Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754001AbdCaG75 (ORCPT ); Fri, 31 Mar 2017 02:59:57 -0400 Received: from mail-he1eur01on0129.outbound.protection.outlook.com ([104.47.0.129]:39040 "EHLO EUR01-HE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752898AbdCaG7z (ORCPT ); Fri, 31 Mar 2017 02:59:55 -0400 Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=nokia.com; Subject: Re: sudo x86info -a => kernel BUG at mm/usercopy.c:78! To: Dave Jones , Kees Cook , Linux-MM , LKML , Laura Abbott , Ingo Molnar , Josh Poimboeuf , Mark Rutland , Eric Biggers References: <20170330194143.cbracica3w3ijrcx@codemonkey.org.uk> <20170330200100.zcyndf3kimepg77o@codemonkey.org.uk> <81379c63-674c-a37f-a6f6-5af385138a25@nokia.com> From: Tommi Rantala Message-ID: <599c2a8b-81d2-654e-4147-dfe9e5b98fc2@nokia.com> Date: Fri, 31 Mar 2017 09:59:44 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <81379c63-674c-a37f-a6f6-5af385138a25@nokia.com> Content-Type: text/plain; charset="windows-1252"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [131.228.2.26] X-ClientProxiedBy: DB6P191CA0024.EURP191.PROD.OUTLOOK.COM (10.175.236.162) To HE1PR0701MB2362.eurprd07.prod.outlook.com (10.168.127.150) X-MS-Office365-Filtering-Correlation-Id: 0ce15ed1-e1e5-4cd5-3d19-08d4780386d9 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(201703131423075)(201703031133081);SRVR:HE1PR0701MB2362; X-Microsoft-Exchange-Diagnostics: 1;HE1PR0701MB2362;3:8znD7rz83UZl9XXda3XDERfa4tBX2wW/DDAwUet/izc2Qjea5DZB3AQMNvOK69ztOOmTo61UgOh+0ZkWDgIp6agz/uMUKape04kPCgePDRrXs4lZ/0oPooNgh0TS8QeNsWUwsGBUM4bUe9Dw1kvW9wXc0N7Hwf1WAPWcLFshVHajvJ+O3MqGPKiv9bymhlZICpivC952bT9Gyo7GntabIPvUjig5AuvPq64zVf85ciaEiXFgOKI3TdyOq2KiXPBPh61evkY7h78qzK5TKqsIdbygwDPqICHnu0TqhN1tp1GJWFNKVZ73tP6Jysf0K/G93cYnKZs8fM6Bm7Jaep9KjT+zDCPoGixHeqkFjbiNmls=;25:ondBfcZkXFSpdTjqV43HY4yokwM2dP935sa85Kw87EtL49COw6NLQYFbGI0poPk5X3/9/LM1l9DKMWyfcN6BRQBnAa7O5+Dha5Kwv9bQSeOQ3/73bwbQAIY76ra4pBs0nRAWvE4gcHufUu/haWKgurodJgyGL6xbYrl1/G5sulRbhOVqkGyt+IM63uK+j4mQhgTPoRCS86tr9ZeaN4AMCxX9nLW9AIBoWDC8PUbfr4dYWxbjT/GblDratt4NWIEWM6c2fce5vACCwP2C5dwcXCMo0TdYAZKMBnxePmFpVXZWRSupyRJV4idtreDV7+1y3oy15JtCJf4xFU2KDfsAD+RbwGtE0GMJzC7Mn0EIB7AYyfxSh98RSnwGlLXI2naNM+imXysHAJAZTzN/KesIqoVADUg9doXtvwwI66gCn55jTRmV+/LrnvRXDZ0kdaBsCjXq3GE9Jv+55hrWETOMjA== X-Microsoft-Exchange-Diagnostics: 1;HE1PR0701MB2362;31:lEAos8wuh55gn7a3xYlkjNjxWTb0ST88cBliDKb38EWdr9Zg1qtL6va6XH48q1JRAr4pSwHp/aVtveQVpdA5mseiAVzdKRCAZrLEmFr7oJ9pJex+KyuTS87vvS75G5vN5ZAgLxAWT+Wgv1ogwe1+9FRdvK6m06Me+1TCVAvnoCwz0ZjjQIe4Xy8xsR20Rg+fJtNrC2QYyGnIQk5qWbUrE0noRwDg1eyDlsxiBL891PUy5S+7wLjVh/fGIjrcrkKfym23zF3Ctw9JGqBHWWUmCSj5L+HCn4t4O7KR0SmrFyc=;20:1nMoLdav7yqR5ZWvvSnamwZbuFc5+6qLdl98uV5+1fd6Jg4nqQnxNpqUDXv7OZBv0WHzpOzx43hYL6uQAlEyddTwZidY2uFDQzmtql77qTDpRehv8Hb8wfxc1Kcqnw0BLE/82wQuJxdsF+hP3METCiTg2lfyDmKsEL2M+SJkzBXMuhdfwZjW7v1xlOj2+9gikNG7kn4Hioe4zjTBq5y7HP/XOhT3lNs9IoXAyYWjwljRA4To4qH+/HIO3waWneuxJ3Y40E168t3ws3W+SMdc3TzDNPuCOi8NpnH5D3PW4LuWc629hlz5iAPRdhsWrhZvd0HNvAuE+qBR68gtT28ZqNeh/J2/wjaj/XkUdedRDif18U2TRbN6eTK9AsFZFf4LYpTJWo9IVXQ8hhzeL7P09nNa1Br6HJ/tBi+cekeFKfeg5/f7R12L1uk1uyoMFu+9dqbH1EK8Xh71q0B7tqJoGqhxowBm1TLGvgciJSuF/nlRtukf+/8f3NDMzmfhmBBIL+wL0mmzSG1RDhQeDmXpKSR1iakyEiY9UrZriOlGaRQ2Dm4kNnZX6Elw1kt/CxEi75ca1Je+yA2YCgwvc0Bw2y6lFLttqNBQn8NXT1zs1Ic= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(93006092)(93001092)(10201501046)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(20161123555025)(20161123564025)(20161123560025)(20161123562025)(6072148);SRVR:HE1PR0701MB2362;BCL:0;PCL:0;RULEID:;SRVR:HE1PR0701MB2362; X-Microsoft-Exchange-Diagnostics: 1;HE1PR0701MB2362;4:X0JayL98VIPua5lO74YPWOit6AupgUSkJL6QhkTPDCL6HkWdAe+gKZr2/K/ZXs9PiZ40xJGEG28Mmo0iyVAzN3R9QB5wG2Jv5dn5M3BJVe6L5s/7GZ89WCzJczh3zpxRpGCaQC0A0iDnfx+gxphPklAzp7FIceGOxOMNh1ArANEjK89N8j0K1lrWNe0vFde/oMzAvgnSbI814rTc3QIeWtEUaIsFAetfhahTuoyDuYJjYwVjBi81Kb2mgdywy1CLcNWYWN9/DI2PQByDySsLQgn7DMlywq6hLgdu7VFGbbEXDG1FZQUFsZMSos9nKU6GaNEzAJq5U1Lzts7xyIpDYHPbhhdOqtQMQwc9uMS1YmPK5p0obabZ8jSoF8sJcusWwUjxcwNMfT2G8r4RcuGyJKxwwnrcBhsbR2vxV6oSK1v54UnNQKyEoNaKziDtMQvQvQpllfgrZV6KbSoaL6E7ghhneBigVHl5r36AmuWowhbGghLE52V7qi896Ngjb9O9FCOveLGbdeiiGnN1/erCUiFb/nCiKPsYUp/bF/2gzBFJtLvA/u9UirLa12mglAcbc72K+gromEwJvITObOZQpOTQObsBZ2VRgLYCzprlQiR0VShwqkv3DIKkW68/qjHwxym6tLOPB8+zt5CuEjCFN3qYDkDyij4RA+oK6H05F3gNHWke6kh1Uauh6lkwQr//zJ0SaW5b9ncu3i+udaN404SCKDff1bdeS5DE3iGcwgE= X-Forefront-PRVS: 02638D901B X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6009001)(6049001)(39410400002)(39860400002)(39850400002)(39450400003)(39840400002)(39400400002)(24454002)(42186005)(189998001)(230700001)(23746002)(3846002)(6116002)(8676002)(81166006)(2906002)(33646002)(83506001)(6666003)(50986999)(50466002)(76176999)(54356999)(226693001)(25786009)(53546009)(6486002)(90366009)(77096006)(305945005)(36756003)(66066001)(65956001)(65806001)(2950100002)(64126003)(7736002)(38730400002)(47776003)(6246003)(6306002)(5660300001)(4001350100001)(93886004)(229853002)(86362001)(65826007)(31696002)(31686004)(53936002);DIR:OUT;SFP:1102;SCL:1;SRVR:HE1PR0701MB2362;H:[10.144.182.168];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;HE1PR0701MB2362;23:uCUKC2oip4YLOWsBfW9FIJFv0mIN+/VGnHF?= =?Windows-1252?Q?q5VGmUevS8aXICjDHKiGlytkx0TYBUf4rNb+OgbBTQKL/F18OmWW2yUW?= =?Windows-1252?Q?hU9xhV4l83aUqEQIi+E9zZwrz3lC6TnFksC/36nYS0Lmau796bYcYVvW?= =?Windows-1252?Q?4w7irnm6KLiIbJ0rAQ+9ddfRIPw4Snlxg4RbkhyWKvfresy3+0ZSLGYi?= =?Windows-1252?Q?ae+4ntNO8rqc0xDf2ROYgxQaNH16jPmfKH0o7h2Ow6kvqhjmAdtn1ptc?= =?Windows-1252?Q?vZWXasp37TDEIFsKUc2TaVNhVES6FDW1T7TBTEs/5zziyO4YHn6RA/Jh?= =?Windows-1252?Q?UhYIyaeKLgs9m8RNK+naBBCAyNU5OjCV2TKayi2wVdUY/ckrdfxSHJ8D?= =?Windows-1252?Q?htaPl7YkpOCZOrWEM6YP7XqqRSEmee5/BUuvXc3hcLneOFCqWQ+mDEx/?