| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202409161428.3cc6c1e1-oliver.sang@intel.com>
Date: Mon, 16 Sep 2024 14:48:35 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Josh Poimboeuf <jpoimboe@...nel.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>,
<linux-perf-users@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<x86@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Steven Rostedt
<rostedt@...dmis.org>, Ingo Molnar <mingo@...nel.org>, "Arnaldo Carvalho de
Melo" <acme@...nel.org>, Indu Bhagat <indu.bhagat@...cle.com>, Mark Rutland
<mark.rutland@....com>, Alexander Shishkin
<alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>, "Namhyung
Kim" <namhyung@...nel.org>, Ian Rogers <irogers@...gle.com>, Adrian Hunter
<adrian.hunter@...el.com>, Mark Brown <broonie@...nel.org>,
<linux-toolchains@...r.kernel.org>, Jordan Rome <jordalgo@...a.com>, "Sam
James" <sam@...too.org>, <oliver.sang@...el.com>
Subject: Re: [PATCH v2 05/11] perf/x86: Use user_unwind interface
Hello,
kernel test robot noticed "kernel_BUG_at_kernel/unwind/user.c" on:
commit: 164c5ae4072303c9eb4e263115a5e70d5a3cc052 ("[PATCH v2 05/11] perf/x86: Use user_unwind interface")
url: https://github.com/intel-lab-lkp/linux/commits/Josh-Poimboeuf/unwind-Introduce-generic-user-space-unwinding-interface/20240914-070619
base: https://git.kernel.org/cgit/linux/kernel/git/perf/perf-tools-next.git perf-tools-next
patch link: https://lore.kernel.org/all/daf3f59e0d14ee11b45ad6735b8a211a3c7534dc.1726268190.git.jpoimboe@kernel.org/
patch subject: [PATCH v2 05/11] perf/x86: Use user_unwind interface
in testcase: fsmark
version: fsmark-x86_64-2628be5-1_20240224
with following parameters:
iterations: 1x
nr_threads: 64t
disk: 1BRD_48G
fs: xfs
filesize: 4M
test_size: 24G
sync_method: NoSync
cpufreq_governor: performance
compiler: gcc-12
test machine: 96 threads 2 sockets Intel(R) Xeon(R) Platinum 8260L CPU @ 2.40GHz (Cascade Lake) with 128G memory
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202409161428.3cc6c1e1-oliver.sang@intel.com
[ 53.036370][ C3] ------------[ cut here ]------------
[ 53.036374][ C3] kernel BUG at kernel/unwind/user.c:39!
[ 53.036381][ C3] Oops: invalid opcode: 0000 [#1] SMP NOPTI
[ 53.036385][ C3] CPU: 3 UID: 0 PID: 1317 Comm: sed Tainted: G S 6.11.0-rc6-00501-g164c5ae40723 #1
[ 53.036388][ C3] Tainted: [S]=CPU_OUT_OF_SPEC
[ 53.036389][ C3] Hardware name: Intel Corporation S2600WFD/S2600WFD, BIOS SE5C620.86B.0D.01.0286.011120190816 01/11/2019
[ 53.036390][ C3] RIP: 0010:user_unwind_next (kernel/unwind/user.c:39)
[ 53.036400][ C3] Code: 01 eb c1 48 01 f0 e8 a0 15 ea 00 85 c0 75 ee 48 89 73 08 4c 89 03 8b 41 08 85 c0 74 a5 48 89 53 10 eb 9f bf ea ff ff ff eb 9a <0f> 0b e8 ba b9 ea 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f
All code
========
0: 01 eb add %ebp,%ebx
2: c1 48 01 f0 rorl $0xf0,0x1(%rax)
6: e8 a0 15 ea 00 callq 0xea15ab
b: 85 c0 test %eax,%eax
d: 75 ee jne 0xfffffffffffffffd
f: 48 89 73 08 mov %rsi,0x8(%rbx)
13: 4c 89 03 mov %r8,(%rbx)
16: 8b 41 08 mov 0x8(%rcx),%eax
19: 85 c0 test %eax,%eax
1b: 74 a5 je 0xffffffffffffffc2
1d: 48 89 53 10 mov %rdx,0x10(%rbx)
21: eb 9f jmp 0xffffffffffffffc2
23: bf ea ff ff ff mov $0xffffffea,%edi
28: eb 9a jmp 0xffffffffffffffc4
2a:* 0f 0b ud2 <-- trapping instruction
2c: e8 ba b9 ea 00 callq 0xeab9eb
31: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1)
38: 00 00 00 00
3c: 66 data16
3d: 66 data16
3e: 2e cs
3f: 0f .byte 0xf
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: e8 ba b9 ea 00 callq 0xeab9c1
7: 66 66 2e 0f 1f 84 00 data16 nopw %cs:0x0(%rax,%rax,1)
e: 00 00 00 00
12: 66 data16
13: 66 data16
14: 2e cs
15: 0f .byte 0xf
[ 53.036402][ C3] RSP: 0000:ffffc9000b38b938 EFLAGS: 00010093
[ 53.036404][ C3] RAX: 0000000000000000 RBX: ffffc9000b38b960 RCX: ffff888230156880
[ 53.036405][ C3] RDX: 000055b666c6ef3c RSI: 0000000000000001 RDI: ffffc9000b38b960
[ 53.036407][ C3] RBP: ffffc9000b38bf58 R08: 0000000000000000 R09: 0000000000000000
[ 53.036408][ C3] R10: ffffc9000b38bf58 R11: 0000000000000000 R12: ffff8881fcc88000
