lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202312052248.1270bdba-oliver.sang@intel.com>
Date:   Tue, 5 Dec 2023 22:21:28 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Peter Zijlstra <peterz@...radead.org>
CC:     <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
        <linux-kernel@...r.kernel.org>, <x86@...nel.org>,
        Budimir Markovic <markovicbudimir@...il.com>,
        <linux-perf-users@...r.kernel.org>, <oliver.sang@...el.com>
Subject: [tip:perf/urgent] [perf]  382c27f4ed:
 WARNING:at_kernel/events/core.c:#__do_sys_perf_event_open



Hello,

kernel test robot noticed "WARNING:at_kernel/events/core.c:#__do_sys_perf_event_open" on:

commit: 382c27f4ed28f803b1f1473ac2d8db0afc795a1b ("perf: Fix perf_event_validate_size()")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git perf/urgent

[test failed on linux-next/master 5eda217cee887e595ba2265435862d585d399769]

in testcase: trinity
version: trinity-i386-abe9de86-1_20230429
with following parameters:

	runtime: 300s
	group: group-03
	nr_groups: 5

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202312052248.1270bdba-oliver.sang@intel.com


[   78.338247][ T3537] ------------[ cut here ]------------
[ 78.338606][ T3537] WARNING: CPU: 0 PID: 3537 at kernel/events/core.c:1950 __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[   78.339187][ T3537] Modules linked in: input_leds(E) crc32_pclmul(E) led_class(E) uio_pdrv_genirq(E) uio(E) serio_raw(E) pcspkr(E) qemu_fw_cfg(E) drm(E) drm_panel_orientation_quirks(E) backlight(E) fuse(E) i2c_core(E) configfs(E)
[   78.340357][ T3537] CPU: 0 PID: 3537 Comm: trinity-main Tainted: G        W   E    N 6.7.0-rc3-00001-g382c27f4ed28 #1
[ 78.340938][ T3537] EIP: __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[ 78.341261][ T3537] Code: ff e9 8c fb ff ff 8b 85 48 ff ff ff 83 ca ff 8b 80 c0 01 00 00 89 85 40 ff ff ff 83 c0 68 e8 c6 bd a2 00 48 0f 84 59 fb ff ff <0f> 0b e9 52 fb ff ff 0f 0b 8d b4 26 00 00 00 00 8d 76 00 e9 8a fb
All code
========
   0:	ff                   	(bad)
   1:	e9 8c fb ff ff       	jmp    0xfffffffffffffb92
   6:	8b 85 48 ff ff ff    	mov    -0xb8(%rbp),%eax
   c:	83 ca ff             	or     $0xffffffff,%edx
   f:	8b 80 c0 01 00 00    	mov    0x1c0(%rax),%eax
  15:	89 85 40 ff ff ff    	mov    %eax,-0xc0(%rbp)
  1b:	83 c0 68             	add    $0x68,%eax
  1e:	e8 c6 bd a2 00       	call   0xa2bde9
  23:	48 0f 84 59 fb ff ff 	rex.W je 0xfffffffffffffb83
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	e9 52 fb ff ff       	jmp    0xfffffffffffffb83
  31:	0f 0b                	ud2
  33:	8d b4 26 00 00 00 00 	lea    0x0(%rsi,%riz,1),%esi
  3a:	8d 76 00             	lea    0x0(%rsi),%esi
  3d:	e9                   	.byte 0xe9
  3e:	8a fb                	mov    %bl,%bh

