Re: [PATCH v1 1/6] params: Use sysfs_emit() to instead of scnprintf()
From: kernel test robot
Date: Thu Sep 21 2023 - 12:59:27 EST
Hello,
kernel test robot noticed "WARNING:at_fs/sysfs/file.c:#sysfs_emit" on:
commit: d4004295e5502a1eb3e361e97ea4dd1686046af6 ("[PATCH v1 1/6] params: Use sysfs_emit() to instead of scnprintf()")
url: https://github.com/intel-lab-lkp/linux/commits/Andy-Shevchenko/params-Introduce-the-param_unknown_fn-type/20230912-231033
base: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git 0bb80ecc33a8fb5a682236443c1e740d5c917d1d
patch link: https://lore.kernel.org/all/20230912150551.401537-1-andriy.shevchenko@xxxxxxxxxxxxxxx/
patch subject: [PATCH v1 1/6] params: Use sysfs_emit() to instead of scnprintf()
in testcase: trinity
version: trinity-i386-abe9de86-1_20230429
with following parameters:
runtime: 300s
group: group-04
nr_groups: 5
test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
what we observed is this issue doesn't always happen. we run the test upon
this commit almost 500 times, it happened 42 times.
however, the parent keeps clean.
v6.6-rc1 d4004295e5502a1eb3e361e97ea
---------------- ---------------------------
fail:runs %reproduction fail:runs
| | |
:497 8% 42:496 dmesg.EIP:sysfs_emit
:497 8% 42:496 dmesg.WARNING:at_fs/sysfs/file.c:#sysfs_emit
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202309211632.67e4c1e0-oliver.sang@xxxxxxxxx
[ 243.129633][ T4012] ------------[ cut here ]------------
[ 243.130401][ T4012] invalid sysfs_emit: buf:94f9d7f6
[ 243.130980][ T4012] WARNING: CPU: 1 PID: 4012 at fs/sysfs/file.c:734 sysfs_emit (fs/sysfs/file.c:734)
[ 243.131846][ T4012] Modules linked in: rtc_cmos aesni_intel evbug parport_pc qemu_fw_cfg
[ 243.132786][ T4012] CPU: 1 PID: 4012 Comm: trinity-c5 Not tainted 6.6.0-rc1-00001-gd4004295e550 #1
[ 243.133731][ T4012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 243.134826][ T4012] EIP: sysfs_emit (fs/sysfs/file.c:734)
[ 243.135330][ T4012] Code: 5b 5e 5f 5d 31 d2 31 c9 c3 3e 8d 74 26 00 55 89 e5 8b 45 08 85 c0 74 07 a9 ff 0f 00 00 74 13 50 68 f9 89 e2 c1 e8 6e ce e0 ff <0f> 0b 59 58 31 c0 eb 12 8d 55 10 52 8b 4d 0c ba 00 10 00 00 e8 01
All code
========
0: 5b pop %rbx
1: 5e pop %rsi
2: 5f pop %rdi
3: 5d pop %rbp
4: 31 d2 xor %edx,%edx
6: 31 c9 xor %ecx,%ecx
8: c3 ret
9: 3e 8d 74 26 00 ds lea 0x0(%rsi,%riz,1),%esi
e: 55 push %rbp
f: 89 e5 mov %esp,%ebp
11: 8b 45 08 mov 0x8(%rbp),%eax
14: 85 c0 test %eax,%eax
16: 74 07 je 0x1f
18: a9 ff 0f 00 00 test $0xfff,%eax
1d: 74 13 je 0x32
1f: 50 push %rax
20: 68 f9 89 e2 c1 push $0xffffffffc1e289f9
25: e8 6e ce e0 ff call 0xffffffffffe0ce98
2a:* 0f 0b ud2 <-- trapping instruction
2c: 59 pop %rcx
2d: 58 pop %rax
2e: 31 c0 xor %eax,%eax
30: eb 12 jmp 0x44
32: 8d 55 10 lea 0x10(%rbp),%edx
35: 52 push %rdx
36: 8b 4d 0c mov 0xc(%rbp),%ecx
39: ba 00 10 00 00 mov $0x1000,%edx
3e: e8 .byte 0xe8
3f: 01 .byte 0x1
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 59 pop %rcx
3: 58 pop %rax
4: 31 c0 xor %eax,%eax
6: eb 12 jmp 0x1a
8: 8d 55 10 lea 0x10(%rbp),%edx
b: 52 push %rdx
c: 8b 4d 0c mov 0xc(%rbp),%ecx
f: ba 00 10 00 00 mov $0x1000,%edx
14: e8 .byte 0xe8
15: 01 .byte 0x1
[ 243.137360][ T4012] EAX: 00000000 EBX: c1aa8260 ECX: 00000000 EDX: 00000000
[ 243.138145][ T4012] ESI: 00000002 EDI: 00000001 EBP: eb36be20 ESP: eb36be18
[ 243.138905][ T4012] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00010246
[ 243.139712][ T4012] CR0: 80050033 CR2: 00000004 CR3: 2b263000 CR4: 00040690
[ 243.142408][ T4012] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 243.143135][ T4012] DR6: fffe0ff0 DR7: 00000400
[ 243.143614][ T4012] Call Trace:
[ 243.143991][ T4012] ? show_regs (arch/x86/kernel/dumpstack.c:479 arch/x86/kernel/dumpstack.c:465)
[ 243.144451][ T4012] ? sysfs_emit (fs/sysfs/file.c:734)
[ 243.144908][ T4012] ? __warn (kernel/panic.c:673)
[ 243.145339][ T4012] ? report_bug (lib/bug.c:201 lib/bug.c:219)
[ 243.145854][ T4012] ? sysfs_emit (fs/sysfs/file.c:734)
[ 243.146345][ T4012] ? exc_overflow (arch/x86/kernel/traps.c:250)
[ 243.146841][ T4012] ? handle_bug (arch/x86/kernel/traps.c:237)
[ 243.147327][ T4012] ? exc_invalid_op (arch/x86/kernel/traps.c:258 (discriminator 1))
[ 243.147820][ T4012] ? handle_exception (arch/x86/entry/entry_32.S:1049)
[ 243.148398][ T4012] ? rwlock_bug (kernel/locking/spinlock_debug.c:147)
[ 243.148866][ T4012] ? exc_overflow (arch/x86/kernel/traps.c:250)
[ 243.149344][ T4012] ? sysfs_emit (fs/sysfs/file.c:734)
[ 243.149806][ T4012] ? exc_overflow (arch/x86/kernel/traps.c:250)
[ 243.150299][ T4012] ? sysfs_emit (fs/sysfs/file.c:734)
[ 243.150759][ T4012] param_get_int (kernel/params.c:239)
[ 243.151232][ T4012] param_array_get (kernel/params.c:485)
[ 243.151757][ T4012] param_attr_show (kernel/params.c:568)
[ 243.152295][ T4012] ? param_attr_store (kernel/params.c:560)
[ 243.152814][ T4012] ? func_ptr_is_kernel_text (kernel/params.c:890)
[ 243.153400][ T4012] module_attr_show (kernel/params.c:903)
[ 243.153930][ T4012] sysfs_kf_seq_show (fs/sysfs/file.c:60)
[ 243.154456][ T4012] kernfs_seq_show (fs/kernfs/file.c:206)
[ 243.154966][ T4012] seq_read_iter (fs/seq_file.c:230)
[ 243.155453][ T4012] ? fsnotify_perm+0x3b/0x40
[ 243.156039][ T4012] kernfs_fop_read_iter (fs/kernfs/file.c:279)
[ 243.156570][ T4012] call_read_iter+0x12/0x19
[ 243.157109][ T4012] vfs_read (fs/read_write.c:389 fs/read_write.c:470)
[ 243.157571][ T4012] ksys_read (fs/read_write.c:613)
[ 243.160726][ T4012] __ia32_sys_read (fs/read_write.c:621)
[ 243.161225][ T4012] do_int80_syscall_32 (arch/x86/entry/common.c:112 arch/x86/entry/common.c:132)
[ 243.161784][ T4012] entry_INT80_32 (arch/x86/entry/entry_32.S:944)
[ 243.162309][ T4012] EIP: 0xb7f8e092
[ 243.162720][ T4012] Code: 00 00 00 e9 90 ff ff ff ff a3 24 00 00 00 68 30 00 00 00 e9 80 ff ff ff ff a3 f8 ff ff ff 66 90 00 00 00 00 00 00 00 00 cd 80 <c3> 8d b4 26 00 00 00 00 8d b6 00 00 00 00 8b 1c 24 c3 8d b4 26 00
All code
========
0: 00 00 add %al,(%rax)
2: 00 e9 add %ch,%cl
4: 90 nop
5: ff (bad)
6: ff (bad)
7: ff (bad)
8: ff a3 24 00 00 00 jmp *0x24(%rbx)
e: 68 30 00 00 00 push $0x30
13: e9 80 ff ff ff jmp 0xffffffffffffff98
18: ff a3 f8 ff ff ff jmp *-0x8(%rbx)
1e: 66 90 xchg %ax,%ax
...
28: cd 80 int $0x80
2a:* c3 ret <-- trapping instruction
2b: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
32: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
38: 8b 1c 24 mov (%rsp),%ebx
3b: c3 ret
3c: 8d .byte 0x8d
3d: b4 26 mov $0x26,%ah
...
Code starting with the faulting instruction
===========================================
0: c3 ret
1: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
8: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
e: 8b 1c 24 mov (%rsp),%ebx
11: c3 ret
12: 8d .byte 0x8d
13: b4 26 mov $0x26,%ah
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20230921/202309211632.67e4c1e0-oliver.sang@xxxxxxxxx
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki