| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Jan 2016 12:33:24 +0800
From: kernel test robot <fengguang.wu@...el.com>
To: Andi Kleen <ak@...ux.intel.com>
Cc: LKP <lkp@...org>, linux-kernel@...r.kernel.org,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>, wfg@...ux.intel.com
Subject: [perf/x86] 75925e1ad7: BUG: unable to handle kernel paging
request at 000045b8
Greetings,
0day kernel testing robot got the below dmesg and the first bad commit is
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
commit 75925e1ad7f5a4e867bd14ff8e7f114ea1596434
Author: Andi Kleen <ak@...ux.intel.com>
AuthorDate: Thu Oct 22 15:07:21 2015 -0700
Commit: Ingo Molnar <mingo@...nel.org>
CommitDate: Mon Nov 23 09:58:25 2015 +0100
perf/x86: Optimize stack walk user accesses
Change the perf user stack walking to use the new
__copy_from_user_nmi(), and split each access into word sized transfer
sizes. This allows to inline the complete access and optimize it all
into a single load.
The main advantage is that this avoids the overhead of double page
faults. When normal copy_from_user() fails it reexecutes the copy to
compute an accurate number of non copied bytes. This leads to
executing the expensive page fault twice.
While walking stacks having a fault at some point is relatively common
(typically when some part of the program isn't compiled with frame
pointers), so this is a large overhead.
With the optimized copies we avoid this problem because they only do
all accesses once. And of course they're much faster too when the
access does not fault because they're just single instructions instead
of complex function calls.
While profiling a kernel build with -g, the patch brings down the
average time of the PMI handler from 966ns to 552ns (-43%).
Signed-off-by: Andi Kleen <ak@...ux.intel.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
Cc: Arnaldo Carvalho de Melo <acme@...hat.com>
Cc: Jiri Olsa <jolsa@...hat.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Mike Galbraith <efault@....de>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Stephane Eranian <eranian@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Vince Weaver <vincent.weaver@...ne.edu>
Link: http://lkml.kernel.org/r/1445551641-13379-2-git-send-email-andi@firstfloor.org
Signed-off-by: Ingo Molnar <mingo@...nel.org>
+-------------------------------------------------------+------------+------------+------------+
| | 10013ebb5d | 75925e1ad7 | f4b8c83d98 |
+-------------------------------------------------------+------------+------------+------------+
| boot_successes | 910 | 302 | 52 |
| boot_failures | 0 | 8 | 2 |
| Oops | 0 | 8 | 2 |
| EIP_is_at_perf_prepare_sample | 0 | 8 | |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 6 | 1 |
| backtrace:iterate_dir | 0 | 3 | |
| backtrace:SyS_getdents64 | 0 | 3 | |
| BUG:unable_to_handle_kernel | 0 | 3 | 2 |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 2 | 1 |
| EIP_is_at_end | 0 | 0 | 2 |
+-------------------------------------------------------+------------+------------+------------+
[main] Setsockopt(1 29 80d3000 a3) on fd 380 [9:5:0]
[main] 375 sockets created based on info from socket cachefile.
[main] Generating file descriptors
[ 13.207214] BUG: unable to handle kernel paging request at 000045b8
[ 13.207885] IP: [<7fe9212f>] perf_prepare_sample+0x7d/0x283
[ 13.208435] *pde = 00000000
[ 13.208810] Oops: 0000 [#1] DEBUG_PAGEALLOC
[ 13.209253] Modules linked in:
[ 13.209626] CPU: 0 PID: 2662 Comm: trinity-main Not tainted 4.4.0-rc2-00045-g75925e1 #231
[ 13.210447] task: 82b00f40 ti: 81cfa000 task.ti: 81cfa000
[ 13.211012] EIP: 0060:[<7fe9212f>] EFLAGS: 00010206 CPU: 0
[ 13.211616] EIP is at perf_prepare_sample+0x7d/0x283
[ 13.212094] EAX: 000045b8 EBX: 81cfbbe8 ECX: 81cfbe98 EDX: 00000001
[ 13.212806] ESI: 81cfbcc0 EDI: 829dc800 EBP: 81cfbbdc ESP: 81cfbbc0
[ 13.213420] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