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	e9 52 fb ff ff       	jmp    0xfffffffffffffb59
   7:	0f 0b                	ud2
   9:	8d b4 26 00 00 00 00 	lea    0x0(%rsi,%riz,1),%esi
  10:	8d 76 00             	lea    0x0(%rsi),%esi
  13:	e9                   	.byte 0xe9
  14:	8a fb                	mov    %bl,%bh
[   78.342311][ T3537] EAX: ffffffff EBX: edfce4c0 ECX: 00000000 EDX: 00000000
[   78.342694][ T3537] ESI: 00000000 EDI: ec542a00 EBP: ec003f80 ESP: ec003ea8
[   78.343083][ T3537] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010296
[   78.343496][ T3537] CR0: 80050033 CR2: 00fd103c CR3: 2c684000 CR4: 00040690
[   78.343918][ T3537] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[   78.344304][ T3537] DR6: fffe0ff0 DR7: 00000400
[   78.344560][ T3537] Call Trace:
[ 78.344744][ T3537] ? show_regs (arch/x86/kernel/dumpstack.c:479) 
[ 78.344979][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[ 78.345292][ T3537] ? __warn (kernel/panic.c:677) 
[ 78.345521][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[ 78.345833][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[ 78.346146][ T3537] ? report_bug (lib/bug.c:180 lib/bug.c:219) 
[ 78.346390][ T3537] ? exc_overflow (arch/x86/kernel/traps.c:250) 
[ 78.346640][ T3537] ? handle_bug (arch/x86/kernel/traps.c:237) 
[ 78.346884][ T3537] ? exc_invalid_op (arch/x86/kernel/traps.c:258 (discriminator 1)) 
[ 78.347142][ T3537] ? mark_held_locks (kernel/locking/lockdep.c:4274) 
[ 78.347408][ T3537] ? handle_exception (arch/x86/entry/entry_32.S:1049) 
[ 78.347690][ T3537] ? trace_options_core_write (kernel/trace/trace.c:9100) 
[ 78.348023][ T3537] ? exc_overflow (arch/x86/kernel/traps.c:250) 
[ 78.348273][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[ 78.348588][ T3537] ? exc_overflow (arch/x86/kernel/traps.c:250) 
[ 78.348837][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655) 
[ 78.349151][ T3537] ? perf_prepare_sample (kernel/events/core.c:7875) 
[ 78.349470][ T3537] __ia32_sys_perf_event_open (kernel/events/core.c:12388) 
[ 78.349776][ T3537] do_int80_syscall_32 (arch/x86/entry/common.c:164 arch/x86/entry/common.c:184) 
[ 78.350048][ T3537] entry_INT80_32 (arch/x86/entry/entry_32.S:947) 
[   78.350307][ T3537] EIP: 0xb7f29092
[ 78.350510][ T3537] Code: 00 00 00 e9 90 ff ff ff ff a3 24 00 00 00 68 30 00 00 00 e9 80 ff ff ff ff a3 f8 ff ff ff 66 90 00 00 00 00 00 00 00 00 cd 80 <c3> 8d b4 26 00 00 00 00 8d b6 00 00 00 00 8b 1c 24 c3 8d b4 26 00
All code
========
   0:	00 00                	add    %al,(%rax)
   2:	00 e9                	add    %ch,%cl
   4:	90                   	nop
   5:	ff                   	(bad)
   6:	ff                   	(bad)
   7:	ff                   	(bad)
   8:	ff a3 24 00 00 00    	jmp    *0x24(%rbx)
   e:	68 30 00 00 00       	push   $0x30
  13:	e9 80 ff ff ff       	jmp    0xffffffffffffff98
  18:	ff a3 f8 ff ff ff    	jmp    *-0x8(%rbx)
  1e:	66 90                	xchg   %ax,%ax
	...
  28:	cd 80                	int    $0x80
  2a:*	c3                   	ret		<-- trapping instruction
  2b:	8d b4 26 00 00 00 00 	lea    0x0(%rsi,%riz,1),%esi
  32:	8d b6 00 00 00 00    	lea    0x0(%rsi),%esi
  38:	8b 1c 24             	mov    (%rsp),%ebx
  3b:	c3                   	ret
  3c:	8d                   	.byte 0x8d
  3d:	b4 26                	mov    $0x26,%ah
	...

Code starting with the faulting instruction
===========================================
   0:	c3                   	ret
   1:	8d b4 26 00 00 00 00 	lea    0x0(%rsi,%riz,1),%esi
   8:	8d b6 00 00 00 00    	lea    0x0(%rsi),%esi
   e:	8b 1c 24             	mov    (%rsp),%ebx
  11:	c3                   	ret
  12:	8d                   	.byte 0x8d
  13:	b4 26                	mov    $0x26,%ah
	...
[   78.351567][ T3537] EAX: ffffffda EBX: 00fd14c0 ECX: 00000000 EDX: ffffffff
[   78.351983][ T3537] ESI: ffffffff EDI: 00000008 EBP: b7d54525 ESP: bfe50d08
[   78.352368][ T3537] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000282
[   78.352794][ T3537] irq event stamp: 2142597
[ 78.353037][ T3537] hardirqs last enabled at (2142605): console_unlock (arch/x86/include/asm/irqflags.h:26 arch/x86/include/asm/irqflags.h:67 arch/x86/include/asm/irqflags.h:127 kernel/printk/printk.c:341 kernel/printk/printk.c:2706 kernel/printk/printk.c:3038) 
[ 78.353522][ T3537] hardirqs last disabled at (2142612): console_unlock (kernel/printk/printk.c:339 kernel/printk/printk.c:2706 kernel/printk/printk.c:3038) 
[ 78.354001][ T3537] softirqs last enabled at (2110116): __do_softirq (arch/x86/include/asm/preempt.h:27 kernel/softirq.c:400 kernel/softirq.c:582) 
[ 78.354477][ T3537] softirqs last disabled at (2108059): do_softirq_own_stack (arch/x86/kernel/irq_32.c:57 arch/x86/kernel/irq_32.c:147) 
[   78.354983][ T3537] ---[ end trace 0000000000000000 ]---
[   78.532811][ T3537] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   78.628053][ T3537] can: request_module (can-proto-1) failed.
[   78.632336][ T3537] can: request_module (can-proto-2) failed.
[   78.676101][ T3537] can: request_module (can-proto-2) failed.


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231205/202312052248.1270bdba-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