lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20220224143841.GA22978@xsang-OptiPlex-9020>
Date:   Thu, 24 Feb 2022 22:38:41 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Jim Cromie <jim.cromie@...il.com>
Cc:     lkp@...ts.01.org, lkp@...el.com,
        LKML <linux-kernel@...r.kernel.org>
Subject: [dyndbg]  6ff0a74cc6: BUG:unable_to_handle_page_fault_for_address



Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: 6ff0a74cc6036c3ccbc7ad8f2dc56750cc066edb ("dyndbg: RFC handle __dyndbg* sections in module.lds.h")
https://github.com/jimc/linux.git dd-diet-next

in testcase: will-it-scale
version: will-it-scale-x86_64-a34a85c-1_20220217
with following parameters:

	nr_task: 100%
	mode: thread
	test: pthread_mutex3
	cpufreq_governor: performance
	ucode: 0x42e

test-description: Will It Scale takes a testcase and runs it from 1 through to n parallel copies to see if the testcase will scale. It builds both a process and threads based test in order to see any differences between the two.
test-url: https://github.com/antonblanchard/will-it-scale


on test machine: 48 threads 2 sockets Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz with 112G memory

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):



If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>


[   19.925858][ T1104] BUG: unable to handle page fault for address: ffffffffc0ff0633
[   19.934352][ T1104] #PF: supervisor read access in kernel mode
[   19.940878][ T1104] #PF: error_code(0x0000) - not-present page
[   19.947404][ T1104] PGD 1c3ec0d067 P4D 1c3ec0d067 PUD 1c3ec0f067 PMD 1c39319067 PTE 0
[   19.956167][ T1104] Oops: 0000 [#1] SMP PTI
[   19.960858][ T1104] CPU: 22 PID: 1104 Comm: modprobe Not tainted 5.17.0-rc4-00034-g6ff0a74cc603 #1
[   19.970881][ T1104] Hardware name: Intel Corporation S2600WP/S2600WP, BIOS SE5C600.86B.02.02.0002.122320131210 12/23/2013
[ 19.983138][ T1104] RIP: 0010:strchr (lib/string.c:394) 
[   19.984653][  T585] BTRFS: device fsid 8e78d8f1-e1ce-485e-a220-c69c3d568396 devid 1 transid 24 /dev/sdc1 scanned by systemd-udevd (585)
[ 19.988017][ T1104] Code: 0f b6 0c 07 3a 0c 06 74 ea 19 c0 83 c8 01 c3 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <0f> b6 07 89 f2 40 38 f0 75 0e eb 13 0f b6 47 01 48 83 c7 01 38 d0
All code
========
   0:	0f b6 0c 07          	movzbl (%rdi,%rax,1),%ecx
   4:	3a 0c 06             	cmp    (%rsi,%rax,1),%cl
   7:	74 ea                	je     0xfffffffffffffff3
   9:	19 c0                	sbb    %eax,%eax
   b:	83 c8 01             	or     $0x1,%eax
   e:	c3                   	retq   
   f:	31 c0                	xor    %eax,%eax
  11:	c3                   	retq   
  12:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  19:	00 00 00 00 
  1d:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  24:	00 00 00 00 
  28:	66 90                	xchg   %ax,%ax
  2a:*	0f b6 07             	movzbl (%rdi),%eax		<-- trapping instruction
  2d:	89 f2                	mov    %esi,%edx
  2f:	40 38 f0             	cmp    %sil,%al
  32:	75 0e                	jne    0x42
  34:	eb 13                	jmp    0x49
  36:	0f b6 47 01          	movzbl 0x1(%rdi),%eax
  3a:	48 83 c7 01          	add    $0x1,%rdi
  3e:	38 d0                	cmp    %dl,%al

Code starting with the faulting instruction
===========================================
   0:	0f b6 07             	movzbl (%rdi),%eax
   3:	89 f2                	mov    %esi,%edx
   5:	40 38 f0             	cmp    %sil,%al
   8:	75 0e                	jne    0x18
   a:	eb 13                	jmp    0x1f
   c:	0f b6 47 01          	movzbl 0x1(%rdi),%eax
  10:	48 83 c7 01          	add    $0x1,%rdi
  14:	38 d0                	cmp    %dl,%al
[   19.988019][ T1104] RSP: 0018:ffffc9000b537c98 EFLAGS: 00010246
[   19.988020][ T1104] RAX: 0000000000000038 RBX: ffffffffc0b1c0c0 RCX: 0000000000000000
[   19.988021][ T1104] RDX: 0000000000000000 RSI: 000000000000002e RDI: ffffffffc0ff0633
[   19.988022][ T1104] RBP: ffffffffc020f000 R08: ffff889bd029bb40 R09: ffffc9000b537ae0
[   19.988023][ T1104] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
[   19.988024][ T1104] R13: ffffffffc0b33698 R14: 0000000000000000 R15: ffffffffc0b33680
[   19.988025][ T1104] FS:  00007f25dc37d480(0000) GS:ffff889bd0280000(0000) knlGS:0000000000000000
[   19.988026][ T1104] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   19.988027][ T1104] CR2: ffffffffc0ff0633 CR3: 0000001c38dce005 CR4: 00000000001706e0
[   20.106389][ T1104] Call Trace:
[   20.110536][ T1104]  <TASK>
[ 20.114241][ T1104] register_filesystem (fs/filesystems.c:81) 
[   20.120209][ T1104]  ? 0xffffffffc020f000
[ 20.125295][ T1104] init_btrfs_fs (include/trace/events/btrfs.h:256) btrfs
[ 20.131673][ T1104] do_one_initcall (init/main.c:1300) 
[ 20.137365][ T1104] ? __cond_resched (kernel/sched/core.c:8192) 
[ 20.143101][ T1104] ? kmem_cache_alloc_trace (mm/slab.h:707 mm/slub.c:3144 mm/slub.c:3238 mm/slub.c:3255) 
[ 20.149688][ T1104] do_init_module (kernel/module.c:3734) 
[ 20.155247][ T1104] load_module (kernel/module.c:4124) 
[ 20.160873][ T1104] ? __do_sys_finit_module (kernel/module.c:4225) 
[ 20.167301][ T1104] __do_sys_finit_module (kernel/module.c:4225) 
[ 20.173594][ T1104] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) 
[ 20.178979][ T1104] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:113) 
[   20.186005][ T1104] RIP: 0033:0x7f25dc497f59
[ 20.191360][ T1104] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 07 6f 0c 00 f7 d8 64 89 01 48
All code
========
   0:	00 c3                	add    %al,%bl
   2:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
   9:	00 00 00 
   c:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  11:	48 89 f8             	mov    %rdi,%rax
  14:	48 89 f7             	mov    %rsi,%rdi
  17:	48 89 d6             	mov    %rdx,%rsi
  1a:	48 89 ca             	mov    %rcx,%rdx
  1d:	4d 89 c2             	mov    %r8,%r10
  20:	4d 89 c8             	mov    %r9,%r8
  23:	4c 8b 4c 24 08       	mov    0x8(%rsp),%r9
  28:	0f 05                	syscall 
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	retq   
  33:	48 8b 0d 07 6f 0c 00 	mov    0xc6f07(%rip),%rcx        # 0xc6f41
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	retq   
   9:	48 8b 0d 07 6f 0c 00 	mov    0xc6f07(%rip),%rcx        # 0xc6f17
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W
[   20.214344][ T1104] RSP: 002b:00007ffd66cc95e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   20.224179][ T1104] RAX: ffffffffffffffda RBX: 000055c478cf6bb0 RCX: 00007f25dc497f59
[   20.233538][ T1104] RDX: 0000000000000000 RSI: 000055c477bee3f0 RDI: 0000000000000005
