From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 9E0893846079; Fri, 3 May 2024 23:39:49 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 9E0893846079 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1714779589; bh=j9iYHbGdKzJ6BeySq0Ti1mWGW28IwhFLDsrpPE35xQo=; h=From:To:Subject:Date:From; b=A+31koB7zsp1ELDbn41eB0a4zZI5ap16xfHJsAoeJ2bOY36ytQgXehREeq4fCQqSo ib14ANgGbZ71vW7BI9UVF40av6qRMidfq3DZ9pQXNXfjwGx1QcPtHVtxiSKXe7VRG+ 8rt6krnFDJNbYXd4s5Q14/+fiE8Ashuz2DkUBGYk= From: "wcohen at redhat dot com" To: systemtap@sourceware.org Subject: [Bug runtime/31699] New: UBSAN errors for systemtap map functions with Fedora Rawhide and Fedora 39 6.8.8 kernels Date: Fri, 03 May 2024 23:39:49 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: systemtap X-Bugzilla-Component: runtime X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: wcohen at redhat dot com X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: systemtap at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D31699 Bug ID: 31699 Summary: UBSAN errors for systemtap map functions with Fedora Rawhide and Fedora 39 6.8.8 kernels Product: systemtap Version: unspecified Status: NEW Severity: normal Priority: P2 Component: runtime Assignee: systemtap at sourceware dot org Reporter: wcohen at redhat dot com Target Milestone: --- The new Fedora 6.8.8 kernels enable UBSAN* options: $ grep UBSAN /boot/config-6.8.8-200.fc39.x86_64=20 CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=3Dy CONFIG_UBSAN=3Dy # CONFIG_UBSAN_TRAP is not set CONFIG_CC_HAS_UBSAN_BOUNDS_STRICT=3Dy CONFIG_UBSAN_BOUNDS=3Dy CONFIG_UBSAN_BOUNDS_STRICT=3Dy CONFIG_UBSAN_SHIFT=3Dy # CONFIG_UBSAN_DIV_ZERO is not set # CONFIG_UBSAN_BOOL is not set # CONFIG_UBSAN_ENUM is not set # CONFIG_UBSAN_ALIGNMENT is not set CONFIG_UBSAN_SANITIZE_ALL=3Dy # CONFIG_TEST_UBSAN is not set When running the systemtap tests that use map function in the runtime with kernel-6.8.8-200.fc39.x86_64 like the following: sudo make installcheck RUNTESTFLAGS=3D"systemtap.maps/*.exp" Will see UBSAN messages in dmesg output like the following: [ 682.493441] ------------[ cut here ]------------ [ 682.493444] UBSAN: array-index-out-of-bounds in /home/wcohen/systemtap_write/install/share/systemtap/runtime/linux/map_runt= ime.h:111:3 [ 682.493445] index 0 is out of range for type 'hlist_head [*]' [ 682.493447] CPU: 1 PID: 20290 Comm: stapio Tainted: G OE=20=20= =20=20=20 6.8.8-200.fc39.x86_64 #1 [ 682.493449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 04/01/2014 [ 682.493449] Call Trace: [ 682.493451] [ 682.493453] dump_stack_lvl+0x64/0x80 [ 682.493459] __ubsan_handle_out_of_bounds+0x95/0xd0 [ 682.493463] _stp_map_new_ii.constprop.0+0x171/0x280 [stap_879665d1a5a686ace4d39253fe17891_20290] [ 682.493472] _stp_ctl_write_cmd+0xc20/0xf90 [stap_879665d1a5a686ace4d39253fe17891_20290] [ 682.493478] proc_reg_write+0x5a/0xa0 [ 682.493480] vfs_write+0xed/0x470 [ 682.493482] ? __handle_mm_fault+0xba3/0xe50 [ 682.493484] ? mutex_lock+0x12/0x30 [ 682.493486] ksys_write+0x6f/0xf0 [ 682.493488] do_syscall_64+0x83/0x170 [ 682.493490] ? count_memcg_events.constprop.0+0x1a/0x30 [ 682.493491] ? handle_mm_fault+0xa2/0x360 [ 682.493493] ? do_user_addr_fault+0x304/0x690 [ 682.493495] ? clear_bhb_loop+0x55/0xb0 [ 682.493497] ? clear_bhb_loop+0x55/0xb0 [ 682.493498] ? clear_bhb_loop+0x55/0xb0 [ 682.493500] entry_SYSCALL_64_after_hwframe+0x78/0x80 [ 682.493501] RIP: 0033:0x7f0a3c7a8f1d [ 682.493509] Code: e5 48 83 ec 20 48 89 55 e8 48 89 75 f0 89 7d f8 e8 08 = 1b f8 ff 48 8b 55 e8 48 8b 75 f0 41 89 c0 8b 7d f8 b8 01 00 00 00 0f 05 <48> 3= d 00 f0 ff ff 77 33 44 89 c7 48 89 45 f8 e8 5f 1b f8 ff 48 8b [ 682.493511] RSP: 002b:00007ffe6999e8b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 682.493512] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f0a3c7a8f1d [ 682.493514] RDX: 000000000000000c RSI: 00007ffe6999e8e0 RDI: 0000000000000004 [ 682.493515] RBP: 00007ffe6999e8d0 R08: 0000000000000000 R09: 00007ffe6999daa7 [ 682.493516] R10: 0000000000000008 R11: 0000000000000293 R12: 00007ffe6999ed60 [ 682.493516] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe6999ede4 [ 682.493518] [ 682.493518] ---[ end trace ]--- [ 682.493547] stap_879665d1a5a686ace4d39253fe17891_20290 (foreach_limit.st= p): systemtap: 5.1/0.191, base: ffffffffc0b3c000, memory: 32data/52text/21ctx/32870net/225alloc kb, probes: 2 [ 682.493551] ------------[ cut here ]------------ [ 682.493551] UBSAN: array-index-out-of-bounds in /home/wcohen/systemtap_write/install/share/systemtap/runtime/map-gen.c:818:= 21 [ 682.493552] index 217 is out of range for type 'hlist_head [*]' [ 682.493553] CPU: 1 PID: 20290 Comm: stapio Tainted: G OE=20=20= =20=20=20 6.8.8-200.fc39.x86_64 #1 [ 682.493554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 04/01/2014 [ 682.493555] Call Trace: [ 682.493556] [ 682.493556] dump_stack_lvl+0x64/0x80 [ 682.493558] __ubsan_handle_out_of_bounds+0x95/0xd0 [ 682.493561] _stp_map_set_ii+0x1b9/0x1c0 [stap_879665d1a5a686ace4d39253fe17891_20290] [ 682.493567] probe_6382+0x8e/0x25f0 [stap_879665d1a5a686ace4d39253fe17891_20290] [ 682.493573] ? _printk+0x64/0x80 [ 682.493575] enter_be_probe.constprop.0+0x107/0x210 [stap_879665d1a5a686ace4d39253fe17891_20290] [ 682.493580] _stp_ctl_write_cmd+0xd3c/0xf90 [stap_879665d1a5a686ace4d39253fe17891_20290] [ 682.493586] proc_reg_write+0x5a/0xa0 [ 682.493588] vfs_write+0xed/0x470 [ 682.493589] ? __handle_mm_fault+0xba3/0xe50 [ 682.493591] ? mutex_lock+0x12/0x30 [ 682.493592] ksys_write+0x6f/0xf0 [ 682.493594] do_syscall_64+0x83/0x170 [ 682.493595] ? count_memcg_events.constprop.0+0x1a/0x30 [ 682.493597] ? handle_mm_fault+0xa2/0x360 [ 682.493598] ? do_user_addr_fault+0x304/0x690 [ 682.493600] ? clear_bhb_loop+0x55/0xb0 [ 682.493601] ? clear_bhb_loop+0x55/0xb0 [ 682.493603] ? clear_bhb_loop+0x55/0xb0 [ 682.493604] entry_SYSCALL_64_after_hwframe+0x78/0x80 [ 682.493605] RIP: 0033:0x7f0a3c7a8f1d [ 682.493607] Code: e5 48 83 ec 20 48 89 55 e8 48 89 75 f0 89 7d f8 e8 08 = 1b f8 ff 48 8b 55 e8 48 8b 75 f0 41 89 c0 8b 7d f8 b8 01 00 00 00 0f 05 <48> 3= d 00 f0 ff ff 77 33 44 89 c7 48 89 45 f8 e8 5f 1b f8 ff 48 8b [ 682.493608] RSP: 002b:00007ffe6999e8b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 682.493610] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f0a3c7a8f1d [ 682.493610] RDX: 000000000000000c RSI: 00007ffe6999e8e0 RDI: 0000000000000004 [ 682.493611] RBP: 00007ffe6999e8d0 R08: 0000000000000000 R09: 00007ffe6999daa7 [ 682.493612] R10: 0000000000000008 R11: 0000000000000293 R12: 00007ffe6999ed60 [ 682.493613] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffe6999ede4 [ 682.493614] [ 682.493614] ---[ end trace ]--- --=20 You are receiving this mail because: You are the assignee for the bug.=