| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202507220719.dc58fb69-lkp@intel.com>
Date: Tue, 22 Jul 2025 13:26:40 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Ingo Molnar <mingo@...nel.org>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-kernel@...r.kernel.org>,
<x86@...nel.org>, Borislav Petkov <bp@...en8.de>, Peter Zijlstra
<peterz@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>,
<oliver.sang@...el.com>
Subject: [tip:core/bugs] [bugs/core] 1d1c158ece:
WARNING:at__seccomp_filter,CPU##:systemd-journal
Hello,
as we understand, by this commit, the stat (1) becomes stat (2)(3) are expected
and can supply more information.
0e271227ed4ba41e 1d1c158ece6cb7538026233d002
---------------- ---------------------------
fail:runs %reproduction fail:runs
| | |
6:6 -100% :6 dmesg.WARNING:CPU:#PID:#at__seccomp_filter <----- (1)
:6 100% 6:6 dmesg.WARNING:at__seccomp_filter,CPU##:systemd-journal <----- (2)
:6 100% 6:6 dmesg.WARNING:at__seccomp_filter,CPU##:systemd-udevd <----- (3)
however, we failed to bisect stat (1) so cannot capture the real first bad
commit for the WARNING.
we still make out this report FYI there is a WARNING captured in our tests.
kernel test robot noticed "WARNING:at__seccomp_filter,CPU##:systemd-journal" on:
commit: 1d1c158ece6cb7538026233d0020b18e183d39a9 ("bugs/core: Reorganize fields in the first line of WARNING output, add ->comm[] output")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git core/bugs
[test failed on linux-next/master d086c886ceb9f59dea6c3a9dae7eb89e780a20c9]
in testcase: boot
config: x86_64-randconfig-104-20250717
compiler: clang-20
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202507220719.dc58fb69-lkp@intel.com
[ 106.315928][ T80] WARNING: at __seccomp_filter+0x200/0xac0, CPU#1: systemd-journal/80
[ 106.316776][ T80] Modules linked in: autofs4
[ 106.316807][ T80] CPU: 1 UID: 0 PID: 80 Comm: systemd-journal Not tainted 6.16.0-rc1-00016-g1d1c158ece6c #1 NONE
[ 106.316820][ T80] RIP: 0010:__seccomp_filter (include/linux/bpf.h:1322 include/linux/filter.h:718 include/linux/filter.h:725 include/linux/filter.h:742 kernel/seccomp.c:424 kernel/seccomp.c:1258)
[ 106.318660][ T80] Code: 26 55 ea ff 66 90 e8 9f 20 ff ff 4d 8b 5e 30 49 83 c6 48 48 8d bc 24 c8 00 00 00 4c 89 f6 41 ba ee f2 9c cf 45 03 53 c1 74 02 <0f> 0b 41 ff d3 0f 1f 00 41 89 c5 e8 30 d6 e9 ff 45 89 ee 41 81 e6
All code
========
0: 26 55 es push %rbp
2: ea (bad)
3: ff 66 90 jmp *-0x70(%rsi)
6: e8 9f 20 ff ff call 0xffffffffffff20aa
b: 4d 8b 5e 30 mov 0x30(%r14),%r11
f: 49 83 c6 48 add $0x48,%r14
13: 48 8d bc 24 c8 00 00 lea 0xc8(%rsp),%rdi
1a: 00
1b: 4c 89 f6 mov %r14,%rsi
1e: 41 ba ee f2 9c cf mov $0xcf9cf2ee,%r10d
24: 45 03 53 c1 add -0x3f(%r11),%r10d
28: 74 02 je 0x2c
2a:* 0f 0b ud2 <-- trapping instruction
2c: 41 ff d3 call *%r11
2f: 0f 1f 00 nopl (%rax)
32: 41 89 c5 mov %eax,%r13d
35: e8 30 d6 e9 ff call 0xffffffffffe9d66a
3a: 45 89 ee mov %r13d,%r14d
3d: 41 rex.B
3e: 81 .byte 0x81
3f: e6 .byte 0xe6
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 41 ff d3 call *%r11
5: 0f 1f 00 nopl (%rax)
8: 41 89 c5 mov %eax,%r13d
b: e8 30 d6 e9 ff call 0xffffffffffe9d640
10: 45 89 ee mov %r13d,%r14d
13: 41 rex.B
14: 81 .byte 0x81
15: e6 .byte 0xe6
1;39mKernel Trac[ 106.321891][ T80] RDX: 0000000000000000 RSI: ffffc90000075048 RDI: ffffc900012a3d40
m.[ 106.323652][ T80] R10: 00000000cfa1f2ef R11: ffffffffa0000d58 R12: ffff8881a8e18600
[ 106.328424][ T80] R13: ffffc900012a3f70 R14: ffffc90000075048 R15: 000000007fff0000
[ 106.329818][ T80] FS: 0000000000000000(0000) GS:ffff8884ab26d000(0000) knlGS:0000000000000000
[ 106.331921][ T80] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 106.332829][ T80] CR2: 00000000f7fcd01c CR3: 000000017d202000 CR4: 00000000000406b0
[ 106.334346][ T80] Call Trace:
[ 106.334870][ T80] <TASK>
[ 106.335399][ T80] ? __free_frozen_pages (arch/x86/include/asm/preempt.h:85 (discriminator 9) mm/page_alloc.c:2735 (discriminator 9))
[ 106.337400][ T80] ? _raw_spin_unlock (arch/x86/include/asm/preempt.h:85 (discriminator 9) include/linux/spinlock_api_smp.h:143 (discriminator 9) kernel/locking/spinlock.c:186 (discriminator 9))
[ 106.338252][ T80] ? __free_frozen_pages (arch/x86/include/asm/preempt.h:85 (discriminator 9) mm/page_alloc.c:2735 (discriminator 9))
[ 106.339163][ T80] ? slab_free (mm/slub.c:4645)
[ 106.339936][ T80] syscall_trace_enter (kernel/entry/common.c:53)
[ 106.340888][ T80] ? asm_int80_emulation (arch/x86/include/asm/idtentry.h:626)
[ 106.341785][ T80] do_int80_emulation (include/linux/entry-common.h:170 arch/x86/entry/syscall_32.c:171)
[ 106.342700][ T80] ? asm_int80_emulation (arch/x86/include/asm/idtentry.h:626)
[ 106.343611][ T80] ? do_int80_emulation (arch/x86/entry/syscall_32.c:176)
[ 106.344554][ T80] ? do_user_addr_fault (include/linux/mmap_lock.h:?)
[ 106.345555][ T80] ? do_user_addr_fault (arch/x86/mm/fault.c:1441 (discriminator 335708160))
[ 106.346550][ T80] ? trace_hardirqs_off_finish (include/trace/events/preemptirq.h:36 (discriminator 8))
[ 106.347721][ T80] ? do_int80_emulation (arch/x86/include/asm/jump_label.h:36 arch/x86/entry/syscall_32.c:148)
[ 106.362839][ T80] asm_int80_emulation (arch/x86/include/asm/idtentry.h:626)
[ 106.363662][ T80] RIP: 0023:0xf7febcb0
[ 106.364393][ T80] Code: 4c 24 34 89 44 24 0c 8b 44 24 44 8b 54 24 38 8b 74 24 3c 8b 7c 24 40 a9 ff 0f 00 00 75 1c c1 e8 0c 89 c5 b8 c0 00 00 00 cd 80 <3d> 00 f0 ff ff 77 21 83 c4 1c 5b 5e 5f 5d c3 90 83 c4 1c b8 ea ff
All code
========
0: 4c 24 34 rex.WR and $0x34,%al
3: 89 44 24 0c mov %eax,0xc(%rsp)
7: 8b 44 24 44 mov 0x44(%rsp),%eax
b: 8b 54 24 38 mov 0x38(%rsp),%edx
f: 8b 74 24 3c mov 0x3c(%rsp),%esi
13: 8b 7c 24 40 mov 0x40(%rsp),%edi
17: a9 ff 0f 00 00 test $0xfff,%eax
1c: 75 1c jne 0x3a
1e: c1 e8 0c shr $0xc,%eax
21: 89 c5 mov %eax,%ebp
23: b8 c0 00 00 00 mov $0xc0,%eax
28: cd 80 int $0x80
2a:* 3d 00 f0 ff ff cmp $0xfffff000,%eax <-- trapping instruction
2f: 77 21 ja 0x52
31: 83 c4 1c add $0x1c,%esp
34: 5b pop %rbx
35: 5e pop %rsi
36: 5f pop %rdi
37: 5d pop %rbp
38: c3 ret
39: 90 nop
3a: 83 c4 1c add $0x1c,%esp
3d: b8 .byte 0xb8
3e: ea (bad)
3f: ff .byte 0xff
Code starting with the faulting instruction
===========================================
0: 3d 00 f0 ff ff cmp $0xfffff000,%eax
5: 77 21 ja 0x28
7: 83 c4 1c add $0x1c,%esp
a: 5b pop %rbx
b: 5e pop %rsi
c: 5f pop %rdi
d: 5d pop %rbp
e: c3 ret
f: 90 nop
10: 83 c4 1c add $0x1c,%esp
13: b8 .byte 0xb8
14: ea (bad)
15: ff .byte 0xff
[ 106.367884][ T80] RSP: 002b:00000000ffd23590 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[ 106.369233][ T80] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000002000
[ 106.370445][ T80] RDX: 0000000000000003 RSI: 0000000000000022 RDI: 00000000ffffffff
[ 106.371662][ T80] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 106.372873][ T80] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 106.374069][ T80] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 106.375321][ T80] </TASK>
[ 106.375877][ T80] irq event stamp: 7205
[ 106.376550][ T80] hardirqs last enabled at (7213): __console_unlock (arch/x86/include/asm/irqflags.h:19 arch/x86/include/asm/irqflags.h:109 arch/x86/include/asm/irqflags.h:151 kernel/printk/printk.c:344 kernel/printk/printk.c:2885)
[ 106.378146][ T80] hardirqs last disabled at (7230): __console_unlock (kernel/printk/printk.c:342 (discriminator 9) kernel/printk/printk.c:2885 (discriminator 9))
[ 106.379717][ T80] softirqs last enabled at (7228): __irq_exit_rcu (arch/x86/include/asm/jump_label.h:36 kernel/softirq.c:682)
[ 106.381286][ T80] softirqs last disabled at (7221): __irq_exit_rcu (arch/x86/include/asm/jump_label.h:36 kernel/softirq.c:682)
[ 106.382872][ T80] ---[ end trace 0000000000000000 ]---
[ 106.384045][ T80] CFI failure at __seccomp_filter+0x200/0xac0 (target: 0xffffffffa0000cdc; expected type: 0x30630d12
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250722/202507220719.dc58fb69-lkp@intel.com
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
Powered by blists - more mailing lists