Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp646207ybm;
        Wed, 22 May 2019 09:11:05 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwCHhBNBUFHEucdNzTuFfMSxyYjgjlbG3jvVP9rWKnJ/5nSh32bI9X2BLK1sAitNKnEd0RO
X-Received: by 2002:a17:902:aa85:: with SMTP id d5mr90424575plr.245.1558541464900;
        Wed, 22 May 2019 09:11:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558541464; cv=none;
        d=google.com; s=arc-20160816;
        b=pQFej7IZuZX/2s8xSF8uWhN2e2d3RbNcYRnjbdnNmpgId6R42FmWwiXxJHZrmnHDO0
         pZg3Qgvv4mofE3fCScb1finAyk9MmI+fYdcnDN1kN60Zp31yZptSVLdLbC4TfeAcwd2W
         LN9A7YhR8m8so4B4sU+9PaOWM9KCDsV+TLvnN/68u6GLuJXIQGtGJWlt8Wpq2PlZ2tY4
         z4xq623mC+ObtX7ZxvCrC0FdE2hlvS+M344/2pNeCIasd0nTRmTYdRvRO8N8yWZU/kGF
         WXL+fSVJDyuAM70d/bb+HEVKamsdpiglQl4A1sGhhQPbQftREpgcOA9Lb+FYIPwkYoDd
         wm8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:message-id
         :subject:to:date:from:dkim-signature;
        bh=0W5+YdyQTta665vGFYLsY3r1b4A0P0ouPgGLxR8CZ/Y=;
        b=P9t1FX0T9LObbronsy6RTLQOcUkDpvnzr4dQMmV23xSfF0g4qgnCUGNIX2twssQVIQ
         B9Jb5KoDlu7Tgxllj8F+P12CDYd2SdiCYQlG5juEmVGCXM+iEJx3f0EWFt+bx6S2Wb7k
         LB2IQ16yxLnLOFQMCqYO4KPwWyu+3+gNy21grO65AEb5BojKPSkB9AEYrSdNoDdtnKKF
         N5IRDT0noxtgyw2Y2+Pv/PZ1suaDgAuRnYeDOTc2y5+jx62ugITSO2inu4MNEgDQDgGZ
         aq6+ZqLa5UPwHvBInINAtMEcqPv+ChoOKD7bxqwYBIACakcXNyCYSs853LkusgUspoJQ
         SzXg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@maine.edu header.s=google header.b="Mawa/qrB";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w207si28665701pff.69.2019.05.22.09.10.47;
        Wed, 22 May 2019 09:11:04 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@maine.edu header.s=google header.b="Mawa/qrB";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729848AbfEVQIj (ORCPT <rfc822;austinkernel.kim@gmail.com>
        + 99 others); Wed, 22 May 2019 12:08:39 -0400
Received: from mail-qt1-f174.google.com ([209.85.160.174]:35151 "EHLO
        mail-qt1-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728638AbfEVQIj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 22 May 2019 12:08:39 -0400
Received: by mail-qt1-f174.google.com with SMTP id a39so3043632qtk.2
        for <linux-kernel@vger.kernel.org>; Wed, 22 May 2019 09:08:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=maine.edu; s=google;
        h=from:date:to:subject:message-id:user-agent:mime-version;
        bh=0W5+YdyQTta665vGFYLsY3r1b4A0P0ouPgGLxR8CZ/Y=;
        b=Mawa/qrBnDwcE39kFrkUNNIp0UL1yME4LODXV0Ioleq5Ggv3nodRhWUbxwrxHD6h7q
         ZN4/muelgnxwX+TZALejEAztKSZjKjra3f7XKppWwbdlJV70+8qx5VbcA2StzUOMZV+U
         bME9r1MSESqTa4xztMDQfQFvmKRJWOgvEqcYo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:date:to:subject:message-id:user-agent
         :mime-version;
        bh=0W5+YdyQTta665vGFYLsY3r1b4A0P0ouPgGLxR8CZ/Y=;
        b=Zr1bTngIJDrgOiyvkLlzGogFeUo1U68gVOxHjYGfakOMtbLmALeX27yG2JurE64cR9
         qil0KRoaZkE463uXzS+L5yQy+Db1f9tNjF+lSnBthqF0plJcH3ZB+JN7pc9BCtf67+Pp
         lREZoP6OKZ05LRh2/h+JCWm2/1ygGl+8BjQEkbXFFCRi5K8cEprueThOVegTHRG7mEtt
         rvOmjGPZ2860yCGHF46nb8+uvJrrJ94N99NNiKE5sbpPduOYfebBfHH1Bpg4UlwxwGZp
         5zilS7bQiQp3LwrBpU8quKwnU711ahGyaqg1q6fiZ42wk4qkvCXsBWXVb4w0iGYE0pj4
         2vSw==
X-Gm-Message-State: APjAAAVMXncmetEAa7fYSUXdfff0OOyV/Zjv/rW3g8EYwkpDaEQdrM4G
        WK9ggk4yduMtgNyocxr1gA+wlA==
X-Received: by 2002:ac8:16c9:: with SMTP id y9mr74719118qtk.50.1558541317789;
        Wed, 22 May 2019 09:08:37 -0700 (PDT)
Received: from macbook-air (weaver.eece.maine.edu. [130.111.218.23])
        by smtp.gmail.com with ESMTPSA id o63sm11808779qkf.41.2019.05.22.09.08.35
        (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
        Wed, 22 May 2019 09:08:36 -0700 (PDT)
From:   Vince Weaver <vincent.weaver@maine.edu>
X-Google-Original-From: Vince Weaver <vince@maine.edu>
Date:   Wed, 22 May 2019 12:08:31 -0400 (EDT)
X-X-Sender: vince@macbook-air
To:     Andi Kleen <ak@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Kan Liang <kan.liang@linux.intel.com>,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Arnaldo Carvalho de Melo <acme@redhat.com>,
        Jiri Olsa <jolsa@redhat.com>,
        Stephane Eranian <eranian@google.com>,
        Ingo Molnar <mingo@kernel.org>, linux-kernel@vger.kernel.org
Subject: perf: fuzzer causes crash in new XMM code
Message-ID: <alpine.DEB.2.21.1905221154300.22830@macbook-air>
User-Agent: Alpine 2.21 (DEB 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


