstream-kasan-gce-386
2017/09/27 00:58 mmots 7d6bd8f1db70 c26ea367 .config console log report ci-upstream-mmots-kasan-gce
2017/09/16 22:44 mmots 720bbe532b7c c26ea367 .config console log report ci-upstream-mmots-kasan-gce
2017/09/16 00:04 linux-next 1f183459b514 da1873aa .config console log report skylake-linux-next-kasan-qemu
2017/09/14 03:57 linux-next 31fc38c47623 96b8e399 .config console log report skylake-linux-next-kasan-qemu
2017/09/14 00:21 linux-next 6f20b7a58cb9 96b8e399 .config console log report skylake-linux-next-kasan-qemu
2017/09/13 15:37 linux-next 6f20b7a58cb9 96b8e399 .config console log report skylake-linux-next-kasan-qemu
2017/09/12 02:00 mmots 114c278181ca 96b8e399 .config console log report ci-upstream-mmots-kasan-gce
2017/09/07 05:48 linux-next e9fcbcd00963 0ed1da4a .config console log report skylake-linux-next-kasan-qemu
2017/09/06 08:17 linux-next e9fcbcd00963 0ed1da4a .config console log report skylake-linux-next-kasan-qemu
2017/09/06 02:57 linux-next 744c56def809 0ed1da4a .config console log report skylake-linux-next-kasan-qemu
2017/09/02 22:39 linux-next 1d53d908b79d a54dce00 .config console log report ci-upstream-next-kasan-gce
2017/09/02 12:58 linux-next 1d53d908b79d a54dce00 .config console log report ci-upstream-next-kasan-gce
2017/08/27 19:41 linux-next 7159188b70e3 4074aed7 .config console log report skylake-linux-next-kasan-qemu
2017/08/27 10:48 linux-next 7159188b70e3 4074aed7 .config console log report skylake-linux-next-kasan-qemu
2017/08/21 21:17 linux-next bb70832dd42b f238fbd4 .config console log report ci-upstream-next-kasan-gce
2017/08/21 21:04 linux-next bb70832dd42b f238fbd4 .config console log report ci-upstream-next-kasan-gce
2017/08/19 15:27 linux-next bb70832dd42b f238fbd4 .config console log report ci-upstream-next-kasan-gce
2017/08/18 08:48 linux-next bb70832dd42b f238fbd4 .config console log report ci-upstream-next-kasan-gce
2017/08/17 00:19 linux-next 5d51332f20b2 f93be584 .config console log report skylake-linux-next-kasan-qemu
2017/08/15 22:38 linux-next 497247033eb1 6a0246bf .config console log report skylake-linux-next-kasan-qemu
* Struck through repros no longer work on HEAD.