syzbot


general protection fault in kvm_pv_send_ipi

Status: upstream: reported syz repro on 2018/08/29 10:00
Reported-by: syzbot+86c0a866f80d88349f1f@syzkaller.appspotmail.com
First crash: 1406d, last: 1303d

Cause bisection: introduced by (bisect log) :
commit 653cd284a8a857ddfcf24f5bc3bd204a229f6c9f
Author: Vlad Buslov <vladbu@mellanox.com>
Date: Tue Aug 14 18:46:16 2018 +0000

  net: sched: always disable bh when taking tcf_lock

Crash: INFO: rcu detected stall in kvm_vcpu_ioctl (log)
Repro: syz .config

Fix bisection: fixed by (bisect log) [no-op commit]:
commit d55bda1b3e7c5a87f10da54fdda866a9a9cef30b
Author: Christian Hoff <christian_hoff@gmx.net>
Date: Mon Nov 12 19:11:29 2018 +0000

  Input: matrix_keypad - check for errors from of_get_named_gpio()


Sample crash report:
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
8021q: adding VLAN 0 to HW filter on device team0
L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 5556 Comm: syz-executor0 Not tainted 4.19.0-rc8+ #285
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:kvm_pv_send_ipi+0x364/0xdd0 arch/x86/kvm/lapic.c:574
Code: 45 84 ed 0f 84 da 07 00 00 e8 58 ad 65 00 48 8d 4b 14 48 b8 00 00 00 00 00 fc ff df 48 89 ca 48 89 8d 70 fe ff ff 48 c1 ea 03 <0f> b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 f5
RSP: 0018:ffff8801b92a7028 EFLAGS: 00010203
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000014
RDX: 0000000000000002 RSI: ffffffff8118fbf8 RDI: 0000000000000005
RBP: ffff8801b92a71c8 R08: ffff8801b91f6080 R09: 1ffffffff1273955
R10: ffffed003b5c4732 R11: ffff8801dae23993 R12: ffff8801b92a71a0
R13: 0000000000000001 R14: 0000000000000000 R15: ffff8801b92a7120
FS:  00007f3e3bdc6700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000001cbf3f000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 kvm_emulate_hypercall+0xa1a/0xf20 arch/x86/kvm/x86.c:6869
 handle_vmcall+0x15/0x20 arch/x86/kvm/vmx.c:7487
 vmx_handle_exit+0x2f7/0x17e0 arch/x86/kvm/vmx.c:10128
 vcpu_enter_guest+0x14a9/0x6380 arch/x86/kvm/x86.c:7667
 vcpu_run arch/x86/kvm/x86.c:7730 [inline]
 kvm_arch_vcpu_ioctl_run+0x375/0x16e0 arch/x86/kvm/x86.c:7930
 kvm_vcpu_ioctl+0x72b/0x1150 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2590
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:501 [inline]
 do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:685
 ksys_ioctl+0xa9/0xd0 fs/ioctl.c:702
 __do_sys_ioctl fs/ioctl.c:709 [inline]
 __se_sys_ioctl fs/ioctl.c:707 [inline]
 __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:707
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457569
Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f3e3bdc5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3e3bdc66d4
R13: 00000000004c0027 R14: 00000000004d0108 R15: 00000000ffffffff
Modules linked in:
kobject: 'kvm' (00000000af64627b): kobject_uevent_env
kobject: 'kvm' (00000000af64627b): fill_kobj_path: path = '/devices/virtual/misc/kvm'
---[ end trace dd36b70cd0d7584f ]---
RIP: 0010:kvm_pv_send_ipi+0x364/0xdd0 arch/x86/kvm/lapic.c:574
Code: 45 84 ed 0f 84 da 07 00 00 e8 58 ad 65 00 48 8d 4b 14 48 b8 00 00 00 00 00 fc ff df 48 89 ca 48 89 8d 70 fe ff ff 48 c1 ea 03 <0f> b6 14 02 48 89 c8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 f5
RSP: 0018:ffff8801b92a7028 EFLAGS: 00010203
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000014
RDX: 0000000000000002 RSI: ffffffff8118fbf8 RDI: 0000000000000005
RBP: ffff8801b92a71c8 R08: ffff8801b91f6080 R09: 1ffffffff1273955
R10: ffffed003b5c4732 R11: ffff8801dae23993 R12: ffff8801b92a71a0
R13: 0000000000000001 R14: 0000000000000000 R15: ffff8801b92a7120
FS:  00007f3e3bdc6700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbf0b287000 CR3: 00000001cbf3f000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (170):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2018/10/16 15:28 upstream f0a7d1883d9f 1ba7fd7e .config log report syz
