On Thu, 5 Sep 2019 at 21:11, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx> wrote: > > Wanpeng Li <kernellwp@xxxxxxxxx> writes: > > > On Thu, 5 Sep 2019 at 16:53, syzbot > > <syzbot+dff25ee91f0c7d5c1695@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > >> > >> Hello, > >> > >> syzbot found the following crash on: > >> > >> HEAD commit: 3b47fd5c Merge tag 'nfs-for-5.3-4' of git://git.linux-nfs... > >> git tree: upstream > >> console output: https://syzkaller.appspot.com/x/log.txt?x=124af12a600000 > >> kernel config: https://syzkaller.appspot.com/x/.config?x=144488c6c6c6d2b6 > >> dashboard link: https://syzkaller.appspot.com/bug?extid=dff25ee91f0c7d5c1695 > >> compiler: clang version 9.0.0 (/home/glider/llvm/clang > >> 80fee25776c2fb61e74c1ecb1a523375c2500b69) > >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10954676600000 > >> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1752fe0a600000 > >> > >> The bug was bisected to: > >> > >> commit 0aa67255f54df192d29aec7ac6abb1249d45bda7 > >> Author: Vitaly Kuznetsov <vkuznets@xxxxxxxxxx> > >> Date: Mon Nov 26 15:47:29 2018 +0000 > >> > >> x86/hyper-v: move synic/stimer control structures definitions to > >> hyperv-tlfs.h > >> > >> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=156128c1600000 > >> console output: https://syzkaller.appspot.com/x/log.txt?x=136128c1600000 > >> > >> IMPORTANT: if you fix the bug, please add the following tag to the commit: > >> Reported-by: syzbot+dff25ee91f0c7d5c1695@xxxxxxxxxxxxxxxxxxxxxxxxx > >> Fixes: 0aa67255f54d ("x86/hyper-v: move synic/stimer control structures > >> definitions to hyperv-tlfs.h") > >> > >> kvm [9347]: vcpu0, guest rIP: 0xcc Hyper-V uhandled wrmsr: 0x40000004 data > >> 0x94 > >> kvm [9347]: vcpu0, guest rIP: 0xcc Hyper-V uhandled wrmsr: 0x40000004 data > >> 0x48c > >> kvm [9347]: vcpu0, guest rIP: 0xcc Hyper-V uhandled wrmsr: 0x40000004 data > >> 0x4ac > >> kvm [9347]: vcpu0, guest rIP: 0xcc Hyper-V uhandled wrmsr: 0x40000005 data > >> 0x1520 > >> kvm [9347]: vcpu0, guest rIP: 0xcc Hyper-V uhandled wrmsr: 0x40000006 data > >> 0x15d4 > >> kvm [9347]: vcpu0, guest rIP: 0xcc Hyper-V uhandled wrmsr: 0x40000007 data > >> 0x15c4 > >> kasan: CONFIG_KASAN_INLINE enabled > >> kasan: GPF could be caused by NULL-ptr deref or user memory access > >> general protection fault: 0000 [#1] PREEMPT SMP KASAN > >> CPU: 0 PID: 9347 Comm: syz-executor665 Not tainted 5.3.0-rc7+ #0 > >> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS > >> Google 01/01/2011 > >> RIP: 0010:__apic_accept_irq+0x46/0x740 arch/x86/kvm/lapic.c:1029 > > > > Thanks for the report, I found the root cause, will send a patch soon. > > > > I'm really interested in how any issue can be caused by 0aa67255f54d as > we just moved some definitions from a c file to a common header... (ok, > we did more than that, some structures gained '__packed' but it all > still seems legitimate to me and I can't recall any problems with > genuine Hyper-V...) Yes, the bisect is false positive, we can focus on fixing the bug. Wanpeng