lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202312191507.348721d2-oliver.sang@intel.com>
Date: Tue, 19 Dec 2023 16:49:14 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Thomas Gleixner <tglx@...utronix.de>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
	Dave Hansen <dave.hansen@...ux.intel.com>, Linus Torvalds
	<torvalds@...uxfoundation.org>, "Kirill A. Shutemov"
	<kirill.shutemov@...ux.intel.com>, Borislav Petkov <bp@...en8.de>,
	<xen-devel@...ts.xenproject.org>, <oliver.sang@...el.com>
Subject: [linus:master] [x86/entry]  be5341eb0d:
 WARNING:CPU:#PID:#at_int80_emulation


hi, Thomas Gleixner,

as we understand, this commit be5341eb0d doesn't introduce new WARNING, it just
converts the WARING in another type.


b82a8dbd3d2f4563 be5341eb0d43b1e754799498bd2
---------------- ---------------------------
       fail:runs  %reproduction    fail:runs
           |             |             |
          9:9         -100%            :9     dmesg.WARNING:CPU:#PID:#at_do_int80_syscall_32
           :9          100%           9:9     dmesg.WARNING:CPU:#PID:#at_int80_emulation


however, we failed to bisect dmesg.WARNING:CPU:#PID:#at_do_int80_syscall_32.
at the same time, we are not sure enough if this WARNING worth to care? or it's
just due to our test config (we used a randconfig in this test which could be
got from below link).

so we just report to you what we observed in our tests, in case it's still
expose some potential problems, and maybe you could find correct owner to make
some code fix.


Hello,

kernel test robot noticed "WARNING:CPU:#PID:#at_int80_emulation" on:

commit: be5341eb0d43b1e754799498bd2e8756cc167a41 ("x86/entry: Convert INT 0x80 emulation to IDTENTRY")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git master

[test failed on linux-next/master 11651f8cb2e88372d4ed523d909514dc9a613ea3]

in testcase: boot

compiler: clang-16
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



[ 13.481107][ T48] WARNING: CPU: 0 PID: 48 at int80_emulation (arch/x86/entry/common.c:164) 
[   13.481454][   T48] Modules linked in:
[   13.481655][   T48] CPU: 0 PID: 48 Comm: init Tainted: G                 N 6.7.0-rc4-00002-gbe5341eb0d43 #1
[ 13.482162][ T48] RIP: 0010:int80_emulation (arch/x86/entry/common.c:164) 
[ 13.482437][ T48] Code: 01 00 00 77 43 89 c1 48 81 f9 c9 01 00 00 48 19 c9 21 c1 48 89 df 4c 8b 1c cd 90 12 20 9a 41 ba 27 cb d4 4f 45 03 53 fc 74 02 <0f> 0b 41 ff d3 48 89 c1 48 89 4b 50 90 48 89 df 5b 41 5e 31 c0 31
All code
========
   0:	01 00                	add    %eax,(%rax)
   2:	00 77 43             	add    %dh,0x43(%rdi)
   5:	89 c1                	mov    %eax,%ecx
   7:	48 81 f9 c9 01 00 00 	cmp    $0x1c9,%rcx
   e:	48 19 c9             	sbb    %rcx,%rcx
  11:	21 c1                	and    %eax,%ecx
  13:	48 89 df             	mov    %rbx,%rdi
  16:	4c 8b 1c cd 90 12 20 	mov    -0x65dfed70(,%rcx,8),%r11
  1d:	9a 
  1e:	41 ba 27 cb d4 4f    	mov    $0x4fd4cb27,%r10d
  24:	45 03 53 fc          	add    -0x4(%r11),%r10d
  28:	74 02                	je     0x2c
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	41 ff d3             	call   *%r11
  2f:	48 89 c1             	mov    %rax,%rcx
  32:	48 89 4b 50          	mov    %rcx,0x50(%rbx)
  36:	90                   	nop
  37:	48 89 df             	mov    %rbx,%rdi
  3a:	5b                   	pop    %rbx
  3b:	41 5e                	pop    %r14
  3d:	31 c0                	xor    %eax,%eax
  3f:	31                   	.byte 0x31

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	41 ff d3             	call   *%r11
   5:	48 89 c1             	mov    %rax,%rcx
   8:	48 89 4b 50          	mov    %rcx,0x50(%rbx)
   c:	90                   	nop
   d:	48 89 df             	mov    %rbx,%rdi
  10:	5b                   	pop    %rbx
  11:	41 5e                	pop    %r14
  13:	31 c0                	xor    %eax,%eax
  15:	31                   	.byte 0x31
[   13.483405][   T48] RSP: 0000:ffff9d1ffbbd7f40 EFLAGS: 00010a92
[   13.483713][   T48] RAX: 000000000000001b RBX: ffff9d1ffbbd7f58 RCX: 000000000000001b
[   13.484112][   T48] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff9d1ffbbd7f58
[   13.484510][   T48] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000002b
[   13.484910][   T48] R10: 00000000c26707b6 R11: ffffffff993719d0 R12: 0000000000000000
[   13.485314][   T48] R13: 0000000000000000 R14: 000000000000001b R15: 0000000000000000
[   13.485715][   T48] FS:  0000000000000000(0000) GS:ffffffff9a85c000(0063) knlGS:00000000f7fc7040
[   13.486168][   T48] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   13.486500][   T48] CR2: 00000000f7fc2204 CR3: 000000013b76a000 CR4: 00000000000406f0
[   13.486901][   T48] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   13.487299][   T48] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   13.487697][   T48] Call Trace:
[   13.487867][   T48]  <TASK>
[ 13.488018][ T48] ? __warn (kernel/panic.c:236 kernel/panic.c:677) 
[ 13.488229][ T48] ? int80_emulation (arch/x86/entry/common.c:164) 
[ 13.488474][ T48] ? report_cfi_failure (kernel/cfi.c:22) 
[ 13.488731][ T48] ? handle_cfi_failure (arch/x86/kernel/cfi.c:80) 
[ 13.488997][ T48] ? __cfi_sys_ni_posix_timers (kernel/time/posix-stubs.c:27) 
[ 13.489294][ T48] ? handle_bug (arch/x86/kernel/traps.c:238) 
[ 13.489514][ T48] ? exc_invalid_op (arch/x86/kernel/traps.c:258) 
[ 13.489753][ T48] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:568) 
[ 13.490017][ T48] ? __cfi_sys_ni_posix_timers (kernel/time/posix-stubs.c:27) 
[ 13.490306][ T48] ? int80_emulation (arch/x86/entry/common.c:164) 
[ 13.490552][ T48] asm_int80_emulation (arch/x86/include/asm/idtentry.h:573) 
[   13.490804][   T48] RIP: 0023:0xf7ed84cd
[ 13.491012][ T48] Code: eb bb 8d 76 00 83 c4 1c 5b 5e 5f 5d e9 0c f3 f6 ff e8 07 f3 f6 ff eb d4 66 90 66 90 90 89 da 8b 5c 24 04 b8 1b 00 00 00 cd 80 <89> d3 3d 01 f0 ff ff 0f 83 e6 f2 f6 ff c3 66 90 66 90 90 55 e8 4a
All code
========
   0:	eb bb                	jmp    0xffffffffffffffbd
   2:	8d 76 00             	lea    0x0(%rsi),%esi
   5:	83 c4 1c             	add    $0x1c,%esp
   8:	5b                   	pop    %rbx
   9:	5e                   	pop    %rsi
   a:	5f                   	pop    %rdi
   b:	5d                   	pop    %rbp
   c:	e9 0c f3 f6 ff       	jmp    0xfffffffffff6f31d
  11:	e8 07 f3 f6 ff       	call   0xfffffffffff6f31d
  16:	eb d4                	jmp    0xffffffffffffffec
  18:	66 90                	xchg   %ax,%ax
  1a:	66 90                	xchg   %ax,%ax
  1c:	90                   	nop
  1d:	89 da                	mov    %ebx,%edx
  1f:	8b 5c 24 04          	mov    0x4(%rsp),%ebx
  23:	b8 1b 00 00 00       	mov    $0x1b,%eax
  28:	cd 80                	int    $0x80
  2a:*	89 d3                	mov    %edx,%ebx		<-- trapping instruction
  2c:	3d 01 f0 ff ff       	cmp    $0xfffff001,%eax
  31:	0f 83 e6 f2 f6 ff    	jae    0xfffffffffff6f31d
  37:	c3                   	ret
  38:	66 90                	xchg   %ax,%ax
  3a:	66 90                	xchg   %ax,%ax
  3c:	90                   	nop
  3d:	55                   	push   %rbp
  3e:	e8                   	.byte 0xe8
  3f:	4a                   	rex.WX

Code starting with the faulting instruction
===========================================
   0:	89 d3                	mov    %edx,%ebx
   2:	3d 01 f0 ff ff       	cmp    $0xfffff001,%eax
   7:	0f 83 e6 f2 f6 ff    	jae    0xfffffffffff6f2f3
   d:	c3                   	ret
   e:	66 90                	xchg   %ax,%ax
  10:	66 90                	xchg   %ax,%ax
  12:	90                   	nop
  13:	55                   	push   %rbp
  14:	e8                   	.byte 0xe8
  15:	4a                   	rex.WX
[   13.491980][   T48] RSP: 002b:00000000fff098ac EFLAGS: 00000286 ORIG_RAX: 000000000000001b
[   13.492402][   T48] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000fff09ad4
[   13.492800][   T48] RDX: 00000000f7fc1e64 RSI: 00000000fff09b60 RDI: 00000000fff09d4c
[   13.493204][   T48] RBP: 00000000fff09ad4 R08: 0000000000000000 R09: 0000000000000000
[   13.493607][   T48] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   13.494011][   T48] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   13.494418][   T48]  </TASK>
[   13.494576][   T48] irq event stamp: 1181
[ 13.494786][ T48] hardirqs last enabled at (1191): console_unlock (arch/x86/include/asm/irqflags.h:19 arch/x86/include/asm/irqflags.h:67 arch/x86/include/asm/irqflags.h:127 kernel/printk/printk.c:341 kernel/printk/printk.c:2706 kernel/printk/printk.c:3038) 
[ 13.495252][ T48] hardirqs last disabled at (1200): console_unlock (kernel/printk/printk.c:339) 
[ 13.495715][ T48] softirqs last enabled at (808): __irq_exit_rcu (include/linux/sched.h:2463 kernel/softirq.c:615 kernel/softirq.c:634) 
[ 13.496172][ T48] softirqs last disabled at (797): __irq_exit_rcu (include/linux/sched.h:2463 kernel/softirq.c:615 kernel/softirq.c:634) 
[   13.496626][   T48] ---[ end trace 0000000000000000 ]---
[   13.496901][   T48] process 48 (init) attempted a POSIX timer syscall while CONFIG_POSIX_TIMERS is not set
[ 13.517868][ T48] CFI failure at int80_emulation+0x67/0xb0 (target: sys_ni_posix_timers+0x0/0x70; expected type: 0xb02b34d9 


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231219/202312191507.348721d2-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