lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAA85sZuv3kqb1B-=UP0m2i-a0kfebNZy-994Dw_v5hd-PrxEGw@mail.gmail.com>
Date: Tue, 25 Feb 2025 11:13:47 +0100
From: Ian Kumlien <ian.kumlien@...il.com>
To: Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Re: [6.12.15][be2net?] Voluntary context switch within RCU read-side
 critical section!

Same thing happens in 6.13.4, FYI

[    5.253286] ------------[ cut here ]------------
[    5.253291] Voluntary context switch within RCU read-side critical section!
[    5.253296] WARNING: CPU: 7 PID: 1052 at
kernel/rcu/tree_plugin.h:331 rcu_note_context_switch+0x66f/0x6d0
[    5.253304] Modules linked in: cfg80211 rfkill qrtr nft_masq
nft_nat sunrpc nft_numgen nft_chain_nat nf_nat nft_ct nf_conntrack
nf_defrag_ipv6 nf_defrag_ipv4 nft_reject_inet nf_reject_ipv4
nf_reject_ipv6 nft_reject nf_tables vfat fat ocrdma ib_uverbs ib_core
xfs snd_hda_codec_realtek snd_hda_codec_generic intel_rapl_msr
snd_hda_scodec_component snd_hda_codec_hdmi intel_rapl_common
x86_pkg_temp_thermal snd_hda_intel intel_powerclamp coretemp
snd_intel_dspcfg mei_pxp snd_intel_sdw_acpi dell_pc iTCO_wdt
platform_profile snd_hda_codec mei_wdt at24 kvm_intel mei_hdcp
intel_pmc_bxt iTCO_vendor_support dell_smm_hwmon snd_hda_core dell_wmi
kvm snd_hwdep dell_smbios snd_pcm rapl dcdbas sparse_keymap
intel_cstate dell_wmi_descriptor intel_uncore intel_wmi_thunderbolt
wmi_bmof i2c_i801 i2c_smbus snd_timer mei_me snd e1000e lpc_ich mei
be2net soundcore sch_fq fuse loop dm_multipath nfnetlink zram
lz4hc_compress lz4_compress i915 crct10dif_pclmul i2c_algo_bit
crc32_pclmul drm_buddy crc32c_intel polyval_clmulni ttm
polyval_generic
[    5.253388]  ghash_clmulni_intel drm_display_helper sha512_ssse3
sha256_ssse3 sha1_ssse3 cec video wmi scsi_dh_rdac scsi_dh_emc
scsi_dh_alua pkcs8_key_parser
[    5.253405] Hardware name: Dell Inc. Precision T1700/04JGCK, BIOS
A28 05/30/2019
[    5.253407] RIP: rcu_note_context_switch+0x66f/0x6d0
[ 5.253411] Code: a8 00 00 00 00 0f 85 3c fd ff ff 49 89 8d a8 00 00
00 e9 30 fd ff ff 48 c7 c7 30 6f de b7 c6 05 7b 51 96 02 01 e8 61 0e
f2 ff <0f> 0b e9 dc f9 ff ff c6 45 11 00 48 8b 75 20 ba 01 00 00 00 48
8b
All code
========
   0: a8 00                test   $0x0,%al
   2: 00 00                add    %al,(%rax)
   4: 00 0f                add    %cl,(%rdi)
   6: 85 3c fd ff ff 49 89 test   %edi,-0x76b60001(,%rdi,8)
   d: 8d a8 00 00 00 e9    lea    -0x17000000(%rax),%ebp
  13: 30 fd                xor    %bh,%ch
  15: ff                    (bad)
  16: ff 48 c7              decl   -0x39(%rax)
  19: c7                    (bad)
  1a: 30 6f de              xor    %ch,-0x22(%rdi)
  1d: b7 c6                mov    $0xc6,%bh
  1f: 05 7b 51 96 02        add    $0x296517b,%eax
  24: 01 e8                add    %ebp,%eax
  26: 61                    (bad)
  27: 0e                    (bad)
  28:* f2 ff 0f              repnz decl (%rdi) <-- trapping instruction
  2b: 0b e9                or     %ecx,%ebp
  2d: dc f9                fdivr  %st,%st(1)
  2f: ff                    (bad)
  30: ff c6                inc    %esi
  32: 45 11 00              adc    %r8d,(%r8)
  35: 48 8b 75 20          mov    0x20(%rbp),%rsi
  39: ba 01 00 00 00        mov    $0x1,%edx
  3e: 48                    rex.W
  3f: 8b                    .byte 0x8b

