lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <Y65PZS4jTj9mXLev@xpf.sh.intel.com>
Date:   Fri, 30 Dec 2022 10:39:33 +0800
From:   Pengfei Xu <pengfei.xu@...el.com>
To:     <peterz@...radead.org>
CC:     <linux-kernel@...r.kernel.org>, <heng.su@...el.com>
Subject: [syzkaller & bisect] There is "put_pmu_ctx" WARNING in v6.2-rc1
 kernel

Hi Peter,

There is "put_pmu_ctx" WARNING in v6.2-rc1.
"
[   41.406655] ------------[ cut here ]------------
[   41.407205] WARNING: CPU: 1 PID: 13365 at kernel/events/core.c:4920 put_pmu_ctx+0x107/0x120
[   41.408077] Modules linked in:
[   41.408411] CPU: 1 PID: 13365 Comm: repro Not tainted 6.2.0-rc1-1b929c02afd3 #1
[   41.409187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[   41.410332] RIP: 0010:put_pmu_ctx+0x107/0x120
[   41.410891] Code: e8 fe 5b e9 ff 48 8d 7b 50 48 c7 c6 00 84 42 81 e8 3e 78 dd ff e8 e9 5b e9 ff 5b 41 5c 41 5d 5d c3 cc cc cc cc e8 d9 5b e9 ff <0f> 0b eb a5 e8 d0 5b e9 ff 0f 0b eb 8a e8 c7 5b e9 ff 0f 0b e9 35
[   41.412900] RSP: 0018:ffffc90004073cd0 EFLAGS: 00010246
[   41.413431] RAX: 0000000000000000 RBX: ffff88807dc3cd00 RCX: 0000000000000001
[   41.414373] RDX: 0000000000000000 RSI: ffff8880170fc680 RDI: 0000000000000002
[   41.415548] RBP: ffffc90004073ce8 R08: 0000000000000001 R09: 0000000000000001
[   41.417042] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88807dc2ed40
[   41.417801] R13: ffff88807dc3cd10 R14: 0000000000000000 R15: 0000000000000001
[   41.418526] FS:  0000000000000000(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000
[   41.419349] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   41.419935] CR2: 00007fff5123a918 CR3: 000000000d890001 CR4: 0000000000770ee0
[   41.420666] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   41.422020] DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400
[   41.423292] PKRU: 55555554
[   41.423633] Call Trace:
[   41.423883]  <TASK>
[   41.424116]  _free_event+0x18f/0x800
[   41.424561]  put_event+0x3c/0x50
[   41.425021]  perf_event_release_kernel+0x2de/0x360
[   41.425954]  ? __pfx_perf_release+0x10/0x10
[   41.426776]  perf_release+0x22/0x30
[   41.427378]  __fput+0x11f/0x450
[   41.427728]  ____fput+0x1e/0x30
[   41.428077]  task_work_run+0xb6/0x120
[   41.428560]  do_exit+0x521/0x1340
[   41.428924]  ? lockdep_hardirqs_on+0x8a/0x110
[   41.429397]  ? trace_hardirqs_on+0x3f/0x100
[   41.429856]  do_group_exit+0x5e/0xf0
[   41.430231]  __x64_sys_exit_group+0x25/0x30
[   41.430661]  do_syscall_64+0x3b/0x90
[   41.431024]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   41.431559] RIP: 0033:0x7f64e31ffcf6
[   41.431949] Code: Unable to access opcode bytes at 0x7f64e31ffccc.
[   41.432591] RSP: 002b:00007fff5123a8d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   41.433368] RAX: ffffffffffffffda RBX: 00007f64e330a490 RCX: 00007f64e31ffcf6
[   41.434240] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
[   41.435001] RBP: 0000000000000000 R08: 00000000000000e7 R09: ffffffffffffff80
[   41.435748] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f64e330a490
[   41.436460] R13: 0000000000000001 R14: 00007f64e330de88 R15: 0000000000000000
[   41.437174]  </TASK>
[   41.437432] irq event stamp: 2811
[   41.437824] hardirqs last  enabled at (2819): [<ffffffff811d48f1>] __up_console_sem+0x91/0xb0
[   41.438692] hardirqs last disabled at (2826): [<ffffffff811d48d6>] __up_console_sem+0x76/0xb0
[   41.439644] softirqs last  enabled at (2480): [<ffffffff82f9b213>] __do_softirq+0x323/0x48a
[   41.440499] softirqs last disabled at (2353): [<ffffffff811231a2>] irq_exit_rcu+0xd2/0x100
[   41.441352] ---[ end trace 0000000000000000 ]---
"

[bd27568117664b8b3e259721393df420ed51f57b] perf: Rewrite core context handling

All reproduced code and bisect info is in link:
https://github.com/xupengfe/syzkaller_logs/blob/main/221229_114350_put_pmu_ctx/bisect_info.log

I hope it's helpful.

Thanks!
BR.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