Re: rb tree hrtimer lockup bug (found by perf_fuzzer)

[Thomas Gleixner]

On Tue, 18 Mar 2014, Vince Weaver wrote:
> On Tue, 18 Mar 2014, Thomas Gleixner wrote:
> 
> > On Tue, 18 Mar 2014, Vince Weaver wrote:
> > 
> > > 
> > > The perf_fuzzer can quickly cause a machine to lockup with an hrtimer 
> > > related rb tree related oops.  I've had a hard time debugging this in any 
> > > useful manner, but I can trigger it on both core2 and haswell test systems 
> > > on 3.14-rc7.
> > > 
> > > This involves making a large number of perf_event events of all types and 
> > > then forking a lot.
> > 
> > Can you enable debugobjects please? The should give us an hint what
> > corrupts the rbtree.
> 
> I enabled debugobjects and then said Y to most of the questions brought up 
> by make oldconfig but now the system crashes at boot:

> [    3.678040] BUG: unable to handle kernel NULL pointer dereference at 0000000000000018                                                                        
> [    3.686776] IP: [<ffffffff8106d7a8>] get_next_timer_interrupt+0x168/0x250    

The back trace is not really helpful. Is there anything before that
BUG in dmesg?

Thanks,

	tglx

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/