From: Mirsad Todorovac <mirsad.todorovac@alu.unizg.hr>
To: x86@kernel.org
Cc: Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
linux-kernel@vger.kernel.org, Fuad Tabba <tabba@google.com>,
Marc Zyngier <maz@kernel.org>,
Shaoqin Huang <shahuang@redhat.com>,
David Matlack <dmatlack@google.com>,
Josh Poimboeuf <jpoimboe@kernel.org>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Breno Leitao <leitao@debian.org>,
kvm@vger.kernel.org
Subject: [BUG net-next] arch/x86/kernel/cpu/bugs.c:2935: "Unpatched return thunk in use. This should not happen!" [STACKTRACE]
Date: Mon, 18 Mar 2024 20:47:26 +0100 [thread overview]
Message-ID: <1d10cd73-2ae7-42d5-a318-2f9facc42bbe@alu.unizg.hr> (raw)
Hi,
With the latest net-next v6.8-5204-g237bb5f7f7f5 kernel, while running kselftest, there was this
trap and stacktrace:
This is a vanilla net-next tree kernel, only changes to tools/testing/sefltests Makefile make the
build mark it as "dirty".
The message was apparently introduced with this patch: https://lore.kernel.org/lkml/20240207185328.GEZcPRqPsNInRXyNMj@fat_crate.local/
Here is the stacktrace:
Mar 18 19:46:35 defiant kernel: [ 1859.134913] ------------[ cut here ]------------
Mar 18 19:46:35 defiant kernel: [ 1859.134916] Unpatched return thunk in use. This should not happen!
Mar 18 19:46:35 defiant kernel: [ 1859.134919] WARNING: CPU: 30 PID: 80103 at arch/x86/kernel/cpu/bugs.c:2935 __warn_thunk (/home/marvin/linux/kernel/net-next/arch/x86/kernel/cpu/bugs.c:2935 (discriminator 3))
Mar 18 19:46:35 defiant kernel: [ 1859.134925] Modules linked in: ir_rcmm_decoder ir_imon_decoder ir_sharp_decoder ir_rc6_decoder ir_sanyo_decoder ir_nec_decoder ir_sony_decoder ir_jvc_decoder ir_rc5_decoder rc_loopback gpio_sim macvlan act_gact cls_flower sch_ingress bridge stp llc bonding tls xfrm_user nf_tables nfnetlink nvme_fabrics binfmt_misc amd_atl intel_rapl_msr nls_iso8859_1 intel_rapl_common snd_hda_codec_realtek snd_hda_codec_generic amdgpu snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec snd_hda_core snd_hwdep snd_pcm edac_mce_amd crct10dif_pclmul polyval_clmulni snd_seq_midi polyval_generic snd_seq_midi_event ghash_clmulni_intel sha512_ssse3 amdxcp sha256_ssse3 snd_rawmidi drm_exec sha1_ssse3 gpu_sched aesni_intel drm_buddy drm_suballoc_helper crypto_simd drm_ttm_helper cryptd snd_seq ttm joydev snd_seq_device rapl input_leds drm_display_helper snd_timer cec snd wmi_bmof drm_kms_helper k10temp ccp soundcore i2c_algo_bit mac_hid tcp_bbr sch_fq msr parport_pc ppdev lp parport fuse drm efi_pstore ip_tables
Mar 18 19:46:35 defiant kernel: [ 1859.134985] x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c hid_generic nvme nvme_core ahci i2c_piix4 crc32_pclmul r8169 nvme_auth xhci_pci libahci xhci_pci_renesas realtek video wmi gpio_amdpt [last unloaded: gpio_mockup]
Mar 18 19:46:35 defiant kernel: [ 1859.135002] CPU: 30 PID: 80103 Comm: cpuid_test Not tainted 6.8.0-net-next-km-05204-g237bb5f7f7f5-dirty #3
Mar 18 19:46:35 defiant kernel: [ 1859.135004] Hardware name: ASRock X670E PG Lightning/X670E PG Lightning, BIOS 1.21 04/26/2023
Mar 18 19:46:35 defiant kernel: [ 1859.135005] RIP: 0010:__warn_thunk (/home/marvin/linux/kernel/net-next/arch/x86/kernel/cpu/bugs.c:2935 (discriminator 3))
Mar 18 19:46:35 defiant kernel: [ 1859.135008] Code: 50 9b 0f 01 83 e3 01 74 0e 48 8b 5d f8 c9 31 f6 31 ff e9 0e 9f 3b 01 48 c7 c7 28 62 1d b9 c6 05 f2 d6 6b 02 01 e8 60 af 07 00 <0f> 0b 48 8b 5d f8 c9 31 f6 31 ff e9 eb 9e 3b 01 90 90 90 90 90 90
All code
========
0: 50 push %rax
1: 9b fwait
2: 0f 01 83 e3 01 74 0e sgdt 0xe7401e3(%rbx)
9: 48 8b 5d f8 mov -0x8(%rbp),%rbx
d: c9 leave
e: 31 f6 xor %esi,%esi
10: 31 ff xor %edi,%edi
12: e9 0e 9f 3b 01 jmp 0x13b9f25
17: 48 c7 c7 28 62 1d b9 mov $0xffffffffb91d6228,%rdi
1e: c6 05 f2 d6 6b 02 01 movb $0x1,0x26bd6f2(%rip) # 0x26bd717
25: e8 60 af 07 00 call 0x7af8a
2a:* 0f 0b ud2 <-- trapping instruction
2c: 48 8b 5d f8 mov -0x8(%rbp),%rbx
30: c9 leave
31: 31 f6 xor %esi,%esi
33: 31 ff xor %edi,%edi
35: e9 eb 9e 3b 01 jmp 0x13b9f25
3a: 90 nop
3b: 90 nop
3c: 90 nop
3d: 90 nop
3e: 90 nop
3f: 90 nop
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 48 8b 5d f8 mov -0x8(%rbp),%rbx
6: c9 leave
7: 31 f6 xor %esi,%esi
9: 31 ff xor %edi,%edi
b: e9 eb 9e 3b 01 jmp 0x13b9efb
10: 90 nop
11: 90 nop
12: 90 nop
13: 90 nop
14: 90 nop
15: 90 nop
Mar 18 19:46:35 defiant kernel: [ 1859.135009] RSP: 0018:ffffb9f8c652bc70 EFLAGS: 00010046
Mar 18 19:46:35 defiant kernel: [ 1859.135011] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
Mar 18 19:46:35 defiant kernel: [ 1859.135012] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
Mar 18 19:46:35 defiant kernel: [ 1859.135013] RBP: ffffb9f8c652bc78 R08: 0000000000000000 R09: 0000000000000000
Mar 18 19:46:35 defiant kernel: [ 1859.135014] R10: 0000000000000000 R11: 0000000000000000 R12: ffff998e369f1c78
Mar 18 19:46:35 defiant kernel: [ 1859.135015] R13: 0000000000000000 R14: 0000000000000000 R15: ffff998e369f23f8
Mar 18 19:46:35 defiant kernel: [ 1859.135016] FS: 000071f68c680740(0000) GS:ffff999b18900000(0000) knlGS:0000000000000000
Mar 18 19:46:35 defiant kernel: [ 1859.135017] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Mar 18 19:46:35 defiant kernel: [ 1859.135018] CR2: 0000000000000000 CR3: 000000032c828000 CR4: 0000000000f50ef0
Mar 18 19:46:35 defiant kernel: [ 1859.135019] PKRU: 55555554
Mar 18 19:46:35 defiant kernel: [ 1859.135020] Call Trace:
Mar 18 19:46:35 defiant kernel: [ 1859.135021] <TASK>
Mar 18 19:46:35 defiant kernel: [ 1859.135022] ? show_regs (/home/marvin/linux/kernel/net-next/arch/x86/kernel/dumpstack.c:479)
Mar 18 19:46:35 defiant kernel: [ 1859.135026] ? __warn_thunk (/home/marvin/linux/kernel/net-next/arch/x86/kernel/cpu/bugs.c:2935 (discriminator 3))
Mar 18 19:46:35 defiant kernel: [ 1859.135028] ? __warn (/home/marvin/linux/kernel/net-next/kernel/panic.c:677)
Mar 18 19:46:35 defiant kernel: [ 1859.135030] ? __warn_thunk (/home/marvin/linux/kernel/net-next/arch/x86/kernel/cpu/bugs.c:2935 (discriminator 3))
Mar 18 19:46:35 defiant kernel: [ 1859.135032] ? report_bug (/home/marvin/linux/kernel/net-next/lib/bug.c:201 /home/marvin/linux/kernel/net-next/lib/bug.c:219)
Mar 18 19:46:35 defiant kernel: [ 1859.135036] ? irq_work_queue (/home/marvin/linux/kernel/net-next/kernel/irq_work.c:119)
Mar 18 19:46:35 defiant kernel: [ 1859.135040] ? handle_bug (/home/marvin/linux/kernel/net-next/arch/x86/kernel/traps.c:218)
Mar 18 19:46:35 defiant kernel: [ 1859.135043] ? exc_invalid_op (/home/marvin/linux/kernel/net-next/arch/x86/kernel/traps.c:260 (discriminator 1))
Mar 18 19:46:35 defiant kernel: [ 1859.135045] ? asm_exc_invalid_op (/home/marvin/linux/kernel/net-next/./arch/x86/include/asm/idtentry.h:621)
