From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754116AbcAORCd (ORCPT ); Fri, 15 Jan 2016 12:02:33 -0500 Received: from aserp1040.oracle.com ([141.146.126.69]:16607 "EHLO aserp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752245AbcAORCc (ORCPT ); Fri, 15 Jan 2016 12:02:32 -0500 From: Sasha Levin X-Enigmail-Draft-Status: N1110 To: Paolo Bonzini , Gleb Natapov Cc: LKML , LKML , Dmitry Vyukov , syzkaller Subject: kvm: using uninitialized var in tdp_page_fault Message-ID: <56992619.5030009@oracle.com> Date: Fri, 15 Jan 2016 12:02:17 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Source-IP: userv0021.oracle.com [156.151.31.71] Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi all, While fuzzing with syzkaller on the latest -next kernel running on a KVM tools guest, I've hit the following use of an uninitialized variable: [ 810.783676] UBSAN: Undefined behaviour in arch/x86/kvm/mmu.c:3502:6 [ 810.785650] load of value 179 is not a valid value for type '_Bool' [ 810.787554] CPU: 2 PID: 24676 Comm: syz-executor Tainted: G D 4.4.0-next-20160114-sasha-00021-gf1273d1-dirty #2798 [ 810.790792] 1ffff10018213e84 000000008c6fa2f9 ffff8800c109f4a0 ffffffff83433c4e [ 810.792954] 0000000041b58ab3 ffffffff8f960c38 ffffffff83433b86 ffff8800c109f468 [ 810.794776] 0000188300000001 000000008c6fa2f9 ffffffff8feb7a20 ffff8800c109f530 [ 810.796001] Call Trace: [ 810.796840] dump_stack (lib/dump_stack.c:52) [ 810.798243] ubsan_epilogue (lib/ubsan.c:165) [ 810.802976] __ubsan_handle_load_invalid_value (lib/ubsan.c:454) [ 810.806657] tdp_page_fault (arch/x86/kvm/mmu.c:3502) [ 810.809900] kvm_mmu_page_fault (arch/x86/kvm/mmu.c:4372) [ 810.810517] handle_ept_violation (arch/x86/kvm/vmx.c:5961) [ 810.812386] vmx_handle_exit (arch/x86/kvm/vmx.c:8183) [ 810.817389] vcpu_enter_guest (arch/x86/kvm/x86.c:6677) [ 810.831863] kvm_arch_vcpu_ioctl_run (arch/x86/kvm/x86.c:6741 arch/x86/kvm/x86.c:6894) [ 810.834138] kvm_vcpu_ioctl (arch/x86/kvm/../../../virt/kvm/kvm_main.c:2365) [ 810.840570] do_vfs_ioctl (fs/ioctl.c:44 fs/ioctl.c:674) [ 810.855017] SyS_ioctl (fs/ioctl.c:689 fs/ioctl.c:680) [ 810.856134] entry_SYSCALL_64_fastpath (arch/x86/entry/entry_64.S:186)