All of lore.kernel.org
 help / color / mirror / Atom feed
From: Frederic Weisbecker <fweisbec@gmail.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Vince Weaver <vincent.weaver@maine.edu>,
	Steven Rostedt <rostedt@goodmis.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Ingo Molnar <mingo@kernel.org>, Dave Jones <davej@redhat.com>
Subject: Re: perf/tracepoint: another fuzzer generated lockup
Date: Sat, 9 Nov 2013 15:52:59 +0100	[thread overview]
Message-ID: <20131109145258.GB26079@localhost.localdomain> (raw)
In-Reply-To: <20131109141039.GM16117@laptop.programming.kicks-ass.net>

On Sat, Nov 09, 2013 at 03:10:39PM +0100, Peter Zijlstra wrote:
> On Fri, Nov 08, 2013 at 11:36:58PM +0100, Frederic Weisbecker wrote:
> > [  237.627769] perf samples too long (3397569 > 2500), lowering kernel.perf_event_max_sample_rate to 50000
> > [  237.637124] INFO: NMI handler (perf_event_nmi_handler) took too long to run: 444.233 msecs
> > 
> > 444 msecs is huge.
> 
> Be glad your system lived to tell about it ;-) Calling printk() from NMI
> context is Russian roulette; I'm still waiting for the first report it
> actually locked up :-)
> 
> That said, I'm not sure what kernel you're running, but there were some
> issues with time-keeping hereabouts, but more importantly that second
> timing includes the printk() call of the first -- so that's always going
> to be fucked.

So, an idea of what may be happening: an event overflows while FASYNC flag is set so it triggers an irq work
to send the signal (kill_fasync).
After the irq work triggers, it generates an irq_work_exit event, which in turn overflows and,
if it has FASYNC, triggers a new irq work. The irq work triggers and generates an irq work exit event which
has FASYNC flag, etc...

Looks like a nice way to deadlock with an infinite loop of irq work.

  parent reply	other threads:[~2013-11-09 14:53 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-08 19:45 perf/tracepoint: another fuzzer generated lockup Vince Weaver
2013-11-08 20:06 ` Vince Weaver
2013-11-08 20:02   ` Frederic Weisbecker
2013-11-08 20:23     ` Vince Weaver
2013-11-08 20:48       ` Frederic Weisbecker
2013-11-08 21:15         ` Vince Weaver
2013-11-08 22:24           ` Frederic Weisbecker
2013-11-08 22:36           ` Frederic Weisbecker
2013-11-09  1:09             ` Steven Rostedt
2013-11-09 14:10             ` Peter Zijlstra
2013-11-09 14:20               ` Frederic Weisbecker
2013-11-11 12:44                 ` Ingo Molnar
2013-11-11 15:53                   ` Peter Zijlstra
2013-11-11 21:13                     ` Ingo Molnar
2013-11-09 14:52               ` Frederic Weisbecker [this message]
2013-11-09 15:13                 ` Peter Zijlstra
2013-11-09 15:27                   ` Frederic Weisbecker
2013-11-09 15:59                     ` Peter Zijlstra
2013-11-09 16:08                       ` Frederic Weisbecker
2013-11-09 15:11             ` Peter Zijlstra
2013-11-09 15:22               ` Frederic Weisbecker
2013-11-09 15:30                 ` Peter Zijlstra
2013-11-14 15:23               ` Peter Zijlstra
2013-11-14 15:33                 ` Peter Zijlstra
2013-11-14 15:35                   ` Frederic Weisbecker
2013-11-15  1:16                   ` Masami Hiramatsu
2013-11-15 12:28                     ` Peter Zijlstra
2013-11-15 14:15                       ` Steven Rostedt
2013-11-15 14:28                         ` Frederic Weisbecker
2013-11-17  7:53                           ` Masami Hiramatsu
2013-11-17  9:43                             ` Peter Zijlstra
2013-11-14 16:03                 ` Frederic Weisbecker
2013-11-14 17:20                 ` Vince Weaver
2013-11-14 17:14                   ` Peter Zijlstra
2013-11-14 17:41                     ` Steven Rostedt
2013-11-14 19:18                     ` Vince Weaver
2013-11-19 19:18                 ` [tip:perf/urgent] ftrace, perf: Avoid infinite event generation loop tip-bot for Peter Zijlstra
2013-11-09  0:25           ` perf/tracepoint: another fuzzer generated lockup Frederic Weisbecker

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20131109145258.GB26079@localhost.localdomain \
    --to=fweisbec@gmail.com \
    --cc=davej@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=peterz@infradead.org \
    --cc=rostedt@goodmis.org \
    --cc=vincent.weaver@maine.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.