syzbot


WARNING in handle_exception_nmi (2)

Status: upstream: reported C repro on 2022/02/22 05:18
Reported-by: syzbot+4688c50a9c8e68e7aaa1@syzkaller.appspotmail.com
First crash: 348d, last: 2d01h

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: WARNING in handle_exception_nmi (log)
Repro: C syz .config

Fix bisection: the fix commit could be any of (bisect log):
  7a68065eb9cd Merge tag 'gpio-fixes-for-v5.19-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux
  3cc40a443a04 Merge tag 'nios2_fixes_v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/dinguyen/linux
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in handle_exception_nmi C error done 2653 848d 852d 17/24 fixed on 2020/11/16 12:12

Sample crash report:
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
------------[ cut here ]------------
WARNING: CPU: 0 PID: 3634 at arch/x86/kvm/vmx/vmx.c:5130 handle_exception_nmi+0xd1a/0xe40 arch/x86/kvm/vmx/vmx.c:5130
Modules linked in:
CPU: 0 PID: 3634 Comm: syz-executor482 Not tainted 6.1.0-rc8-syzkaller-00164-g4cee37b3a4e6 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:handle_exception_nmi+0xd1a/0xe40 arch/x86/kvm/vmx/vmx.c:5130
Code: ef e8 fa e9 fd ff 31 ff 89 c3 89 c6 e8 5f ea 5c 00 85 db 0f 85 3b ff ff ff e8 a2 ed 5c 00 0f 0b e9 2f ff ff ff e8 96 ed 5c 00 <0f> 0b e9 60 fb ff ff 41 bd 00 40 00 00 e9 00 ff ff ff 48 8b 7c 24
RSP: 0018:ffffc90003a7fac8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: ffff8880245fba80 RSI: ffffffff8123306a RDI: 0000000000000001
RBP: ffff888020708000 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000020c2c748
R13: 0000000000000000 R14: 0000000080000300 R15: ffff88807d4b0000
FS:  00005555565ef300(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000560d1a2662b8 CR3: 000000007819c000 CR4: 00000000003526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __vmx_handle_exit arch/x86/kvm/vmx/vmx.c:6447 [inline]
 vmx_handle_exit+0x48c/0x18d0 arch/x86/kvm/vmx/vmx.c:6464
 vcpu_enter_guest+0x373e/0x5a10 arch/x86/kvm/x86.c:10866
 vcpu_run arch/x86/kvm/x86.c:10969 [inline]
 kvm_arch_vcpu_ioctl_run+0xa62/0x2b40 arch/x86/kvm/x86.c:11190
 kvm_vcpu_ioctl+0x574/0xfc0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4087
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl fs/ioctl.c:856 [inline]
 __x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f742964edb9
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc52c989f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f742964edb9
RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
RBP: 00007f7429612810 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f74296128a0
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>

Crashes (10):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kasan-gce 2022/12/11 19:45 upstream 4cee37b3a4e6 67be1ae7 .config strace log report syz C [disk image] [vmlinux] [kernel image] WARNING in handle_exception_nmi
ci-upstream-kasan-gce-smack-root 2022/09/17 03:40 upstream 6879c2d3b960 dd9a85ff .config strace log report syz C WARNING in handle_exception_nmi
ci-upstream-kasan-gce-smack-root 2022/09/15 15:24 upstream 3245cb65fd91 dd9a85ff .config strace log report syz C [disk image] [vmlinux] WARNING in handle_exception_nmi
ci-upstream-kasan-gce-smack-root 2022/09/15 14:48 upstream 3245cb65fd91 dd9a85ff .config strace log report syz C [disk image] [vmlinux] WARNING in handle_exception_nmi
ci-upstream-kasan-gce 2022/06/12 07:34 upstream 7a68065eb9cd 0d5abf15 .config strace log report syz C WARNING in handle_exception_nmi
ci-upstream-linux-next-kasan-gce-root 2023/01/30 14:01 linux-next e2f86c02fdc9 9dfcf09c .config console log report syz C [disk image] [vmlinux] [kernel image] WARNING in handle_exception_nmi
ci-upstream-linux-next-kasan-gce-root 2022/08/29 05:25 linux-next 8d0c42c9e807 07177916 .config strace log report syz C WARNING in handle_exception_nmi
ci-upstream-linux-next-kasan-gce-root 2022/08/29 04:53 linux-next 8d0c42c9e807 07177916 .config strace log report syz C WARNING in handle_exception_nmi
ci-upstream-kasan-gce 2022/12/07 20:42 upstream 8ed710da2873 d88f3abb .config console log report info [disk image] [vmlinux] [kernel image] WARNING in handle_exception_nmi
ci-qemu-upstream 2022/02/18 05:11 upstream 80d47f5de5e3 3cd800e4 .config console log report info WARNING in handle_exception_nmi
* Struck through repros no longer work on HEAD.