Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754131AbbGPHPr (ORCPT <rfc822;w@1wt.eu>);
	Thu, 16 Jul 2015 03:15:47 -0400
Received: from bombadil.infradead.org ([198.137.202.9]:50507 "EHLO
	bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753723AbbGPHPp (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Thu, 16 Jul 2015 03:15:45 -0400
Date: Thu, 16 Jul 2015 09:15:36 +0200
From: Peter Zijlstra <peterz@infradead.org>
To: eranian@gmail.com
Cc: Vince Weaver <vincent.weaver@maine.edu>,
        LKML <linux-kernel@vger.kernel.org>, Ingo Molnar <mingo@redhat.com>,
        Arnaldo Carvalho de Melo <acme@kernel.org>, kan.liang@intel.com
Subject: Re: perf: fuzzer triggered warning in intel_pmu_drain_pebs_nhm()
Message-ID: <20150716071536.GY19282@twins.programming.kicks-ass.net>
References: <alpine.DEB.2.20.1507021111380.14637@vincent-weaver-1.umelst.maine.edu>
 <20150703131336.GI19282@twins.programming.kicks-ass.net>
 <CAMsRxfJurCVcQD5642R10SP70XuXxTes3CyKrrD5owu39f_AXg@mail.gmail.com>
 <20150703190420.GS3644@twins.programming.kicks-ass.net>
 <alpine.DEB.2.20.1507031544590.18107@vincent-weaver-1.umelst.maine.edu>
 <CAMsRxfJeV6JYJ-jke863EgJA0sFo0sZUTX8a4X3RhKaCvc_UEw@mail.gmail.com>
 <20150715123546.GK2859@worktop.programming.kicks-ass.net>
 <CAMsRxf+W80S+T7KVD95V43oRHFKsK+j7xh5YRrSmVD9jz-4j8g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAMsRxf+W80S+T7KVD95V43oRHFKsK+j7xh5YRrSmVD9jz-4j8g@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2012-12-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2172
Lines: 51

On Thu, Jul 16, 2015 at 08:02:03AM +0200, Stephane Eranian wrote:
> Been running it for a couple of hours, so far so good. I will let it
> run all night.

Thanks!

> > ---
> >  arch/x86/kernel/cpu/perf_event_intel_ds.c | 29 +++++++++++++----------------
> >  1 file changed, 13 insertions(+), 16 deletions(-)
> >
> > diff --git a/arch/x86/kernel/cpu/perf_event_intel_ds.c b/arch/x86/kernel/cpu/perf_event_intel_ds.c
> > index 71fc40238843..68d0ced1d229 100644
> > --- a/arch/x86/kernel/cpu/perf_event_intel_ds.c
> > +++ b/arch/x86/kernel/cpu/perf_event_intel_ds.c
> > @@ -1142,6 +1142,7 @@ static void intel_pmu_drain_pebs_nhm(struct pt_regs *iregs)
> >
> >         for (at = base; at < top; at += x86_pmu.pebs_record_size) {
> >                 struct pebs_record_nhm *p = at;
> > +               u64 pebs_status;
> >
> >                 /* PEBS v3 has accurate status bits */
> >                 if (x86_pmu.intel_cap.pebs_format >= 3) {
> > @@ -1152,12 +1153,14 @@ static void intel_pmu_drain_pebs_nhm(struct pt_regs *iregs)
> >                         continue;
> >                 }
> >
> > -               bit = find_first_bit((unsigned long *)&p->status,
> > +               pebs_status = p->status & cpuc->pebs_enabled;
> > +               pebs_status &= (1ULL << x86_pmu.max_pebs_events) - 1;
> > +
> > +               bit = find_first_bit((unsigned long *)&pebs_status,
> >                                         x86_pmu.max_pebs_events);
> >                 if (bit >= x86_pmu.max_pebs_events)
> >                         continue;

Maybe we should WARN in this case? A PEBS entry without any PEBS bits
set in the status field would be 'weird', right?

Maybe something like:

		if (WARN(bit >= x86_pmu.max_pebs_events,
			 "PEBS record without PEBS event! status=%Lx pebs_enabled=%Lx active_mask=%Lx",
			 p->status, cpuc->pebs_enabled, cpuc->active_mask))
			continue;

If that triggers we at least get more info.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/