Code starting with the faulting instruction
===========================================
   0: 0f 0b                ud2
   2: e9 dc f9 ff ff        jmp    0xfffffffffffff9e3
   7: c6 45 11 00          movb   $0x0,0x11(%rbp)
   b: 48 8b 75 20          mov    0x20(%rbp),%rsi
   f: ba 01 00 00 00        mov    $0x1,%edx
  14: 48                    rex.W
  15: 8b                    .byte 0x8b
[    5.253413] RSP: 0018:ffffadb040f4b688 EFLAGS: 00010082
[    5.253416] RAX: 0000000000000000 RBX: ffff957a4d705380 RCX: 0000000000000027
[    5.253418] RDX: ffff957d4eba1908 RSI: 0000000000000001 RDI: ffff957d4eba1900
[    5.253420] RBP: ffff957d4ebb7d40 R08: 0000000000000000 R09: 0000000000000000
[    5.253422] R10: 206c616369746972 R11: 0000000000000000 R12: 0000000000000000
[    5.253423] R13: ffff957a4d705380 R14: 000000000007a100 R15: ffff957a47400b30
[    5.253425] FS:  00007f6cc2c0dbc0(0000) GS:ffff957d4eb80000(0000)
knlGS:0000000000000000
[    5.253428] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    5.253430] CR2: 0000556e7a98b188 CR3: 00000001210ce006 CR4: 00000000001726f0
[    5.253432] Call Trace:
[    5.253434]  <TASK>
[    5.253435] ? rcu_note_context_switch+0x66f/0x6d0
[    5.253439] ? __warn.cold+0x93/0xfa
[    5.253443] ? rcu_note_context_switch+0x66f/0x6d0
[    5.253447] ? report_bug+0xff/0x140
[    5.253451] ? console_unlock+0x9d/0x140
[    5.253455] ? handle_bug+0x58/0x90
[    5.253458] ? exc_invalid_op+0x17/0x70
[    5.253461] ? asm_exc_invalid_op+0x1a/0x20
[    5.253466] ? rcu_note_context_switch+0x66f/0x6d0
[    5.253469] ? rcu_note_context_switch+0x66f/0x6d0
[    5.253472] ? valid_bridge_getlink_req.constprop.0+0xac/0x1c0
[    5.253478] __schedule+0xcc/0x14b0
[    5.253482] ? get_nohz_timer_target+0x2d/0x180
[    5.253486] ? timerqueue_add+0x71/0xc0
[    5.253489] ? enqueue_hrtimer+0x42/0xa0
[    5.253492] schedule+0x27/0xf0
[    5.253495] usleep_range_state+0xea/0x120
[    5.253499] ? __pfx_hrtimer_wakeup+0x10/0x10
WARNING! Cannot find .ko for module be2net, please pass a valid module path
[    5.253503] ? be_mcc_notify_wait+0x6c/0x150 be2net
WARNING! Cannot find .ko for module be2net, please pass a valid module path
[    5.253516] be_mcc_notify_wait+0xbe/0x150 be2net
WARNING! Cannot find .ko for module be2net, please pass a valid module path
[    5.253526] be_cmd_get_hsw_config+0x16c/0x190 be2net
WARNING! Cannot find .ko for module be2net, please pass a valid module path
[    5.253537] be_ndo_bridge_getlink+0xe0/0x100 be2net
[    5.253547] rtnl_bridge_getlink+0x12b/0x1b0
[    5.253551] ? __pfx_rtnl_bridge_getlink+0x10/0x10
[    5.253555] rtnl_dumpit+0x80/0xa0
[    5.253558] netlink_dump+0x19c/0x410
[    5.253561] ? skb_release_data+0x193/0x200
[    5.253566] __netlink_dump_start+0x1eb/0x310
[    5.253569] ? __pfx_rtnl_bridge_getlink+0x10/0x10
[    5.253573] rtnetlink_rcv_msg+0x2da/0x460
[    5.253576] ? __pfx_rtnl_dumpit+0x10/0x10
[    5.253579] ? __pfx_rtnl_bridge_getlink+0x10/0x10
[    5.253582] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[    5.253586] netlink_rcv_skb+0x53/0x100
[    5.253590] netlink_unicast+0x245/0x390
[    5.253593] netlink_sendmsg+0x21b/0x470
[    5.253597] __sys_sendto+0x1ef/0x200
[    5.253602] __x64_sys_sendto+0x24/0x30
[    5.253605] do_syscall_64+0x82/0x160
[    5.253609] ? syscall_exit_to_user_mode+0x10/0x210
[    5.253613] ? do_syscall_64+0x8e/0x160
[    5.253616] ? atime_needs_update+0xa0/0x120
[    5.253621] ? touch_atime+0x1e/0x120
[    5.253624] ? iterate_dir+0x182/0x200
[    5.253627] ? __x64_sys_getdents64+0xa7/0x120
[    5.253629] ? __pfx_filldir64+0x10/0x10
[    5.253632] ? syscall_exit_to_user_mode+0x10/0x210
[    5.253635] ? do_syscall_64+0x8e/0x160
[    5.253638] ? do_syscall_64+0x8e/0x160
[    5.253642] ? do_syscall_64+0x8e/0x160
[    5.253645] ? do_syscall_64+0x8e/0x160
[    5.253648] ? do_syscall_64+0x8e/0x160
[    5.253651] ? exc_page_fault+0x7e/0x180
[    5.253654] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[    5.253658] RIP: 0033:0x7f6cc34d55b7
[ 5.253669] Code: c7 c0 ff ff ff ff eb be 66 2e 0f 1f 84 00 00 00 00
00 90 f3 0f 1e fa 80 3d 15 9b 0f 00 00 41 89 ca 74 10 b8 2c 00 00 00
0f 05 <48> 3d 00 f0 ff ff 77 69 c3 55 48 89 e5 53 48 83 ec 38 44 89 4d
d0
All code
========
   0: c7 c0 ff ff ff ff    mov    $0xffffffff,%eax
   6: eb be                jmp    0xffffffffffffffc6
   8: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1)
   f: 00 00 00
  12: 90                    nop
  13: f3 0f 1e fa          endbr64
  17: 80 3d 15 9b 0f 00 00 cmpb   $0x0,0xf9b15(%rip)        # 0xf9b33
  1e: 41 89 ca              mov    %ecx,%r10d
  21: 74 10                je     0x33
  23: b8 2c 00 00 00        mov    $0x2c,%eax
  28: 0f 05                syscall
  2a:* 48 3d 00 f0 ff ff    cmp    $0xfffffffffffff000,%rax <--
trapping instruction
  30: 77 69                ja     0x9b
  32: c3                    ret
  33: 55                    push   %rbp
  34: 48 89 e5              mov    %rsp,%rbp
  37: 53                    push   %rbx
  38: 48 83 ec 38          sub    $0x38,%rsp
  3c: 44 89 4d d0          mov    %r9d,-0x30(%rbp)

