| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202412201026.6ad736f3-lkp@intel.com>
Date: Fri, 20 Dec 2024 10:57:52 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Peter Zijlstra <peterz@...radead.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
<oliver.sang@...el.com>
Subject: [peterz-queue:x86/text_poke_early] [x86] d83d84ba82:
WARNING:at_arch/x86/kernel/alternative.c:#poison_endbr
Hello,
kernel test robot noticed "WARNING:at_arch/x86/kernel/alternative.c:#poison_endbr" on:
commit: d83d84ba82388139834970a12f4f8d8d49b6b543 ("x86: Clean up module_writable_address() mess")
https://git.kernel.org/cgit/linux/kernel/git/peterz/queue.git x86/text_poke_early
in testcase: rcuscale
version:
with following parameters:
runtime: 300s
scale_type: rcu
config: x86_64-randconfig-074-20241213
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+--------------------------------------------------------+-----------+------------+
| | v6.13-rc1 | d83d84ba82 |
+--------------------------------------------------------+-----------+------------+
| WARNING:at_arch/x86/kernel/alternative.c:#poison_endbr | 0 | 18 |
| RIP:poison_endbr | 0 | 18 |
+--------------------------------------------------------+-----------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202412201026.6ad736f3-lkp@intel.com
[ 35.687830][ T129] ------------[ cut here ]------------
[ 35.688731][ T129] WARNING: CPU: 1 PID: 129 at arch/x86/kernel/alternative.c:868 poison_endbr+0x2d8/0x3b0
[ 35.690165][ T129] Modules linked in: qemu_fw_cfg(+) button(+)
[ 35.691090][ T129] CPU: 1 UID: 0 PID: 129 Comm: systemd-udevd Tainted: G B 6.13.0-rc1-00001-gd83d84ba8238 #1 c5f92a2cc5ec5cf398aabc567400058700a7a09d
[ 35.693166][ T129] Tainted: [B]=BAD_PAGE
[ 35.693850][ T129] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 35.695312][ T129] RIP: poison_endbr+0x2d8/0x3b0
[ 35.696266][ T129] Code: 03 48 c7 c7 00 ca 23 84 e8 85 ae 30 00 e9 71 fe ff ff b9 01 00 00 00 31 d2 be 01 00 00 00 48 c7 c7 60 54 be 86 e8 88 d0 57 00 <0f> 0b b9 01 00 00 00 31 d2 be 01 00 00 00 48 c7 c7 30 54 be 86 e8
All code
========
0: 03 48 c7 add -0x39(%rax),%ecx
3: c7 00 ca 23 84 e8 movl $0xe88423ca,(%rax)
9: 85 ae 30 00 e9 71 test %ebp,0x71e90030(%rsi)
f: fe (bad)
10: ff (bad)
11: ff (bad)
12: b9 01 00 00 00 mov $0x1,%ecx
17: 31 d2 xor %edx,%edx
19: be 01 00 00 00 mov $0x1,%esi
1e: 48 c7 c7 60 54 be 86 mov $0xffffffff86be5460,%rdi
25: e8 88 d0 57 00 call 0x57d0b2
2a:* 0f 0b ud2 <-- trapping instruction
2c: b9 01 00 00 00 mov $0x1,%ecx
31: 31 d2 xor %edx,%edx
33: be 01 00 00 00 mov $0x1,%esi
38: 48 c7 c7 30 54 be 86 mov $0xffffffff86be5430,%rdi
3f: e8 .byte 0xe8
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: b9 01 00 00 00 mov $0x1,%ecx
7: 31 d2 xor %edx,%edx
9: be 01 00 00 00 mov $0x1,%esi
e: 48 c7 c7 30 54 be 86 mov $0xffffffff86be5430,%rdi
15: e8 .byte 0xe8
[ 35.698861][ T129] RSP: 0000:ffff8881572577e8 EFLAGS: 00210282
[ 35.699778][ T129] RAX: dffffc0000000000 RBX: 1ffff1102ae4aefe RCX: 0000000000000001
[ 35.700982][ T129] RDX: 1ffffffff0d7ca8f RSI: 0000000000000001 RDI: ffffffff86be5478
[ 35.702137][ T129] RBP: ffffffffa060d760 R08: 0000000000000000 R09: 0000000000000000
