syzbot


general protection fault in reset_interrupt

Status: auto-closed as invalid on 2022/05/18 03:42
Reported-by: syzbot+b1f15b24307fd6df6021@syzkaller.appspotmail.com
First crash: 389d, last: 312d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in reset_interrupt (2) C 2 172d 171d 0/24 auto-obsoleted due to no activity on 2022/10/04 11:19

Sample crash report:
c3 00                                            ..
status=d0
fdc_busy=0
cont=0000000000000000
current_req=0000000000000000
command_status=-1
general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
CPU: 0 PID: 9 Comm: kworker/u16:0 Not tainted 5.16.0-syzkaller #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
Workqueue: floppy floppy_work_workfn
RIP: 0010:reset_interrupt.cold+0x3d/0x88 drivers/block/floppy.c:1790
Code: e8 cf f9 ff ff e9 21 fe 64 fb e8 f9 da 60 f8 48 8b 1d 22 3d 65 07 b8 ff ff 37 00 48 c1 e0 2a 48 8d 7b 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 3e 48 8b 73 10 48 c7 c7 20 9d 1e 8a e8 89 3b eb ff
RSP: 0018:ffffc900005cfd10 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000002 RSI: ffffffff8915f317 RDI: 0000000000000010
RBP: ffffffff8c6a6a40 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff847af196 R11: 0000000000000000 R12: 0000000000000001
R13: ffffc900005cfdb0 R14: ffff888011850600 R15: ffff888010c75800
FS:  0000000000000000(0000) GS:ffff88802ca00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000555556222708 CR3: 0000000075d34000 CR4: 0000000000150ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 process_one_work+0x9b2/0x1660 kernel/workqueue.c:2298
 worker_thread+0x65d/0x1130 kernel/workqueue.c:2445
 kthread+0x405/0x4f0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
Modules linked in:
---[ end trace aaa6d7e78d3de1c8 ]---
RIP: 0010:reset_interrupt.cold+0x3d/0x88 drivers/block/floppy.c:1790
Code: e8 cf f9 ff ff e9 21 fe 64 fb e8 f9 da 60 f8 48 8b 1d 22 3d 65 07 b8 ff ff 37 00 48 c1 e0 2a 48 8d 7b 10 48 89 fa 48 c1 ea 03 <80> 3c 02 00 75 3e 48 8b 73 10 48 c7 c7 20 9d 1e 8a e8 89 3b eb ff
RSP: 0018:ffffc900005cfd10 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000002 RSI: ffffffff8915f317 RDI: 0000000000000010
RBP: ffffffff8c6a6a40 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff847af196 R11: 0000000000000000 R12: 0000000000000001
R13: ffffc900005cfdb0 R14: ffff888011850600 R15: ffff888010c75800
FS:  0000000000000000(0000) GS:ffff88802ca00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000555556222708 CR3: 0000000075d34000 CR4: 0000000000150ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	e8 cf f9 ff ff       	callq  0xfffff9d4
   5:	e9 21 fe 64 fb       	jmpq   0xfb64fe2b
   a:	e8 f9 da 60 f8       	callq  0xf860db08
   f:	48 8b 1d 22 3d 65 07 	mov    0x7653d22(%rip),%rbx        # 0x7653d38
  16:	b8 ff ff 37 00       	mov    $0x37ffff,%eax
  1b:	48 c1 e0 2a          	shl    $0x2a,%rax
  1f:	48 8d 7b 10          	lea    0x10(%rbx),%rdi
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
* 2a:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1) <-- trapping instruction
  2e:	75 3e                	jne    0x6e
  30:	48 8b 73 10          	mov    0x10(%rbx),%rsi
  34:	48 c7 c7 20 9d 1e 8a 	mov    $0xffffffff8a1e9d20,%rdi
  3b:	e8 89 3b eb ff       	callq  0xffeb3bc9

Crashes (12):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-qemu-upstream 2022/01/10 23:37 upstream 133d9c53c9dc ddb0ab8c .config log report info general protection fault in reset_interrupt
ci-qemu-upstream 2021/11/27 18:56 upstream c5c17547b778 63eeac02 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream 2021/11/25 02:24 upstream 5f53fa508db0 545ab074 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream 2021/11/17 02:47 upstream 8ab774587903 cafff8b6 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2022/01/18 03:41 upstream 0c947b893d69 731a2d23 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2022/01/16 06:28 upstream a33f5c380c4b 723cfaf0 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2021/12/06 15:11 upstream 0fcfb00b28c0 579a8754 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2021/12/05 07:50 upstream 79a72162048e a617004c .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2021/12/03 08:12 upstream a51e3ac43ddb 61f86278 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2021/11/28 00:03 upstream 741392771338 63eeac02 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2021/11/26 14:31 upstream b501b85957de 63eeac02 .config log report info general protection fault in reset_interrupt
ci-qemu-upstream-386 2021/11/02 06:02 upstream e66435936756 098b5d53 .config log report info general protection fault in reset_interrupt
* Struck through repros no longer work on HEAD.