[tip:perf/urgent] [perf] 382c27f4ed: WARNING:at_kernel/events/core.c:#__do_sys_perf_event_open

From: kernel test robot
Date: Tue Dec 05 2023 - 09:21:46 EST



Hello,

kernel test robot noticed "WARNING:at_kernel/events/core.c:#__do_sys_perf_event_open" on:

commit: 382c27f4ed28f803b1f1473ac2d8db0afc795a1b ("perf: Fix perf_event_validate_size()")
https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git perf/urgent

[test failed on linux-next/master 5eda217cee887e595ba2265435862d585d399769]

in testcase: trinity
version: trinity-i386-abe9de86-1_20230429
with following parameters:

runtime: 300s
group: group-03
nr_groups: 5

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/


compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)



If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-lkp/202312052248.1270bdba-oliver.sang@xxxxxxxxx


[ 78.338247][ T3537] ------------[ cut here ]------------
[ 78.338606][ T3537] WARNING: CPU: 0 PID: 3537 at kernel/events/core.c:1950 __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.339187][ T3537] Modules linked in: input_leds(E) crc32_pclmul(E) led_class(E) uio_pdrv_genirq(E) uio(E) serio_raw(E) pcspkr(E) qemu_fw_cfg(E) drm(E) drm_panel_orientation_quirks(E) backlight(E) fuse(E) i2c_core(E) configfs(E)
[ 78.340357][ T3537] CPU: 0 PID: 3537 Comm: trinity-main Tainted: G W E N 6.7.0-rc3-00001-g382c27f4ed28 #1
[ 78.340938][ T3537] EIP: __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.341261][ T3537] Code: ff e9 8c fb ff ff 8b 85 48 ff ff ff 83 ca ff 8b 80 c0 01 00 00 89 85 40 ff ff ff 83 c0 68 e8 c6 bd a2 00 48 0f 84 59 fb ff ff <0f> 0b e9 52 fb ff ff 0f 0b 8d b4 26 00 00 00 00 8d 76 00 e9 8a fb
All code
========
0: ff (bad)
1: e9 8c fb ff ff jmp 0xfffffffffffffb92
6: 8b 85 48 ff ff ff mov -0xb8(%rbp),%eax
c: 83 ca ff or $0xffffffff,%edx
f: 8b 80 c0 01 00 00 mov 0x1c0(%rax),%eax
15: 89 85 40 ff ff ff mov %eax,-0xc0(%rbp)
1b: 83 c0 68 add $0x68,%eax
1e: e8 c6 bd a2 00 call 0xa2bde9
23: 48 0f 84 59 fb ff ff rex.W je 0xfffffffffffffb83
2a:* 0f 0b ud2 <-- trapping instruction
2c: e9 52 fb ff ff jmp 0xfffffffffffffb83
31: 0f 0b ud2
33: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
3a: 8d 76 00 lea 0x0(%rsi),%esi
3d: e9 .byte 0xe9
3e: 8a fb mov %bl,%bh

Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: e9 52 fb ff ff jmp 0xfffffffffffffb59
7: 0f 0b ud2
9: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
10: 8d 76 00 lea 0x0(%rsi),%esi
13: e9 .byte 0xe9
14: 8a fb mov %bl,%bh
[ 78.342311][ T3537] EAX: ffffffff EBX: edfce4c0 ECX: 00000000 EDX: 00000000
[ 78.342694][ T3537] ESI: 00000000 EDI: ec542a00 EBP: ec003f80 ESP: ec003ea8
[ 78.343083][ T3537] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010296
[ 78.343496][ T3537] CR0: 80050033 CR2: 00fd103c CR3: 2c684000 CR4: 00040690
[ 78.343918][ T3537] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 78.344304][ T3537] DR6: fffe0ff0 DR7: 00000400
[ 78.344560][ T3537] Call Trace:
[ 78.344744][ T3537] ? show_regs (arch/x86/kernel/dumpstack.c:479)
[ 78.344979][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.345292][ T3537] ? __warn (kernel/panic.c:677)
[ 78.345521][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.345833][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.346146][ T3537] ? report_bug (lib/bug.c:180 lib/bug.c:219)
[ 78.346390][ T3537] ? exc_overflow (arch/x86/kernel/traps.c:250)
[ 78.346640][ T3537] ? handle_bug (arch/x86/kernel/traps.c:237)
[ 78.346884][ T3537] ? exc_invalid_op (arch/x86/kernel/traps.c:258 (discriminator 1))
[ 78.347142][ T3537] ? mark_held_locks (kernel/locking/lockdep.c:4274)
[ 78.347408][ T3537] ? handle_exception (arch/x86/entry/entry_32.S:1049)
[ 78.347690][ T3537] ? trace_options_core_write (kernel/trace/trace.c:9100)
[ 78.348023][ T3537] ? exc_overflow (arch/x86/kernel/traps.c:250)
[ 78.348273][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.348588][ T3537] ? exc_overflow (arch/x86/kernel/traps.c:250)
[ 78.348837][ T3537] ? __do_sys_perf_event_open (kernel/events/core.c:1950 kernel/events/core.c:12655)
[ 78.349151][ T3537] ? perf_prepare_sample (kernel/events/core.c:7875)
[ 78.349470][ T3537] __ia32_sys_perf_event_open (kernel/events/core.c:12388)
[ 78.349776][ T3537] do_int80_syscall_32 (arch/x86/entry/common.c:164 arch/x86/entry/common.c:184)
[ 78.350048][ T3537] entry_INT80_32 (arch/x86/entry/entry_32.S:947)
[ 78.350307][ T3537] EIP: 0xb7f29092
[ 78.350510][ T3537] Code: 00 00 00 e9 90 ff ff ff ff a3 24 00 00 00 68 30 00 00 00 e9 80 ff ff ff ff a3 f8 ff ff ff 66 90 00 00 00 00 00 00 00 00 cd 80 <c3> 8d b4 26 00 00 00 00 8d b6 00 00 00 00 8b 1c 24 c3 8d b4 26 00
All code
========
0: 00 00 add %al,(%rax)
2: 00 e9 add %ch,%cl
4: 90 nop
5: ff (bad)
6: ff (bad)
7: ff (bad)
8: ff a3 24 00 00 00 jmp *0x24(%rbx)
e: 68 30 00 00 00 push $0x30
13: e9 80 ff ff ff jmp 0xffffffffffffff98
18: ff a3 f8 ff ff ff jmp *-0x8(%rbx)
1e: 66 90 xchg %ax,%ax
...
28: cd 80 int $0x80
2a:* c3 ret <-- trapping instruction
2b: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
32: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
38: 8b 1c 24 mov (%rsp),%ebx
3b: c3 ret
3c: 8d .byte 0x8d
3d: b4 26 mov $0x26,%ah
...

Code starting with the faulting instruction
===========================================
0: c3 ret
1: 8d b4 26 00 00 00 00 lea 0x0(%rsi,%riz,1),%esi
8: 8d b6 00 00 00 00 lea 0x0(%rsi),%esi
e: 8b 1c 24 mov (%rsp),%ebx
11: c3 ret
12: 8d .byte 0x8d
13: b4 26 mov $0x26,%ah
...
[ 78.351567][ T3537] EAX: ffffffda EBX: 00fd14c0 ECX: 00000000 EDX: ffffffff
[ 78.351983][ T3537] ESI: ffffffff EDI: 00000008 EBP: b7d54525 ESP: bfe50d08
[ 78.352368][ T3537] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000282
[ 78.352794][ T3537] irq event stamp: 2142597
[ 78.353037][ T3537] hardirqs last enabled at (2142605): console_unlock (arch/x86/include/asm/irqflags.h:26 arch/x86/include/asm/irqflags.h:67 arch/x86/include/asm/irqflags.h:127 kernel/printk/printk.c:341 kernel/printk/printk.c:2706 kernel/printk/printk.c:3038)
[ 78.353522][ T3537] hardirqs last disabled at (2142612): console_unlock (kernel/printk/printk.c:339 kernel/printk/printk.c:2706 kernel/printk/printk.c:3038)
[ 78.354001][ T3537] softirqs last enabled at (2110116): __do_softirq (arch/x86/include/asm/preempt.h:27 kernel/softirq.c:400 kernel/softirq.c:582)
[ 78.354477][ T3537] softirqs last disabled at (2108059): do_softirq_own_stack (arch/x86/kernel/irq_32.c:57 arch/x86/kernel/irq_32.c:147)
[ 78.354983][ T3537] ---[ end trace 0000000000000000 ]---
[ 78.532811][ T3537] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 78.628053][ T3537] can: request_module (can-proto-1) failed.
[ 78.632336][ T3537] can: request_module (can-proto-2) failed.
[ 78.676101][ T3537] can: request_module (can-proto-2) failed.


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231205/202312052248.1270bdba-oliver.sang@xxxxxxxxx



--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki