From: Ingo Molnar <mingo@kernel.org>
To: Vince Weaver <vincent.weaver@maine.edu>
Cc: Peter Zijlstra <peterz@infradead.org>,
Huang Rui <ray.huang@amd.com>,
linux-kernel@vger.kernel.org, Borislav Petkov <bp@suse.de>,
Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>
Subject: Re: perf: fuzzer crashes immediately on AMD system
Date: Wed, 24 Aug 2016 11:19:23 +0200 [thread overview]
Message-ID: <20160824091923.GB4340@gmail.com> (raw)
In-Reply-To: <alpine.DEB.2.20.1608230750310.30245@macbook-air>
* Vince Weaver <vincent.weaver@maine.edu> wrote:
> On Tue, 23 Aug 2016, Peter Zijlstra wrote:
>
> > On Mon, Aug 22, 2016 at 10:54:32PM -0400, Vince Weaver wrote:
> > > > > > >
> > > > > > > perf stat -a -e amd_nb/config=0x37,config1=0x20/ /bin/ls
> > > > amd_uncore_find_online_sibling()
> > > > function is broken.
> > >
> > > and that's the problem. uncore_find_online_sibling() does all kinds of
> > > wrong things including sticking active uncore structures in
> > > uncore->free_when_cpu_online
> > >
> > > Then uncore_online() comes along and frees those structures.
> > >
> > > Then some other part of the kernel comes and re-uses the free'd data.
> > >
> > > Then when we try to start an event, all of the fields are invalid because
> > > the uncore pointer is pointing to re-used data.
> > >
> > > I don't have a patch because I am not 100% clear on what
> > > uncore_find_online_sibling() is doing in the first place.
> >
> > Thanks for doing all that, I'll see if I can make sense of it.
>
> I should have provided more detail, was just tired after chasing the bug
> for so long. I mostly found things by sprinkling printks everywhere.
> Comenting out the call to kfree() in uncore_online() makes the code stop
> crashing (but perhaps causes a memory leak?)
If there's no progress finding the root cause I'd be happy to exchange a crash for
a leak ...
> In any case it's odd the problem didn't show up earlier, but maybe the
> recent changes to CPU hotplugging in that file exposed the issue.
Yeah, we had lots of changes to CPU hotplugging recently.
Thanks,
Ingo
next prev parent reply other threads:[~2016-08-24 9:21 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-18 14:32 perf: fuzzer crashes immediately on AMD system Vince Weaver
2016-08-18 14:46 ` Vince Weaver
2016-08-19 10:01 ` Peter Zijlstra
2016-08-19 10:56 ` Peter Zijlstra
2016-08-19 15:03 ` Vince Weaver
2016-08-19 16:38 ` Vince Weaver
2016-08-20 4:44 ` Vince Weaver
2016-08-22 11:16 ` Huang Rui
2016-08-23 1:02 ` Vince Weaver
2016-08-23 2:54 ` Vince Weaver
2016-08-23 8:45 ` Peter Zijlstra
2016-08-23 11:53 ` Vince Weaver
2016-08-24 9:19 ` Ingo Molnar [this message]
2016-08-24 13:20 ` Vince Weaver
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160824091923.GB4340@gmail.com \
--to=mingo@kernel.org \
--cc=acme@kernel.org \
--cc=bp@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=ray.huang@amd.com \
--cc=vincent.weaver@maine.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.