| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Jul 2023 10:04:16 +0800
From: kernel test robot <oliver.sang@...el.com>
To: "Liam R. Howlett" <Liam.Howlett@...cle.com>
CC: Linus Torvalds <torvalds@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>, <lkp@...ts.01.org>,
<lkp@...el.com>, <oliver.sang@...el.com>
Subject: [mm] 408579cd62: WARNING:suspicious_RCU_usage
Greeting,
FYI, we noticed the following commit (built with clang-15):
commit: 408579cd627a15bd703fe3eeb8485fd02726e9d3 ("mm: Update do_vmi_align_munmap() return semantics")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 215.088258][ T1] WARNING: suspicious RCU usage
[ 215.089042][ T1] 6.4.0-09907-g408579cd627a #1 Not tainted
[ 215.090018][ T1] -----------------------------
[ 215.090877][ T1] lib/maple_tree.c:860 suspicious rcu_dereference_check() usage!
[ 215.092160][ T1]
[ 215.092160][ T1] other info that might help us debug this:
[ 215.092160][ T1]
[ 215.093936][ T1]
[ 215.093936][ T1] rcu_scheduler_active = 2, debug_locks = 1
[ 215.095232][ T1] no locks held by init/1.
[ 215.095989][ T1]
[ 215.095989][ T1] stack backtrace:
[ 215.097067][ T1] CPU: 0 PID: 1 Comm: init Not tainted 6.4.0-09907-g408579cd627a #1
[ 215.098372][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 215.099963][ T1] Call Trace:
[ 215.100474][ T1] <TASK>
[ 215.101027][ T1] dump_stack_lvl (lib/dump_stack.c:107)
[ 215.101807][ T1] lockdep_rcu_suspicious (include/linux/context_tracking.h:122)
[ 215.102688][ T1] mas_start (lib/maple_tree.c:?)
[ 215.103355][ T1] mas_find (lib/maple_tree.c:3861 lib/maple_tree.c:4980 lib/maple_tree.c:5924 lib/maple_tree.c:5965)
[ 215.104024][ T1] validate_mm (mm/mmap.c:301)
[ 215.104777][ T1] do_vmi_align_munmap (mm/mmap.c:?)
[ 215.105691][ T1] do_vmi_munmap (mm/mmap.c:2619)
[ 215.106384][ T1] __vm_munmap (mm/mmap.c:2899)
[ 215.107145][ T1] __x64_sys_munmap (mm/mmap.c:2916 mm/mmap.c:2913 mm/mmap.c:2913)
[ 215.107962][ T1] do_syscall_64 (arch/x86/entry/common.c:?)
[ 215.108784][ T1] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)
[ 215.109733][ T1] RIP: 0033:0x7f5ef4577e07
[ 215.110443][ T1] Code: 0f 1f 00 f7 d8 89 05 60 03 01 00 48 c7 c0 ff ff ff ff eb 99 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d 31 03 01 00 f7 d8 89 01 48 83
All code
========
0: 0f 1f 00 nopl (%rax)
3: f7 d8 neg %eax
5: 89 05 60 03 01 00 mov %eax,0x10360(%rip) # 0x1036b
b: 48 c7 c0 ff ff ff ff mov $0xffffffffffffffff,%rax
12: eb 99 jmp 0xffffffffffffffad
14: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1)
1b: 00 00 00
1e: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
23: b8 0b 00 00 00 mov $0xb,%eax
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 01 jae 0x33
32: c3 ret
33: 48 8d 0d 31 03 01 00 lea 0x10331(%rip),%rcx # 0x1036b
3a: f7 d8 neg %eax
3c: 89 01 mov %eax,(%rcx)
3e: 48 rex.W
3f: 83 .byte 0x83
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 01 jae 0x9
8: c3 ret
9: 48 8d 0d 31 03 01 00 lea 0x10331(%rip),%rcx # 0x10341
10: f7 d8 neg %eax
12: 89 01 mov %eax,(%rcx)
14: 48 rex.W
15: 83 .byte 0x83
[ 215.113442][ T1] RSP: 002b:00007fff4bee7608 EFLAGS: 00000202 ORIG_RAX: 000000000000000b
[ 215.114734][ T1] RAX: ffffffffffffffda RBX: 0000008d3439883d RCX: 00007f5ef4577e07
[ 215.115953][ T1] RDX: 0000008d00000000 RSI: 00000000000065e0 RDI: 00007f5ef42bf000
[ 215.117299][ T1] RBP: 00007fff4bee78b0 R08: 0000000000000000 R09: 00007f5ef3fd6738
[ 215.118541][ T1] R10: 00007f5ef4586f78 R11: 0000000000000202 R12: 0000008d2ecd462d
[ 215.119813][ T1] R13: 00007f5ef4588180 R14: 00007f5ef4588180 R15: 00007f5ef38ef900
[ 215.121130][ T1] </TASK>
[ 215.121750][ T1]
[ 215.122149][ T1] =============================
[ 215.122955][ T1] WARNING: suspicious RCU usage
[ 215.123772][ T1] 6.4.0-09907-g408579cd627a #1 Not tainted
[ 215.124752][ T1] -----------------------------
[ 215.125549][ T1] lib/maple_tree.c:816 suspicious rcu_dereference_check() usage!
