| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220106083523.GB32167@xsang-OptiPlex-9020>
Date: Thu, 6 Jan 2022 16:35:23 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>,
LKML <linux-kernel@...r.kernel.org>, x86@...nel.org,
lkp@...ts.01.org, lkp@...el.com
Subject: [x86/entry_32] aa93e2ad74:
BUG:soft_lockup-CPU##stuck_for#s![systemd-logind:#]
Greeting,
FYI, we noticed the following commit (built with clang-14):
commit: aa93e2ad7464ffb90155a5ffdde963816f86d5dc ("x86/entry_32: Remove .fixup usage")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git x86/core
in testcase: kernel-selftests
version:
with following parameters:
group: x86
test-description: The kernel contains a set of "self tests" under the tools/testing/selftests/ directory. These are intended to be small unit tests to exercise individual code paths in the kernel.
test-url: https://www.kernel.org/doc/Documentation/kselftest.txt
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-----------------------------------------------------+------------+------------+
| | 16e617d05e | aa93e2ad74 |
+-----------------------------------------------------+------------+------------+
| boot_successes | 52 | 5 |
| boot_failures | 0 | 47 |
| BUG:kernel_hang_in_test_stage | 0 | 40 |
| BUG:soft_lockup-CPU##stuck_for#s![systemd-logind:#] | 0 | 7 |
| EIP:smp_call_function_many_cond | 0 | 7 |
| Kernel_panic-not_syncing:softlockup:hung_tasks | 0 | 7 |
+-----------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 1153.108528][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 536s! [systemd-logind:1589]
[ 1153.113402][ C1] Modules linked in: bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper drm serio_raw drm_panel_orientation_quirks i2c_piix4 evbug intel_agp evdev rtc_cmos mac_hid intel_gtt agpgart stm_p_basic
[ 1153.123007][ C1] irq event stamp: 270688
[ 1153.126371][ C1] hardirqs last enabled at (270687): irqentry_exit (kernel/entry/common.c:?)
[ 1153.130734][ C1] hardirqs last disabled at (270688): sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1097)
[ 1153.135693][ C1] softirqs last enabled at (203498): do_softirq_own_stack (arch/x86/kernel/irq_32.c:60 arch/x86/kernel/irq_32.c:150)
[ 1153.140292][ C1] softirqs last disabled at (203423): do_softirq_own_stack (arch/x86/kernel/irq_32.c:60 arch/x86/kernel/irq_32.c:150)
[ 1153.144942][ C1] CPU: 1 PID: 1589 Comm: systemd-logind Not tainted 5.16.0-rc4-00015-gaa93e2ad7464 #1 724caf37a2ed720c19b702e6f6c942970fe22427
[ 1153.153337][ C1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1153.158184][ C1] EIP: smp_call_function_many_cond (kernel/smp.c:440 kernel/smp.c:969)
[ 1153.162660][ C1] Code: 00 89 c7 3b 05 2c d7 97 c2 73 3a 8b 45 f0 8b 18 83 ff 20 73 20 8b 04 bd 84 94 4b c2 f7 44 18 04 01 00 00 00 74 d2 90 90 f3 90 <8b> 4c 03 04 f6 c1 01 75 f5 eb c3 57 68 80 7f 87 c2 e8 68 43 4d 00
All code
========
0: 00 89 c7 3b 05 2c add %cl,0x2c053bc7(%rcx)
6: d7 xlat %ds:(%rbx)
7: 97 xchg %eax,%edi
8: c2 73 3a retq $0x3a73
b: 8b 45 f0 mov -0x10(%rbp),%eax
e: 8b 18 mov (%rax),%ebx
10: 83 ff 20 cmp $0x20,%edi
13: 73 20 jae 0x35
15: 8b 04 bd 84 94 4b c2 mov -0x3db46b7c(,%rdi,4),%eax
1c: f7 44 18 04 01 00 00 testl $0x1,0x4(%rax,%rbx,1)
23: 00
24: 74 d2 je 0xfffffffffffffff8
26: 90 nop
27: 90 nop
28: f3 90 pause
2a:* 8b 4c 03 04 mov 0x4(%rbx,%rax,1),%ecx <-- trapping instruction
2e: f6 c1 01 test $0x1,%cl
31: 75 f5 jne 0x28
33: eb c3 jmp 0xfffffffffffffff8
35: 57 push %rdi
36: 68 80 7f 87 c2 pushq $0xffffffffc2877f80
3b: e8 68 43 4d 00 callq 0x4d43a8
Code starting with the faulting instruction
===========================================
0: 8b 4c 03 04 mov 0x4(%rbx,%rax,1),%ecx
4: f6 c1 01 test $0x1,%cl
7: 75 f5 jne 0xfffffffffffffffe
9: eb c3 jmp 0xffffffffffffffce
b: 57 push %rdi
c: 68 80 7f 87 c2 pushq $0xffffffffc2877f80
11: e8 68 43 4d 00 callq 0x4d437e
[ 1153.173395][ C1] EAX: 17173000 EBX: c2a89df0 ECX: 00000011 EDX: 00000001
[ 1153.178489][ C1] ESI: d9c17244 EDI: 00000000 EBP: c70bbcc8 ESP: c70bbc90
[ 1153.183282][ C1] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00000202
[ 1153.188245][ C1] CR0: 80050033 CR2: 005fd180 CR3: 060b3000 CR4: 00040690
[ 1153.193152][ C1] Call Trace:
[ 1153.197354][ C1] ? flush_tlb_all (arch/x86/mm/tlb.c:1027)
[ 1153.201557][ C1] on_each_cpu_cond_mask (kernel/smp.c:1135)
[ 1153.205806][ C1] flush_tlb_kernel_range (include/linux/smp.h:71 arch/x86/mm/tlb.c:1053)
[ 1153.209947][ C1] __kmap_flush_unused (include/linux/spinlock.h:389 mm/highmem.c:201)
[ 1153.213857][ C1] change_page_attr_set_clr (arch/x86/mm/pat/set_memory.c:1743)
[ 1153.217987][ C1] ? rcu_read_lock_sched_held (kernel/rcu/update.c:125)
[ 1153.222472][ C1] set_memory_ro (arch/x86/mm/pat/set_memory.c:1946)
[ 1153.226468][ C1] bpf_prog_select_runtime (include/linux/filter.h:?)