= =?Windows-1252?Q?MP6bPLxc2VEsbPrvWKh8Jpod+nK2e75QQvOUxUd3Xzh3m48evuPrNHVD?= =?Windows-1252?Q?T41H/GuAiTz9D0CBR1I1Pmz3a8UxV+GUIfvxgTcjHR38vjxCJ73kxQdw?= =?Windows-1252?Q?ygpRvDqSC049MJn43Kc9hbfX/AV2FwmXGP+VEID4WQ4P8CjbSIxGw0+L?= =?Windows-1252?Q?4SvZdpmEwBEMIw35WI4TPg3h+WKzX1JOWRMzrCcyfPpxH/0QDClFmXrO?= =?Windows-1252?Q?uIlIj6Jeo+cajigSNoxbHamAJd6abmQfXZndt0DgmvBtfEbfMLDIYgOb?= =?Windows-1252?Q?47kG62ljckAKWneScKkXSMzEtLOMyhkHERuckUrrwReX/kgftJT/+Ix/?= =?Windows-1252?Q?g6/jYhKJ0jVufb7AbC9AjfKO7okY/1vZxMXteQtUKITEVB5IZM2T4a5s?= =?Windows-1252?Q?9EeOLeJUtNhf1h/R6W3iX0wBLfNeQfmHFvRJartIHJctEs/Z2l0IqnsO?= =?Windows-1252?Q?xStgUdx35GvUr44y78CLyT7L/3VG/TsM5udL4YQLi2JTEPfdXq6+brMd?= =?Windows-1252?Q?11mJokxU8vgJwGfWZqtTZ5cMwyW8zsEpe7Y9zghaGHO/+w7bLPzA0Ehy?= =?Windows-1252?Q?2Mv7bCM+jZ3KkBf6EvC4Ej2UUjf+2DHbnGg2wx0BJNpfpnJmelsfZDAW?= =?Windows-1252?Q?31qlsomFIIV0Ses6fYxHGafK99WJEFyhwU6z7IB9bLsF6NSBdEutG8sQ?= =?Windows-1252?Q?Ko98dIOeYW8iBtcx4etsRnGyxtytRK6bALqW/gaNkYO12qKFtZ0wo1jg?= =?Windows-1252?Q?uPIAn1BX+3nJzyeH4+UI/9/a55Bgz3iZH69KCTzKD/D7KHeC+sCPcokC?= =?Windows-1252?Q?34z4o/RFXVhCeeHN5xApYaNY4wL1lbfItwgSROCmh8n1wjsGOHlfXEt3?= =?Windows-1252?Q?e84xbEKIXk5w4Ln+bc9chVC9g3lUzyyLvrewnVrr7ZG5FoQUCpz+0Vss?= =?Windows-1252?Q?=3D?= X-Microsoft-Exchange-Diagnostics: 1;HE1PR0701MB2362;6:G0/NXw31K6NZbJMQVyY28t6lbXSfB8oWERuHhUKiEnhzfVGwq/aKEHXFVRvtKJuyy3x+vT2MOX1DmqLmAODGRp0lLnPx06gTIGzFcMYAu5W588UhIpAj+SiCPrDEEcGJH+PTSjNpRW3HMhcLJd1G/glT+ACRct6o5FEycGeube1KIeBv/cPPlGk2TclT/TYKRuICPIlEHdD1cxsGDppDGNS+w0xOLskd/EQqFXC1qKmJOIihPEHU1BQVQ4pKK0qv8aURK4qoiokEcejJ+G0H9cnyu8ic9Z5DIDQsRJ5LUxrZqP07UpoXTrYBNpYSB8X9ssB0Y1a1TR4WFOvL4dlryK4/xFrH6Hk8zeiQS29QVD+WHUMx1Y6LxjpXGagySCdAsl49HEo4gaMpv5EOXUf/L4mhJyZQ5H2gcyrnZoZuWlY=;5:TPuWONAodCp9WGqYclvaoOIq2UKe9LCPVWDPCaUTPLNz+n4uk+mzRfMkpbRffa3iweXxZe8iVJ+VYun+f+pO7BP8TXc5yz7kwBcfNFzaOKFbkxco09ktrfwo2YZJJVdz1m2VRLSXOy/oFtemkEY2uQ==;24:FpuJCjY0ykkR1BjnTVbiPuyyW4IE6lf57ZboFpSrk5pLHk84kWVg1ldS03d+NSsOJCaU2+2RQ5y6fxHjxELL5KKgt0hKit6Hx0HmGqc7Dds= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;HE1PR0701MB2362;7:73Sk/+KbXKqYRJ9uAJdIMbC7tQgXdhPD4CiY+PyuNbffX4RbX/m1YgOP+tYBocpHNidTEOq6G5pkL4MKF+acJtIq+Av/v4gIUdu6WQT9h7qKXF6aBYdyrJ014/8wPNhxhMwsFN1BXSNTac6nD0yldFaPzW8B7zRPrK9AY/jABxerA4NULc3xv24oKmSuVm0ifn76EKg/ssr1YF9QY1PVAXUTgrjNPjtuT58J+itKJUqiyme4toc/YAU9ssDNgjgXs9P39OKtAmXy73zNtF6lJ7lw5l6QitkwS5ODmv/soiCSZDNqGgIzaL0u/fSvK/U0VyRE9z5o3CcsxnaqqkBwqw== X-OriginatorOrg: nokia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Mar 2017 06:59:49.7702 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2362 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3846 Lines: 126 On 31.03.2017 08:40, Tommi Rantala wrote: >> The only thing that I can think of would be a rogue ptr in the bios >> table, but that seems unlikely. Tommi, can you put strace of x86info >> -mp somewhere? >> That will confirm/deny whether we're at least asking the kernel to do >> sane things. > > Indeed the bug happens when reading from /dev/mem: > > https://pastebin.com/raw/ZEJGQP1X > > # strace -f -y x86info -mp > [...] > open("/dev/mem", O_RDONLY) = 3 > lseek(3, 1038, SEEK_SET) = 1038 > read(3, "\300\235", 2) = 2 > lseek(3, 646144, SEEK_SET) = 646144 > read(3, > "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., > 1024) = 1024 > lseek(3, 1043, SEEK_SET) = 1043 > read(3, "w\2", 2) = 2 > lseek(3, 645120, SEEK_SET) = 645120 > read(3, > "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., > 1024) = 1024 > lseek(3, 654336, SEEK_SET) = 654336 > read(3, > "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., > 1024) = 1024 > lseek(3, 983040, SEEK_SET) = 983040 > read(3, > "IFE$\245S\0\0\1\0\0\0\0\360y\0\0\360\220\260\30\237{=\23\10\17\0000\276\17\0"..., > 65536) = 65536 > lseek(3, 917504, SEEK_SET) = 917504 > read(3, > "\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377"..., > 65536) = 65536 > lseek(3, 524288, SEEK_SET) = 524288 > read(3, ) = ? > +++ killed by SIGSEGV +++ That last read is done in mptable.c:347, trying to read GROPE_AREA1. # ./x86info --debug x86info v1.31pre get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 0 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 1 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 2 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 3 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 0 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 1 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 2 get_intel_topology: Siblings: 2 Physical Processor ID: 0 Processor Core ID: 3 Found 8 identical CPUs EBDA points to: 9dc0 EBDA segment ptr: 9dc00 Segmentation fault If I comment out the GROPE_AREA1 read, the same kernel bug still happens with the GROPE_AREA2 read. Removing both GROPE_AREA1 and GROPE_AREA2 reads avoids the crash: $ git diff diff --git a/mptable.c b/mptable.c index 480f19b..00fff35 100644 --- a/mptable.c +++ b/mptable.c @@ -342,6 +342,7 @@ static int apic_probe(unsigned long* paddr) } /* search additional memory */ + /* target = GROPE_AREA1; seekEntry(target); if (readEntry(buffer, GROPE_SIZE)) { @@ -371,6 +372,7 @@ static int apic_probe(unsigned long* paddr) return 6; } } + */ *paddr = (unsigned long)0; return 0; # ./x86info -mp x86info v1.31pre Found 8 identical CPUs Extended Family: 0 Extended Model: 5 Family: 6 Model: 94 Stepping: 3 Type: 0 (Original OEM) CPU Model (x86info's best guess): Unknown model. Processor name string (BIOS programmed): Intel(R) Core(TM) i7-6820HQ CPU @ 2.70GHz Total processor threads: 8 This system has 1 quad-core processor with hyper-threading (2 threads per core) running at an estimated 2.70GHz # -Tommi