syzbot


KCSAN: data-race in install_new_memslots / mmio_info_in_cache

Status: closed as invalid on 2020/06/18 14:24
Subsystems: kvm
[Documentation on labels]
First crash: 1615d, last: 1379d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in install_new_memslots / mmio_info_in_cache

write to 0xffff88811fa46000 of 8 bytes by task 13797 on cpu 0:
 install_new_memslots+0xe9/0x130 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1077
 kvm_set_memslot+0x800/0xb70 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1153
 __kvm_set_memory_region+0x91c/0xc20 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1300
 kvm_set_memory_region+0x31/0x50 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1321
 kvm_vm_ioctl_set_memory_region arch/x86/kvm/../../../virt/kvm/kvm_main.c:1333 [inline]
 kvm_vm_ioctl+0x662/0x18b0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3604
 vfs_ioctl fs/ioctl.c:47 [inline]
 ksys_ioctl+0x101/0x150 fs/ioctl.c:763
 __do_sys_ioctl fs/ioctl.c:772 [inline]
 __se_sys_ioctl fs/ioctl.c:770 [inline]
 __x64_sys_ioctl+0x47/0x60 fs/ioctl.c:770
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88811fa46000 of 8 bytes by task 13786 on cpu 1:
 vcpu_match_mmio_gen arch/x86/kvm/x86.h:183 [inline]
 vcpu_match_mmio_gpa arch/x86/kvm/x86.h:211 [inline]
 mmio_info_in_cache+0x131/0x1d0 arch/x86/kvm/mmu/mmu.c:3944
 handle_mmio_page_fault arch/x86/kvm/mmu/mmu.c:4005 [inline]
 kvm_mmu_page_fault+0x27c/0xac0 arch/x86/kvm/mmu/mmu.c:5440
 handle_ept_misconfig+0xbc/0x240 arch/x86/kvm/vmx/vmx.c:5214
 vmx_handle_exit+0x1de/0xfe0 arch/x86/kvm/vmx/vmx.c:5980
 vcpu_enter_guest+0xc00/0x3740 arch/x86/kvm/x86.c:8481
 vcpu_run arch/x86/kvm/x86.c:8544 [inline]
 kvm_arch_vcpu_ioctl_run+0x281/0xd60 arch/x86/kvm/x86.c:8766
 kvm_vcpu_ioctl+0x70b/0x9d0 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3138
 vfs_ioctl fs/ioctl.c:47 [inline]
 ksys_ioctl+0x101/0x150 fs/ioctl.c:763
 __do_sys_ioctl fs/ioctl.c:772 [inline]
 __se_sys_ioctl fs/ioctl.c:770 [inline]
 __x64_sys_ioctl+0x47/0x60 fs/ioctl.c:770
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 13786 Comm: syz-executor.1 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (38):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/17 18:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 b6c46f43 .config console log report ci2-upstream-kcsan-gce
2020/06/03 02:13 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f3ba1b5b .config console log report ci2-upstream-kcsan-gce
2020/05/26 23:28 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/05/24 13:28 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 ce7ca010 .config console log report ci2-upstream-kcsan-gce
2020/05/21 02:03 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4afdfa20 .config console log report ci2-upstream-kcsan-gce
2020/05/12 22:45 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a44eb8f7 .config console log report ci2-upstream-kcsan-gce
2020/05/10 11:01 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 8742a2b9 .config console log report ci2-upstream-kcsan-gce
2020/05/06 13:26 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4618eb2d .config console log report ci2-upstream-kcsan-gce
2020/04/20 06:09 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9f7c6d12 .config console log report ci2-upstream-kcsan-gce
2020/04/15 02:33 https://github.com/google/ktsan.git kcsan 40959e34d670 3f3c5574 .config console log report ci2-upstream-kcsan-gce
2020/04/03 18:47 https://github.com/google/ktsan.git kcsan 40959e34d670 5ed396e6 .config console log report ci2-upstream-kcsan-gce
