syzbot


BUG: unable to handle kernel paging request in mmu_page_zap_pte
Status: upstream: reported syz repro on 2018/10/24 10:52
Reported-by: syzbot+ba439f0471266afef763@syzkaller.appspotmail.com
First crash: 1324d, last: 1180d

Cause bisection: failed (bisect log)

Fix bisection: failed (bisect log)
Patch testing requests:
Created Duration User Patch Repo Result
2020/07/10 02:19 0m brookebasile@gmail.com git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git e60b5f79 error

Sample crash report:
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
BUG: unable to handle kernel paging request at ffff888093442000
#PF error: [PROT] [WRITE] [RSVD]
PGD b201067 P4D b201067 PUD 21ffff067 PMD 80000000934001e3 
Oops: 000b [#1] PREEMPT SMP KASAN
CPU: 0 PID: 7656 Comm: syz-executor.0 Not tainted 5.0.0-rc7+ #86
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__write_once_size include/linux/compiler.h:220 [inline]
RIP: 0010:__update_clear_spte_fast arch/x86/kvm/mmu.c:547 [inline]
RIP: 0010:mmu_spte_clear_no_track arch/x86/kvm/mmu.c:848 [inline]
RIP: 0010:drop_parent_pte arch/x86/kvm/mmu.c:2040 [inline]
RIP: 0010:mmu_page_zap_pte+0x18a/0x250 arch/x86/kvm/mmu.c:2618
Code: 8b 73 28 4c 89 e7 48 83 c6 48 e8 b1 3f ff ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a4 00 00 00 <49> c7 04 24 00 00 00 00 41 be 01 00 00 00 e9 fd fe ff ff e8 9e 4a
RSP: 0018:ffff88808e3bfb40 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffffea00025ae940 RCX: ffffffff810ed6cb
RDX: 1ffff11012688400 RSI: ffffffff810ed6f4 RDI: 0000000000000007
RBP: ffff88808e3bfb68 R08: ffff8880916c2500 R09: ffffed1015d05bd0
R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: ffff888093442000
R13: 0000000000000004 R14: ffffc90006043000 R15: 0000000000000000
FS:  00000000013f2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff888093442000 CR3: 000000008dd7a000 CR4: 00000000001426f0
Call Trace:
 kvm_mmu_page_unlink_children arch/x86/kvm/mmu.c:2635 [inline]
 kvm_mmu_prepare_zap_page+0x163/0x1170 arch/x86/kvm/mmu.c:2679
 kvm_zap_obsolete_pages arch/x86/kvm/mmu.c:5844 [inline]
 kvm_mmu_invalidate_zap_all_pages+0x3ca/0x550 arch/x86/kvm/mmu.c:5885
 kvm_arch_flush_shadow_all+0x16/0x20 arch/x86/kvm/x86.c:9465
 kvm_mmu_notifier_release+0x5c/0x90 arch/x86/kvm/../../../virt/kvm/kvm_main.c:494
 mmu_notifier_unregister+0x137/0x410 mm/mmu_notifier.c:356
 kvm_destroy_vm arch/x86/kvm/../../../virt/kvm/kvm_main.c:744 [inline]
 kvm_put_kvm+0x553/0xc70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:769
 kvm_vcpu_release+0x7b/0xa0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2495
 __fput+0x2df/0x8d0 fs/file_table.c:278
 ____fput+0x16/0x20 fs/file_table.c:309
 task_work_run+0x14a/0x1c0 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_usermode_loop+0x273/0x2c0 arch/x86/entry/common.c:166
 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:268 [inline]
 do_syscall_64+0x52d/0x610 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x411d31
Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 94 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:00007ffe73c67380 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000006 RCX: 0000000000411d31
RDX: 0000000000000000 RSI: 0000000000740528 RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000740520 R09: 000000000000c38e
R10: 00007ffe73c672a0 R11: 0000000000000293 R12: 0000000000000000
R13: 0000000000000001 R14: 0000000000000005 R15: 0000000000000000
Modules linked in:
CR2: ffff888093442000
---[ end trace a5c3cbabd59bc178 ]---
RIP: 0010:__write_once_size include/linux/compiler.h:220 [inline]
RIP: 0010:__update_clear_spte_fast arch/x86/kvm/mmu.c:547 [inline]
RIP: 0010:mmu_spte_clear_no_track arch/x86/kvm/mmu.c:848 [inline]
RIP: 0010:drop_parent_pte arch/x86/kvm/mmu.c:2040 [inline]
RIP: 0010:mmu_page_zap_pte+0x18a/0x250 arch/x86/kvm/mmu.c:2618
Code: 8b 73 28 4c 89 e7 48 83 c6 48 e8 b1 3f ff ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a4 00 00 00 <49> c7 04 24 00 00 00 00 41 be 01 00 00 00 e9 fd fe ff ff e8 9e 4a
RSP: 0018:ffff88808e3bfb40 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffffea00025ae940 RCX: ffffffff810ed6cb
RDX: 1ffff11012688400 RSI: ffffffff810ed6f4 RDI: 0000000000000007
RBP: ffff88808e3bfb68 R08: ffff8880916c2500 R09: ffffed1015d05bd0
R10: ffffed1015d05bcf R11: ffff8880ae82de7b R12: ffff888093442000
R13: 0000000000000004 R14: ffffc90006043000 R15: 0000000000000000
FS:  00000000013f2940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff888093442000 CR3: 000000008dd7a000 CR4: 00000000001426f0

Crashes (74):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2019/02/24 14:30 upstream e60b5f79bd75 7a06e792 .config log report syz
ci-upstream-kasan-gce-root 2019/02/14 23:07 upstream 23e93c9b2cde 76dd003f .config log report syz
ci-upstream-kasan-gce 2019/02/14 21:40 upstream 23e93c9b2cde 76dd003f .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/10/27 22:00 upstream 345671ea0f92 8efba39a .config log report syz
ci-upstream-kasan-gce 2018/10/27 21:35 upstream 345671ea0f92 8efba39a .config log report syz
ci-upstream-kasan-gce-root 2018/10/25 12:04 upstream 01aa9d518eae a8292de9 .config log report syz
ci-upstream-kasan-gce 2018/10/25 12:01 upstream 01aa9d518eae a8292de9 .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/10/25 11:59 upstream 01aa9d518eae a8292de9 .config log report syz
ci-upstream-kasan-gce-smack-root 2018/10/24 04:18 upstream 44786880df19 a8292de9 .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/10/24 04:17 upstream 44786880df19 a8292de9 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2018/10/24 03:22 linux-next 8c60c36d0b8c a8292de9 .config log report syz
ci-upstream-kasan-gce-smack-root 2019/03/03 15:47 upstream c027c7cf1577 1c0e457a .config log report
ci-upstream-kasan-gce-root 2019/02/26 07:21 upstream 7d762d69145a 8022bafd .config log report
ci-upstream-kasan-gce-selinux-root 2019/02/25 07:23 upstream c3619a482e15 7a06e792 .config log report
ci-upstream-kasan-gce-selinux-root 2019/02/23 09:26 upstream cb268d806972 18107ce0 .config log report
ci-upstream-kasan-gce-smack-root 2019/02/22 12:13 upstream 8a61716ff2ab 6a5fcca4 .config log report
ci-upstream-kasan-gce-selinux-root 2019/02/18 20:52 upstream a3b22b9f11d9 59f36113 .config log report
ci-upstream-kasan-gce 2019/02/16 01:22 upstream 5ded5871030e f42dee6d .config log report
ci-upstream-kasan-gce-smack-root 2019/02/14 11:53 upstream 1f947a7a011f 6a46f448 .config log report
ci-upstream-kasan-gce 2019/02/10 08:02 upstream df3865f8f568 b4f792e4 .config log report
ci-upstream-kasan-gce-root 2019/02/09 12:06 upstream 46c291e277f9 fa6c7b70 .config log report
ci-upstream-kasan-gce-root 2019/02/07 13:25 upstream b0314565da2b aa4feb03 .config log report
ci-upstream-kasan-gce-root 2019/02/05 13:49 upstream 8834f5600cf3 d672172c .config log report
ci-upstream-kasan-gce-selinux-root 2019/02/02 06:32 upstream 5eeb63359b1e 564f9a4f .config log report
ci-upstream-kasan-gce-smack-root 2019/01/29 20:32 upstream 4aa9fc2a435a aa432daf .config log report
ci-upstream-kasan-gce-smack-root 2019/01/27 04:54 upstream ba6069759381 c73f090a .config log report
ci-upstream-kasan-gce 2019/01/23 07:53 upstream 787a3b432276 b1ff06b2 .config log report
ci-upstream-kasan-gce 2019/01/20 05:00 upstream b0efca46b570 353f32ea .config log report
ci-upstream-kasan-gce 2019/01/19 00:08 upstream d7393226d15a 2103a236 .config log report
ci-upstream-kasan-gce 2019/01/10 18:06 upstream ba422731316d db9b6579 .config log report
ci-upstream-kasan-gce 2019/01/06 09:39 upstream f1c2f8857c5a 53be0a37 .config log report
ci-upstream-kasan-gce 2019/01/02 20:00 upstream 8e143b90e4d4 f0491811 .config log report
ci-upstream-kasan-gce-root 2018/12/27 06:08 upstream eed9688f8513 e747ec98 .config log report
ci-upstream-kasan-gce 2018/12/19 18:20 upstream 62393dbcbe0f fe2dc057 .config log report
ci-upstream-kasan-gce 2018/12/14 02:58 upstream 65e08c5e8631 fe7127be .config log report
ci-upstream-kasan-gce-selinux-root 2018/12/12 04:55 upstream f5d582777bcb 7795ae03 .config log report