[ 53.036409][ C3] R13: 000000000000007f R14: ffffc9000b38bf58 R15: 0000000000000000
[ 53.036411][ C3] FS: 00007f9da3761800(0000) GS:ffff88903eb80000(0000) knlGS:0000000000000000
[ 53.036412][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 53.036413][ C3] CR2: 00007f4a5dbb53d8 CR3: 0000000216b96005 CR4: 00000000007706f0
[ 53.036414][ C3] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 53.036415][ C3] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 53.036416][ C3] PKRU: 55555554
[ 53.036417][ C3] Call Trace:
[ 53.036419][ C3] <TASK>
[ 53.036422][ C3] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447)
[ 53.036429][ C3] ? do_trap (arch/x86/kernel/traps.c:114 arch/x86/kernel/traps.c:155)
[ 53.036433][ C3] ? user_unwind_next (kernel/unwind/user.c:39)
[ 53.036435][ C3] ? do_error_trap (arch/x86/include/asm/traps.h:58 arch/x86/kernel/traps.c:176)
[ 53.036437][ C3] ? user_unwind_next (kernel/unwind/user.c:39)
[ 53.036439][ C3] ? exc_invalid_op (arch/x86/kernel/traps.c:267)
[ 53.036446][ C3] ? user_unwind_next (kernel/unwind/user.c:39)
[ 53.036448][ C3] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 53.036455][ C3] ? user_unwind_next (kernel/unwind/user.c:39)
[ 53.036457][ C3] perf_callchain_user (include/linux/uaccess.h:233 include/linux/uaccess.h:260 arch/x86/events/core.c:2894)
[ 53.036460][ C3] get_perf_callchain (kernel/events/callchain.c:184 kernel/events/callchain.c:259)
[ 53.036465][ C3] perf_callchain (kernel/events/core.c:7693)
[ 53.036469][ C3] setup_pebs_fixed_sample_data (include/linux/perf_event.h:1237 arch/x86/events/intel/ds.c:1772)
[ 53.036473][ C3] intel_pmu_drain_pebs_nhm (arch/x86/events/intel/ds.c:2201 arch/x86/events/intel/ds.c:2378)
[ 53.036477][ C3] handle_pmi_common (arch/x86/events/intel/core.c:3066)
[ 53.036480][ C3] ? __intel_pmu_enable_all+0x28/0xf0
[ 53.036484][ C3] ? perf_rotate_context (kernel/events/core.c:1154 kernel/events/core.c:1150 kernel/events/core.c:4322)
[ 53.036486][ C3] ? __pfx_perf_mux_hrtimer_handler (kernel/events/core.c:1082)
[ 53.036488][ C3] ? ktime_get (kernel/time/timekeeping.c:195 (discriminator 4) kernel/time/timekeeping.c:395 (discriminator 4) kernel/time/timekeeping.c:403 (discriminator 4) kernel/time/timekeeping.c:850 (discriminator 4))
[ 53.036492][ C3] intel_pmu_handle_irq (arch/x86/include/asm/msr.h:86 arch/x86/include/asm/msr.h:133 arch/x86/events/intel/core.c:2488 arch/x86/events/intel/core.c:3186)
[ 53.036493][ C3] perf_event_nmi_handler (arch/x86/events/core.c:1748 arch/x86/events/core.c:1734)
[ 53.036499][ C3] nmi_handle (arch/x86/kernel/nmi.c:151 (discriminator 7))
[ 53.036500][ C3] default_do_nmi (arch/x86/kernel/nmi.c:352)
[ 53.036503][ C3] exc_nmi (arch/x86/kernel/nmi.c:546)
[ 53.036504][ C3] asm_exc_nmi (arch/x86/entry/entry_64.S:1198)
[ 53.036507][ C3] RIP: 0033:0x55b666c6ef3c
[ 53.036509][ C3] Code: 75 10 48 c7 c1 ff ff ff ff 41 b8 10 00 00 00 ba 01 00 00 00 e8 75 91 00 00 49 8b 4d 08 48 89 c7 eb 89 0f 1f 40 00 44 09 71 08 <48> 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 4c 3b 62 10 7d 08 4c
All code
========
0: 75 10 jne 0x12
2: 48 c7 c1 ff ff ff ff mov $0xffffffffffffffff,%rcx
9: 41 b8 10 00 00 00 mov $0x10,%r8d
f: ba 01 00 00 00 mov $0x1,%edx
14: e8 75 91 00 00 callq 0x918e
19: 49 8b 4d 08 mov 0x8(%r13),%rcx
1d: 48 89 c7 mov %rax,%rdi
20: eb 89 jmp 0xffffffffffffffab
22: 0f 1f 40 00 nopl 0x0(%rax)
26: 44 09 71 08 or %r14d,0x8(%rcx)
2a:* 48 83 c4 18 add $0x18,%rsp <-- trapping instruction
2e: 5b pop %rbx
2f: 5d pop %rbp
30: 41 5c pop %r12
32: 41 5d pop %r13
34: 41 5e pop %r14
36: 41 5f pop %r15
38: c3 retq
39: 4c 3b 62 10 cmp 0x10(%rdx),%r12
3d: 7d 08 jge 0x47
3f: 4c rex.WR
Code starting with the faulting instruction
===========================================
0: 48 83 c4 18 add $0x18,%rsp
4: 5b pop %rbx
5: 5d pop %rbp
6: 41 5c pop %r12
8: 41 5d pop %r13
a: 41 5e pop %r14
c: 41 5f pop %r15
e: c3 retq
f: 4c 3b 62 10 cmp 0x10(%rdx),%r12
13: 7d 08 jge 0x1d
15: 4c rex.WR
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240916/202409161428.3cc6c1e1-oliver.sang@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists