| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 May 2023 17:32:45 +0800
From: kernel test robot <yujie.liu@...el.com>
To: Anna-Maria Behnsen <anna-maria@...utronix.de>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
<linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
John Stultz <jstultz@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>,
Eric Dumazet <edumazet@...gle.com>,
"Rafael J . Wysocki" <rafael.j.wysocki@...el.com>,
Arjan van de Ven <arjan@...radead.org>,
"Paul E . McKenney" <paulmck@...nel.org>,
"Frederic Weisbecker" <fweisbec@...il.com>,
Rik van Riel <riel@...riel.com>,
"Steven Rostedt" <rostedt@...dmis.org>,
Sebastian Siewior <bigeasy@...utronix.de>,
Giovanni Gherdovich <ggherdovich@...e.cz>,
Lukasz Luba <lukasz.luba@....com>,
"Gautham R . Shenoy" <gautham.shenoy@....com>,
Anna-Maria Behnsen <anna-maria@...utronix.de>
Subject: Re: [PATCH v6 19/21] timer: Implement the hierarchical pull model
Hello,
kernel test robot noticed "kernel_BUG_at_kernel/irq_work.c" on:
commit: b7b5fd3151484719c204ea27ccd350dbfda0642b ("[PATCH v6 19/21] timer: Implement the hierarchical pull model")
url: https://github.com/intel-lab-lkp/linux/commits/Anna-Maria-Behnsen/tick-sched-Warn-when-next-tick-seems-to-be-in-the-past/20230510-153205
base: https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git 158009f1b4a33bc0f354b994eea361362bd83226
patch link: https://lore.kernel.org/all/20230510072817.116056-20-anna-maria@linutronix.de/
patch subject: [PATCH v6 19/21] timer: Implement the hierarchical pull model
in testcase: boot
compiler: gcc-11
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+-------------------------------------------------------+------------+------------+
| | 6f5a6b769b | b7b5fd3151 |
+-------------------------------------------------------+------------+------------+
| boot_successes | 38 | 0 |
| boot_failures | 0 | 38 |
| kernel_BUG_at_kernel/irq_work.c | 0 | 38 |
| invalid_opcode:#[##] | 0 | 38 |
| EIP:irq_work_run_list | 0 | 38 |
| EIP:default_idle | 0 | 13 |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 38 |
| EIP:console_flush_all | 0 | 25 |
+-------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
| Reported-by: kernel test robot <yujie.liu@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202305191332.81b04be9-yujie.liu@intel.com
[ 4.915715][ C1] ------------[ cut here ]------------
[ 4.915716][ C1] kernel BUG at kernel/irq_work.c:235!
[ 4.915724][ C1] invalid opcode: 0000 [#1] SMP PTI
[ 4.915728][ C1] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.3.0-rc3-00049-gb7b5fd315148 #1
[ 4.915730][ C1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 4.915731][ C1] EIP: irq_work_run_list (kernel/irq_work.c:235 (discriminator 1))
[ 4.915736][ C1] Code: 8b 10 85 d2 74 19 87 18 85 db 74 13 8d b6 00 00 00 00 89 d8 8b 1b e8 57 ff ff ff 85 db 75 f3 8b 5d fc c9 c3 8d b6 00 00 00 00 <0f> 0b 8d b6 00 00 00 00 55 b8 c4 bc 42 c2 64 03 05 70 f5 41 c2 89
All code
========
0: 8b 10 mov (%rax),%edx
2: 85 d2 test %edx,%edx
4: 74 19 je 0x1f
6: 87 18 xchg %ebx,(%rax)
8: 85 db test %ebx,%ebx
a: 74 13 je 0x1f
c: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
12: 89 d8 mov %ebx,%eax
14: 8b 1b mov (%rbx),%ebx
16: e8 57 ff ff ff call 0xffffffffffffff72
