From: Eric Biggers <ebiggers@kernel.org>
To: Guenter Roeck <linux@roeck-us.net>
Cc: "Jason A . Donenfeld" <Jason@zx2c4.com>,
Ard Biesheuvel <ardb@kernel.org>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] lib/crypto: tests: Annotate worker to be on stack
Date: Thu, 24 Jul 2025 09:26:15 -0700 [thread overview]
Message-ID: <20250724162615.GA26800@sol> (raw)
In-Reply-To: <a534e0ad-35db-45f5-a1c9-9bd34cd3dafd@roeck-us.net>
On Thu, Jul 24, 2025 at 07:19:00AM -0700, Guenter Roeck wrote:
> On Mon, Jul 21, 2025 at 08:16:03PM -0700, Eric Biggers wrote:
> > On Mon, Jul 21, 2025 at 04:19:17PM -0700, Guenter Roeck wrote:
> > > The following warning traceback is seen if object debugging is enabled
> > > with the new crypto test code.
> > >
> > > ODEBUG: object 9000000106237c50 is on stack 9000000106234000, but NOT annotated.
> > > ------------[ cut here ]------------
> > > WARNING: lib/debugobjects.c:655 at lookup_object_or_alloc.part.0+0x19c/0x1f4, CPU#0: kunit_try_catch/468
> > > ...
> > >
> > > This also results in a boot stall when running the code in qemu:loongarch.
> > >
> > > Initializing the worker with INIT_WORK_ONSTACK() fixes the problem.
> > >
> > > Cc: Eric Biggers <ebiggers@kernel.org>
> > > Fixes: 950a81224e8b ("lib/crypto: tests: Add hash-test-template.h and gen-hash-testvecs.py")
> > > Signed-off-by: Guenter Roeck <linux@roeck-us.net>
> > > ---
> > > lib/crypto/tests/hash-test-template.h | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > Applied to https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git/log/?h=libcrypto-next
> >
>
> Unfortunately it turns out that this is insufficient and/or that there
> are more problems. With this patch applied and the ext4 unit test crash
> fixed in next-20250724, I now see the following crash. I'll try to bisect.
>
> Guenter
>
> ---
> [ 9.683061] KTAP version 1
> [ 9.683116] # Subtest: poly1305
> [ 9.683160] # module: poly1305_kunit
> [ 9.683391] 1..12
> [ 9.686210] BUG: unable to handle page fault for address: ffff923a00a09000
> [ 9.686349] #PF: supervisor read access in kernel mode
> [ 9.686399] #PF: error_code(0x0000) - not-present page
> [ 9.686517] PGD 1000067 P4D 1000067 PUD 1291067 PMD 3248067 PTE 0
> [ 9.686694] Oops: Oops: 0000 [#1] SMP PTI
> [ 9.686957] CPU: 0 UID: 0 PID: 565 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250724-00001-ga9d31cee9308 #1 PREEMPT(voluntary)
> [ 9.687093] Tainted: [N]=TEST
> [ 9.687126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
> [ 9.687264] RIP: 0010:poly1305_blocks_avx2+0x47c/0x780
> [ 9.687352] Code: bd f4 f3 c5 bd f4 d4 c5 7a 6f 46 10 c5 25 d4 de c5 1d d4 e2 c5 fd 6f 50 10 c5 b5 f4 f1 c5 35 f4 c8 c5 0d d4 f6 c4 41 15 d4 e9 <c4> 63 3d 38 46 30 01 48 8d 76 40 c5 ed f4 f1 c5 ed f4 d0 c5 b5 73
> [ 9.687509] RSP: 0000:ffff923a009fba00 EFLAGS: 00010202
> [ 9.687565] RAX: ffff923a009fba90 RBX: 0000000000001000 RCX: ffffffffb36df180
> [ 9.687624] RDX: 0000000000000040 RSI: ffff923a00a08fc0 RDI: ffff923a009fbd18
> [ 9.687686] RBP: 0000000000001000 R08: 0000000000000001 R09: 0000000000000000
> [ 9.687744] R10: ffff923a009fbc08 R11: 0ed99de400a62f9c R12: ffff923a00a08000
> [ 9.687801] R13: ffff923a009fbca8 R14: 0000000000000001 R15: 0000000000001000
> [ 9.687881] FS: 0000000000000000(0000) GS:ffff8ad208a1a000(0000) knlGS:0000000000000000
> [ 9.687948] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 9.687998] CR2: ffff923a00a09000 CR3: 000000001e09c000 CR4: 00000000001506f0
> [ 9.688097] Call Trace:
> [ 9.688183] <TASK>
> [ 9.688331] ? __poly1305_init_avx+0x172/0x1f0
> [ 9.688394] ? kernel_fpu_begin_mask+0xa1/0xf0
> [ 9.688442] poly1305_blocks_arch+0x95/0x190
> [ 9.688493] poly1305_update+0x6e/0x150
> [ 9.688534] poly1305+0x5b/0x90
> [ 9.688592] test_hash_test_vectors+0xd1/0x1c0
That's weird. This crash suggests that the Poly1305 assembly code read
past the end of the input data buffer, which is a type of bug the test
is designed to detect. However, I've never gotten this crash when
running the test, even on next-20250724 and even on a CPU that uses the
poly1305_blocks_avx2() code path.
Could you provide your kconfig, in case this is kconfig dependent
somehow?
- Eric
next prev parent reply other threads:[~2025-07-24 16:27 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-21 23:19 [PATCH] lib/crypto: tests: Annotate worker to be on stack Guenter Roeck
2025-07-22 0:05 ` Ard Biesheuvel
2025-07-22 3:16 ` Eric Biggers
2025-07-24 14:19 ` Guenter Roeck
2025-07-24 16:26 ` Eric Biggers [this message]
2025-07-24 17:03 ` Guenter Roeck
2025-07-24 17:36 ` Eric Biggers
2025-07-24 18:29 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250724162615.GA26800@sol \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@roeck-us.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.