Mar 18 19:46:35 defiant kernel: [ 1859.135050] ? __warn_thunk (/home/marvin/linux/kernel/net-next/arch/x86/kernel/cpu/bugs.c:2935 (discriminator 3))
Mar 18 19:46:35 defiant kernel: [ 1859.135053] warn_thunk_thunk (/home/marvin/linux/kernel/net-next/arch/x86/entry/entry.S:48)
Mar 18 19:46:35 defiant kernel: [ 1859.135057] svm_vcpu_enter_exit (/home/marvin/linux/kernel/net-next/./include/linux/kvm_host.h:543 /home/marvin/linux/kernel/net-next/arch/x86/kvm/svm/svm.c:4115)
Mar 18 19:46:35 defiant kernel: [ 1859.135059] svm_vcpu_run (/home/marvin/linux/kernel/net-next/./arch/x86/include/asm/cpufeature.h:171 /home/marvin/linux/kernel/net-next/arch/x86/kvm/svm/svm.c:4182)
Mar 18 19:46:35 defiant kernel: [ 1859.135062] kvm_arch_vcpu_ioctl_run (/home/marvin/linux/kernel/net-next/arch/x86/kvm/x86.c:10981 /home/marvin/linux/kernel/net-next/arch/x86/kvm/x86.c:11184 /home/marvin/linux/kernel/net-next/arch/x86/kvm/x86.c:11410)
Mar 18 19:46:35 defiant kernel: [ 1859.135065] ? call_rcu (/home/marvin/linux/kernel/net-next/kernel/rcu/tree.c:2839)
Mar 18 19:46:35 defiant kernel: [ 1859.135068] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135070] ? put_object (/home/marvin/linux/kernel/net-next/mm/kmemleak.c:549)
Mar 18 19:46:35 defiant kernel: [ 1859.135074] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135076] ? kmemleak_free (/home/marvin/linux/kernel/net-next/mm/kmemleak.c:1109)
Mar 18 19:46:35 defiant kernel: [ 1859.135078] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135080] kvm_vcpu_ioctl (/home/marvin/linux/kernel/net-next/arch/x86/kvm/../../../virt/kvm/kvm_main.c:4447)
Mar 18 19:46:35 defiant kernel: [ 1859.135083] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135085] ? kvm_vcpu_ioctl (/home/marvin/linux/kernel/net-next/arch/x86/kvm/../../../virt/kvm/kvm_main.c:4610)
Mar 18 19:46:35 defiant kernel: [ 1859.135087] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135089] ? do_syscall_64 (/home/marvin/linux/kernel/net-next/./arch/x86/include/asm/cpufeature.h:171 /home/marvin/linux/kernel/net-next/arch/x86/entry/common.c:98)
Mar 18 19:46:35 defiant kernel: [ 1859.135092] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135093] ? trace_hardirqs_on (/home/marvin/linux/kernel/net-next/kernel/trace/trace_preemptirq.c:58)
Mar 18 19:46:35 defiant kernel: [ 1859.135097] __x64_sys_ioctl (/home/marvin/linux/kernel/net-next/fs/ioctl.c:51 /home/marvin/linux/kernel/net-next/fs/ioctl.c:904 /home/marvin/linux/kernel/net-next/fs/ioctl.c:890 /home/marvin/linux/kernel/net-next/fs/ioctl.c:890)
Mar 18 19:46:35 defiant kernel: [ 1859.135101] do_syscall_64 (/home/marvin/linux/kernel/net-next/arch/x86/entry/common.c:52 /home/marvin/linux/kernel/net-next/arch/x86/entry/common.c:83)
Mar 18 19:46:35 defiant kernel: [ 1859.135103] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135105] ? do_syscall_64 (/home/marvin/linux/kernel/net-next/./arch/x86/include/asm/cpufeature.h:171 /home/marvin/linux/kernel/net-next/arch/x86/entry/common.c:98)
Mar 18 19:46:35 defiant kernel: [ 1859.135106] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135108] ? irqentry_exit (/home/marvin/linux/kernel/net-next/kernel/entry/common.c:361)
Mar 18 19:46:35 defiant kernel: [ 1859.135110] ? srso_alias_return_thunk (/home/marvin/linux/kernel/net-next/arch/x86/lib/retpoline.S:181)
Mar 18 19:46:35 defiant kernel: [ 1859.135112] ? exc_page_fault (/home/marvin/linux/kernel/net-next/arch/x86/mm/fault.c:1567)
Mar 18 19:46:35 defiant kernel: [ 1859.135114] entry_SYSCALL_64_after_hwframe (/home/marvin/linux/kernel/net-next/arch/x86/entry/entry_64.S:129)
Mar 18 19:46:35 defiant kernel: [ 1859.135115] RIP: 0033:0x71f68c51a94f
Mar 18 19:46:35 defiant kernel: [ 1859.135135] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00
All code
========
0: 00 48 89 add %cl,-0x77(%rax)
3: 44 24 18 rex.R and $0x18,%al
6: 31 c0 xor %eax,%eax
8: 48 8d 44 24 60 lea 0x60(%rsp),%rax
d: c7 04 24 10 00 00 00 movl $0x10,(%rsp)
14: 48 89 44 24 08 mov %rax,0x8(%rsp)
19: 48 8d 44 24 20 lea 0x20(%rsp),%rax
1e: 48 89 44 24 10 mov %rax,0x10(%rsp)
23: b8 10 00 00 00 mov $0x10,%eax
28: 0f 05 syscall
2a:* 41 89 c0 mov %eax,%r8d <-- trapping instruction
2d: 3d 00 f0 ff ff cmp $0xfffff000,%eax
32: 77 1f ja 0x53
34: 48 8b 44 24 18 mov 0x18(%rsp),%rax
39: 64 fs
3a: 48 rex.W
3b: 2b .byte 0x2b
3c: 04 25 add $0x25,%al
3e: 28 00 sub %al,(%rax)
Code starting with the faulting instruction
===========================================
0: 41 89 c0 mov %eax,%r8d
3: 3d 00 f0 ff ff cmp $0xfffff000,%eax
8: 77 1f ja 0x29
a: 48 8b 44 24 18 mov 0x18(%rsp),%rax
f: 64 fs
10: 48 rex.W
11: 2b .byte 0x2b
12: 04 25 add $0x25,%al
14: 28 00 sub %al,(%rax)
Mar 18 19:46:35 defiant kernel: [ 1859.135137] RSP: 002b:00007ffd0f928bd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
Mar 18 19:46:35 defiant kernel: [ 1859.135138] RAX: ffffffffffffffda RBX: 0000000028af2880 RCX: 000071f68c51a94f
Mar 18 19:46:35 defiant kernel: [ 1859.135139] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
Mar 18 19:46:35 defiant kernel: [ 1859.135140] RBP: 000071f68c6806c0 R08: 0000000000000000 R09: 0000000000000001
Mar 18 19:46:35 defiant kernel: [ 1859.135141] R10: 000000000000001f R11: 0000000000000246 R12: 0000000028af2880
Mar 18 19:46:35 defiant kernel: [ 1859.135142] R13: 0000000000000041 R14: 0000000000427e18 R15: 000071f68c6e3040
Mar 18 19:46:35 defiant kernel: [ 1859.135146] </TASK>
Mar 18 19:46:35 defiant kernel: [ 1859.135146] ---[ end trace 0000000000000000 ]---
Hope this helps.
Best regards,
Mirsad Todorovac
next reply other threads:[~2024-03-18 19:47 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-18 19:47 Mirsad Todorovac [this message]
2024-03-18 20:21 ` [BUG net-next] arch/x86/kernel/cpu/bugs.c:2935: "Unpatched return thunk in use. This should not happen!" [STACKTRACE] Borislav Petkov
2024-03-20 1:28 ` Mirsad Todorovac
2024-03-26 10:16 ` Borislav Petkov
2024-03-26 19:15 ` Mirsad Todorovac
2024-03-28 12:38 ` Michael Roth
2024-04-02 10:15 ` bp
2024-04-02 13:38 ` Michael Roth
2024-04-03 12:14 ` Borislav Petkov
2024-04-03 12:48 ` Sean Christopherson
2024-04-04 13:44 ` Borislav Petkov
2024-04-17 15:52 ` Paolo Bonzini
[not found] ` <f497a833-f945-4907-b916-1739324de014@alu.unizg.hr>
2024-04-04 13:41 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1d10cd73-2ae7-42d5-a318-2f9facc42bbe@alu.unizg.hr \
--to=mirsad.todorovac@alu.unizg.hr \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dmatlack@google.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=leitao@debian.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=mingo@redhat.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=shahuang@redhat.com \
--cc=tabba@google.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.