lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y+J5ev/R/Sz6nwBF@hirez.programming.kicks-ass.net>
Date:   Tue, 7 Feb 2023 17:16:58 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Arnd Bergmann <arnd@...db.de>
Cc:     Josh Poimboeuf <jpoimboe@...nel.org>, linux-kernel@...r.kernel.org,
        llvm@...ts.linux.dev
Subject: Re: current objtool warnings from randconfig builds

On Tue, Feb 07, 2023 at 11:25:27AM +0100, Arnd Bergmann wrote:
> Hi Josh and Peter,
> 
> I've updated my randconfig test setup to use gcc-13 and clang-16, and
> have sent fixes for all normal WERROR=y build warnings, but there are a
> lot of objtool warnings that remain. I've reported some of them in
> the past, some others are new. It would be nice to at least reduce
> the number of warnings either through code changes or workarounds
> in objtool for any false positives.
> 
> Out of 1500 builds, about a third had any warnings, this is the full
> list sorted by frequency. Let me know if there are any that you haven't
> seen before, I can provide the corresponding object and config files
> for reproducing.
> 
>     Arnd
> 
> 8<---
> 205 mm/kasan/shadow.o: warning: objtool: __asan_memset+0x2e: call to __memset() with UACCESS enabled
> 205 mm/kasan/shadow.o: warning: objtool: __asan_memmove+0x48: call to __memmove() with UACCESS enabled
> 205 mm/kasan/shadow.o: warning: objtool: __asan_memcpy+0x48: call to __memcpy() with UACCESS enabled

Patch pending here:

  https://git.kernel.org/pub/scm/linux/kernel/git/peterz/queue.git/commit/?h=sched/core-robot&id=79cdfdacd5b8d1ac77e24ccbc178bba0294d0d78


> 80 vmlinux.o: warning: objtool: ibt_selftest+0x11: sibling call from callable instruction with modified stack frame

Can you provide details on how to reproduce this?

> 49 vmlinux.o: warning: objtool: lkdtm_UNSET_SMEP+0x100: relocation to !ENDBR: native_write_cr4+0x4

That one was on purpose I think.

> 29 mm/kasan/generic.o: warning: objtool: kasan_check_range+0x1e: call to addr_has_metadata() with UACCESS enabled
> 29 mm/kasan/generic.o: warning: objtool: __asan_load2+0x11: call to addr_has_metadata() with UACCESS enabled

I'm thinking addr_has_metadata() needs the __always_inline treatment, it
seems to be present a lot.

> 28 mm/kasan/generic.o: warning: objtool: __asan_store16+0x11: call to addr_has_metadata() with UACCESS enabled
> 28 mm/kasan/generic.o: warning: objtool: __asan_load16+0x11: call to addr_has_metadata() with UACCESS enabled
> 22 mm/kasan/generic.o: warning: objtool: __asan_load4+0x11: call to addr_has_metadata() with UACCESS enabled
> 21 mm/kasan/generic.o: warning: objtool: __asan_store4+0x11: call to addr_has_metadata() with UACCESS enabled
> 21 mm/kasan/generic.o: warning: objtool: __asan_store1+0x11: call to addr_has_metadata() with UACCESS enabled
> 21 mm/kasan/generic.o: warning: objtool: __asan_load8+0x11: call to addr_has_metadata() with UACCESS enabled
> 21 mm/kasan/generic.o: warning: objtool: __asan_load1+0x11: call to addr_has_metadata() with UACCESS enabled

