lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 19 Jun 2015 10:21:30 -0400 (EDT)
From:	Vince Weaver <vincent.weaver@...ne.edu>
To:	Peter Zijlstra <peterz@...radead.org>
cc:	Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
	Vince Weaver <vincent.weaver@...ne.edu>,
	linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
	Arnaldo Carvalho de Melo <acme@...nel.org>,
	Stephane Eranian <eranian@...il.com>
Subject: Re: perf: aux area related crash and warnings

On Thu, 18 Jun 2015, Peter Zijlstra wrote:

> On Tue, Jun 16, 2015 at 02:37:06PM +0300, Alexander Shishkin wrote:
> > Ok, here's what I propose for this one.
> 
> As discussed yesterday, I think we want to change to how we do reference
> counting for the regular buffers, but that will require quite a bit of
> work.
> 
> For the interim we can avoid the issue by something like the below;
> compile tested only.

I did manage to crash the system with Alexander Shishkin's patch applied 
(See below).

I will try with this updated patch instead, but the bug usually takes a 
few days  to trigger with the fuzzer and I won't be able to let it run 
that long this time.

Vince

[183592.949539] BUG: spinlock recursion on CPU#2, perf_fuzzer/434
[183592.956559]  lock: pool_lock+0x0/0x40, .magic: dead4ead, .owner: perf_fuzzer/434, .owner_cpu: 2
[183592.966783] CPU: 2 PID: 434 Comm: perf_fuzzer Tainted: G        W       4.1.0-rc8+ #157
[183592.976228] Hardware name: LENOVO 10AM000AUS/SHARKBAY, BIOS FBKT72AUS 01/26/2014
[183592.984997]  ffffffff81cc2120 ffff88011ea85970 ffffffff816d7419 0000000000000053
[183592.993871]  ffff8800cf26a8d0 ffff88011ea85990 ffffffff810c28a5 ffffffff81cc2120
[183593.002787]  ffffffff81a1e4d1 ffff88011ea859b0 ffffffff810c2926 ffffffff81cc2120
[183593.011632] Call Trace:
[183593.015016]  <NMI>  [<ffffffff816d7419>] dump_stack+0x45/0x57
[183593.021966]  [<ffffffff810c28a5>] spin_dump+0x85/0xe0
[183593.028153]  [<ffffffff810c2926>] spin_bug+0x26/0x30
[183593.034234]  [<ffffffff810c2adf>] do_raw_spin_lock+0x13f/0x180
[183593.041233]  [<ffffffff816de8d9>] _raw_spin_lock+0x39/0x40
[183593.047849]  [<ffffffff81428d2d>] ? __debug_object_init+0xad/0x450
[183593.055189]  [<ffffffff81428d2d>] __debug_object_init+0xad/0x450
[183593.062375]  [<ffffffff814290eb>] debug_object_init+0x1b/0x20
[183593.069267]  [<ffffffff810d8fb8>] rcuhead_fixup_activate+0x28/0x40
[183593.076638]  [<ffffffff81429201>] debug_object_activate+0xf1/0x1e0
[183593.083969]  [<ffffffff8115e690>] ? free_event_rcu+0x40/0x40
[183593.090781]  [<ffffffff810dc8cb>] __call_rcu.constprop.58+0x3b/0x340
[183593.098321]  [<ffffffff8115711c>] ? irq_work_queue+0x6c/0x80
[183593.105123]  [<ffffffff810dcc27>] call_rcu_sched+0x17/0x20
[183593.111709]  [<ffffffff81166680>] rb_free_aux+0x40/0x90
[183593.118046]  [<ffffffff8116b067>] perf_aux_output_end+0xb7/0xf0
[183593.125089]  [<ffffffff81037b0e>] intel_bts_interrupt+0x8e/0xd0
[183593.132069]  [<ffffffff810338bf>] intel_pmu_handle_irq+0x4f/0x450
[183593.139335]  [<ffffffff8102a4ab>] perf_event_nmi_handler+0x2b/0x50
[183593.146687]  [<ffffffff810185d0>] nmi_handle+0xa0/0x150
[183593.153012]  [<ffffffff81018535>] ? nmi_handle+0x5/0x150
[183593.159406]  [<ffffffff8101887a>] default_do_nmi+0x4a/0x140
[183593.166117]  [<ffffffff81018a08>] do_nmi+0x98/0xe0
[183593.171983]  [<ffffffff816e15ef>] end_repeat_nmi+0x1e/0x2e
[183593.178613]  [<ffffffff810c2b70>] ? do_raw_spin_trylock+0x50/0x50
[183593.185823]  [<ffffffff810c2b70>] ? do_raw_spin_trylock+0x50/0x50
[183593.193059]  [<ffffffff810c2b70>] ? do_raw_spin_trylock+0x50/0x50
[183593.200306]  <<EOE>>  [<ffffffff816dea7b>] ? _raw_spin_unlock+0x2b/0x40
[183593.208107]  [<ffffffff81428ded>] __debug_object_init+0x16d/0x450
[183593.215328]  [<ffffffff8142919a>] ? debug_object_activate+0x8a/0x1e0
[183593.222812]  [<ffffffff814291ea>] ? debug_object_activate+0xda/0x1e0
[183593.230328]  [<ffffffff814290eb>] debug_object_init+0x1b/0x20
[183593.237143]  [<ffffffff810d8fb8>] rcuhead_fixup_activate+0x28/0x40
[183593.244413]  [<ffffffff81429201>] debug_object_activate+0xf1/0x1e0
[183593.251702]  [<ffffffff8115e650>] ? perf_unpin_context+0x40/0x40
[183593.258799]  [<ffffffff810dc8cb>] __call_rcu.constprop.58+0x3b/0x340
[183593.266311]  [<ffffffff81170b57>] ? __static_key_slow_dec+0x27/0xc0
[183593.273694]  [<ffffffff810dcc27>] call_rcu_sched+0x17/0x20
[183593.280180]  [<ffffffff81165439>] _free_event+0x109/0x290
[183593.286619]  [<ffffffff811656cf>] put_event+0x10f/0x160
[183593.292855]  [<ffffffff811655f0>] ? put_event+0x30/0x160
[183593.299153]  [<ffffffff81165755>] perf_release+0x15/0x20
[183593.305442]  [<ffffffff811edeec>] __fput+0xdc/0x1f0
[183593.311296]  [<ffffffff811ee04e>] ____fput+0xe/0x10
[183593.317138]  [<ffffffff81091577>] task_work_run+0xb7/0xf0
[183593.323509]  [<ffffffff81014189>] do_notify_resume+0x59/0x80
[183593.330207]  [<ffffffff816df550>] int_signal+0x12/0x17
[183602.817462] ------------[ cut here ]------------

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