ci-upstream-kasan-gce-selinux-root 2018/12/06 18:20 upstream cf76c364a1e1 3ab38479 .config log report
ci-upstream-kasan-gce-root 2018/12/05 05:48 upstream 0072a0c14d5b f162ad97 .config log report
ci-upstream-kasan-gce 2018/12/04 09:26 upstream 0072a0c14d5b 03f94a45 .config log report
ci-upstream-kasan-gce-root 2018/11/30 20:13 upstream 94f371cb7394 ade12e91 .config log report
ci-upstream-kasan-gce 2018/11/27 08:00 upstream 6f8b52ba442c ac912200 .config log report
ci-upstream-kasan-gce 2018/11/26 20:51 upstream 2e6e902d1850 ac912200 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/15 21:38 upstream da5322e65940 3a41052e .config log report
ci-upstream-kasan-gce-smack-root 2018/11/09 20:50 upstream 3541833fd1f2 f9815aaf .config log report
ci-upstream-kasan-gce-smack-root 2018/11/05 16:55 upstream 651022382c7f 8bd6bd63 .config log report
ci-upstream-kasan-gce 2018/10/27 20:08 upstream 345671ea0f92 8efba39a .config log report
ci-upstream-kasan-gce 2018/10/25 03:45 upstream 01aa9d518eae a8292de9 .config log report
ci-upstream-kasan-gce-smack-root 2018/10/21 03:57 upstream b0d04fb56b31 ecb386fe .config log report
ci-upstream-kasan-gce-root 2018/10/20 19:53 upstream 270b77a0f30e ecb386fe .config log report
ci-upstream-kasan-gce-smack-root 2018/10/18 06:37 upstream c343db455eb3 b2695b95 .config log report
ci-upstream-kasan-gce-root 2018/10/13 04:58 upstream bab5c80b2110 caf12900 .config log report
ci-upstream-kasan-gce-root 2018/10/12 16:19 upstream 90ad18418c2d caf12900 .config log report
ci-upstream-kasan-gce-root 2018/10/12 16:06 upstream 90ad18418c2d caf12900 .config log report
ci-upstream-kasan-gce-root 2018/10/10 08:27 upstream 3d647e62686f 8b311eaf .config log report
ci-upstream-kasan-gce-root 2018/10/10 04:38 upstream 64c5e530ac2c 8b311eaf .config log report
ci-upstream-linux-next-kasan-gce-root 2019/02/08 01:36 linux-next 1bd831d68d55 aa4feb03 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/01/30 18:16 linux-next 02495e76ded5 aa432daf .config log report
ci-upstream-linux-next-kasan-gce-root 2019/01/24 03:52 linux-next 5b74ce505631 56558f63 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/01/03 18:22 linux-next a4983672f9ca 66fcd29b .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/27 11:42 linux-next 8c60c36d0b8c a8292de9 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/24 01:44 linux-next 8c60c36d0b8c a8292de9 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/19 06:15 linux-next 9bab64345e83 9aba67b5 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/16 23:21 linux-next 6d5d82417dd6 1ba7fd7e .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/15 02:00 linux-next 774ea0551a29 caf12900 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/14 16:35 linux-next 774ea0551a29 caf12900 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/14 05:41 linux-next 774ea0551a29 caf12900 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/13 06:32 linux-next 774ea0551a29 caf12900 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/12 05:10 linux-next 771b65e89c8a ba6ddb43 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/11 17:03 linux-next 771b65e89c8a 5f818b4b .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/11 06:20 linux-next 771b65e89c8a 5f818b4b .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/11 05:32 linux-next 7f3049305d22 5f818b4b .config log report
ci-upstream-linux-next-kasan-gce-root 2018/10/10 07:31 linux-next 7f3049305d22 8b311eaf .config log report