lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202408091019.8ed98238-lkp@intel.com>
Date: Fri, 9 Aug 2024 10:22:08 +0800
From: kernel test robot <oliver.sang@...el.com>
To: "Paul E. McKenney" <paulmck@...nel.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
	<oliver.sang@...el.com>
Subject: [paulmckrcu:dev.2024.08.05a] [rcuscale]  0b85a3ea0a:
 WARNING:at_lib/alloc_tag.c:#alloc_tag_module_unload


hi, Paul,

we noticed the issue for dev.2024.07.31a at first, but recently we cannot handle
the report fast enough so didn't report that to you.

we also noticed similar commit in dev.2024.08.06a, but didn't finish test so
far. in order to avoid further delay, just send out this FYI.

if it's a known issue and has already fixed in dev.2024.08.06a, please just
ignore. thanks


Hello,

kernel test robot noticed "WARNING:at_lib/alloc_tag.c:#alloc_tag_module_unload" on:

commit: 0b85a3ea0a8e4d8235e858a3aa1dadc3d0cec4e2 ("rcuscale: Dump stacks of stalled rcu_scale_writer() instances")
https://github.com/paulmckrcu/linux dev.2024.08.05a

in testcase: rcuscale
version: 
with following parameters:

	runtime: 300s
	scale_type: rcu



compiler: clang-18
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)


+-----------------------------------------------------+------------+------------+
|                                                     | 532e4ab154 | 0b85a3ea0a |
+-----------------------------------------------------+------------+------------+
| WARNING:at_lib/alloc_tag.c:#alloc_tag_module_unload | 0          | 12         |
| RIP:alloc_tag_module_unload                         | 0          | 12         |
+-----------------------------------------------------+------------+------------+


If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202408091019.8ed98238-lkp@intel.com


[  465.251143][ T1160] ------------[ cut here ]------------
[  465.252395][ T1160] kernel/rcu/rcuscale.c:1037 module rcuscale func:rcu_scale_init has 32 allocated at module unload
[ 465.252492][ T1160] WARNING: CPU: 0 PID: 1160 at lib/alloc_tag.c:170 alloc_tag_module_unload (lib/alloc_tag.c:168) 
[  465.256072][ T1160] Modules linked in: rcuscale(-) torture ipmi_devintf ppdev crct10dif_pclmul crc32_pclmul parport_pc aesni_intel parport serio_raw loop fuse [last unloaded: rcuscale]
[  465.259112][ T1160] CPU: 0 UID: 0 PID: 1160 Comm: rmmod Not tainted 6.11.0-rc1-00092-g0b85a3ea0a8e #1 ec0c0d0dad6c67a7bbf1e37f55102072a1ba998f
[ 465.261458][ T1160] RIP: 0010:alloc_tag_module_unload (lib/alloc_tag.c:168) 
[ 465.262400][ T1160] Code: 28 00 74 08 4c 89 ff e8 49 cf 44 ff 4d 8b 07 48 c7 c7 20 1a ca 83 48 8b 74 24 08 8b 54 24 04 48 89 e9 4d 89 e1 e8 6b 69 fd fe <0f> 0b 31 ed e9 54 ff ff ff 89 f9 80 e1 07 80 c1 03 38 c1 7c 90 e8
All code
========
   0:	28 00                	sub    %al,(%rax)
   2:	74 08                	je     0xc
   4:	4c 89 ff             	mov    %r15,%rdi
   7:	e8 49 cf 44 ff       	call   0xffffffffff44cf55
   c:	4d 8b 07             	mov    (%r15),%r8
   f:	48 c7 c7 20 1a ca 83 	mov    $0xffffffff83ca1a20,%rdi
  16:	48 8b 74 24 08       	mov    0x8(%rsp),%rsi
  1b:	8b 54 24 04          	mov    0x4(%rsp),%edx
  1f:	48 89 e9             	mov    %rbp,%rcx
  22:	4d 89 e1             	mov    %r12,%r9
  25:	e8 6b 69 fd fe       	call   0xfffffffffefd6995
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	31 ed                	xor    %ebp,%ebp
  2e:	e9 54 ff ff ff       	jmp    0xffffffffffffff87
  33:	89 f9                	mov    %edi,%ecx
  35:	80 e1 07             	and    $0x7,%cl
  38:	80 c1 03             	add    $0x3,%cl
  3b:	38 c1                	cmp    %al,%cl
  3d:	7c 90                	jl     0xffffffffffffffcf
  3f:	e8                   	.byte 0xe8

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	31 ed                	xor    %ebp,%ebp
   4:	e9 54 ff ff ff       	jmp    0xffffffffffffff5d
   9:	89 f9                	mov    %edi,%ecx
   b:	80 e1 07             	and    $0x7,%cl
   e:	80 c1 03             	add    $0x3,%cl
  11:	38 c1                	cmp    %al,%cl
  13:	7c 90                	jl     0xffffffffffffffa5
  15:	e8                   	.byte 0xe8
[  465.265130][ T1160] RSP: 0018:ffffc900011afd68 EFLAGS: 00010246
[  465.266022][ T1160] RAX: 51a3a0ce4fdfd600 RBX: ffff888172cb5500 RCX: 0000000000000027
[  465.267255][ T1160] RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000000001
[  465.268415][ T1160] RBP: ffffffffa00f0d40 R08: ffffffff844421b3 R09: 1ffffffff0888436
[  465.269691][ T1160] R10: dffffc0000000000 R11: fffffbfff0888437 R12: 0000000000000020
[  465.271189][ T1160] R13: dffffc0000000000 R14: ffffc900011afd78 R15: ffffffffa01020b0
[  465.272696][ T1160] FS:  00007f203113f040(0000) GS:ffffffff8443f000(0000) knlGS:0000000000000000
[  465.274153][ T1160] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  465.275111][ T1160] CR2: 0000000000403034 CR3: 00000001363f4000 CR4: 00000000000406b0
[  465.276271][ T1160] Call Trace:
[  465.276756][ T1160]  <TASK>
[ 465.277245][ T1160] ? __warn (kernel/panic.c:735) 
[ 465.277839][ T1160] ? alloc_tag_module_unload (lib/alloc_tag.c:168) 
[ 465.278668][ T1160] ? alloc_tag_module_unload (lib/alloc_tag.c:168) 
[ 465.279498][ T1160] ? report_bug (lib/bug.c:?) 
[ 465.280184][ T1160] ? irq_work_queue (arch/x86/include/asm/atomic.h:23) 
[ 465.280940][ T1160] ? handle_bug (arch/x86/kernel/traps.c:239) 
[ 465.281831][ T1160] ? exc_invalid_op (arch/x86/kernel/traps.c:260) 
[ 465.282745][ T1160] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621) 
[ 465.283741][ T1160] ? alloc_tag_module_unload (lib/alloc_tag.c:168) 
[ 465.284759][ T1160] ? alloc_tag_module_unload (lib/alloc_tag.c:168) 
[ 465.285926][ T1160] codetag_unload_module (lib/codetag.c:?) 
[ 465.286979][ T1160] free_module (kernel/module/main.c:1265) 
[ 465.287832][ T1160] __se_sys_delete_module (kernel/module/main.c:?) 
[ 465.288898][ T1160] do_syscall_64 (arch/x86/entry/common.c:?) 
[ 465.289820][ T1160] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[  465.290950][ T1160] RIP: 0033:0x7f2031249a67
[ 465.291843][ T1160] Code: 73 01 c3 48 8b 0d 99 83 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 b0 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 69 83 0c 00 f7 d8 64 89 01 48
All code
========
   0:	73 01                	jae    0x3
   2:	c3                   	ret
   3:	48 8b 0d 99 83 0c 00 	mov    0xc8399(%rip),%rcx        # 0xc83a3
   a:	f7 d8                	neg    %eax
   c:	64 89 01             	mov    %eax,%fs:(%rcx)
   f:	48 83 c8 ff          	or     $0xffffffffffffffff,%rax
  13:	c3                   	ret
  14:	66 2e 0f 1f 84 00 00 	cs nopw 0x0(%rax,%rax,1)
  1b:	00 00 00 
  1e:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  23:	b8 b0 00 00 00       	mov    $0xb0,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	ret
  33:	48 8b 0d 69 83 0c 00 	mov    0xc8369(%rip),%rcx        # 0xc83a3
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	ret
   9:	48 8b 0d 69 83 0c 00 	mov    0xc8369(%rip),%rcx        # 0xc8379
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W
[  465.295546][ T1160] RSP: 002b:00007ffee44793a8 EFLAGS: 00000206 ORIG_RAX: 00000000000000b0
[  465.297112][ T1160] RAX: ffffffffffffffda RBX: 000055c7c8f1f9e0 RCX: 00007f2031249a67
[  465.298754][ T1160] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 000055c7c8f1fa48
[  465.300377][ T1160] RBP: 0000000000000000 R08: 1999999999999999 R09: 0000000000000000
[  465.302001][ T1160] R10: 00007f20312bcac0 R11: 0000000000000206 R12: 00007ffee44795f0
[  465.303607][ T1160] R13: 00007ffee4479cbb R14: 000055c7c8f1f2a0 R15: 00007ffee44795f8
[  465.305204][ T1160]  </TASK>
[  465.305829][ T1160] irq event stamp: 9149
[ 465.306676][ T1160] hardirqs last enabled at (9159): console_unlock (arch/x86/include/asm/irqflags.h:42 arch/x86/include/asm/irqflags.h:97 arch/x86/include/asm/irqflags.h:155 kernel/printk/printk.c:341 kernel/printk/printk.c:2801 kernel/printk/printk.c:3120) 
[ 465.308517][ T1160] hardirqs last disabled at (9168): console_unlock (kernel/printk/printk.c:339 kernel/printk/printk.c:2801 kernel/printk/printk.c:3120) 
[ 465.310377][ T1160] softirqs last enabled at (8828): handle_softirqs (arch/x86/include/asm/preempt.h:26 kernel/softirq.c:401 kernel/softirq.c:582) 
[ 465.312194][ T1160] softirqs last disabled at (8819): irq_exit_rcu (kernel/softirq.c:651) 
[  465.314128][ T1160] ---[ end trace 0000000000000000 ]---
[  465.315325][ T1160] rcuscale: memory allocation(s) from the module still alive, cannot unload cleanly



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240809/202408091019.8ed98238-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