WARNING in ex_handler

Title	Replies (including bot)	Last reply
[PATCH 5.10 000/146] 5.10.46-rc1 review	164 (164)	2021/06/27 08:57
[PATCH 5.12 000/178] 5.12.13-rc1 review	185 (185)	2021/06/23 15:12
[patch V3 1/6] x86/fpu: Prevent state corruption in __fpu__restore_sig()	2 (2)	2021/06/09 14:46
[patch V3 5/6] x86/fpu: Add address range checks to copy_user_to_xstate()	2 (2)	2021/06/09 12:56
[patch V3 6/6] selftests/x86: Test signal frame XSTATE header corruption handling	3 (3)	2021/06/09 12:56
[patch V2 02/14] x86/fpu: Prevent state corruption in __fpu__restore_sig()	2 (2)	2021/06/07 08:49
[patch 2/8] x86/fpu: Prevent state corruption in __fpu__restore_sig()	4 (4)	2021/06/02 15:58
[syzbot] WARNING in ex_handler_fprestore	9 (11)	2021/05/31 17:46

syz-executor638[9087] bad frame in rt_sigreturn frame:00007f1dcdbbdbf8 ip:445bf9 sp:7f1dcdbbe188 orax:ffffffffffffffff in syz-executor638076058[401000+9a000] ------------[ cut here ]------------ Bad FPU state detected at copy_kernel_to_xregs arch/x86/include/asm/fpu/internal.h:344 [inline], reinitializing FPU registers. Bad FPU state detected at __copy_kernel_to_fpregs arch/x86/include/asm/fpu/internal.h:419 [inline], reinitializing FPU registers. Bad FPU state detected at copy_kernel_to_fpregs arch/x86/include/asm/fpu/internal.h:443 [inline], reinitializing FPU registers. Bad FPU state detected at __fpregs_load_activate arch/x86/include/asm/fpu/internal.h:514 [inline], reinitializing FPU registers. Bad FPU state detected at copy_fpstate_to_sigframe+0x4d2/0xae0 arch/x86/kernel/fpu/signal.c:191, reinitializing FPU registers. WARNING: CPU: 1 PID: 9087 at arch/x86/mm/extable.c:65 ex_handler_fprestore+0xf0/0x110 arch/x86/mm/extable.c:65 Modules linked in: CPU: 1 PID: 9087 Comm: syz-executor638 Not tainted 5.13.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:ex_handler_fprestore+0xf0/0x110 arch/x86/mm/extable.c:65 Code: e8 55 40 40 00 b8 01 00 00 00 5b 5d 41 5c c3 e8 46 40 40 00 48 89 de 48 c7 c7 c0 0c 69 89 c6 05 42 12 81 0c 01 e8 db 48 a1 07 <0f> 0b eb 90 48 89 df e8 94 c8 84 00 e9 3d ff ff ff e8 1a c9 84 00 RSP: 0018:ffffc9000227fa60 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffffffff812aeeb2 RCX: 0000000000000000 RDX: ffff88803031a100 RSI: ffffffff815c1805 RDI: fffff5200044ff3e RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffff815bb63e R11: 0000000000000000 R12: ffffffff8b23f7d8 R13: 000000000000000d R14: 0000000000000000 R15: 0000000000000000 FS: 00007f1dcdbbe700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000000 CR3: 0000000031055000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: fixup_exception+0x9a/0xd0 arch/x86/mm/extable.c:183 __exc_general_protection arch/x86/kernel/traps.c:567 [inline] exc_general_protection+0xed/0x2f0 arch/x86/kernel/traps.c:531 asm_exc_general_protection+0x1e/0x30 arch/x86/include/asm/idtentry.h:571 RIP: 0010:__fpregs_load_activate arch/x86/include/asm/fpu/internal.h:514 [inline] RIP: 0010:copy_fpstate_to_sigframe+0x4d2/0xae0 arch/x86/kernel/fpu/signal.c:191 Code: 58 e8 d2 22 49 00 48 c7 c0 c0 29 c9 8d 0f 1f 44 00 00 e8 c1 22 49 00 e8 bc 22 49 00 b8 ff ff ff ff 4c 89 e7 89 c2 48 0f ae 2f <e8> a9 22 49 00 65 4c 89 35 d1 00 d7 7e 0f 1f 44 00 00 e8 97 22 49 RSP: 0018:ffffc9000227fc08 EFLAGS: 00010293 RAX: 00000000ffffffff RBX: ffff88803031a100 RCX: 0000000000000000 RDX: 00000000ffffffff RSI: ffffffff812aeea4 RDI: ffff88803031b900 RBP: ffff88803031a100 R08: 0000000000000000 R09: 0000000000000001 R10: ffffffff812aee3b R11: 0000000000000000 R12: ffff88803031b900 R13: ffffed10060636f2 R14: ffff88803031b8c0 R15: 00007f1dcdbbddc0 get_sigframe.constprop.0.isra.0+0x429/0x730 arch/x86/kernel/signal.c:274 __setup_rt_frame arch/x86/kernel/signal.c:450 [inline] setup_rt_frame arch/x86/kernel/signal.c:702 [inline] handle_signal arch/x86/kernel/signal.c:746 [inline] arch_do_signal_or_restart+0xd9e/0x1eb0 arch/x86/kernel/signal.c:791 handle_signal_work kernel/entry/common.c:147 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x171/0x280 kernel/entry/common.c:208 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:301 do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:57 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x445bf9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f1dcdbbe188 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 00000000004cb408 RCX: 0000000000445bf9 RDX: 0000000080000002 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00000000004cb400 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004cb40c R13: 00007ffcd24a5bdf R14: 00007f1dcdbbe300 R15: 0000000000022000

Crashes (5):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Manager	Title
2021/05/31 17:45	upstream	8124c8a6b353	032639db	.config	console log	report	syz	C		ci-upstream-kasan-gce-selinux-root	WARNING in ex_handler_fprestore
2021/05/22 09:31	upstream	45af60e7ced0	3c7fef33	.config	console log	report	syz			ci-upstream-kasan-gce-smack-root	WARNING in ex_handler_fprestore
2021/05/31 13:47	upstream	8124c8a6b353	032639db	.config	console log	report			info	ci-upstream-kasan-gce-selinux-root	WARNING in ex_handler_fprestore
2021/05/25 14:04	upstream	a050a6d2b7e8	3c7fef33	.config	console log	report			info	ci-upstream-kasan-gce-root	WARNING in ex_handler_fprestore
2021/05/22 06:55	upstream	45af60e7ced0	3c7fef33	.config	console log	report			info	ci-upstream-kasan-gce-smack-root	WARNING in ex_handler_fprestore

Crashes (5):

Assets (help?)