On Tue, 9 Aug 2016, Alexander Shishkin wrote: > Awesome, I'll have a look. Can you tell it it was messing around with > intel_bts driver from the fuzzer log?
the fuzzer is messing around with the aux buffer, but this particular bug triggered quickly so I can't easily tell if this particular bug was doing things then. This also turned up a bit later: 10772.606425] ------------[ cut here ]------------ [10772.611802] WARNING: CPU: 1 PID: 20027 at kernel/events/ring_buffer.c:539 __rb_free_aux+0x111/0x120 [10772.621856] Modules linked in: fuse binfmt_misc intel_rapl iosf_mbi x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel snd_hda_codec_hdmi aes_x86_64 lrw gf128mul glue_helper snd_hda_codec_realtek snd_hda_codec_generic ablk_helper ppdev iTCO_wdt snd_hda_intel snd_hda_codec snd_hda_core cryptd evdev iTCO_vendor_support snd_hwdep snd_pcm snd_timer snd i915 drm_kms_helper parport_pc wmi parport psmouse tpm_tis tpm_tis_core pcspkr serio_raw sg button i2c_i801 soundcore lpc_ich drm mei_me mfd_core i2c_smbus tpm mei video battery i2c_algo_bit sr_mod sd_mod cdrom ahci libahci xhci_pci libata ehci_pci xhci_hcd ehci_hcd e1000e usbcore ptp crc32c_intel scsi_mod pps_core usb_common fan thermal [10772.699231] CPU: 1 PID: 20027 Comm: perf_fuzzer Tainted: G W 4.8.0-rc1+ #187 [10772.708539] Hardware name: LENOVO 10AM000AUS/SHARKBAY, BIOS FBKT72AUS 01/26/2014 [10772.717011] 0000000000000000 ffff88011ea43cb0 ffffffff81437641 0000000000000000 [10772.725555] 0000000000000000 ffff88011ea43cf0 ffffffff81076bab 0000021b1ea43d48 [10772.734103] ffff8800d0663800 ffff88011ea4b700 0000000000000000 ffff880036cf9800 [10772.742694] Call Trace: [10772.745818] <IRQ> [<ffffffff81437641>] dump_stack+0x63/0x82 [10772.752579] [<ffffffff81076bab>] __warn+0xcb/0xf0 [10772.758260] [<ffffffff81076c9d>] warn_slowpath_null+0x1d/0x20 [10772.765049] [<ffffffff81177121>] __rb_free_aux+0x111/0x120 [10772.771540] [<ffffffff81177d38>] rb_free_aux+0x18/0x20 [10772.777637] [<ffffffff81177fc0>] perf_aux_output_end+0xc0/0x110 [10772.784578] [<ffffffff8100cadd>] bts_event_stop+0xad/0x110 [10772.791025] [<ffffffff8100cb53>] bts_event_del+0x13/0x20 [10772.797318] [<ffffffff8116dcec>] event_sched_out.isra.91+0xbc/0x3a0 [10772.804686] [<ffffffff8116e01b>] group_sched_out+0x4b/0xc0 [10772.811152] [<ffffffff8116e206>] ctx_sched_out+0x176/0x2c0 [10772.817625] [<ffffffff8116f05f>] perf_mux_hrtimer_handler+0x10f/0x2c0 [10772.825143] [<ffffffff8116ef50>] ? __perf_install_in_context+0x130/0x130 [10772.832935] [<ffffffff810eb3e3>] __hrtimer_run_queues+0x103/0x300 [10772.840128] [<ffffffff810ebbab>] hrtimer_interrupt+0xab/0x1b0 [10772.846903] [<ffffffff810513b8>] local_apic_timer_interrupt+0x38/0x60 [10772.854429] [<ffffffff81724ab3>] smp_trace_apic_timer_interrupt+0x63/0x120 [10772.862446] [<ffffffff81722e32>] trace_apic_timer_interrupt+0x82/0x90 [10772.869935] <EOI> ---[ end trace 7ff7a520eaea4ee2 ]---
