-
*** perf_fuzzer 0.31-pre *** by Vince Weaver
Linux version 4.7.0+ x86_64
Processor: Intel 6/60/3
Seeding random number generator with 1470429924
/proc/sys/kernel/perf_event_max_sample_rate currently: 250/s
/proc/sys/kernel/perf_event_paranoid currently: 0
Logging perf_event_open() failures: no
Running fsync after every syscall: no
To reproduce, try: ./perf_fuzzer -s 30000 -r 1470429924
Pid=17586, sleeping 1s
==================================================
Fuzzing the following syscalls:
mmap perf_event_open close read write ioctl fork prctl poll
*NOT* Fuzzing the following syscalls:
Also attempting the following:
busy-instruction-loop accessing-perf-proc-and-sys-files trashing-the-mma
p-page
*NOT* attempting the following:
signal-handler-on-overflow
==================================================
Cannot open /sys/kernel/tracing/kprobe_events
==================================================
Fuzzing the following syscalls:
mmap perf_event_open close read write ioctl fork prctl poll
*NOT* Fuzzing the following syscalls:
Also attempting the following:
signal-handler-on-overflow busy-instruction-loop accessing-perf-proc-and
-sys-files trashing-the-mmap-page
*NOT* attempting the following:
==================================================
Cannot open /sys/kernel/tracing/kprobe_events
[ 3436.786215] BUG: unable to handle kernel
[ 3497.425743] CPU: 2 PID: 17533 Comm: perf_fuzzer Tainted: G W L 4.7.0+ #185
[ 3497.425743] Hardware name: LENOVO 10AM000AUS/SHARKBAY, BIOS FBKT72AUS 01/26/2014
[ 3497.425743] task: ffff8800bf56a740 task.stack: ffff880036f00000
[ 3497.425744] RIP: 0010:[] [] smp_call_function_single+0xbb/0x110
[ 3497.425744] RSP: 0018:ffff880036f03db0 EFLAGS: 00000202
[ 3497.425745] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000830
[ 3497.425745] RDX: 0000000000000003 RSI: 00000000000008fb RDI: 0000000000000830
[ 3497.425745] RBP: ffff880036f03df0 R08: 0000000000000000 R09: 6ab0c5fb00000000
[ 3497.425746] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8116a050
[ 3497.425746] R13: ffff88011ea1c498 R14: ffff8800becf9000 R15: ffff88011ea1c4d8
[ 3497.425747] FS: 00007f19d0ab4700(0000) GS:ffff88011ea80000(0000) knlGS:0000000000000000
[ 3497.425747] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3497.425747] CR2: 0000000004d43028 CR3: 0000000036f46000 CR4: 00000000001407e0
[ 3497.425748] DR0: 000000000000b9f2 DR1: 0000000000000000 DR2: 0000000000400a00
[ 3497.425748] DR3: 0000000000400a00 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[ 3497.425749] Stack:
[ 3497.425749] ffff8800bf56a740 0000000000000246 0000000000000000 ffffffff8116a050
[ 3497.425749] ffff880036f03e00 0000000000000003 0000000000000000 0000000000000000
[ 3497.425750] ffff880036f03e40 ffffffff81168d21 0000000000000000 ffffffff8116ee20
[ 3497.425750] Call Trace:
[ 3497.425750] [] ? perf_cgroup_attach+0x50/0x50
[ 3497.425751] [] perf_install_in_context+0x171/0x180
[ 3497.425751] [] ? ctx_resched+0x90/0x90
[ 3497.425752] [] SYSC_perf_event_open+0xa12/0xd90
[ 3497.425752] [] SyS_perf_event_open+0x9/0x10
[ 3497.425752] [] entry_SYSCALL_64_fastpath+0x1e/0xad