ci-upstream-kasan-gce-smack-root 2018/10/16 15:02 upstream f0a7d1883d9f 1ba7fd7e .config log report syz
ci-upstream-kasan-gce 2018/10/16 15:00 upstream f0a7d1883d9f 1ba7fd7e .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/10/16 14:25 upstream f0a7d1883d9f 1ba7fd7e .config log report syz
ci-upstream-kasan-gce-smack-root 2018/09/12 01:16 upstream 11da3a7f84f1 4ae17b1f .config log report syz
ci-upstream-kasan-gce-smack-root 2018/09/12 00:30 upstream 11da3a7f84f1 4ae17b1f .config log report syz
ci-upstream-kasan-gce-smack-root 2018/09/12 00:01 upstream 11da3a7f84f1 4ae17b1f .config log report syz
ci-upstream-kasan-gce-root 2018/09/11 10:06 upstream 11da3a7f84f1 8c88323f .config log report syz
ci-upstream-kasan-gce-root 2018/09/11 09:10 upstream 11da3a7f84f1 8c88323f .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/09/10 23:05 upstream 11da3a7f84f1 f167cb6b .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/09/10 22:31 upstream 11da3a7f84f1 f167cb6b .config log report syz
ci-upstream-kasan-gce 2018/09/10 10:56 upstream 11da3a7f84f1 6b5120a4 .config log report syz
ci-upstream-kasan-gce 2018/09/10 05:39 upstream 9a5682765a2e 6b5120a4 .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/09/09 10:51 upstream f8f65382c98a 6b5120a4 .config log report syz
ci-upstream-kasan-gce 2018/09/09 07:09 upstream f8f65382c98a 6b5120a4 .config log report syz
ci-upstream-kasan-gce-root 2018/09/09 06:48 upstream f8f65382c98a 6b5120a4 .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/09/06 01:02 upstream b36fdc6853a3 873745f2 .config log report syz
ci-upstream-kasan-gce 2018/09/05 22:58 upstream 0e9b10395018 196410e4 .config log report syz
ci-upstream-kasan-gce-root 2018/09/05 22:29 upstream 0e9b10395018 196410e4 .config log report syz
ci-upstream-kasan-gce 2018/08/31 23:52 upstream 420f51f4ab6b a4718693 .config log report syz
ci-upstream-kasan-gce-root 2018/08/25 13:00 upstream 051935978432 9be5aa1d .config log report syz
ci-upstream-kasan-gce 2018/08/25 12:39 upstream 051935978432 9be5aa1d .config log report syz
ci-upstream-linux-next-kasan-gce-root 2018/10/16 17:27 linux-next 6d5d82417dd6 1ba7fd7e .config log report syz
ci-upstream-linux-next-kasan-gce-root 2018/09/05 22:56 linux-next f2b6e66e9885 196410e4 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2018/08/31 10:36 linux-next a880148cb2af a4718693 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2018/08/26 09:16 linux-next e27bc174c9c6 758cd203 .config log report syz
ci-upstream-kasan-gce-root 2018/11/27 04:28 upstream 6f8b52ba442c ac912200 .config log report
ci-upstream-kasan-gce-root 2018/11/26 02:30 upstream d6d460b89378 3d3ec907 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/24 11:35 upstream 7c98a4261827 ecc7c870 .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/24 00:42 upstream e6005d3c4233 eb9ed731 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/22 21:44 upstream edeca3a769ad 87815d9d .config log report
ci-upstream-kasan-gce 2018/11/22 10:16 upstream 92b419289cee 2ee77802 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/22 02:01 upstream 92b419289cee 9db828b5 .config log report
ci-upstream-kasan-gce-root 2018/11/21 14:22 upstream c8ce94b8fe53 5d9a3924 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/21 03:20 upstream 06e68fed3282 9aca6b52 .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/20 18:50 upstream 06e68fed3282 9aca6b52 .config log report
ci-upstream-kasan-gce-root 2018/11/20 10:05 upstream f2ce1065e767 9bc2a903 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/20 06:35 upstream f2ce1065e767 9bc2a903 .config log report
ci-upstream-kasan-gce 2018/11/19 17:28 upstream 9ff01193a20d adf636a8 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/19 06:53 upstream c67a98c00ea3 adf636a8 .config log report