[ 35.703328][ T129] R10: ffffffff86e59b57 R11: 0000000000000000 R12: 0000000000000000
[ 35.704527][ T129] R13: ffffffffa05f7140 R14: 0000000000000000 R15: ffffc9000057e648
[ 35.705732][ T129] FS: 0000000000000000(0000) GS:ffff8883aef00000(0063) knlGS:00000000f78f9ac0
[ 35.707032][ T129] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 35.707995][ T129] CR2: 00000000f6ebbfef CR3: 000000015144f000 CR4: 00000000000406b0
[ 35.709198][ T129] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 35.710231][ T129] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 35.711218][ T129] Call Trace:
[ 35.711676][ T129] <TASK>
[ 35.712113][ T129] ? poison_endbr+0x2d8/0x3b0
[ 35.712818][ T129] ? __warn (kernel/panic.c:748)
[ 35.713354][ T129] ? poison_endbr+0x2d8/0x3b0
[ 35.714083][ T129] ? report_bug (lib/bug.c:180 lib/bug.c:219)
[ 35.714657][ T129] ? handle_bug (arch/x86/kernel/traps.c:285)
[ 35.715236][ T129] ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))
[ 35.715855][ T129] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 35.716489][ T129] ? poison_endbr+0x2d8/0x3b0
[ 35.717201][ T129] ? poison_endbr+0x2d8/0x3b0
[ 35.717921][ T129] ? apply_alternatives (arch/x86/kernel/alternative.c:860)
[ 35.718583][ T129] ? __write_relocate_add+0x1cf/0x590
[ 35.719358][ T129] ? add_kallsyms (include/linux/rcupdate.h:347 include/linux/rcupdate.h:880 kernel/module/kallsyms.c:223)
[ 35.719975][ T129] ? trace_lock_release (include/trace/events/lock.h:69 (discriminator 37))
[ 35.720610][ T129] ? add_kallsyms (include/linux/rcupdate.h:347 include/linux/rcupdate.h:880 kernel/module/kallsyms.c:223)
[ 35.721235][ T129] ? lock_release (kernel/locking/lockdep.c:116 kernel/locking/lockdep.c:5862)
[ 35.721855][ T129] apply_seal_endbr (arch/x86/kernel/alternative.c:892)
[ 35.722456][ T129] module_finalize (arch/x86/kernel/module.c:304)
[ 35.723084][ T129] load_module (kernel/module/main.c:2808 kernel/module/main.c:3316)
[ 35.723666][ T129] init_module_from_file (kernel/module/main.c:3565)
[ 35.724316][ T129] ? __ia32_sys_init_module (kernel/module/main.c:3541)
[ 35.724992][ T129] ? do_raw_spin_unlock (kernel/locking/spinlock_debug.c:103 kernel/locking/spinlock_debug.c:141)
[ 35.725648][ T129] idempotent_init_module (kernel/module/main.c:3577)
[ 35.726327][ T129] ? init_module_from_file (kernel/module/main.c:3569)
[ 35.727013][ T129] ? security_capable (security/security.c:1142)
[ 35.727622][ T129] __ia32_sys_finit_module (include/linux/file.h:62 include/linux/file.h:83 kernel/module/main.c:3600 kernel/module/main.c:3587 kernel/module/main.c:3587)
[ 35.728345][ T129] do_int80_emulation (arch/x86/entry/common.c:165 arch/x86/entry/common.c:253)
[ 35.728993][ T129] ? randomize_page (mm/util.c:570)
[ 35.729601][ T129] ? __fget_files (include/linux/rcupdate.h:347 include/linux/rcupdate.h:880 fs/file.c:1050)
[ 35.730279][ T129] ? lock_release (kernel/locking/lockdep.c:116 kernel/locking/lockdep.c:5862)
[ 35.730952][ T129] ? __fget_files (arch/x86/include/asm/preempt.h:84 include/linux/rcupdate.h:98 include/linux/rcupdate.h:882 fs/file.c:1050)
