syzbot

 sign-in | mailing list | source | docs
🐞 Open [1350]
Subsystems
🐞 Fixed [5806]
🐞 Invalid [14159]
Missing Backports [88]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING in kvm_timer_update_irq

Status: internal: reported C repro on 2024/10/22 01:20
Subsystems: kvmarm
[Documentation on labels]
Fix commit: KVM: arm64: Get rid of userspace_irqchip_in_use
Patched on: [ci-qemu-native-arm64-kvm ci-upstream-linux-next-kasan-gce-root], missing on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-snapshot-upstream-root ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb]
First crash: 18d, last: 5d21h

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 3281 at arch/arm64/kvm/arch_timer.c:459 kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
Modules linked in:
CPU: 0 UID: 0 PID: 3281 Comm: syz-executor320 Not tainted 6.12.0-rc1-syzkaller-g38ba0d2e5c2e #0
Hardware name: linux,dummy-virt (DT)
pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
lr : kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
sp : ffff80008c0c78f0
x29: ffff80008c0c7900 x28: 00000000000003c5 x27: 4af000000fb78268
x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000
x23: 0000000000000000 x22: faff8000898fb000 x21: 000000000000001e
x20: 4af000000fb78000 x19: 00000000fffffff0 x18: 0000000000000000
x17: 0000000000000000 x16: 00000000000000fa x15: 28f000000fe6c500
x14: 0000000000000000 x13: 0000000000000003 x12: 28f000000fe6ba80
x11: faff8000898fb000 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : 28f000000fe6ba80 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 4af000000fb79400 x3 : 0000000000000000
x2 : 000000000000001e x1 : 00000000fffffff0 x0 : 0000000000000000
Call trace:
 kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
 kvm_timer_vcpu_reset+0x158/0x684 arch/arm64/kvm/arch_timer.c:968
 kvm_reset_vcpu+0x3b4/0x560 arch/arm64/kvm/reset.c:264
 kvm_vcpu_set_target arch/arm64/kvm/arm.c:1553 [inline]
 kvm_arch_vcpu_ioctl_vcpu_init arch/arm64/kvm/arm.c:1573 [inline]
 kvm_arch_vcpu_ioctl+0x112c/0x1b3c arch/arm64/kvm/arm.c:1695
 kvm_vcpu_ioctl+0x4ec/0xf74 virt/kvm/kvm_main.c:4658
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl fs/ioctl.c:893 [inline]
 __arm64_sys_ioctl+0x108/0x184 fs/ioctl.c:893
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x78/0x1b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0xe8/0x1b0 arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x40/0x50 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x14c arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2254
hardirqs last  enabled at (2253): [<ffff8000839e70f0>] __raw_read_unlock_irqrestore include/linux/rwlock_api_smp.h:241 [inline]
hardirqs last  enabled at (2253): [<ffff8000839e70f0>] _raw_read_unlock_irqrestore+0x44/0x94 kernel/locking/spinlock.c:268
hardirqs last disabled at (2254): [<ffff8000839cee70>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:470
softirqs last  enabled at (2236): [<ffff80008001fc84>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (2234): [<ffff80008001fc50>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 3281 at arch/arm64/kvm/arch_timer.c:459 kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
Modules linked in:
CPU: 0 UID: 0 PID: 3281 Comm: syz-executor320 Tainted: G        W          6.12.0-rc1-syzkaller-g38ba0d2e5c2e #0
Tainted: [W]=WARN
Hardware name: linux,dummy-virt (DT)
pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
lr : kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
sp : ffff80008c0c78f0
x29: ffff80008c0c7900 x28: 00000000000003c5 x27: 4af000000fb78268
x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000
x23: 0000000000000000 x22: faff8000898fb000 x21: 000000000000001b
x20: 4af000000fb78000 x19: 00000000fffffff0 x18: 0000000000000000
x17: 0000000000000000 x16: 00000000000000fa x15: 28f000000fe6c500
x14: 0000000000000000 x13: 0000000000000003 x12: 28f000000fe6ba80
x11: faff8000898fb000 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : 28f000000fe6ba80 x7 : 0000000000000000 x6 : 000000000000003f
x5 : 0000000000000040 x4 : 4af000000fb79468 x3 : 0000000000000000
x2 : 000000000000001b x1 : 00000000fffffff0 x0 : 0000000000000000
Call trace:
 kvm_timer_update_irq+0x21c/0x394 arch/arm64/kvm/arch_timer.c:459
 kvm_timer_vcpu_reset+0x178/0x684 arch/arm64/kvm/arch_timer.c:968
 kvm_reset_vcpu+0x3b4/0x560 arch/arm64/kvm/reset.c:264
 kvm_vcpu_set_target arch/arm64/kvm/arm.c:1553 [inline]
 kvm_arch_vcpu_ioctl_vcpu_init arch/arm64/kvm/arm.c:1573 [inline]
 kvm_arch_vcpu_ioctl+0x112c/0x1b3c arch/arm64/kvm/arm.c:1695
 kvm_vcpu_ioctl+0x4ec/0xf74 virt/kvm/kvm_main.c:4658
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl fs/ioctl.c:893 [inline]
 __arm64_sys_ioctl+0x108/0x184 fs/ioctl.c:893
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x78/0x1b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0xe8/0x1b0 arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x40/0x50 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x14c arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2302
hardirqs last  enabled at (2301): [<ffff8000839d1044>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline]
hardirqs last  enabled at (2301): [<ffff8000839d1044>] exit_to_kernel_mode+0xdc/0x10c arch/arm64/kernel/entry-common.c:95
hardirqs last disabled at (2302): [<ffff8000839cee70>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:470
softirqs last  enabled at (2300): [<ffff800080162f50>] softirq_handle_end kernel/softirq.c:400 [inline]
softirqs last  enabled at (2300): [<ffff800080162f50>] handle_softirqs+0x698/0x6fc kernel/softirq.c:582
softirqs last disabled at (2257): [<ffff800080010a68>] __do_softirq+0x14/0x20 kernel/softirq.c:588
---[ end trace 0000000000000000 ]---

Crashes (10):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/23 15:55 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 38ba0d2e5c2e 15fa2979 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/27 09:04 upstream 850925a8133c 65e8686b .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm64-mte WARNING in kvm_timer_update_irq
2024/11/04 01:40 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme cc19e3405e85 f00eed24 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/31 06:17 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme cc19e3405e85 fb888278 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/30 18:07 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 2e5ea59d8ff4 f3a00767 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/28 20:05 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 2e5ea59d8ff4 b2c9a639 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/26 23:20 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 38ba0d2e5c2e 65e8686b .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/22 23:48 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 38ba0d2e5c2e 15fa2979 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/22 03:39 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 17a000564499 a93682b3 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
2024/10/22 01:19 git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm.git fuzzme 17a000564499 a93682b3 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-native-arm64-kvm WARNING in kvm_timer_update_irq
* Struck through repros no longer work on HEAD.