ci-upstream-kasan-gce-root 2018/11/19 05:44 upstream c67a98c00ea3 adf636a8 .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/18 22:53 upstream c67a98c00ea3 adf636a8 .config log report
ci-upstream-kasan-gce 2018/11/18 11:14 upstream 1ce80e0fe98e adf636a8 .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/17 14:12 upstream 1ce80e0fe98e b08ee62a .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/16 02:36 upstream da5322e65940 3a41052e .config log report
ci-upstream-kasan-gce-smack-root 2018/11/15 09:32 upstream d41217aac0a5 5f5f6d14 .config log report
ci-upstream-kasan-gce 2018/11/14 09:10 upstream ccda4af0f4b9 5f5f6d14 .config log report
ci-upstream-kasan-gce 2018/11/13 12:23 upstream ccda4af0f4b9 5f5f6d14 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/12 16:37 upstream ccda4af0f4b9 7b5f8621 .config log report
ci-upstream-kasan-gce 2018/11/11 13:38 upstream e255aee5b66c f3c4e618 .config log report
ci-upstream-kasan-gce-root 2018/11/11 04:47 upstream ab6e1f378f54 f3c4e618 .config log report
ci-upstream-kasan-gce 2018/11/10 04:34 upstream 3541833fd1f2 f9815aaf .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/09 23:08 upstream 3541833fd1f2 f9815aaf .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/09 20:38 upstream 3541833fd1f2 f9815aaf .config log report
ci-upstream-kasan-gce-root 2018/11/08 18:39 upstream 85758777c2a2 e85d2a61 .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/08 14:52 upstream 85758777c2a2 e85d2a61 .config log report
ci-upstream-kasan-gce-selinux-root 2018/11/08 00:33 upstream e09d51adfbb1 e85d2a61 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/07 02:53 upstream 8053e5b93eca 8bd6bd63 .config log report
ci-upstream-kasan-gce 2018/11/06 16:23 upstream 163c8d54a997 8bd6bd63 .config log report
ci-upstream-kasan-gce 2018/11/04 08:28 upstream d2ff0ff2c23f 8bd6bd63 .config log report
ci-upstream-kasan-gce 2018/11/04 04:41 upstream d2ff0ff2c23f 8bd6bd63 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/04 02:16 upstream d2ff0ff2c23f 8bd6bd63 .config log report
ci-upstream-kasan-gce-smack-root 2018/11/03 01:09 upstream d81f50bd3464 8bd6bd63 .config log report
ci-upstream-kasan-gce 2018/08/25 08:52 upstream 051935978432 9be5aa1d .config log report
ci-upstream-linux-next-kasan-gce-root 2018/12/06 17:12 linux-next 442b8cea2477 3ab38479 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/12/05 09:53 linux-next 442b8cea2477 f162ad97 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/12/04 21:06 linux-next 442b8cea2477 6ad0ae61 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/12/03 08:29 linux-next 442b8cea2477 7dcaeaf3 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/12/02 12:36 linux-next 442b8cea2477 e0d8c853 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/29 06:22 linux-next 442b8cea2477 4b6d14f2 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/27 08:18 linux-next 442b8cea2477 ac912200 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/22 12:44 linux-next 442b8cea2477 2ee77802 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/22 06:51 linux-next 442b8cea2477 9db828b5 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/19 19:47 linux-next 442b8cea2477 adf636a8 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/12 23:42 linux-next 442b8cea2477 74dbb806 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/07 20:36 linux-next d881de30d29e e85d2a61 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/05 20:06 linux-next 55e5059cb572 8bd6bd63 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/04 18:35 linux-next 25e9471b6a27 8bd6bd63 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/03 22:48 linux-next 25e9471b6a27 8bd6bd63 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/03 14:59 linux-next 25e9471b6a27 8bd6bd63 .config log report