| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <328B9E3D-E0B0-44C6-8574-27302F33A638@gmail.com> Date: Tue, 17 Jun 2025 21:20:09 +0530 From: Abhigyan ghosh <zscript.team.zs@...il.com> To: Vince Weaver <vincent.weaver@...ne.edu> CC: linux-kernel@...r.kernel.org, linux-perf-users@...r.kernel.org Subject: Re: [perf] unchecked MSR access error: WRMSR to 0x3f1 Hi Vince, Thanks for sharing the report. The WRMSR to 0x3f1 stood out — seems similar to the one handled in commit 2dc0572f2cef back in 2021. Curious if 0x3f1 has popped up before or if this could be a new MSR usage pattern tied to recent PEBS changes? Also, do you think a quirk-based mask or trap filter around this could be a cleaner way to handle this in the fuzzer context, especially for newer Intel platforms? Let me know your thoughts. Best, Abhigyan Ghosh On 17 June 2025 9:09:36 pm IST, Vince Weaver <vincent.weaver@...ne.edu> wrote: >Hello > >When running the perf_fuzzzer on a raptor-lake machine I get a > unchecked MSR access error: WRMSR to 0x3f1 >error (see below). > >A similar message happened before back in 2021 and was fixed in >commit 2dc0572f2cef87425147658698dce2600b799bd3 so not sure if this is the >same problem or something new. > >Vince Weaver >vincent.weaver@...ne.edu > >[12646.001692] unchecked MSR access error: WRMSR to 0x3f1 (tried to write 0x0001000000000001) at rIP: 0xffffffffa98932af (native_write_msr+0xf/0x20) >[12646.001698] Call Trace: >[12646.001700] <TASK> >[12646.001700] intel_pmu_pebs_enable_all+0x2c/0x40 >[12646.001703] intel_pmu_enable_all+0xe/0x20 >[12646.001705] ctx_resched+0x227/0x280 >[12646.001708] event_function+0x8f/0xd0 >[12646.001710] ? __pfx___perf_event_enable+0x10/0x10 >[12646.001711] remote_function+0x42/0x50 >[12646.001713] ? __pfx_remote_function+0x10/0x10 >[12646.001714] generic_exec_single+0x6d/0x130 >[12646.001715] smp_call_function_single+0xee/0x140 >[12646.001716] ? __pfx_remote_function+0x10/0x10 >[12646.001717] event_function_call+0x9f/0x1c0 >[12646.001718] ? __pfx___perf_event_enable+0x10/0x10 >[12646.001720] ? __pfx_event_function+0x10/0x10 >[12646.001721] perf_event_task_enable+0x7b/0x100 >[12646.001723] __do_sys_prctl+0x56f/0xca0 >[12646.001725] do_syscall_64+0x84/0x2f0 >[12646.001727] ? exit_to_user_mode_loop+0xcd/0x120 >[12646.001729] ? do_syscall_64+0x1ef/0x2f0 >[12646.001730] ? try_to_wake_up+0x7e/0x640 >[12646.001732] ? complete_signal+0x2e8/0x350 >[12646.001734] ? __send_signal_locked+0x2e3/0x450 >[12646.001735] ? send_signal_locked+0xb6/0x120 >[12646.001736] ? do_send_sig_info+0x6e/0xc0 >[12646.001737] ? kill_pid_info_type+0xa6/0xc0 >[12646.001738] ? kill_something_info+0x167/0x1a0 >[12646.001739] ? syscall_exit_work+0x132/0x140 >[12646.001740] ? do_syscall_64+0xbc/0x2f0 >[12646.001741] entry_SYSCALL_64_after_hwframe+0x76/0x7e >[12646.001743] RIP: 0033:0x7efe86afd40d >[12646.001744] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 18 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 9d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 1b 48 8b 54 24 18 64 48 2b 14 25 28 00 00 00 >[12646.001745] RSP: 002b:00007ffcd6444cf0 EFLAGS: 00000246 ORIG_RAX: 000000000000009d >[12646.001746] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00007efe86afd40d >[12646.001747] RDX: 0000000000000001 RSI: 00007ffcd6444d24 RDI: 0000000000000020 >[12646.001747] RBP: 00007ffcd6444d60 R08: 00007efe86bc625c R09: 00007efe86bc6260 >[12646.001748] R10: 00007efe86bc6250 R11: 0000000000000246 R12: 0000000000000000 >[12646.001748] R13: 00007ffcd64471b8 R14: 0000559eb2a2edd8 R15: 00007efe86c30020 >[12646.001749] </TASK> > > aghosh
Powered by blists - more mailing lists