From: Peter Zijlstra <peterz@infradead.org>
To: Borislav Petkov <bp@suse.de>
Cc: zhouchengming <zhouchengming1@huawei.com>,
mhiramat@kernel.org, ananth@linux.vnet.ibm.com,
anil.s.keshavamurthy@intel.com, davem@davemloft.net,
hpa@zytor.com, tglx@linutronix.de, jkosina@suse.cz,
rostedt@goodmis.org, mjurczyk@google.com, x86@kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] kprobes, x86/alternatives: use text_mutex to protect smp_alt_modules
Date: Fri, 27 Oct 2017 16:15:02 +0200 [thread overview]
Message-ID: <20171027141502.GA3165@worktop.lehotels.local> (raw)
In-Reply-To: <20171027123348.GE1305@nazgul.tnic>
On Fri, Oct 27, 2017 at 02:33:48PM +0200, Borislav Petkov wrote:
> On Fri, Oct 27, 2017 at 07:42:45PM +0800, zhouchengming wrote:
> > This is a real bug happened on one of our machines, below is the calltrace.
> > We can see the trigger is at alternatives_text_reserved+0x20/0x80, and
> > encounter a deleted (poisoned) list_head.
>
> Looks like some out-of-tree, old kernel thing. We don't have
> mlx4_stats_sysfs_create() upstream and looking at the boot timestamps,
> it could be that register_jprobe() is not ready yet.
>
> Looking at the Code, though:
>
> 20: 74 59 je 0x7b
> 22: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
> 29: 00 00
> 2b:* 48 3b 71 20 cmp 0x20(%rcx),%rsi <-- trapping instruction
> 2f: 72 3a jb 0x6b
> 31: 48 3b 79 28 cmp 0x28(%rcx),%rdi
> 35: 77 34 ja 0x6b
>
> %rcx is 0xdead0000000000d0 and that is POISON_POINTER_DELTA + 0xd0 so
> that looks more like smp_alt_modules is not initialized yet but I could
> could very well be wrong because this is an old kernel. So trigger that
> with the upstream kernel without out of tree modules.
Not to mention that we're about (or just have) yanked jprobes out of the
kernel entirely.
next prev parent reply other threads:[~2017-10-27 14:15 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-27 9:34 [PATCH] kprobes, x86/alternatives: use text_mutex to protect smp_alt_modules Zhou Chengming
2017-10-27 11:15 ` Borislav Petkov
2017-10-27 11:42 ` zhouchengming
2017-10-27 12:33 ` Borislav Petkov
2017-10-27 13:30 ` zhouchengming
2017-10-28 8:43 ` Masami Hiramatsu
2017-10-28 9:51 ` zhouchengming
2017-10-27 14:15 ` Peter Zijlstra [this message]
2017-10-28 1:26 ` zhouchengming
2017-10-28 8:44 ` Masami Hiramatsu
2017-10-30 8:03 ` Masami Hiramatsu
2017-10-31 21:59 ` Steven Rostedt
2017-11-01 1:48 ` zhouchengming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171027141502.GA3165@worktop.lehotels.local \
--to=peterz@infradead.org \
--cc=ananth@linux.vnet.ibm.com \
--cc=anil.s.keshavamurthy@intel.com \
--cc=bp@suse.de \
--cc=davem@davemloft.net \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mhiramat@kernel.org \
--cc=mjurczyk@google.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=zhouchengming1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox