Re: BUG_ON drivers/char/random.c:986 (Was: perf: use after free in perf_remove_from_context)

[Hannes Frederic Sowa]

On Fri, May 16, 2014, at 9:21, Peter Zijlstra wrote:
> On Fri, May 16, 2014 at 09:06:13AM -0700, H. Peter Anvin wrote:
> > On 05/16/2014 08:34 AM, Peter Zijlstra wrote:
> > > 
> > > While fuzzing to reproduce my issue I hit the below, its triggered loads
> > > of times and then the machine wedged (needed a power cycle), I can
> > > provide the full console log if people care.
> > > 
> > > Anybody seen that one before?
> > > 
> > 
> > I certainly haven't... this bad.  Any idea what the actual system call
> > looked like?
> 
> Sadly, no, while I had syscall tracing enabled, the bug I'm chasing is
> non fatal so I hadn't set it to dump on bug -- not that dumping 24*1.4M
> trace buffers over serial would've completed this side of the century.
> 
> I did save the trinity output (including seeds) but my experience so far
> is that that is no guarantee for reproduction.

This should do the trick:
dd if=/dev/urandom of=/dev/zero bs=67108707

I suspect ee1de406ba6eb1 ("random: simplify accounting logic") as the
culprit.

Bye,

  Hannes
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/