1b: 85 db test %ebx,%ebx
1d: 75 f3 jne 0x12
1f: 8b 5d fc mov -0x4(%rbp),%ebx
22: c9 leave
23: c3 ret
24: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
2a:* 0f 0b ud2 <-- trapping instruction
2c: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
32: 55 push %rbp
33: b8 c4 bc 42 c2 mov $0xc242bcc4,%eax
38: 64 03 05 70 f5 41 c2 add %fs:-0x3dbe0a90(%rip),%eax # 0xffffffffc241f5af
3f: 89 .byte 0x89
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
8: 55 push %rbp
9: b8 c4 bc 42 c2 mov $0xc242bcc4,%eax
e: 64 03 05 70 f5 41 c2 add %fs:-0x3dbe0a90(%rip),%eax # 0xffffffffc241f585
15: 89 .byte 0x89
[ 4.915738][ C1] EAX: e8552cc0 EBX: 00000200 ECX: ffff410d EDX: 00000000
[ 4.915740][ C1] ESI: 00000000 EDI: 00000001 EBP: c3059d04 ESP: c3059d00
[ 4.915742][ C1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010206
[ 4.915748][ C1] CR0: 80050033 CR2: b7f99000 CR3: 0243e000 CR4: 000406f0
[ 4.915749][ C1] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 4.915750][ C1] DR6: fffe0ff0 DR7: 00000400
[ 4.915752][ C1] Call Trace:
[ 4.915754][ C1] irq_work_tick (kernel/irq_work.c:270)
[ 4.915757][ C1] update_process_times (kernel/time/timer.c:2340)
[ 4.915762][ C1] tick_sched_handle (kernel/time/tick-sched.c:244)
[ 4.915767][ C1] tick_sched_timer (kernel/time/tick-sched.c:1490)
[ 4.915769][ C1] ? tick_sched_do_timer (kernel/time/tick-sched.c:1472)
[ 4.915771][ C1] __hrtimer_run_queues (kernel/time/hrtimer.c:1685 kernel/time/hrtimer.c:1749)
[ 4.915775][ C1] hrtimer_interrupt (kernel/time/hrtimer.c:1814)
[ 4.915777][ C1] ? sysvec_call_function_single (arch/x86/kernel/apic/apic.c:1107)
[ 4.915781][ C1] __sysvec_apic_timer_interrupt (include/linux/jump_label.h:207 include/linux/jump_label.h:207 arch/x86/include/asm/trace/irq_vectors.h:41 arch/x86/kernel/apic/apic.c:1114)
[ 4.915786][ C1] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1107)
[ 4.915788][ C1] ? univ8250_console_exit (drivers/tty/serial/8250/8250_core.c:581)
[ 4.915792][ C1] handle_exception (arch/x86/entry/entry_32.S:1083)
[ 4.915796][ C1] EIP: console_flush_all (kernel/printk/printk.c:2948)
[ 4.915800][ C1] Code: 55 cc b8 00 42 22 c2 88 4d d8 e8 0f 74 01 00 0f b6 4d d8 8b 45 d4 88 08 e8 41 22 00 00 f7 45 d0 00 02 00 00 74 01 fb 8b 45 d4 <80> 38 00 0f 85 b9 00 00 00 8b 57 40 8b 46 04 8b 4f 3c 39 0e 19 d0
All code
========
0: 55 push %rbp
1: cc int3
2: b8 00 42 22 c2 mov $0xc2224200,%eax
7: 88 4d d8 mov %cl,-0x28(%rbp)
a: e8 0f 74 01 00 call 0x1741e
f: 0f b6 4d d8 movzbl -0x28(%rbp),%ecx
13: 8b 45 d4 mov -0x2c(%rbp),%eax
16: 88 08 mov %cl,(%rax)
18: e8 41 22 00 00 call 0x225e
1d: f7 45 d0 00 02 00 00 testl $0x200,-0x30(%rbp)
24: 74 01 je 0x27
26: fb sti
27: 8b 45 d4 mov -0x2c(%rbp),%eax
2a:* 80 38 00 cmpb $0x0,(%rax) <-- trapping instruction
2d: 0f 85 b9 00 00 00 jne 0xec
33: 8b 57 40 mov 0x40(%rdi),%edx
36: 8b 46 04 mov 0x4(%rsi),%eax
39: 8b 4f 3c mov 0x3c(%rdi),%ecx
3c: 39 0e cmp %ecx,(%rsi)
3e: 19 d0 sbb %edx,%eax
Code starting with the faulting instruction
===========================================
0: 80 38 00 cmpb $0x0,(%rax)
3: 0f 85 b9 00 00 00 jne 0xc2
9: 8b 57 40 mov 0x40(%rdi),%edx
c: 8b 46 04 mov 0x4(%rsi),%eax
f: 8b 4f 3c mov 0x3c(%rdi),%ecx
12: 39 0e cmp %ecx,(%rsi)
14: 19 d0 sbb %edx,%eax
[ 4.915802][ C1] EAX: c3059e83 EBX: c168fa80 ECX: 00000000 EDX: 00000000
[ 4.915803][ C1] ESI: c3059e84 EDI: c2283600 EBP: c3059e78 ESP: c3059e40
[ 4.915805][ C1] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00000206
[ 4.915807][ C1] ? univ8250_console_exit (drivers/tty/serial/8250/8250_core.c:581)
[ 4.915809][ C1] ? sysvec_call_function_single (arch/x86/kernel/apic/apic.c:1107)
[ 4.915812][ C1] ? sysvec_call_function_single (arch/x86/kernel/apic/apic.c:1107)
[ 4.915814][ C1] ? console_flush_all (kernel/printk/printk.c:2948)
[ 4.915816][ C1] console_unlock (kernel/printk/printk.c:3017)
[ 4.915819][ C1] vprintk_emit (kernel/printk/printk.c:2317)
[ 4.915821][ C1] vprintk_default (kernel/printk/printk.c:2328)
[ 4.915823][ C1] vprintk (kernel/printk/printk_safe.c:50)
[ 4.915825][ C1] _printk (kernel/printk/printk.c:2341)
[ 4.915827][ C1] trace_initcall_finish_cb (init/main.c:1264)
[ 4.915831][ C1] ? genl_init (net/bpf/test_run.c:1693)
[ 4.915834][ C1] ? genl_init (net/bpf/test_run.c:1693)
[ 4.915836][ C1] ? genl_init (net/bpf/test_run.c:1693)
[ 4.915838][ C1] do_one_initcall (include/trace/events/initcall.h:48 init/main.c:1307)
[ 4.915840][ C1] ? rdinit_setup (init/main.c:1363)
[ 4.915844][ C1] ? rdinit_setup (init/main.c:1363)
[ 4.915847][ C1] do_initcalls (init/main.c:1378 init/main.c:1395)
[ 4.915850][ C1] kernel_init_freeable (init/main.c:1638)
[ 4.915852][ C1] ? rest_init (init/main.c:1514)
[ 4.915855][ C1] kernel_init (init/main.c:1524)
[ 4.915857][ C1] ret_from_fork (arch/x86/entry/entry_32.S:770)
[ 4.915859][ C1] Modules linked in:
[ 4.915862][ C1] ---[ end trace 0000000000000000 ]---
[ 4.915863][ C1] EIP: irq_work_run_list (kernel/irq_work.c:235 (discriminator 1))
[ 4.915865][ C1] Code: 8b 10 85 d2 74 19 87 18 85 db 74 13 8d b6 00 00 00 00 89 d8 8b 1b e8 57 ff ff ff 85 db 75 f3 8b 5d fc c9 c3 8d b6 00 00 00 00 <0f> 0b 8d b6 00 00 00 00 55 b8 c4 bc 42 c2 64 03 05 70 f5 41 c2 89
All code
========
0: 8b 10 mov (%rax),%edx
2: 85 d2 test %edx,%edx
4: 74 19 je 0x1f
6: 87 18 xchg %ebx,(%rax)
8: 85 db test %ebx,%ebx
a: 74 13 je 0x1f
c: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
12: 89 d8 mov %ebx,%eax
14: 8b 1b mov (%rbx),%ebx
16: e8 57 ff ff ff call 0xffffffffffffff72
1b: 85 db test %ebx,%ebx
1d: 75 f3 jne 0x12
1f: 8b 5d fc mov -0x4(%rbp),%ebx
22: c9 leave
23: c3 ret
24: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
2a:* 0f 0b ud2 <-- trapping instruction
2c: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
32: 55 push %rbp
33: b8 c4 bc 42 c2 mov $0xc242bcc4,%eax
38: 64 03 05 70 f5 41 c2 add %fs:-0x3dbe0a90(%rip),%eax # 0xffffffffc241f5af
3f: 89 .byte 0x89
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
8: 55 push %rbp
9: b8 c4 bc 42 c2 mov $0xc242bcc4,%eax
e: 64 03 05 70 f5 41 c2 add %fs:-0x3dbe0a90(%rip),%eax # 0xffffffffc241f585
15: 89 .byte 0x89
To reproduce:
# build kernel
cd linux
cp config-6.3.0-rc3-00049-gb7b5fd315148 .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
View attachment "config-6.3.0-rc3-00049-gb7b5fd315148" of type "text/plain" (145240 bytes)
View attachment "job-script" of type "text/plain" (4668 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (22316 bytes)
Powered by blists - more mailing lists