Greeting,
FYI, we noticed the following commit (built with gcc-11):
commit: 65a1e5c409f2b56b025f913b9cfbc8ae3a717c9a ("[PATCH v3 for-next 2/3] net: copy from user before calling __get_compat_msghdr")
url: https://github.com/intel-lab-lkp/linux/commits/Dylan-Yudaken/io_uring-multishot-recvmsg/20220714-190504
patch link: https://lore.kernel.org/io-uring/[email protected]
in testcase: boot
on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <[email protected]>
[ 39.046823][ T1] selinux=0
[ 39.047412][ T1] softlockup_panic=1
[ 39.048102][ T1] prompt_ramdisk=0
[ 39.048745][ T1] vga=normal
[ 39.607050][ C1] random: crng init done
[ 39.708691][ T1] general protection fault, probably for non-canonical address 0xdffffc001ff4b7e2: 0000 [#1] SMP KASAN PTI
[ 39.710012][ T1] KASAN: probably user-memory-access in range [0x00000000ffa5bf10-0x00000000ffa5bf17]
[ 39.711077][ T1] CPU: 0 PID: 1 Comm: init Not tainted 5.19.0-rc6-00166-g65a1e5c409f2 #1
[ 39.712082][ T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 39.713257][ T1] RIP: 0010:get_compat_msghdr (kbuild/src/consumer/net/compat.c:42 kbuild/src/consumer/net/compat.c:92)
[ 39.714447][ T1] Code: 8b 04 25 28 00 00 00 48 89 84 24 80 00 00 00 31 c0 e8 76 5e 22 ff 48 85 c0 0f 85 90 03 00 00 48 8d 7d 18 48 89 f8 48 c1 e8 03 <42> 0f b6 14 30 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
All code
========
0: 8b 04 25 28 00 00 00 mov 0x28,%eax
7: 48 89 84 24 80 00 00 mov %rax,0x80(%rsp)
e: 00
f: 31 c0 xor %eax,%eax
11: e8 76 5e 22 ff callq 0xffffffffff225e8c
16: 48 85 c0 test %rax,%rax
19: 0f 85 90 03 00 00 jne 0x3af
1f: 48 8d 7d 18 lea 0x18(%rbp),%rdi
23: 48 89 f8 mov %rdi,%rax
26: 48 c1 e8 03 shr $0x3,%rax
2a:* 42 0f b6 14 30 movzbl (%rax,%r14,1),%edx <-- trapping instruction
2f: 48 89 f8 mov %rdi,%rax
32: 83 e0 07 and $0x7,%eax
35: 83 c0 03 add $0x3,%eax
38: 38 d0 cmp %dl,%al
3a: 7c 08 jl 0x44
3c: 84 d2 test %dl,%dl
3e: 0f .byte 0xf
3f: 85 .byte 0x85
Code starting with the faulting instruction
===========================================
0: 42 0f b6 14 30 movzbl (%rax,%r14,1),%edx
5: 48 89 f8 mov %rdi,%rax
8: 83 e0 07 and $0x7,%eax
b: 83 c0 03 add $0x3,%eax
e: 38 d0 cmp %dl,%al
10: 7c 08 jl 0x1a
12: 84 d2 test %dl,%dl
14: 0f .byte 0xf
15: 85 .byte 0x85
[ 39.719043][ T1] RSP: 0018:ffffc9000001fac0 EFLAGS: 00010206
[ 39.724598][ T1] RAX: 000000001ff4b7e2 RBX: ffffc9000001fd30 RCX: 0000000000000000
[ 39.726495][ T1] RDX: 0000000000000004 RSI: 00000000ffa5bf14 RDI: 00000000ffa5bf10
[ 39.728416][ T1] RBP: 00000000ffa5bef8 R08: 0000000000000001 R09: ffffc9000001fb03
[ 39.730382][ T1] R10: fffff52000003f60 R11: 0000000000000001 R12: 1ffff92000003f59
[ 39.731938][ T1] R13: ffffc9000001fbd0 R14: dffffc0000000000 R15: ffffc9000001fbb0
[ 39.732878][ T1] FS: 0000000000000000(0000) GS:ffff88839d600000(0063) knlGS:00000000f7d1a6c0
[ 39.733932][ T1] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 39.734692][ T1] CR2: 00000000f7fa00b4 CR3: 000000010b170000 CR4: 00000000000406f0
[ 39.735659][ T1] Call Trace:
[ 39.736111][ T1] <TASK>
[ 39.736518][ T1] ? __get_compat_msghdr (kbuild/src/consumer/net/compat.c:85)
[ 39.737161][ T1] ? wait_task_zombie (kbuild/src/consumer/kernel/exit.c:1114)
[ 39.737822][ T1] ___sys_recvmsg (kbuild/src/consumer/net/socket.c:2666 kbuild/src/consumer/net/socket.c:2740)
[ 39.738408][ T1] ? copy_msghdr_from_user (kbuild/src/consumer/net/socket.c:2734)
To reproduce:
# build kernel
cd linux
cp config-5.19.0-rc6-00166-g65a1e5c409f2 .config
make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 olddefconfig prepare modules_prepare bzImage modules
make HOSTCC=gcc-11 CC=gcc-11 ARCH=x86_64 INSTALL_MOD_PATH=<mod-install-dir> modules_install
cd <mod-install-dir>
find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email
# if come across any failure that blocks the test,
# please remove ~/.lkp and /lkp dir to run from a clean state.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
On 7/16/22 8:09 AM, kernel test robot wrote:
>
>
> Greeting,
>
> FYI, we noticed the following commit (built with gcc-11):
>
> commit: 65a1e5c409f2b56b025f913b9cfbc8ae3a717c9a ("[PATCH v3 for-next 2/3] net: copy from user before calling __get_compat_msghdr")
> url: https://github.com/intel-lab-lkp/linux/commits/Dylan-Yudaken/io_uring-multishot-recvmsg/20220714-190504
> patch link: https://lore.kernel.org/io-uring/[email protected]
>
> in testcase: boot
>
> on test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
>
> caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
This is the same as the issue reported by Marek, should be fixed by:
https://git.kernel.dk/cgit/linux-block/commit/?h=for-5.20/io_uring&id=e544477ca928416bf3897b8461672752eb6581fe
--
Jens Axboe