| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Jun 2022 16:56:41 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Tadeusz Struk <tadeusz.struk@...aro.org>
Cc: 0day robot <lkp@...el.com>, Tejun Heo <tj@...nel.org>,
Zefan Li <lizefan.x@...edance.com>,
Johannes Weiner <hannes@...xchg.org>,
Christian Brauner <brauner@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
LKML <linux-kernel@...r.kernel.org>, cgroups@...r.kernel.org,
lkp@...ts.01.org, Tadeusz Struk <tadeusz.struk@...aro.org>,
Michal Koutny <mkoutny@...e.com>, netdev@...r.kernel.org,
bpf@...r.kernel.org, stable@...r.kernel.org,
syzbot+e42ae441c3b10acf9e9d@...kaller.appspotmail.com
Subject: [cgroup] 3c87862ca1:
WARNING:at_kernel/softirq.c:#__local_bh_enable_ip
Greeting,
FYI, we noticed the following commit (built with gcc-11):
commit: 3c87862ca13147416d900cf82ca56bb2f23910bf ("[PATCH v2] cgroup: serialize css kill and release paths")
url: https://github.com/intel-lab-lkp/linux/commits/Tadeusz-Struk/cgroup-serialize-css-kill-and-release-paths/20220606-014132
base: https://git.kernel.org/cgit/linux/kernel/git/tj/cgroup.git for-next
patch link: https://lore.kernel.org/netdev/20220603181321.443716-1-tadeusz.struk@linaro.org
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>
[ 55.821003][ C1] WARNING: CPU: 1 PID: 1 at kernel/softirq.c:363 __local_bh_enable_ip (kernel/softirq.c:363)
[ 55.822745][ C1] Modules linked in: fuse ip_tables
[ 55.823837][ C1] CPU: 1 PID: 1 Comm: systemd Not tainted 5.18.0-rc5-00048-g3c87862ca131 #1
[ 55.825505][ C1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 55.827516][ C1] RIP: 0010:__local_bh_enable_ip (kernel/softirq.c:363)
[ 55.828671][ C1] Code: 47 65 8b 05 b1 d9 a8 47 a9 00 ff ff 00 74 30 65 ff 0d a3 d9 a8 47 e8 9e c6 39 00 fb 5b 5d c3 65 8b 05 8f e2 a8 47 85 c0 75 b0 <0f> 0b eb ac e8 c6 c7 39 00 eb ad 48 89 ef e8 3c 89 16 00 eb b6 65
All code
========
0: 47 rex.RXB
1: 65 8b 05 b1 d9 a8 47 mov %gs:0x47a8d9b1(%rip),%eax # 0x47a8d9b9
8: a9 00 ff ff 00 test $0xffff00,%eax
d: 74 30 je 0x3f
f: 65 ff 0d a3 d9 a8 47 decl %gs:0x47a8d9a3(%rip) # 0x47a8d9b9
16: e8 9e c6 39 00 callq 0x39c6b9
1b: fb sti
1c: 5b pop %rbx
1d: 5d pop %rbp
1e: c3 retq
1f: 65 8b 05 8f e2 a8 47 mov %gs:0x47a8e28f(%rip),%eax # 0x47a8e2b5
26: 85 c0 test %eax,%eax
28: 75 b0 jne 0xffffffffffffffda
2a:* 0f 0b ud2 <-- trapping instruction
2c: eb ac jmp 0xffffffffffffffda
2e: e8 c6 c7 39 00 callq 0x39c7f9
33: eb ad jmp 0xffffffffffffffe2
35: 48 89 ef mov %rbp,%rdi
38: e8 3c 89 16 00 callq 0x168979
3d: eb b6 jmp 0xfffffffffffffff5
3f: 65 gs
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: eb ac jmp 0xffffffffffffffb0
4: e8 c6 c7 39 00 callq 0x39c7cf
9: eb ad jmp 0xffffffffffffffb8
b: 48 89 ef mov %rbp,%rdi
e: e8 3c 89 16 00 callq 0x16894f
13: eb b6 jmp 0xffffffffffffffcb
15: 65 gs
[ 55.832215][ C1] RSP: 0018:ffffc90000178d60 EFLAGS: 00010046
[ 55.833390][ C1] RAX: 0000000000000000 RBX: 0000000000000201 RCX: 1ffffffff7a3ca41
[ 55.834990][ C1] RDX: 0000000000000000 RSI: 0000000000000201 RDI: ffffffffb88332da
[ 55.836576][ C1] RBP: ffffffffb88332da R08: 0000000000000000 R09: ffff8881c0af245b
[ 55.838123][ C1] R10: ffffed103815e48b R11: 0000000000000001 R12: 0000000000000008
[ 55.839742][ C1] R13: ffff8881a593a000 R14: dffffc0000000000 R15: ffff8881c0af2418
[ 55.841328][ C1] FS: 00007fd6571cc900(0000) GS:ffff88839d500000(0000) knlGS:0000000000000000
[ 55.843084][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 55.844302][ C1] CR2: 00007fd51c623028 CR3: 00000001bfc72000 CR4: 00000000000406e0
[ 55.845905][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 55.847510][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 55.849058][ C1] Call Trace:
[ 55.849769][ C1] <IRQ>
[ 55.850460][ C1] put_css_set_locked (include/linux/percpu-refcount.h:335 include/linux/percpu-refcount.h:351 include/linux/cgroup.h:404 kernel/cgroup/cgroup.c:971 kernel/cgroup/cgroup.c:955)
[ 55.851549][ C1] cgroup_free (include/linux/spinlock.h:404 kernel/cgroup/cgroup-internal.h:212 kernel/cgroup/cgroup-internal.h:198 kernel/cgroup/cgroup.c:6480)
[ 55.852470][ C1] __put_task_struct (kernel/fork.c:842)
[ 55.853436][ C1] rcu_do_batch (include/linux/rcupdate.h:273 kernel/rcu/tree.c:2537)
[ 55.854361][ C1] ? lock_is_held_type (kernel/locking/lockdep.c:5382 kernel/locking/lockdep.c:5684)
[ 55.855400][ C1] ? rcu_implicit_dynticks_qs (kernel/rcu/tree.c:2474)
[ 55.856581][ C1] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4493)
[ 55.857836][ C1] ? note_gp_changes (arch/x86/include/asm/irqflags.h:45 (discriminator 1) arch/x86/include/asm/irqflags.h:80 (discriminator 1) arch/x86/include/asm/irqflags.h:138 (discriminator 1) kernel/rcu/tree.c:1698 (discriminator 1))
[ 55.858828][ C1] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:50 (discriminator 22))
[ 55.859889][ C1] rcu_core (kernel/rcu/tree.c:2788)
[ 55.860786][ C1] __do_softirq (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 include/trace/events/irq.h:142 kernel/softirq.c:559)
[ 55.861747][ C1] __irq_exit_rcu (kernel/softirq.c:432 kernel/softirq.c:637)
[ 55.862673][ C1] irq_exit_rcu (kernel/softirq.c:651)
[ 55.863601][ C1] sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1097 (discriminator 14))
[ 55.864709][ C1] </IRQ>
[ 55.865399][ C1] <TASK>
[ 55.866087][ C1] asm_sysvec_apic_timer_interrupt (arch/x86/include/asm/idtentry.h:645)
[ 55.867251][ C1] RIP: 0010:walk_component (fs/namei.c:2027)
[ 55.868365][ C1] Code: c7 43 08 00 00 00 00 48 8b 84 24 80 00 00 00 65 48 2b 04 25 28 00 00 00 0f 85 99 03 00 00 48 81 c4 88 00 00 00 4c 89 e0 5b 5d <41> 5c 41 5d 41 5e 41 5f c3 48 b8 00 00 00 00 00 fc ff df 48 8d 7d
All code
========
0: c7 43 08 00 00 00 00 movl $0x0,0x8(%rbx)
7: 48 8b 84 24 80 00 00 mov 0x80(%rsp),%rax
e: 00
f: 65 48 2b 04 25 28 00 sub %gs:0x28,%rax
16: 00 00
18: 0f 85 99 03 00 00 jne 0x3b7
1e: 48 81 c4 88 00 00 00 add $0x88,%rsp
25: 4c 89 e0 mov %r12,%rax
28: 5b pop %rbx
29: 5d pop %rbp
2a:* 41 5c pop %r12 <-- trapping instruction
2c: 41 5d pop %r13
2e: 41 5e pop %r14
30: 41 5f pop %r15
32: c3 retq
33: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
3a: fc ff df
3d: 48 rex.W
3e: 8d .byte 0x8d
3f: 7d .byte 0x7d
Code starting with the faulting instruction
===========================================
0: 41 5c pop %r12
2: 41 5d pop %r13
4: 41 5e pop %r14
6: 41 5f pop %r15
8: c3 retq
9: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
10: fc ff df
13: 48 rex.W
14: 8d .byte 0x8d
15: 7d .byte 0x7d
[ 55.871899][ C1] RSP: 0018:ffffc9000001f988 EFLAGS: 00000286
[ 55.873081][ C1] RAX: 0000000000000000 RBX: 000000063dbe831e RCX: ffffc9000001f690
[ 55.874697][ C1] RDX: 0000000000000000 RSI: ffffffffbc798f20 RDI: ffffc9000001fbe0
[ 55.876281][ C1] RBP: 0000000000000006 R08: ffff888100310dd8 R09: ffffffffbd1de4e7
[ 55.877803][ C1] R10: ffffed102003531b R11: 0000000000000001 R12: 0000000000000000
[ 55.879386][ C1] R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000
[ 55.881044][ C1] link_path_walk+0x563/0xc80
[ 55.882258][ C1] ? path_init (fs/namei.c:2411)
[ 55.883192][ C1] ? __raw_spin_lock_init (kernel/locking/spinlock_debug.c:26)
[ 55.884260][ C1] ? open_last_lookups (fs/namei.c:2265)
[ 55.885290][ C1] ? debug_mutex_init (kernel/locking/mutex-debug.c:89)
[ 55.886305][ C1] ? __alloc_file (fs/file_table.c:153)
[ 55.887298][ C1] path_openat (fs/namei.c:3605)
[ 55.888247][ C1] ? __lock_acquire (kernel/locking/lockdep.c:5029)
[ 55.889229][ C1] ? path_lookupat (fs/namei.c:3591)
[ 55.890215][ C1] do_filp_open (fs/namei.c:3636)
[ 55.893219][ C1] ? alloc_fd (fs/file.c:555 (discriminator 10))
[ 55.894154][ C1] ? may_open_dev (fs/namei.c:3630)
[ 55.895168][ C1] ? __lock_release (kernel/locking/lockdep.c:5317)
[ 55.896219][ C1] ? lock_is_held_type (kernel/locking/lockdep.c:5382 kernel/locking/lockdep.c:5684)
[ 55.897250][ C1] ? alloc_fd (fs/file.c:555 (discriminator 10))
[ 55.898122][ C1] ? _raw_spin_unlock (arch/x86/include/asm/preempt.h:85 include/linux/spinlock_api_smp.h:143 kernel/locking/spinlock.c:186)
[ 55.899114][ C1] ? alloc_fd (fs/file.c:555 (discriminator 10))
[ 55.900031][ C1] ? getname_flags (fs/namei.c:204)
[ 55.901118][ C1] do_sys_openat2 (fs/open.c:1213)
[ 55.902081][ C1] ? rcu_nocb_cb_kthread (kernel/rcu/tree_nocb.h:382)
[ 55.903138][ C1] ? mntput_no_expire (fs/namespace.c:1208)
[ 55.904198][ C1] ? lock_is_held_type (kernel/locking/lockdep.c:5382 kernel/locking/lockdep.c:5684)
[ 55.905231][ C1] ? build_open_flags (fs/open.c:1199)
[ 55.906242][ C1] ? call_rcu (arch/x86/include/asm/irqflags.h:45 arch/x86/include/asm/irqflags.h:80 arch/x86/include/asm/irqflags.h:138 kernel/rcu/tree.c:3109)
[ 55.907155][ C1] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:50 (discriminator 22))
[ 55.908186][ C1] ? call_rcu (arch/x86/include/asm/irqflags.h:45 arch/x86/include/asm/irqflags.h:80 arch/x86/include/asm/irqflags.h:138 kernel/rcu/tree.c:3109)
[ 55.909104][ C1] __x64_sys_openat (fs/open.c:1240)
[ 55.910087][ C1] ? __ia32_compat_sys_open (fs/open.c:1240)
[ 55.911242][ C1] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4501)
[ 55.912481][ C1] ? syscall_enter_from_user_mode (arch/x86/include/asm/irqflags.h:45 arch/x86/include/asm/irqflags.h:80 kernel/entry/common.c:109)
[ 55.913602][ C1] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:50 (discriminator 22))
[ 55.914638][ C1] do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)
[ 55.915572][ C1] ? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4501)
[ 55.916880][ C1] ? do_syscall_64 (arch/x86/entry/common.c:87)
[ 55.917809][ C1] ? do_syscall_64 (arch/x86/entry/common.c:87)
[ 55.918770][ C1] ? do_syscall_64 (arch/x86/entry/common.c:87)
[ 55.919737][ C1] ? do_syscall_64 (arch/x86/entry/common.c:87)
[ 55.920694][ C1] ? do_syscall_64 (arch/x86/entry/common.c:87)
To reproduce:
# build kernel
cd linux
cp config-5.18.0-rc5-00048-g3c87862ca131 .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
View attachment "config-5.18.0-rc5-00048-g3c87862ca131" of type "text/plain" (167268 bytes)
View attachment "job-script" of type "text/plain" (4871 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (16800 bytes)
Powered by blists - more mailing lists