[ 13.213969] CR0: 80050033 CR2: 000045b8 CR3: 08c25000 CR4: 00000690
[ 13.214610] DR0: 087b0998 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 13.215201] DR6: ffff0ff0 DR7: 00000600
[ 13.215657] Stack:
[ 13.215859] 00389c48 00000000 0000ffff 0000e164 829dc800 81cfbcc0 00000000 81cfbc10
[ 13.216745] 7fe92352 81cfbe98 00000009 00300001 00000000 022352c0 8926d4a0 00000002
[ 13.217629] 8068a6e0 8926d480 829dc800 00000000 81cfbc30 7fe924ee 00000000 81cfbcc0
[ 13.218560] Call Trace:
[ 13.218803] [<7fe92352>] perf_event_output+0x1d/0x54
[ 13.219287] [<7fe924ee>] __perf_event_overflow+0x165/0x1d2
[ 13.219856] [<7fe92c52>] perf_swevent_overflow+0x46/0x60
[ 13.220383] [<7fe92d2e>] perf_swevent_event+0xc2/0xcc
[ 13.220906] [<80000000>] ? __key_link_begin+0x33/0xc5
[ 13.221450] [<7fe930db>] ___perf_sw_event+0x1f7/0x207
[ 13.221966] [<7fe068ed>] ? sched_clock+0x9/0xc
[ 13.222402] [<7fe4f08d>] ? local_clock+0x19/0x1c
[ 13.222882] [<7fe8d51b>] ? __perf_event_header__init_id+0x76/0xb2
[ 13.223544] [<7fe9ae34>] ? __alloc_pages_nodemask+0xda/0x549
[ 13.224088] [<7fe4c729>] ? ___might_sleep+0x2b/0xe8
[ 13.224615] [<7fe4c729>] ? ___might_sleep+0x2b/0xe8
[ 13.225084] [<7fe9e421>] ? __lru_cache_add+0x11/0x42
[ 13.225610] [<7fe9e6e4>] ? lru_cache_add+0x47/0x49
[ 13.226078] [<7fea9706>] ? handle_mm_fault+0x51d/0xc1e
[ 13.226613] [<7fe93122>] __perf_sw_event+0x37/0x4e
[ 13.227081] [<7fe93122>] ? __perf_sw_event+0x37/0x4e
[ 13.227600] [<7fe28dc7>] __do_page_fault+0x326/0x333
[ 13.228132] [<7fe2719b>] ? kvm_async_pf_task_wake+0xed/0xed
[ 13.228720] [<7fe28e7e>] do_page_fault+0x1a/0x1e
[ 13.229169] [<7fe271bd>] do_async_page_fault+0x22/0x3c
[ 13.229705] [<8034b44c>] error_code+0x30/0x38
[ 13.230137] [<80050000>] ? rb_erase+0x1e6/0x212
[ 13.230628] [<7fe2719b>] ? kvm_async_pf_task_wake+0xed/0xed
[ 13.231172] [<7fec772d>] ? filldir64+0x64/0xe1
[ 13.231617] [<7fed4ee8>] dcache_readdir+0xef/0x143
[ 13.232084] [<7fec7905>] iterate_dir+0x79/0xf7
[ 13.232528] [<7fec7be0>] SyS_getdents64+0x6c/0xb0
[ 13.232986] [<7fec76c9>] ? SyS_ioctl+0x64/0x64
[ 13.233431] [<7fe00f71>] do_syscall_32_irqs_on+0x3e/0x50
[ 13.233980] [<8034ab57>] entry_INT80_32+0x27/0x27
[ 13.234448] [<80340000>] ? rawsock_create+0x84/0xf3
[ 13.234959] Code: e8 59 de f7 ff c7 46 3c 00 00 00 00 89 46 38 f6 45 f0 20 74 20 8b 55 08 89 f8 e8 de 21 00 00 85 c0 89 46 68 ba 01 00 00 00 74 03 <8b> 10 42 c1 e2 03 66 01 53 06 f7 45 f0 00 04 00 00 74 21 8b 56
[ 13.237775] EIP: [<7fe9212f>] perf_prepare_sample+0x7d/0x283 SS:ESP 0068:81cfbbc0
[ 13.238575] CR2: 00000000000045b8
[ 13.238897] ---[ end trace d702bb6773bf582d ]---
[ 13.239343] Kernel panic - not syncing: Fatal exception
git bisect start f4b8c83d98967021814647eae93530a480700737 afd2ff9b7e1b367172f18ba7f693dfb62bdcb2dc --
git bisect bad 46f2bd9763de28d178c8dcfa8630e0bc839a84fb # 09:23 0- 3 Merge 'fdmanana/integration-4.5' into devel-spot-201601220840
git bisect bad 84974ba0e47e0e0c344c7dc74adae0aa44188c8e # 09:31 0- 1 Merge 'jpoimboe/delme9' into devel-spot-201601220840
git bisect bad 78c56d960fd10d87e1bcc36682eaa676fa2ed3f7 # 09:35 24- 8 Merge 'linux-review/Oreste-Salerno/Add-device-tree-support-to-the-cyttsp-driver/20160122-062511' into devel-spot-201601220840
git bisect bad a22ebd705e45aa37d1ceae3a89e557b08a03e2d3 # 09:43 0- 2 Merge 'linux-review/Iyappan-Subramanian/drivers-net-xgene-fix-extra-IRQ-issue/20160122-081154' into devel-spot-201601220840
git bisect bad 3cec603763516feb2a6ff10885e9deee36e11923 # 09:46 0- 1 Merge 'sparc/master' into devel-spot-201601220840
git bisect good c8a13705129a19fe5a9c7be3b2e331c7b56372ed # 09:53 238+ 0 0day base guard for 'devel-spot-201601220840'
git bisect bad 77a76b04d2be1c45b8fd746b7ef754525029340c # 10:12 3- 3 Merge tag 'media/v4.5-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
git bisect bad aee3bfa3307cd0da2126bdc0ea359dabea5ee8f7 # 10:22 7- 1 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
git bisect bad 60b7eca1dc2ec066916b3b7ac6ad89bea13cb9af # 10:27 0- 1 Merge tag 'upstream-4.5-rc1' of git://git.infradead.org/linux-ubifs
git bisect bad 581dbc8bfc47ab16c69a67cc20dafea378ddbc60 # 10:37 132- 7 Merge tag 'pinctrl-v4.5-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
git bisect bad 4bd20db2c027eab7490e3c0466734738bef2dd24 # 10:42 0- 1 Merge branch 'ras-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect bad 5a6ea81b8f9ce2736759d256ac4d63be65751199 # 10:46 3- 2 perf stat record: Write stat events on record
git bisect bad 3e27c92081131738fa4d7dd71673aa6e8c24866d # 10:55 180- 4 perf evlist: Factor perf_evlist__(enable|disable) functions
git bisect bad 30862f2c5725c46afcfab5af710fdf5163bf0f81 # 11:02 0- 4 perf tools: Add 'perf config' command
git bisect good c4068f51d40df151a661a384ab1309b11d7f012e # 11:14 309+ 0 perf tools: Make perf_exec_path() always return malloc'd string
git bisect good 3cd99dfd1c87067fb28a19fee76500aed56d7c8f # 11:22 310+ 0 perf ui/gtk: Support flat callchains
git bisect bad 24cc12b17679f8e9046746f92fd377f589efc163 # 11:32 7- 4 perf/x86/intel/pt: Add interface to stop Intel PT logging
git bisect good 10013ebb5d7856c243541870f4e62fed68253e88 # 11:46 310+ 0 x86: Add an inlined __copy_from_user_nmi() variant
git bisect bad b16a5b52eb90d92b597257778e51e1fdc6423e64 # 11:51 1- 2 perf/x86: Add option to disable reading branch flags/cycles
git bisect bad 75925e1ad7f5a4e867bd14ff8e7f114ea1596434 # 11:54 0- 1 perf/x86: Optimize stack walk user accesses
# first bad commit: [75925e1ad7f5a4e867bd14ff8e7f114ea1596434] perf/x86: Optimize stack walk user accesses
git bisect good 10013ebb5d7856c243541870f4e62fed68253e88 # 12:06 910+ 0 x86: Add an inlined __copy_from_user_nmi() variant
# extra tests with DEBUG_INFO
git bisect bad 75925e1ad7f5a4e867bd14ff8e7f114ea1596434 # 12:10 5- 3 perf/x86: Optimize stack walk user accesses
# extra tests on HEAD of linux-devel/devel-spot-201601220840
git bisect bad f4b8c83d98967021814647eae93530a480700737 # 12:11 0- 2 0day head guard for 'devel-spot-201601220840'
# extra tests on tree/branch linus/master
git bisect bad 404a47410c26a115123885977053e9a1a4460929 # 12:12 6- 1 Merge branch 'uaccess' (batched user access infrastructure)
# extra tests with first bad commit reverted
git bisect good 9be1f4a10fcff6240a49b39ed70ddbc21f122e7e # 12:31 910+ 0 Revert "perf/x86: Optimize stack walk user accesses"
# extra tests on tree/branch linus/master
git bisect bad 404a47410c26a115123885977053e9a1a4460929 # 12:31 0- 22 Merge branch 'uaccess' (batched user access infrastructure)
# extra tests on tree/branch linux-next/master
git bisect bad 8771b7845205db05fbefd2d914cacd678cea6325 # 12:32 3- 2 Add linux-next specific files for 20160121
This script may reproduce the error.
----------------------------------------------------------------------------
#!/bin/bash
kernel=$1
initrd=quantal-core-i386.cgz
wget --no-clobber https://github.com/fengguang/reproduce-kernel-bug/raw/master/initrd/$initrd
kvm=(
qemu-system-x86_64
-enable-kvm
-cpu kvm64
-kernel $kernel
-initrd $initrd
-m 300
-smp 2
-device e1000,netdev=net0
-netdev user,id=net0
-boot order=nc
-no-reboot
-watchdog i6300esb
-rtc base=localtime
-serial stdio
-display none
-monitor null
)
append=(
hung_task_panic=1
earlyprintk=ttyS0,115200
systemd.log_level=err
debug
apic=debug
sysrq_always_enabled
rcupdate.rcu_cpu_stall_timeout=100
panic=-1
softlockup_panic=1
nmi_watchdog=panic
oops=panic
load_ramdisk=2
prompt_ramdisk=0
console=ttyS0,115200
console=tty0
vga=normal
root=/dev/ram0
rw
drbd.minor_count=8
)
"${kvm[@]}" --append "${append[*]}"
----------------------------------------------------------------------------
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/lkp Intel Corporation
View attachment "dmesg-quantal-intel12-30:20160122115406:i386-randconfig-i0-201603:4.4.0-rc2-00045-g75925e1:231" of type "text/plain" (94127 bytes)
View attachment "config-4.4.0-rc2-00045-g75925e1" of type "text/plain" (113738 bytes)
Powered by blists - more mailing lists