[   20.242936][ T1104] RBP: 000055c477bee3f0 R08: 0000000000000000 R09: 0000000000000000
[   20.252284][ T1104] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[   20.261683][ T1104] R13: 000055c478cf70a0 R14: 0000000000040000 R15: 000055c478cf6bb0
[   20.271055][ T1104]  </TASK>
[   20.274922][ T1104] Modules linked in: btrfs(+) blake2b_generic xor raid6_pq zstd_compress libcrc32c sd_mod t10_pi mgag200 sg drm_shmem_helper intel_rapl_msr intel_rapl_common sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul drm_kms_helper crc32c_intel ghash_clmulni_intel syscopyarea isci sysfillrect sysimgblt rapl libsas ahci fb_sys_fops intel_cstate ipmi_si libahci scsi_transport_sas mei_me ipmi_devintf drm intel_uncore ioatdma ipmi_msghandler libata joydev mei dca wmi ip_tables
[   20.331740][ T1104] CR2: ffffffffc0ff0633
[   20.336929][ T1104] ---[ end trace 0000000000000000 ]---
[ 20.349289][ T1104] RIP: 0010:strchr (lib/string.c:394) 
[ 20.354855][ T1104] Code: 0f b6 0c 07 3a 0c 06 74 ea 19 c0 83 c8 01 c3 31 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <0f> b6 07 89 f2 40 38 f0 75 0e eb 13 0f b6 47 01 48 83 c7 01 38 d0
All code
========
   0:	0f b6 0c 07          	movzbl (%rdi,%rax,1),%ecx
   4:	3a 0c 06             	cmp    (%rsi,%rax,1),%cl
   7:	74 ea                	je     0xfffffffffffffff3
   9:	19 c0                	sbb    %eax,%eax
   b:	83 c8 01             	or     $0x1,%eax
   e:	c3                   	retq   
   f:	31 c0                	xor    %eax,%eax
  11:	c3                   	retq   
  12:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  19:	00 00 00 00 
  1d:	66 66 2e 0f 1f 84 00 	data16 nopw %cs:0x0(%rax,%rax,1)
  24:	00 00 00 00 
  28:	66 90                	xchg   %ax,%ax
  2a:*	0f b6 07             	movzbl (%rdi),%eax		<-- trapping instruction
  2d:	89 f2                	mov    %esi,%edx
  2f:	40 38 f0             	cmp    %sil,%al
  32:	75 0e                	jne    0x42
  34:	eb 13                	jmp    0x49
  36:	0f b6 47 01          	movzbl 0x1(%rdi),%eax
  3a:	48 83 c7 01          	add    $0x1,%rdi
  3e:	38 d0                	cmp    %dl,%al

Code starting with the faulting instruction
===========================================
   0:	0f b6 07             	movzbl (%rdi),%eax
   3:	89 f2                	mov    %esi,%edx
   5:	40 38 f0             	cmp    %sil,%al
   8:	75 0e                	jne    0x18
   a:	eb 13                	jmp    0x1f
   c:	0f b6 47 01          	movzbl 0x1(%rdi),%eax
  10:	48 83 c7 01          	add    $0x1,%rdi
  14:	38 d0                	cmp    %dl,%al


To reproduce:

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        sudo bin/lkp install job.yaml           # job file is attached in this email
        bin/lkp split-job --compatible job.yaml # generate the yaml file for lkp run
        sudo bin/lkp run generated-yaml-file

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.



---
0DAY/LKP+ Test Infrastructure                   Open Source Technology Center
https://lists.01.org/hyperkitty/list/lkp@lists.01.org       Intel Corporation

Thanks,
Oliver Sang


View attachment "config-5.17.0-rc4-00034-g6ff0a74cc603" of type "text/plain" (174669 bytes)

View attachment "job-script" of type "text/plain" (7923 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (22180 bytes)

View attachment "job.yaml" of type "text/plain" (5227 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