[ 3497.425753] Code: 4c fe ff ff 48 83 c4 30 5b 41 5c 5d c3 48 8d 75 d0 48 89 d1 89 df 4c 89 e2 e8 32 fe ff ff 8b 55 e8 83 e2 01 74 0a f3 90 8b 55 e8 <83> e2 01 75 f6 48 83 c4 30 5b 41 5c 5d c3 8b 05 79 f3 7a 01 85
-
*** perf_fuzzer 0.31-pre *** by Vince Weaver
Linux version 4.8.0-rc1 x86_64
Processor: Intel 6/60/3
Seeding random number generator with 1470674755
/proc/sys/kernel/perf_event_max_sample_rate currently: 3250/s
/proc/sys/kernel/perf_event_paranoid currently: 0
Logging perf_event_open() failures: no
Running fsync after every syscall: no
To reproduce, try: ./perf_fuzzer -s 30000 -r 1470674755
Pid=28268, sleeping 1s
==================================================
Fuzzing the following syscalls:
mmap perf_event_open close read write ioctl fork prctl poll
*NOT* Fuzzing the following syscalls:
Also attempting the following:
signal-handler-on-overflow busy-instruction-loop accessing-perf-proc-and
-sys-files trashing-the-mmap-page
*NOT* attempting the following:
==================================================
Cannot open /sys/kernel/tracing/kprobe_events
Iteration 10000
Open attempts: 106492 Successful: 904 Currently open: 41
EPERM : 16
ENOENT : 578
E2BIG : 9375
EBADF : 9109
EBUSY : 11
EINVAL : 86387
EOPNOTSUPP : 112
Trinity Type (Normal 276/26818)(Sampling 39/26245)(Global 542/26
462)(Random 47/26967)
Type (Hardware 214/14948)(software 320/14493)(tracepoint 47/1436
9)(Cache 50/13337)(cpu 222/14408)(breakpoint 15/14020)(intel_bts 16/924)(msr 2/8
92)(power 0/1017)(uncore_imc 0/883)(uncore_cbox_0 5/879)(uncore_cbox_1 4/963)(un
core_cbox_2 0/945)(uncore_cbox_3 2/902)(uncore_arb 3/893)(cstate_core 2/866)(cst
ate_pkg 2/998)(#17 0/5)(#18 0/13)(>19 0/10737)
Close: 863/863 Successful
Read: 807/901 Successful
Write: 0/915 Successful
Ioctl: 373/891 Successful: (ENABLE 85/85)(DISABLE 75/75)(REFRESH 6/98)(
RESET 95/95)(PERIOD 8/70)(SET_OUTPUT 14/87)(SET_FILTER 0/70)(ID 81/81)(SET_BPF 0
/69)(PAUSE_OUTPUT 9/79)(#10 0/0)(#11 0/0)(#12 0/0)(#13 0/0)(#14 0/0)(>14 0/82)
Mmap: 421/1034 Successful: (MMAP 421/1034)(TRASH 130/141)(READ 14/153)
(UNMAP 420/1020)(AUX 1/113)(AUX_READ 0/0)
Prctl: 963/963 Successful
Fork: 475/475 Successful
Poll: 844/865 Successful
Access: 487/949 Successful
Overflows: 2 Recursive: 0
SIGIOs due to RT signal queue full: 0
[ 2018.709978] BUG: unable to handle kernel
- Core2, seems to be fixed by same patch
*** perf_fuzzer 0.31-pre *** by Vince Weaver
Linux version 4.8.0-rc1+ x86_64
Processor: Intel 6/23/10
Seeding random number generator with 1470763409
/proc/sys/kernel/perf_event_max_sample_rate currently: 51000/s
/proc/sys/kernel/perf_event_paranoid currently: 0
Logging perf_event_open() failures: no
Running fsync after every syscall: no
To reproduce, try: ./perf_fuzzer -s 30000 -r 1470763409
Pid=28759, sleeping 1s
==================================================
Fuzzing the following syscalls:
mmap perf_event_open close read write ioctl fork prctl poll
*NOT* Fuzzing the following syscalls:
Also attempting the following:
signal-handler-on-overflow busy-instruction-loop accessing-perf-proc-and
-sys-files trashing-the-mmap-page
*NOT* attempting the following:
==================================================
[ 7548.712074] BUG: unable to handle kernel NULL pointer dereference at 0000000000000098
[ 7548.716001] IP: [] perf_event_switch_output+0x2e/0xe2
[ 7548.716001] PGD 117c43067 PUD 118b65067 PMD 0
[ 7548.716001] Oops: 0000 [#1] SMP
[ 7548.716001] Modules linked in: cpufreq_userspace cpufreq_powersave cpufreq_conservative f71882fg evdev psmouse coretemp serio_raw pcspkr mcs7830 usbnet video wmi acpi_cpufreq tpm_tis tpm_tis_core tpm button i2c_nforce2 processor sg ohci_pci ohci_hcd ehci_pci ehci_hcd sd_mod usbcore usb_common
[ 7548.716001] CPU: 1 PID: 23915 Comm: kworker/1:0 Not tainted 4.8.0-rc1+ #207
[ 7548.716001] Hardware name: AOpen DE7000/nMCP7ALPx-DE R1.06 Oct.19.2012, BIOS 080015 10/19/2012
[ 7548.716001] task: ffff880119a6ce80 task.stack: ffff8800377f0000
[ 7548.716001] RIP: 0010:[] [] perf_event_switch_output+0x2e/0xe2
[ 7548.716001] RSP: 0018:ffff8800377f3b50 EFLAGS: 00010002
[ 7548.716001] RAX: 0000000000000000 RBX: ffff8800377f3dc8 RCX: 0000000000000001
[ 7548.716001] RDX: 0000000000000001 RSI: ffff8800377f3dc8 RDI: ffff88009f905000
[ 7548.716001] RBP: ffff8800377f3d50 R08: 0000000000000000 R09: 0000000000000001
[ 7548.716001] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88009f905000
[ 7548.716001] R13: ffff8800377f3dc8 R14: ffff88011fc92c68 R15: ffff880119a6ce80
[ 7548.716001] FS: 0000000000000000(0000) GS:ffff88011fc80000(0000) knlGS:0000000000000000
[ 7548.716001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 7548.716001] CR2: 00000000000000b8 CR3: 0000000117da7000 CR4: 00000000000406e0
[ 7548.716001] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 7548.716001] DR3: 0000000000400a20 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 7548.716001] Stack:
[ 7548.716001] ffff88011ac4df18 0000000000000000 0000000000000016 0000000000000016
[ 7548.716001] 0000000000000016 0000000000000016 0000000000000400 ffff8800377f3be0
[ 7548.716001] ffffffff810716c4 0000000100000001 000000000000012d 000000000000005d
[ 7548.716001] Call Trace:
[ 7548.716001] [] ? update_cfs_rq_load_avg+0x2f7/0x313
[ 7548.716001] [] ? enqueue_task_fair+0x3fe/0x41f
[ 7548.716001] [] ? resched_curr+0x5b/0x5e
[ 7548.716001] [] ? check_preempt_curr+0x4c/0x6f
[ 7548.716001] [] ? __srcu_notifier_call_chain+0x5c/0x6a
[ 7548.716001] [] ? __wake_up+0x44/0x4b
[ 7548.716001] [] ? perf_mux_hrtimer_handler+0x124/0x124
[ 7548.716001] [] perf_iterate_sb+0x65/0xc2
[ 7548.716001] [] __perf_event_task_sched_out+0x65/0x2fd
[ 7548.716001] [] ? pick_next_task_fair+0x1d1/0x337
[ 7548.716001] [] ? put_prev_task_fair+0x22/0x61
[ 7548.716001] [] __schedule+0x276/0x4c6
[ 7548.716001] [] ? cancel_delayed_work+0x6e/0x6e
[ 7548.716001] [] schedule+0x83/0x91
[ 7548.716001] [] worker_thread+0x259/0x2c8
[ 7548.716001] [] ? cancel_delayed_work+0x6e/0x6e
[ 7548.716001] [] kthread+0xae/0xb6
[ 7548.716001] [] ret_from_fork+0x1f/0x40
[ 7548.716001] [] ? init_completion+0x24/0x24
[ 7548.716001] Code: e5 41 55 41 54 49 89 fc 53 48 83 e4 c0 48 81 ec b0 01 00 00 f6 87 f3 00 00 00 04 0f 84 b3 00 00 00 48 8b 87 00 02 00 00 48 89 f3 <48> 83 b8 98 00 00 00 00 74 0f c7 46 10 0e 00 00 00 66 c7 46 16
[ 7548.716001] RIP [] perf_event_switch_output+0x2e/0xe2