[ 215.126747][ T1]
[ 215.126747][ T1] other info that might help us debug this:
[ 215.126747][ T1]
[ 215.128401][ T1]
[ 215.128401][ T1] rcu_scheduler_active = 2, debug_locks = 1
[ 215.129720][ T1] no locks held by init/1.
[ 215.130417][ T1]
[ 215.130417][ T1] stack backtrace:
[ 215.131392][ T1] CPU: 0 PID: 1 Comm: init Not tainted 6.4.0-09907-g408579cd627a #1
[ 215.132633][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 215.134353][ T1] Call Trace:
[ 215.134896][ T1] <TASK>
[ 215.135380][ T1] dump_stack_lvl (lib/dump_stack.c:107)
[ 215.136130][ T1] lockdep_rcu_suspicious (include/linux/context_tracking.h:122)
[ 215.137047][ T1] mtree_range_walk (lib/maple_tree.c:?)
[ 215.137865][ T1] mas_find (lib/maple_tree.c:3868 lib/maple_tree.c:4980 lib/maple_tree.c:5924 lib/maple_tree.c:5965)
[ 215.138570][ T1] validate_mm (mm/mmap.c:301)
[ 215.139322][ T1] do_vmi_align_munmap (mm/mmap.c:?)
[ 215.140203][ T1] do_vmi_munmap (mm/mmap.c:2619)
[ 215.140985][ T1] __vm_munmap (mm/mmap.c:2899)
[ 215.141721][ T1] __x64_sys_munmap (mm/mmap.c:2916 mm/mmap.c:2913 mm/mmap.c:2913)
[ 215.142511][ T1] do_syscall_64 (arch/x86/entry/common.c:?)
[ 215.143276][ T1] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)
[ 215.144276][ T1] RIP: 0033:0x7f5ef4577e07
[ 215.144998][ T1] Code: 0f 1f 00 f7 d8 89 05 60 03 01 00 48 c7 c0 ff ff ff ff eb 99 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d 31 03 01 00 f7 d8 89 01 48 83
All code
========
0: 0f 1f 00 nopl (%rax)
3: f7 d8 neg %eax
5: 89 05 60 03 01 00 mov %eax,0x10360(%rip) # 0x1036b
b: 48 c7 c0 ff ff ff ff mov $0xffffffffffffffff,%rax
12: eb 99 jmp 0xffffffffffffffad
14: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1)
1b: 00 00 00
1e: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
23: b8 0b 00 00 00 mov $0xb,%eax
28: 0f 05 syscall
2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 01 jae 0x33
32: c3 ret
33: 48 8d 0d 31 03 01 00 lea 0x10331(%rip),%rcx # 0x1036b
3a: f7 d8 neg %eax
3c: 89 01 mov %eax,(%rcx)
3e: 48 rex.W
3f: 83 .byte 0x83
Code starting with the faulting instruction
===========================================
0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax
6: 73 01 jae 0x9
8: c3 ret
9: 48 8d 0d 31 03 01 00 lea 0x10331(%rip),%rcx # 0x10341
10: f7 d8 neg %eax
12: 89 01 mov %eax,(%rcx)
14: 48 rex.W
15: 83 .byte 0x83
[ 215.148009][ T1] RSP: 002b:00007fff4bee7608 EFLAGS: 00000202 ORIG_RAX: 000000000000000b
[ 215.149494][ T1] RAX: ffffffffffffffda RBX: 0000008d3439883d RCX: 00007f5ef4577e07
[ 215.150834][ T1] RDX: 0000008d00000000 RSI: 00000000000065e0 RDI: 00007f5ef42bf000
[ 215.152031][ T1] RBP: 00007fff4bee78b0 R08: 0000000000000000 R09: 00007f5ef3fd6738
[ 215.153251][ T1] R10: 00007f5ef4586f78 R11: 0000000000000202 R12: 0000008d2ecd462d
[ 215.154510][ T1] R13: 00007f5ef4588180 R14: 00007f5ef4588180 R15: 00007f5ef38ef900
[ 215.155756][ T1] </TASK>
[ 215.182678][ T1] systemd[1]: RTC configured in localtime, applying delta of 0 minutes to system time.
Welcome to Debian GNU/Linux 11 (bullseye)!
[ 215.449392][ T79] process 79 ((sd-executor)) attempted a POSIX timer syscall while CONFIG_POSIX_TIMERS is not set
[ 215.758912][ T84] systemd-getty-g (84) used greatest stack depth: 26896 bytes left
[ 215.948756][ T80] systemd-bless-b (80) used greatest stack depth: 26864 bytes left
[ 218.217378][ C1] random: crng init done
To reproduce:
# build kernel
cd linux
cp config-6.4.0-09907-g408579cd627a .config
make HOSTCC=clang-15 CC=clang-15 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=clang-15 CC=clang-15 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
View attachment "config-6.4.0-09907-g408579cd627a" of type "text/plain" (128204 bytes)
View attachment "job-script" of type "text/plain" (5026 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (14268 bytes)
Powered by blists - more mailing lists