[ 1153.230241][ C1] bpf_prepare_filter (net/core/filter.c:? net/core/filter.c:1343)
[ 1153.234171][ C1] __get_filter (net/core/filter.c:1512)
[ 1153.238208][ C1] sk_attach_filter (net/core/filter.c:1527)
[ 1153.242013][ C1] sock_setsockopt (net/core/sock.c:?)
[ 1153.245655][ C1] __sys_setsockopt (net/socket.c:?)
[ 1153.249508][ C1] __ia32_sys_socketcall (net/socket.c:? net/socket.c:2901 net/socket.c:2901)
[ 1153.253576][ C1] ? kmem_cache_free (mm/slub.c:3501 mm/slub.c:3514 mm/slub.c:3530)
[ 1153.257465][ C1] ? put_cred_rcu (kernel/cred.c:127)
[ 1153.261292][ C1] ? put_cred_rcu (kernel/cred.c:127)
[ 1153.264756][ C1] ? rcu_lock_release (include/linux/rcupdate.h:274)
[ 1153.268279][ C1] ? put_cred_rcu (kernel/cred.c:127)
[ 1153.271688][ C1] ? syscall_enter_from_user_mode (arch/x86/include/asm/irqflags.h:45 arch/x86/include/asm/irqflags.h:80 kernel/entry/common.c:107)
[ 1153.275128][ C1] ? do_int80_syscall_32 (arch/x86/entry/common.c:110 arch/x86/entry/common.c:132)
[ 1153.278608][ C1] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:51)
[ 1153.282036][ C1] ? syscall_enter_from_user_mode (arch/x86/include/asm/irqflags.h:45 arch/x86/include/asm/irqflags.h:80 kernel/entry/common.c:107)
[ 1153.285382][ C1] do_int80_syscall_32 (arch/x86/entry/common.c:112 arch/x86/entry/common.c:132)
[ 1153.289305][ C1] ? irqentry_exit_to_user_mode (kernel/entry/common.c:316)
[ 1153.293109][ C1] ? irqentry_exit (kernel/entry/common.c:441)
[ 1153.296533][ C1] ? exc_page_fault (arch/x86/mm/fault.c:1545)
[ 1153.300022][ C1] entry_INT80_32 (init_task.c:?)
[ 1153.303502][ C1] EIP: 0xb7f10092
[ 1153.306552][ C1] Code: 00 00 00 e9 90 ff ff ff ff a3 24 00 00 00 68 30 00 00 00 e9 80 ff ff ff ff a3 e0 ff ff ff 66 90 00 00 00 00 00 00 00 00 cd 80 <c3> 8d b4 26 00 00 00 00 8d b6 00 00 00 00 8b 1c 24 c3 8d b4 26 00
All code
========
0: 00 00 add %al,(%rax)
2: 00 e9 add %ch,%cl
4: 90 nop
5: ff (bad)
6: ff (bad)
7: ff (bad)
8: ff a3 24 00 00 00 jmpq *0x24(%rbx)
e: 68 30 00 00 00 pushq $0x30
13: e9 80 ff ff ff jmpq 0xffffffffffffff98
18: ff a3 e0 ff ff ff jmpq *-0x20(%rbx)
1e: 66 90 xchg %ax,%ax
...
28: cd 80 int $0x80
2a:* c3 retq <-- trapping instruction
2b: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
32: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
38: 8b 1c 24 mov (%rsp),%ebx
3b: c3 retq
3c: 8d .byte 0x8d
3d: b4 26 mov $0x26,%ah
...
Code starting with the faulting instruction
===========================================
0: c3 retq
1: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
8: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
e: 8b 1c 24 mov (%rsp),%ebx
11: c3 retq
12: 8d .byte 0x8d
13: b4 26 mov $0x26,%ah
To reproduce:
# build kernel
cd linux
cp config-5.16.0-rc4-00015-gaa93e2ad7464 .config
make HOSTCC=clang-14 CC=clang-14 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=clang-14 CC=clang-14 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
---
0DAY/LKP+ Test Infrastructure Open Source Technology Center
https://lists.01.org/hyperkitty/list/lkp@lists.01.org Intel Corporation
Thanks,
Oliver Sang
View attachment "config-5.16.0-rc4-00015-gaa93e2ad7464" of type "text/plain" (151513 bytes)
View attachment "job-script" of type "text/plain" (4825 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (26568 bytes)
Powered by blists - more mailing lists