[ 35.731621][ T129] ? __fget_files (include/linux/rcupdate.h:337 include/linux/rcupdate.h:849 fs/file.c:1048)
[ 35.732311][ T129] ? fput (arch/x86/include/asm/atomic64_64.h:79 include/linux/atomic/atomic-arch-fallback.h:2913 include/linux/atomic/atomic-arch-fallback.h:3364 include/linux/atomic/atomic-long.h:698 include/linux/atomic/atomic-instrumented.h:3767 include/linux/file_ref.h:157 fs/file_table.c:501)
[ 35.732905][ T129] ? trace_irq_enable+0xdf/0x120
[ 35.733672][ T129] ? syscall_exit_to_user_mode (arch/x86/include/asm/processor.h:719 arch/x86/include/asm/entry-common.h:100 include/linux/entry-common.h:365 kernel/entry/common.c:220)
[ 35.734461][ T129] ? do_int80_emulation (arch/x86/entry/common.c:257)
[ 35.735179][ T129] ? trace_irq_enable+0xdf/0x120
[ 35.735948][ T129] ? syscall_exit_to_user_mode (arch/x86/include/asm/processor.h:719 arch/x86/include/asm/entry-common.h:100 include/linux/entry-common.h:365 kernel/entry/common.c:220)
[ 35.736674][ T129] ? do_int80_emulation (arch/x86/entry/common.c:257)
[ 35.737366][ T129] ? _copy_to_user (arch/x86/include/asm/uaccess_64.h:134 arch/x86/include/asm/uaccess_64.h:134 arch/x86/include/asm/uaccess_64.h:147 include/linux/uaccess.h:197 lib/usercopy.c:26)
[ 35.738007][ T129] ? __ia32_sys_llseek (fs/read_write.c:437 fs/read_write.c:417 fs/read_write.c:417)
[ 35.738760][ T129] ? __x64_compat_sys_lseek (fs/read_write.c:417)
[ 35.739470][ T129] ? trace_irq_enable+0xdf/0x120
[ 35.740240][ T129] ? syscall_exit_to_user_mode (arch/x86/include/asm/processor.h:719 arch/x86/include/asm/entry-common.h:100 include/linux/entry-common.h:365 kernel/entry/common.c:220)
[ 35.741014][ T129] ? do_int80_emulation (arch/x86/entry/common.c:257)
[ 35.741729][ T129] ? trace_irq_disable+0xdf/0x120
[ 35.742495][ T129] ? do_int80_emulation (arch/x86/include/asm/jump_label.h:36 arch/x86/entry/common.c:229)
[ 35.743160][ T129] asm_int80_emulation (arch/x86/include/asm/idtentry.h:626)
[ 35.743791][ T129] RIP: 0023:0xf7f5d092
[ 35.744322][ T129] Code: 00 00 00 e9 90 ff ff ff ff a3 24 00 00 00 68 30 00 00 00 e9 80 ff ff ff ff a3 f8 ff ff ff 66 90 00 00 00 00 00 00 00 00 cd 80 <c3> 8d b4 26 00 00 00 00 8d b6 00 00 00 00 8b 1c 24 c3 8d b4 26 00
All code
========
0: 00 00 add %al,(%rax)
2: 00 e9 add %ch,%cl
4: 90 nop
5: ff (bad)
6: ff (bad)
7: ff (bad)
8: ff a3 24 00 00 00 jmp *0x24(%rbx)
e: 68 30 00 00 00 push $0x30
13: e9 80 ff ff ff jmp 0xffffffffffffff98
18: ff a3 f8 ff ff ff jmp *-0x8(%rbx)
1e: 66 90 xchg %ax,%ax
...
28: cd 80 int $0x80
2a:* c3 ret <-- trapping instruction
2b: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
32: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
38: 8b 1c 24 mov (%rsp),%ebx
3b: c3 ret
3c: 8d .byte 0x8d
3d: b4 26 mov $0x26,%ah
...
Code starting with the faulting instruction
===========================================
0: c3 ret
1: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
8: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
e: 8b 1c 24 mov (%rsp),%ebx
11: c3 ret
12: 8d .byte 0x8d
13: b4 26 mov $0x26,%ah
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20241220/202412201026.6ad736f3-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists