lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 2 Jul 2015 11:18:10 -0400 (EDT)
From:	Vince Weaver <vincent.weaver@...ne.edu>
To:	linux-kernel@...r.kernel.org
cc:	Peter Zijlstra <peterz@...radead.org>,
	Ingo Molnar <mingo@...hat.com>,
	Arnaldo Carvalho de Melo <acme@...nel.org>,
	Stephane Eranian <eranian@...il.com>
Subject: perf: fuzzer triggered warning in intel_pmu_drain_pebs_nhm()


So sad to say the lack of fuzzer reports was because I was out of town for 
a bit, not due to the kernel suddenly getting amazingly better.

In any case I am running against current git and getting a lot of 
warnings, but most of them seem to be old ones.  This following one looks 
new though.

This is current linus-git on a Haswell machine with peterz's patch to fix 
the aux buffer spinlock recursion (I can still crash the kernel if that 
patch is not applied).

It corresponds to:

	WARN_ON_ONCE(!event->attr.precise_ip);

[  584.352324] WARNING: CPU: 2 PID: 18924 at arch/x86/kernel/cpu/perf_event_intel_ds.c:1198 intel_pmu_drain_pebs_nhm+0x283/0x2e0()
[  584.364649] Modules linked in: fuse x86_pkg_temp_thermal intel_powerclamp intel_rapl iosf_mbi coretemp kvm_intel kvm snd_hda_codec_hdmi crct10dif_pclmul crc32_pclmul ghash_clmulni_intel hmac drbg i915 ansi_cprng snd_hda_codec_realtek snd_hda_codec_generic iTCO_wdt ppdev snd_hda_intel snd_hda_codec aesni_intel aes_x86_64 snd_hda_core lrw evdev snd_hwdep drm_kms_helper drm psmouse iTCO_vendor_support snd_pcm gf128mul glue_helper ablk_helper serio_raw pcspkr cryptd snd_timer i2c_i801 processor battery video snd mei_me parport_pc i2c_algo_bit button soundcore lpc_ich mfd_core tpm_tis mei parport tpm wmi sg sr_mod sd_mod cdrom ehci_pci ehci_hcd ahci libahci libata xhci_pci xhci_hcd e1000e ptp usbcore crc32c_intel fan scsi_mod pps_core usb_common thermal thermal_sys
[  584.440755] CPU: 2 PID: 18924 Comm: perf_fuzzer Tainted: G        W       4.1.0+ #160
[  584.449736] Hardware name: LENOVO 10AM000AUS/SHARKBAY, BIOS FBKT72AUS 01/26/2014
[  584.458241]  ffffffff81a100e0 ffff8800cd793898 ffffffff8169e763 0000000000000000
[  584.466868]  0000000000000000 ffff8800cd7938d8 ffffffff8106ecba ffffffff810b7806
[  584.475466]  0000000000000000 0000000000000001 ffff88011ea8bd80 ffff8801190400c0
[  584.484101] Call Trace:
[  584.487287]  [<ffffffff8169e763>] dump_stack+0x45/0x57
[  584.493360]  [<ffffffff8106ecba>] warn_slowpath_common+0x8a/0xc0
[  584.500393]  [<ffffffff810b7806>] ? __lock_acquire.isra.31+0x3a6/0xf90
[  584.507953]  [<ffffffff8106edaa>] warn_slowpath_null+0x1a/0x20
[  584.514770]  [<ffffffff8102f783>] intel_pmu_drain_pebs_nhm+0x283/0x2e0
[  584.522287]  [<ffffffff8102ec48>] intel_pmu_drain_pebs_buffer+0x18/0x20
[  584.529870]  [<ffffffff8115bb9b>] ? ___perf_sw_event+0x13b/0x170
[  584.536856]  [<ffffffff811569e8>] ? perf_pmu_sched_task+0xa8/0x140
[  584.543978]  [<ffffffff810303c1>] ? intel_pmu_pebs_disable_all+0x31/0x40
[  584.551590]  [<ffffffff81030a49>] ? __intel_pmu_disable_all+0x49/0x70
[  584.559021]  [<ffffffff81030064>] intel_pmu_pebs_sched_task+0x14/0x20
[  584.566387]  [<ffffffff8103070d>] intel_pmu_sched_task+0x3d/0x40
[  584.573311]  [<ffffffff81028646>] x86_pmu_sched_task+0x16/0x20
[  584.580002]  [<ffffffff81156a01>] perf_pmu_sched_task+0xc1/0x140
[  584.586954]  [<ffffffff8115695e>] ? perf_pmu_sched_task+0x1e/0x140
[  584.594023]  [<ffffffff81158596>] __perf_event_task_sched_out+0x66/0x4c0
[  584.601657]  [<ffffffff810b641d>] ? __lock_is_held+0x4d/0x70
[  584.608184]  [<ffffffff816a0a07>] __schedule+0x427/0xa50
[  584.614334]  [<ffffffff816a1067>] schedule+0x37/0x80
[  584.620114]  [<ffffffff816a502c>] schedule_timeout+0x1bc/0x250
[  584.626829]  [<ffffffff816a2228>] ? wait_for_completion+0x28/0x100
[  584.633877]  [<ffffffff816a22be>] ? wait_for_completion+0xbe/0x100
[  584.640955]  [<ffffffff816a22c6>] wait_for_completion+0xc6/0x100
[  584.647842]  [<ffffffff81098cb0>] ? wake_up_q+0x70/0x70
[  584.653888]  [<ffffffff810d63c0>] ? call_rcu_bh+0x20/0x20
[  584.660135]  [<ffffffff810d2fcd>] wait_rcu_gp+0x5d/0x80
[  584.666191]  [<ffffffff810d2f10>] ? trace_raw_output_rcu_utilization+0x60/0x60
[  584.674389]  [<ffffffff81152156>] ? perf_unpin_context+0x16/0x30
[  584.681272]  [<ffffffff810d52eb>] synchronize_sched+0x3b/0x50
[  584.687867]  [<ffffffff8113d998>] perf_trace_event_unreg.isra.1+0x38/0x90
[  584.695620]  [<ffffffff8113dcec>] perf_trace_destroy+0x3c/0x50
[  584.702349]  [<ffffffff81152d79>] tp_perf_event_destroy+0x9/0x10
[  584.709207]  [<ffffffff81158ed1>] _free_event+0xc1/0x250
[  584.715306]  [<ffffffff811591ff>] free_event+0x1f/0x50
[  584.721224]  [<ffffffff8115c8e0>] SYSC_perf_event_open+0x400/0xd40
[  584.728289]  [<ffffffff8105f89b>] ? __do_page_fault+0x1ab/0x3f0
[  584.735056]  [<ffffffff8115d699>] SyS_perf_event_open+0x9/0x10
[  584.741649]  [<ffffffff816a64b2>] entry_SYSCALL_64_fastpath+0x16/0x7a
[  584.748915] ---[ end trace e3d880444bf5705b ]---

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