Re: rb tree hrtimer lockup bug (found by perf_fuzzer)

From: Thomas Gleixner
Date: Tue Mar 25 2014 - 17:52:51 EST

Next message: Tanmay Inamdar: "Re: [PATCH v5 1/4] pci: APM X-Gene PCIe controller driver"
Previous message: Sebastian Hesselbarth: "Re: dwapb: a bug fix a few cleanups, v2"
In reply to: Vince Weaver: "Re: rb tree hrtimer lockup bug (found by perf_fuzzer)"
Next in thread: Vince Weaver: "Re: rb tree hrtimer lockup bug (found by perf_fuzzer)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 25 Mar 2014, Vince Weaver wrote:
> On Mon, 24 Mar 2014, Thomas Gleixner wrote:
>
> > But I tooks some time to tweak the debugobjects patch further in the
> > hope that it helps.
>
> I've attached the log from your most recent patch, it's pretty long.
>
> I'll try without the trace_printk too.
>
> It's been busy here which is why I've been slow to try the patch, but
> hopefully I'll have some more time to look at things tomorrow.

Ok, that trace makes a lot more sense but it does us not yet give
enough data as the delayed work function is assigned after the
debugobjects init call. Patch for that below.

What's clear from the trace is that the timer gets set up correctly,
but when it expires the function callback is NULL. The timer is set up
to 1sec and it's started in the context of init-1. So it's probably an
initcall of some sort.

Do you happen to have the full bootlog up to the crash handy?

Adding "initcall_debug" to the kernel command line might give us a
further hint what is adding the delayed_work, but I guess once we see
the function in the trace we have a good chance to find the place
right away. Then we have to figure out what scribbles over it .....

Thanks,

tglx

Index: linux-2.6/include/linux/workqueue.h
===================================================================
--- linux-2.6.orig/include/linux/workqueue.h
+++ linux-2.6/include/linux/workqueue.h
@@ -213,19 +213,19 @@ static inline unsigned int work_static(s
do { \
static struct lock_class_key __key; \
\
+ PREPARE_WORK((_work), (_func)); \
__init_work((_work), _onstack); \
(_work)->data = (atomic_long_t) WORK_DATA_INIT(); \
lockdep_init_map(&(_work)->lockdep_map, #_work, &__key, 0); \
INIT_LIST_HEAD(&(_work)->entry); \
- PREPARE_WORK((_work), (_func)); \
} while (0)
#else
#define __INIT_WORK(_work, _func, _onstack) \
do { \
+ PREPARE_WORK((_work), (_func)); \
__init_work((_work), _onstack); \
(_work)->data = (atomic_long_t) WORK_DATA_INIT(); \
INIT_LIST_HEAD(&(_work)->entry); \
- PREPARE_WORK((_work), (_func)); \
} while (0)
#endif

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tanmay Inamdar: "Re: [PATCH v5 1/4] pci: APM X-Gene PCIe controller driver"
Previous message: Sebastian Hesselbarth: "Re: dwapb: a bug fix a few cleanups, v2"
In reply to: Vince Weaver: "Re: rb tree hrtimer lockup bug (found by perf_fuzzer)"
Next in thread: Vince Weaver: "Re: rb tree hrtimer lockup bug (found by perf_fuzzer)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]