| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 24 Feb 2022 22:38:41 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Jim Cromie <jim.cromie@...il.com>
Cc: lkp@...ts.01.org, lkp@...el.com,
LKML <linux-kernel@...r.kernel.org>
Subject: [dyndbg] 6ff0a74cc6: BUG:unable_to_handle_page_fault_for_address
Greeting,
FYI, we noticed the following commit (built with gcc-9):
commit: 6ff0a74cc6036c3ccbc7ad8f2dc56750cc066edb ("dyndbg: RFC handle __dyndbg* sections in module.lds.h")
https://github.com/jimc/linux.git dd-diet-next
in testcase: will-it-scale
version: will-it-scale-x86_64-a34a85c-1_20220217
with following parameters:
nr_task: 100%
mode: thread
test: pthread_mutex3
cpufreq_governor: performance
ucode: 0x42e
test-description: Will It Scale takes a testcase and runs it from 1 through to n parallel copies to see if the testcase will scale. It builds both a process and threads based test in order to see any differences between the two.
test-url: https://github.com/antonblanchard/will-it-scale
on test machine: 48 threads 2 sockets Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz with 112G memory
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 19.925858][ T1104] BUG: unable to handle page fault for address: ffffffffc0ff0633
[ 19.934352][ T1104] #PF: supervisor read access in kernel mode
[ 19.940878][ T1104] #PF: error_code(0x0000) - not-present page
[ 19.947404][ T1104] PGD 1c3ec0d067 P4D 1c3ec0d067 PUD 1c3ec0f067 PMD 1c39319067 PTE 0
[ 19.956167][ T1104] Oops: 0000 [#1] SMP PTI
[ 19.960858][ T1104] CPU: 22 PID: 1104 Comm: modprobe Not tainted 5.17.0-rc4-00034-g6ff0a74cc603 #1
[ 19.970881][ T1104] Hardware name: Intel Corporation S2600WP/S2600WP, BIOS SE5C600.86B.02.02.0002.122320131210 12/23/2013
[ 19.983138][ T1104] RIP: 0010:strchr (lib/string.c:394)
[ 19.984653][ T585] BTRFS: device fsid 8e78d8f1-e1ce-485e-a220-c69c3d568396 devid 1 transid 24 /dev/sdc1 scanned by systemd-udevd (585)
[ 19.988017][ T1104] Code: 0f b6 0c 07 3a 0c 06 74 ea 19 c0 83 c8 01 c3 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <0f> b6 07 89 f2 40 38 f0 75 0e eb 13 0f b6 47 01 48 83 c7 01 38 d0
All code
========
0: 0f b6 0c 07 movzbl (%rdi,%rax,1),%ecx
4: 3a 0c 06 cmp (%rsi,%rax,1),%cl
7: 74 ea je 0xfffffffffffffff3
9: 19 c0 sbb %eax,%eax
b: 83 c8 01 or $0x1,%eax
e: c3 retq
f: 31 c0 xor %eax,%eax
11: c3 retq
12: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1)
19: 00 00 00 00
1d: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1)
24: 00 00 00 00
28: 66 90 xchg %ax,%ax
2a:* 0f b6 07 movzbl (%rdi),%eax <-- trapping instruction
2d: 89 f2 mov %esi,%edx
2f: 40 38 f0 cmp %sil,%al
32: 75 0e jne 0x42
34: eb 13 jmp 0x49
36: 0f b6 47 01 movzbl 0x1(%rdi),%eax
3a: 48 83 c7 01 add $0x1,%rdi
3e: 38 d0 cmp %dl,%al
Code starting with the faulting instruction
===========================================
0: 0f b6 07 movzbl (%rdi),%eax
3: 89 f2 mov %esi,%edx
5: 40 38 f0 cmp %sil,%al
8: 75 0e jne 0x18
a: eb 13 jmp 0x1f
c: 0f b6 47 01 movzbl 0x1(%rdi),%eax
10: 48 83 c7 01 add $0x1,%rdi
14: 38 d0 cmp %dl,%al
[ 19.988019][ T1104] RSP: 0018:ffffc9000b537c98 EFLAGS: 00010246
[ 19.988020][ T1104] RAX: 0000000000000038 RBX: ffffffffc0b1c0c0 RCX: 0000000000000000
[ 19.988021][ T1104] RDX: 0000000000000000 RSI: 000000000000002e RDI: ffffffffc0ff0633
[ 19.988022][ T1104] RBP: ffffffffc020f000 R08: ffff889bd029bb40 R09: ffffc9000b537ae0
[ 19.988023][ T1104] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
[ 19.988024][ T1104] R13: ffffffffc0b33698 R14: 0000000000000000 R15: ffffffffc0b33680
[ 19.988025][ T1104] FS: 00007f25dc37d480(0000) GS:ffff889bd0280000(0000) knlGS:0000000000000000
[ 19.988026][ T1104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 19.988027][ T1104] CR2: ffffffffc0ff0633 CR3: 0000001c38dce005 CR4: 00000000001706e0
[ 20.106389][ T1104] Call Trace:
[ 20.110536][ T1104] <TASK>
[ 20.114241][ T1104] register_filesystem (fs/filesystems.c:81)
[ 20.120209][ T1104] ? 0xffffffffc020f000
[ 20.125295][ T1104] init_btrfs_fs (include/trace/events/btrfs.h:256) btrfs
[ 20.131673][ T1104] do_one_initcall (init/main.c:1300)
[ 20.137365][ T1104] ? __cond_resched (kernel/sched/core.c:8192)
[ 20.143101][ T1104] ? kmem_cache_alloc_trace (mm/slab.h:707 mm/slub.c:3144 mm/slub.c:3238 mm/slub.c:3255)
[ 20.149688][ T1104] do_init_module (kernel/module.c:3734)
[ 20.155247][ T1104] load_module (kernel/module.c:4124)
[ 20.160873][ T1104] ? __do_sys_finit_module (kernel/module.c:4225)
[ 20.167301][ T1104] __do_sys_finit_module (kernel/module.c:4225)
[ 20.173594][ T1104] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)
[ 20.178979][ T1104] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:113)
[ 20.186005][ T1104] RIP: 0033:0x7f25dc497f59
[ 20.191360][ T1104] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 07 6f 0c 00 f7 d8 64 89 01 48
All code
========
0: 00 c3 add %al,%bl
2: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
9: 00 00 00
c: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
11: 48 89 f8 mov %rdi,%rax
14: 48 89 f7 mov %rsi,%rdi
17: 48 89 d6 mov %rdx,%rsi
1a: 48 89 ca mov %rcx,%rdx
1d: 4d 89 c2 mov %r8,%r10
20: 4d 89 c8 mov %r9,%r8
23: 4c 8b 4c 24 08 mov 0x8(%rsp),%r9
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 01 jae 0x33
32: c3 retq
33: 48 8b 0d 07 6f 0c 00 mov 0xc6f07(%rip),%rcx # 0xc6f41
3a: f7 d8 neg %eax
3c: 64 89 01 mov %eax,%fs:(%rcx)
3f: 48 rex.W
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 01 jae 0x9
8: c3 retq
9: 48 8b 0d 07 6f 0c 00 mov 0xc6f07(%rip),%rcx # 0xc6f17
10: f7 d8 neg %eax
12: 64 89 01 mov %eax,%fs:(%rcx)
15: 48 rex.W
[ 20.214344][ T1104] RSP: 002b:00007ffd66cc95e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[ 20.224179][ T1104] RAX: ffffffffffffffda RBX: 000055c478cf6bb0 RCX: 00007f25dc497f59
[ 20.233538][ T1104] RDX: 0000000000000000 RSI: 000055c477bee3f0 RDI: 0000000000000005
[ 20.242936][ T1104] RBP: 000055c477bee3f0 R08: 0000000000000000 R09: 0000000000000000
[ 20.252284][ T1104] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[ 20.261683][ T1104] R13: 000055c478cf70a0 R14: 0000000000040000 R15: 000055c478cf6bb0
[ 20.271055][ T1104] </TASK>
[ 20.274922][ T1104] Modules linked in: btrfs(+) blake2b_generic xor raid6_pq zstd_compress libcrc32c sd_mod t10_pi mgag200 sg drm_shmem_helper intel_rapl_msr intel_rapl_common sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul drm_kms_helper crc32c_intel ghash_clmulni_intel syscopyarea isci sysfillrect sysimgblt rapl libsas ahci fb_sys_fops intel_cstate ipmi_si libahci scsi_transport_sas mei_me ipmi_devintf drm intel_uncore ioatdma ipmi_msghandler libata joydev mei dca wmi ip_tables
[ 20.331740][ T1104] CR2: ffffffffc0ff0633
[ 20.336929][ T1104] ---[ end trace 0000000000000000 ]---
[ 20.349289][ T1104] RIP: 0010:strchr (lib/string.c:394)
[ 20.354855][ T1104] Code: 0f b6 0c 07 3a 0c 06 74 ea 19 c0 83 c8 01 c3 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <0f> b6 07 89 f2 40 38 f0 75 0e eb 13 0f b6 47 01 48 83 c7 01 38 d0
All code
========
0: 0f b6 0c 07 movzbl (%rdi,%rax,1),%ecx
4: 3a 0c 06 cmp (%rsi,%rax,1),%cl
7: 74 ea je 0xfffffffffffffff3
9: 19 c0 sbb %eax,%eax
b: 83 c8 01 or $0x1,%eax
e: c3 retq
f: 31 c0 xor %eax,%eax
11: c3 retq
12: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1)
19: 00 00 00 00
1d: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1)
24: 00 00 00 00
28: 66 90 xchg %ax,%ax
2a:* 0f b6 07 movzbl (%rdi),%eax <-- trapping instruction
2d: 89 f2 mov %esi,%edx
2f: 40 38 f0 cmp %sil,%al
32: 75 0e jne 0x42
34: eb 13 jmp 0x49
36: 0f b6 47 01 movzbl 0x1(%rdi),%eax
3a: 48 83 c7 01 add $0x1,%rdi
3e: 38 d0 cmp %dl,%al
Code starting with the faulting instruction
===========================================
0: 0f b6 07 movzbl (%rdi),%eax
3: 89 f2 mov %esi,%edx
5: 40 38 f0 cmp %sil,%al
8: 75 0e jne 0x18
a: eb 13 jmp 0x1f
c: 0f b6 47 01 movzbl 0x1(%rdi),%eax
10: 48 83 c7 01 add $0x1,%rdi
14: 38 d0 cmp %dl,%al
To reproduce:
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
sudo bin/lkp install job.yaml # job file is attached in this email
bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run
sudo bin/lkp run generated-yaml-file
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
---
0DAY/LKP+ Test Infrastructure Open Source Technology Center
https://lists.01.org/hyperkitty/list/lkp@lists.01.org Intel Corporation
Thanks,
Oliver Sang
View attachment "config-5.17.0-rc4-00034-g6ff0a74cc603" of type "text/plain" (174669 bytes)
View attachment "job-script" of type "text/plain" (7923 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (22180 bytes)
View attachment "job.yaml" of type "text/plain" (5227 bytes)
Powered by blists - more mailing lists