> 29 drivers/gpu/drm/vmwgfx/vmwgfx_msg.o: warning: objtool: vmw_port_hb_out+0x15e: return with modified stack frame
> 29 drivers/gpu/drm/vmwgfx/vmwgfx_msg.o: warning: objtool: vmw_port_hb_out+0x11d: stack state mismatch: cfa1=5+16 cfa2=4+8
> 29 drivers/gpu/drm/vmwgfx/vmwgfx_msg.o: warning: objtool: vmw_port_hb_in+0x150: return with modified stack frame
> 29 drivers/gpu/drm/vmwgfx/vmwgfx_msg.o: warning: objtool: vmw_port_hb_in+0x13d: stack state mismatch: cfa1=5+16 cfa2=4+8
> 29 drivers/gpu/drm/vmwgfx/vmwgfx.o: warning: objtool: vmw_port_hb_out+0xe2: return with modified stack frame
> 29 drivers/gpu/drm/vmwgfx/vmwgfx.o: warning: objtool: vmw_port_hb_out+0xd1: stack state mismatch: cfa1=5+16 cfa2=4+8
> 29 drivers/gpu/drm/vmwgfx/vmwgfx.o: warning: objtool: vmw_port_hb_in+0xea: return with modified stack frame
> 29 drivers/gpu/drm/vmwgfx/vmwgfx.o: warning: objtool: vmw_port_hb_in+0xcc: stack state mismatch: cfa1=5+16 cfa2=4+8

Repro details?

> 18 fs/reiserfs/reiserfs.o: warning: objtool: balance_internal+0x1238: stack state mismatch: cfa1=4+248 cfa2=4+256
> 18 fs/reiserfs/ibalance.o: warning: objtool: balance_internal+0x10a2: stack state mismatch: cfa1=4+232 cfa2=4+256
> 17 arch/x86/coco/tdx/tdcall.o: warning: objtool: __tdx_hypercall+0xb0: return with modified stack frame

Fix on list somewhere..

> 15 vmlinux.o: warning: objtool: ftrace_likely_update+0xd2: call to __stack_chk_fail() with UACCESS enabled
> 15 kernel/trace/trace_branch.o: warning: objtool: ftrace_likely_update+0x201: call to __stack_chk_fail() with UACCESS enabled

-EWONTFIX, TRACE_BRANCH_PROFILING is fundamentally incompatible with
lots of things.

> 14 mm/kasan/generic.o: warning: objtool: __asan_store2+0x11: call to addr_has_metadata() with UACCESS enabled
> 13 mm/kasan/generic.o: warning: objtool: __asan_store8+0x11: call to addr_has_metadata() with UACCESS enabled

> 14 arch/x86/kvm/kvm.o: warning: objtool: .text+0x0: unreachable instruction

details?

> 11 vmlinux.o: warning: objtool: replace_key+0x1b2: stack state mismatch: cfa1=4+72 cfa2=4+88
> 8 vmlinux.o: warning: objtool: set_ftrace_ops_ro+0x49: relocation to !ENDBR: kgdb_ll_trap+0x6a
> 8 vmlinux.o: warning: objtool: set_ftrace_ops_ro+0x28: relocation to !ENDBR: kgdb_arch_late+0x193
> 8 vmlinux.o: warning: objtool: set_ftrace_ops_ro+0x23: relocation to !ENDBR: kexec_mark_range+0x13
> 8 vmlinux.o: warning: objtool: set_ftrace_ops_ro+0x23: relocation to !ENDBR: kexec_mark_crashkres+0x53
> 8 vmlinux.o: warning: objtool: set_ftrace_ops_ro+0x23: relocation to !ENDBR: .text+0x4b314
> 8 drivers/media/platform/qcom/camss/qcom-camss.o: warning: objtool: csiphy_lanes_enable() falls through to next function __cfi_csiphy_hw_version_read()
> 8 drivers/media/platform/qcom/camss/camss-csiphy-3ph-1-0.o: warning: objtool: csiphy_lanes_enable() falls through to next function __cfi_csiphy_get_lane_mask()
> 7 vmlinux.o: warning: objtool: internal_move_pointers_items+0x3fa: stack state mismatch: cfa1=4+144 cfa2=4+136
> 7 fs/jffs2/jffs2.o: warning: objtool: jffs2_erase_pending_blocks() falls through to next function jffs2_free_jeb_node_refs()
> 7 fs/jffs2/erase.o: warning: objtool: jffs2_erase_pending_blocks() falls through to next function __cfi_jffs2_free_jeb_node_refs()
> 7 drivers/hwmon/pmbus/adm1275.o: warning: objtool: adm1275_probe+0x574: unreachable instruction
> 5 vmlinux.o: warning: objtool: exynos3250_cmu_isp_probe+0x17: unreachable instruction
> 5 arch/x86/mm/fault.o: warning: objtool: do_user_addr_fault+0x2c0: unreachable instruction
> 5 arch/x86/kvm/kvm-amd.o: warning: objtool: __svm_vcpu_run+0x141: BP used as a scratch register
> 5 arch/x86/kvm/kvm-amd.o: warning: objtool: __svm_sev_es_vcpu_run+0x36: BP used as a scratch register
> 4 vmlinux.o: warning: objtool: resume_play_dead+0xe: unreachable instruction
> 4 vmlinux.o: warning: objtool: hyperv_init+0x55c: unreachable instruction
> 4 vmlinux.o: warning: objtool: do_idle+0x15e: unreachable instruction
> 4 drivers/media/i2c/m5mols/m5mols_core.o: warning: objtool: m5mols_set_fmt() falls through to next function __cfi_m5mols_get_frame_desc()
> 3 vmlinux.o: warning: objtool: nmi_panic+0x2d: unreachable instruction
> 3 vmlinux.o: warning: objtool: mptscsih_abort+0x319: unreachable instruction
> 3 vmlinux.o: warning: objtool: internal_delete_pointers_items+0x392: stack state mismatch: cfa1=4+136 cfa2=4+144
> 3 vmlinux.o: warning: objtool: emulate_vsyscall+0x1ff: unreachable instruction
> 3 vmlinux.o: warning: objtool: do_arch_prctl_64+0x1ac: unreachable instruction
> 3 fs/xfs/libxfs/xfs_da_btree.o: warning: objtool: xfs_da_grow_inode_int+0x397: stack state mismatch: reg1[12]=-2-48 reg2[12]=-1+0
> 3 drivers/spi/spi-amd.o: warning: objtool: amd_spi_master_transfer() falls through to next function __cfi_amd_spi_max_transfer_size()
> 3 drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section
> 3 drivers/gpu/drm/i915/gt/intel_timeline.o: warning: objtool: live_hwsp_read+0x318: stack state mismatch: cfa1=4+240 cfa2=5+48
> 3 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0xba7: unreachable instruction
> 2 vmlinux.o: warning: objtool: xenpv_exc_double_fault+0x9: unreachable instruction
> 2 vmlinux.o: warning: objtool: pwm_mediatek_apply() falls through to next function mtk_disp_pwm_probe()
> 2 vmlinux.o: warning: objtool: force_ibs_eilvt_setup+0xad: unreachable instruction
> 2 vmlinux.o: warning: objtool: exynos7885_cmu_probe+0x1b: unreachable instruction
> 2 vmlinux.o: warning: objtool: do_one_initcall+0x1f6: unreachable instruction

> 2 mm/kmsan/report.o: warning: objtool: kmsan_report+0x0: call to __fentry__() with UACCESS enabled

mm/kasan/Makefil:CFLAGS_REMOVE_report.o = $(CC_FLAGS_FTRACE)

How?!?!


> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_warning+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_poison_alloca+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_store_n+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_store_8+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_store_4+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_store_2+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_store_1+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_load_n+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_load_8+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_load_4+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_load_2+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_metadata_ptr_for_load_1+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_instrument_asm_store+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_get_context_state+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/instrumentation.o: warning: objtool: __msan_chain_origin+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/hooks.o: warning: objtool: kmsan_unpoison_memory+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/hooks.o: warning: objtool: kmsan_unpoison_entry_regs+0x0: call to __fentry__() with UACCESS enabled
> 2 mm/kmsan/hooks.o: warning: objtool: kmsan_copy_to_user+0x0: call to __fentry__() with UACCESS enabled

Something seems to be going badly wrong there... notrace is being lost.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