2020/03/21 03:20 https://github.com/google/ktsan.git kcsan 40959e34d670 2c31c529 .config console log report ci2-upstream-kcsan-gce
2020/02/23 08:32 https://github.com/google/ktsan.git kcsan 766d004d1b85 2c36e7a7 .config console log report ci2-upstream-kcsan-gce
2020/02/19 10:07 https://github.com/google/ktsan.git kcsan b12d66a6c34f 135c18aa .config console log report ci2-upstream-kcsan-gce
2020/02/16 04:15 https://github.com/google/ktsan.git kcsan b12d66a6c34f 5d7b90f1 .config console log report ci2-upstream-kcsan-gce
2020/02/09 19:03 https://github.com/google/ktsan.git kcsan f60f0f543333 6ece2ea5 .config console log report ci2-upstream-kcsan-gce
2020/02/02 16:54 https://github.com/google/ktsan.git kcsan 245a43005292 93e5e335 .config console log report ci2-upstream-kcsan-gce
2020/02/02 00:30 https://github.com/google/ktsan.git kcsan 245a43005292 2274ad39 .config console log report ci2-upstream-kcsan-gce
2020/01/27 16:36 https://github.com/google/ktsan.git kcsan 245a43005292 56cd6c9b .config console log report ci2-upstream-kcsan-gce
2020/01/26 13:16 https://github.com/google/ktsan.git kcsan 245a43005292 f4e7270e .config console log report ci2-upstream-kcsan-gce
2020/01/16 13:49 https://github.com/google/ktsan.git kcsan 245a43005292 3de7aabb .config console log report ci2-upstream-kcsan-gce
2020/01/15 22:34 https://github.com/google/ktsan.git kcsan 245a43005292 f9b69507 .config console log report ci2-upstream-kcsan-gce
2020/01/15 13:59 https://github.com/google/ktsan.git kcsan 245a43005292 fa12bd3c .config console log report ci2-upstream-kcsan-gce
2020/01/14 08:21 https://github.com/google/ktsan.git kcsan 245a43005292 32881205 .config console log report ci2-upstream-kcsan-gce
2020/01/01 16:37 https://github.com/google/ktsan.git kcsan 245a43005292 25a0186e .config console log report ci2-upstream-kcsan-gce
2019/12/28 21:25 https://github.com/google/ktsan.git kcsan 245a43005292 af6b8ef8 .config console log report ci2-upstream-kcsan-gce
2019/12/26 00:05 https://github.com/google/ktsan.git kcsan 245a43005292 be5c2c81 .config console log report ci2-upstream-kcsan-gce
2019/12/19 16:45 https://github.com/google/ktsan.git kcsan 245a43005292 36650b4b .config console log report ci2-upstream-kcsan-gce
2019/12/11 08:57 https://github.com/google/ktsan.git kcsan ef798c30ba4e 101194eb .config console log report ci2-upstream-kcsan-gce
2019/12/10 00:12 https://github.com/google/ktsan.git kcsan ef798c30ba4e b31eda3d .config console log report ci2-upstream-kcsan-gce
2019/12/01 21:22 https://github.com/google/ktsan.git kcsan ef798c30ba4e f879db37 .config console log report ci2-upstream-kcsan-gce
2019/11/18 03:06 https://github.com/google/ktsan.git kcsan 5863cc791e4c d5696d51 .config console log report ci2-upstream-kcsan-gce
2019/11/11 11:20 https://github.com/google/ktsan.git kcsan 94c006602e13 dc438b91 .config console log report ci2-upstream-kcsan-gce
2019/11/09 13:35 https://github.com/google/ktsan.git kcsan 94c006602e13 1e35461e .config console log report ci2-upstream-kcsan-gce
2019/11/04 00:54 https://github.com/google/ktsan.git kcsan 05f2236801fe b35fad31 .config console log report ci2-upstream-kcsan-gce
2019/11/03 09:37 https://github.com/google/ktsan.git kcsan 05f2236801fe c9610487 .config console log report ci2-upstream-kcsan-gce
2019/11/02 23:40 https://github.com/google/ktsan.git kcsan 05f2236801fe d603afc9 .config console log report ci2-upstream-kcsan-gce
2019/10/26 09:33 https://github.com/google/ktsan.git kcsan 05f2236801fe 413926c5 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.