On Tue, 27 May 2014, Vince Weaver wrote:
> perf_fuzzer-2989 [001] 1994.514398: sys_enter: NR 298 (699f28,
> bad, 0, ffffffff, 2, 7fff361a3360)
> perf_fuzzer-2989 [001] 1994.514399: bprint:
> SYSC_perf_event_open: VMW: perf_event_open type=1 config=8 period=0 pid=2989
> cpu=0 group=-1 flags=2
> perf_fuzzer-2989 [001] 1994.514400: kmalloc: (T.1267+0xe)
> call_site=ffffffff810d027d ptr=0xffff880119d1f400 bytes_req=936
> bytes_alloc=1024 gfp_flags=GFP_KERNEL|GFP_ZERO
> perf_fuzzer-2989 [001] 1994.514401: kmalloc: (T.1267+0xe)
> call_site=ffffffff810d027d ptr=0xffff8800cbbbd000 bytes_req=2064
> bytes_alloc=4096 gfp_flags=GFP_KERNEL|GFP_ZERO
> perf_fuzzer-2989 [001] 1994.514401: kmalloc: (T.1267+0xe)
> call_site=ffffffff810d027d ptr=0xffff880119fcd000 bytes_req=2064
> bytes_alloc=4096 gfp_flags=GFP_KERNEL|GFP_ZERO
> perf_fuzzer-2989 [001] 1994.514402: kmalloc: (T.1267+0xe)
> call_site=ffffffff810d027d ptr=0xffff8800c9344400 bytes_req=216
> bytes_alloc=256 gfp_flags=GFP_KERNEL|GFP_ZERO
> (repeat forever)
OK, the problem is in:
kernel/events/core.c find_get_context()
retry:
perf_lock_task_context() returns NULL.
alloc_perf_context()
task->perf_event_ctxp[ctxn] is *not* NULL
err == EAGAIN so jump to retry
stuck forever leaking the memory being allocated by alloc_perf_context().
I'm not sure what this code should be doing, but it looks like we'll
always leak memory if the EAGAIN case is triggered?
Vince
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