Code starting with the faulting instruction
===========================================
   0: 48 3d 00 f0 ff ff    cmp    $0xfffffffffffff000,%rax
   6: 77 69                ja     0x71
   8: c3                    ret
   9: 55                    push   %rbp
   a: 48 89 e5              mov    %rsp,%rbp
   d: 53                    push   %rbx
   e: 48 83 ec 38          sub    $0x38,%rsp
  12: 44 89 4d d0          mov    %r9d,-0x30(%rbp)
[    5.253671] RSP: 002b:00007ffc5839a338 EFLAGS: 00000202 ORIG_RAX:
000000000000002c
[    5.253674] RAX: ffffffffffffffda RBX: 0000556e7a95cc80 RCX: 00007f6cc34d55b7
[    5.253676] RDX: 0000000000000020 RSI: 0000556e7a9752d0 RDI: 0000000000000003
[    5.253677] RBP: 00007ffc5839a3d0 R08: 00007ffc5839a340 R09: 0000000000000080
[    5.253679] R10: 0000000000000000 R11: 0000000000000202 R12: 0000556e7a98b2c0
[    5.253681] R13: 00007ffc5839a414 R14: 0000556e7a98b2c0 R15: 0000556e448c7a90
[    5.253684]  </TASK>
[    5.253685] ---[ end trace 0000000000000000 ]---

On Tue, Feb 25, 2025 at 9:05 AM Ian Kumlien <ian.kumlien@...il.com> wrote:
>
> Just had this happen just before be2net initialization... FYI and all that ;)
>

[--8<--]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