perf: fuzzer getting stuck with slow memory leak

From: Vince Weaver
Date: Tue May 27 2014 - 13:36:47 EST

Next message: Florian Fainelli: "Re: [PATCH] of: handle NULL node in of_get_next_available_child"
Previous message: Jason Low: "Re: [PATCH v3] mutex: Documentation rewrite"
Next in thread: Vince Weaver: "Re: perf: fuzzer getting stuck with slow memory leak"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

OK, now that the various fixes made it in, I'm running the perf_fuzzer on
3.15-rc7.

On my core2 machine I found a random seed that reliably reproduces the
"fuzzer gets stuck, burning 100% CPU" issue.

I'm having a hard time figuring out what is happening, though I did manage
to get a ftrace of it.

Not a useful trace though, due to the dreaded EVENTS_DROPPED
happening right when things would be interesting.

CPU:0 [148307 EVENTS DROPPED]
perf_fuzzer-2940 [000] 396.172211: kmalloc: (T.1267+0xe) call_site=ffffffff810d027d ptr=0xffff8800be516b00 bytes_req=216 bytes_alloc=256 gfp_flags=GFP_KERNEL|GFP_ZERO
perf_fuzzer-2940 [000] 396.172211: function: perf_lock_task_context
perf_fuzzer-2940 [000] 396.172211: function: alloc_perf_context

Anyway it's repeating the above 3 lines forever while possibly leaking 256
bytes of memory each time it does so.

I can't seem to find the codepath that would cause it to get stuck here.

If I force a stack dump it looks like this:

[10229.956005] task: ffff8800ca2c3000 ti: ffff8800c53fc000 task.ti: ffff8800c53fc000
[10229.956005] RIP: 0010:[<ffffffff8111160b>] [<ffffffff8111160b>] ____cache_alloc+0x50/0x29d
[10229.956005] RSP: 0018:ffff8800c53fdd18 EFLAGS: 00000006
[10229.956005] RAX: ffff8800c7108c00 RBX: ffff88011f000400 RCX: ffff88011a156180
[10229.956005] RDX: 0000000080000000 RSI: ffff88011b38ac00 RDI: ffff88011f000400
[10229.956005] RBP: ffff8800c53fdd78 R08: 00000000000080d0 R09: ffff8800ca2c3000
[10229.956005] R10: ffff8800ca2c3000 R11: 0000000000000013 R12: ffff88011f000400
[10229.956005] R13: 0000000000000000 R14: 00000000000080d0 R15: 00000000000080d0
[10229.956005] FS: 00007fa9b7107700(0000) GS:ffff88011fc80000(0000) knlGS:0000000000000000
[10229.956005] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[10229.956005] CR2: 00007f9042256fc9 CR3: 00000000c4a30000 CR4: 00000000000407e0
[10229.956005] DR0: 0000000002546000 DR1: 0000000002341000 DR2: 0000000002837000
[10229.956005] DR3: 000000000262f000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[10229.956005] Stack:
[10229.956005] ffffea0002b8b9c0 ffff88011f002358 ffff88011f002348 ffffffff0000002c
[10229.956005] ffff88011f002368 000080d0810d027d ffff880100000001 ffff88011f000400
[10229.956005] 00000000000000d8 ffff88011f000400 00000000000080d0 00000000000080d0
[10229.956005] Call Trace:
[10229.956005] [<ffffffff81112657>] __kmalloc+0x8a/0xed
[10229.956005] [<ffffffff810d027d>] ? T.1265+0xe/0x10
[10229.956005] [<ffffffff810d027d>] T.1265+0xe/0x10
[10229.956005] [<ffffffff810d07b9>] alloc_perf_context+0x20/0x95
[10229.956005] [<ffffffff810d095e>] find_get_context+0x130/0x1bf
[10229.956005] [<ffffffff810d0eea>] SYSC_perf_event_open+0x42b/0x808
[10229.956005] [<ffffffff810d12d5>] SyS_perf_event_open+0xe/0x10
[10229.956005] [<ffffffff81543466>] system_call_fastpath+0x1a/0x1f
[10229.956005] Code: 8b b4 c7 80 00 00 00 83 3e 00 74 2b c7 46 0c 01 00 00 00 8b
05 87 bf b8 00 85 c0 0f 8e 36 02 00 00 8b 55 cc 31 c9 e8 b6 ed ff ff <48> 85 c0 0f 85 14 02 00 00 41 b5 01 65 44 8b 34 25 b8 ee 00 00

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Florian Fainelli: "Re: [PATCH] of: handle NULL node in of_get_next_available_child"
Previous message: Jason Low: "Re: [PATCH v3] mutex: Documentation rewrite"
Next in thread: Vince Weaver: "Re: perf: fuzzer getting stuck with slow memory leak"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]