lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 31 Jul 2022 14:26:08 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Sebastian Andrzej Siewior <bigeasy@...utronix.de>
CC:     0day robot <lkp@...el.com>, Mike Galbraith <efault@....de>,
        LKML <linux-kernel@...r.kernel.org>, <lkp@...ts.01.org>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Theodore Ts'o <tytso@....edu>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        John Ogness <john.ogness@...utronix.de>,
        Petr Mladek <pmladek@...e.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: [random]  9fdfe09a52:
 BUG:sleeping_function_called_from_invalid_context_at_include/linux/percpu-rwsem.h



Greeting,

FYI, we noticed the following commit (built with gcc-11):

commit: 9fdfe09a520b124c2fbe21ae8a00d496605548c6 ("[PATCH] random: Initialize vsprintf's pointer hash once the random core is ready.")
url: https://github.com/intel-lab-lkp/linux/commits/Sebastian-Andrzej-Siewior/random-Initialize-vsprintf-s-pointer-hash-once-the-random-core-is-ready/20220729-165432
base: git://git.kernel.org/cgit/linux/kernel/git/crng/random.git master
patch link: https://lore.kernel.org/lkml/YuOf6qu453dOkR%2BS@linutronix.de

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):



If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>


[   11.543105][    C1] BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49
[   11.544701][    C1] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1, name: systemd
[   11.546025][    C1] preempt_count: 102, expected: 0
[   11.546859][    C1] CPU: 1 PID: 1 Comm: systemd Not tainted 5.19.0-rc6-00367-g9fdfe09a520b #1
[   11.548264][    C1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[   11.549867][    C1] Call Trace:
[   11.550511][    C1]  <IRQ>
[ 11.551123][ C1] dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1)) 
[ 11.551905][ C1] __might_resched.cold (kernel/sched/core.c:9822) 
[ 11.552730][ C1] ? _credit_init_bits (drivers/char/random.c:1168) 
[ 11.553591][ C1] cpus_read_lock (include/linux/percpu-rwsem.h:49 kernel/cpu.c:310) 
[ 11.554371][ C1] static_key_enable (kernel/jump_label.c:190) 
[ 11.555175][ C1] vsprintf_init_hash_pointer (include/linux/spinlock.h:404 lib/vsprintf.c:768) 
[ 11.556094][ C1] crng_reseed (drivers/char/random.c:234) 
[ 11.556920][ C1] _credit_init_bits (drivers/char/random.c:659) 
[ 11.557755][ C1] entropy_timer (drivers/char/random.c:1173) 
[ 11.558534][ C1] call_timer_fn (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 include/trace/events/timer.h:127 kernel/time/timer.c:1475) 
[ 11.559294][ C1] __run_timers+0x1de/0x280 
[ 11.560175][ C1] ? enqueue_hrtimer (kernel/time/hrtimer.c:1092) 
[ 11.561005][ C1] ? __hrtimer_run_queues (include/linux/seqlock.h:612 kernel/time/hrtimer.c:1711 kernel/time/hrtimer.c:1749) 
[ 11.561842][ C1] run_timer_softirq (kernel/time/timer.c:1805) 
[ 11.562629][ C1] __do_softirq (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 include/trace/events/irq.h:142 kernel/softirq.c:572) 
[ 11.563373][ C1] __irq_exit_rcu (kernel/softirq.c:445 kernel/softirq.c:650) 
[ 11.564214][ C1] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1106 (discriminator 14)) 
[   11.565102][    C1]  </IRQ>
[   11.565622][    C1]  <TASK>
[ 11.566195][ C1] asm_sysvec_apic_timer_interrupt (arch/x86/include/asm/idtentry.h:649) 
[ 11.567139][ C1] RIP: 0010:__schedule (kernel/sched/core.c:6466) 
[ 11.567979][ C1] Code: 83 e0 fc 41 89 84 24 98 09 00 00 83 f8 02 76 07 c7 45 c8 04 00 00 00 4c 89 ef 4c 89 fe e8 b9 93 2b ff 48 89 c7 e8 91 f3 3c ff <48> 8b 45 d0 65 48 2b 04 25 28 00 00 00 0f 85 de 03 00 00 48 83 c4
All code
========
   0:	83 e0 fc             	and    $0xfffffffc,%eax
   3:	41 89 84 24 98 09 00 	mov    %eax,0x998(%r12)
   a:	00 
   b:	83 f8 02             	cmp    $0x2,%eax
   e:	76 07                	jbe    0x17
  10:	c7 45 c8 04 00 00 00 	movl   $0x4,-0x38(%rbp)
  17:	4c 89 ef             	mov    %r13,%rdi
  1a:	4c 89 fe             	mov    %r15,%rsi
  1d:	e8 b9 93 2b ff       	callq  0xffffffffff2b93db
  22:	48 89 c7             	mov    %rax,%rdi
  25:	e8 91 f3 3c ff       	callq  0xffffffffff3cf3bb
  2a:*	48 8b 45 d0          	mov    -0x30(%rbp),%rax		<-- trapping instruction
  2e:	65 48 2b 04 25 28 00 	sub    %gs:0x28,%rax
  35:	00 00 
  37:	0f 85 de 03 00 00    	jne    0x41b
  3d:	48                   	rex.W
  3e:	83                   	.byte 0x83
  3f:	c4                   	.byte 0xc4

Code starting with the faulting instruction
===========================================
   0:	48 8b 45 d0          	mov    -0x30(%rbp),%rax
   4:	65 48 2b 04 25 28 00 	sub    %gs:0x28,%rax
   b:	00 00 
   d:	0f 85 de 03 00 00    	jne    0x3f1
  13:	48                   	rex.W
  14:	83                   	.byte 0x83
  15:	c4                   	.byte 0xc4
[   11.570841][    C1] RSP: 0018:ffffb80c40013d68 EFLAGS: 00000282
[   11.571833][    C1] RAX: 0000000000000004 RBX: 0000000000000000 RCX: ffff90c06fd2bf68
[   11.573143][    C1] RDX: ffff90c06fd2bf68 RSI: ffff90c06fd2bf68 RDI: ffff90c06fd2b500
[   11.574494][    C1] RBP: ffffb80c40013db8 R08: ffff90c06fd2bf68 R09: ffff90c06fd2bf68
[   11.575843][    C1] R10: 0000000072fba847 R11: 000000006fc6435a R12: ffff90c06fd2b500
[   11.577197][    C1] R13: ffff90bd40290000 R14: 0000000000000000 R15: ffff90bd40290000
[ 11.578536][ C1] ? __schedule (kernel/sched/core.c:5768 kernel/sched/core.c:6277 kernel/sched/core.c:6422) 
[ 11.579300][ C1] schedule (arch/x86/include/asm/preempt.h:85 (discriminator 1) kernel/sched/core.c:6531 (discriminator 1)) 
[ 11.580036][ C1] try_to_generate_entropy (arch/x86/include/asm/msr.h:184 arch/x86/include/asm/timex.h:13 drivers/char/random.c:1205) 
[ 11.580892][ C1] ? _credit_init_bits (drivers/char/random.c:1168) 
[ 11.581684][ C1] urandom_read_iter.cold (drivers/char/random.c:1320) 
[ 11.582508][ C1] new_sync_read (fs/read_write.c:402 (discriminator 1)) 
[ 11.583271][ C1] vfs_read (fs/read_write.c:482) 
[ 11.583990][ C1] ksys_read (fs/read_write.c:620) 
[ 11.584686][ C1] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80) 
[ 11.585426][ C1] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120) 
[   11.586408][    C1] RIP: 0033:0x7f1512769e8e
[ 11.587210][ C1] Code: c0 e9 b6 fe ff ff 50 48 8d 3d 6e 18 0a 00 e8 89 e8 01 00 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 48 83 ec 28
All code
========
   0:	c0 e9 b6             	shr    $0xb6,%cl
   3:	fe                   	(bad)  
   4:	ff                   	(bad)  
   5:	ff 50 48             	callq  *0x48(%rax)
   8:	8d 3d 6e 18 0a 00    	lea    0xa186e(%rip),%edi        # 0xa187c
   e:	e8 89 e8 01 00       	callq  0x1e89c
  13:	66 0f 1f 84 00 00 00 	nopw   0x0(%rax,%rax,1)
  1a:	00 00 
  1c:	64 8b 04 25 18 00 00 	mov    %fs:0x18,%eax
  23:	00 
  24:	85 c0                	test   %eax,%eax
  26:	75 14                	jne    0x3c
  28:	0f 05                	syscall 
  2a:*	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax		<-- trapping instruction
  30:	77 5a                	ja     0x8c
  32:	c3                   	retq   
  33:	66 0f 1f 84 00 00 00 	nopw   0x0(%rax,%rax,1)
  3a:	00 00 
  3c:	48 83 ec 28          	sub    $0x28,%rsp

Code starting with the faulting instruction
===========================================
   0:	48 3d 00 f0 ff ff    	cmp    $0xfffffffffffff000,%rax
   6:	77 5a                	ja     0x62
   8:	c3                   	retq   
   9:	66 0f 1f 84 00 00 00 	nopw   0x0(%rax,%rax,1)
  10:	00 00 
  12:	48 83 ec 28          	sub    $0x28,%rsp
[   11.590175][    C1] RSP: 002b:00007ffea4616248 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   11.591590][    C1] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00007f1512769e8e
[   11.592936][    C1] RDX: 0000000000000010 RSI: 00007ffea46162e0 RDI: 000000000000000c
[   11.594246][    C1] RBP: 000000000000000c R08: 0000000000000000 R09: 0000000000000001
[   11.595573][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   11.596914][    C1] R13: 0000000000000001 R14: 00007ffea46162e0 R15: 0000000000000000
[   11.598246][    C1]  </TASK>


To reproduce:

        # build kernel
	cd linux
	cp config-5.19.0-rc6-00367-g9fdfe09a520b .config
	make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
	make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
	cd <mod-install-dir>
	find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz


        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.



-- 
0-DAY CI Kernel Test Service
https://01.org/lkp



View attachment "config-5.19.0-rc6-00367-g9fdfe09a520b" of type "text/plain" (164082 bytes)

View attachment "job-script" of type "text/plain" (4823 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (15368 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