The perf fuzzer caused my skylake machine to crash hard with the trace at 
the end here.  (this is with current git)

It appears to be happening in new code introduced by:

commit 878068ea270ea82767ff1d26c91583263c81fba0
Author: Kan Liang <kan.liang@linux.intel.com>
Date:   Tue Apr 2 12:44:59 2019 -0700

    perf/x86: Support outputting XMM registers


u64 perf_reg_value(struct pt_regs *regs, int idx)
{
        struct x86_perf_regs *perf_regs;

        if (idx >= PERF_REG_X86_XMM0 && idx < PERF_REG_X86_XMM_MAX) {
                perf_regs = container_of(regs, struct x86_perf_regs, regs);
===>            if (!perf_regs->xmm_regs)
                        return 0;
                return perf_regs->xmm_regs[idx - PERF_REG_X86_XMM0];
        }


[ 9679.952236] BUG: stack guard page was hit at 00000000a58f0e2f (stack is 000000007d0772c9..00000000938c7501)
[ 9679.962289] kernel stack overflow (page fault): 0000 [#1] SMP PTI
[ 9679.968575] CPU: 1 PID: 18831 Comm: perf_fuzzer Tainted: G        W         5.2.0-rc1 #37
[ 9679.976966] Hardware name: LENOVO 10FY0017US/SKYBAY, BIOS FWKT53A   06/06/2016
[ 9679.984325] RIP: 0010:perf_reg_value+0xd/0x50
[ 9679.988799] Code: 45 14 48 83 c3 20 4c 39 e3 75 c3 5b 5d 41 5c 41 5d 41 5e c3 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 8d 46 e0 83 f8 1f 77 1d <48> 8b 97 a8 00 00 00 31 c0 48 85 d2 74 0e 48 63 f6 48 8b 84 f2 00
[ 9680.008003] RSP: 0000:ffffba6000dd0bc0 EFLAGS: 00010097
[ 9680.013339] RAX: 0000000000000001 RBX: 0000000000000021 RCX: 0000000000000021
[ 9680.020658] RDX: 0000000000000021 RSI: 0000000000000021 RDI: ffffba6008d2ff58
[ 9680.027952] RBP: ffffba6000dd0c78 R08: 0000000000000000 R09: 0000000000000000
[ 9680.035262] R10: 00000000bffffff0 R11: 0000000000000005 R12: ffffba6008d2ff58
[ 9680.042564] R13: ffff94a5ebde48b0 R14: 0000000000000030 R15: 0000000000000000
[ 9680.049830] FS:  00007fccbb62e540(0000) GS:ffff94a5f5a40000(0000) knlGS:0000000000000000
[ 9680.058069] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 9680.063934] CR2: ffffba6008d30000 CR3: 000000022b7a8006 CR4: 00000000003606e0
[ 9680.071227] DR0: 0000000000000000 DR1: 0000000081007f80 DR2: 0000000000000000
[ 9680.078521] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[ 9680.085831] Call Trace:
[ 9680.088301]  <IRQ>
[ 9680.090363]  perf_output_sample_regs+0x43/0xa0
[ 9680.094928]  perf_output_sample+0x3aa/0x7a0
[ 9680.099181]  perf_event_output_forward+0x53/0x80
[ 9680.103917]  __perf_event_overflow+0x52/0xf0
[ 9680.108266]  ? perf_trace_run_bpf_submit+0xc0/0xc0
[ 9680.113108]  perf_swevent_hrtimer+0xe2/0x150
[ 9680.117475]  ? check_preempt_wakeup+0x181/0x230
[ 9680.122091]  ? check_preempt_curr+0x62/0x90
[ 9680.126361]  ? ttwu_do_wakeup+0x19/0x140
[ 9680.130355]  ? try_to_wake_up+0x54/0x460
[ 9680.134366]  ? reweight_entity+0x15b/0x1a0
[ 9680.138559]  ? __queue_work+0x103/0x3f0
[ 9680.142472]  ? update_dl_rq_load_avg+0x1cd/0x270
[ 9680.147194]  ? timerqueue_del+0x1e/0x40
[ 9680.151092]  ? __remove_hrtimer+0x35/0x70
[ 9680.155191]  __hrtimer_run_queues+0x100/0x280
[ 9680.159658]  hrtimer_interrupt+0x100/0x220
[ 9680.163835]  smp_apic_timer_interrupt+0x6a/0x140
[ 9680.168555]  apic_timer_interrupt+0xf/0x20
[ 9680.172756]  </IRQ>
[ 9680.174905] RIP: 0033:0x55dad77a9927
[ 9680.178575] Code: 00 00 00 48 89 d1 31 c0 48 89 f2 89 fe bf 41 01 00 00 e9 4c 09 ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 31 c9 b9 1f a1 07 00 <ff> c9 75 fc 31 c0 c3 66 90 48 8b 05 c9 96 00 00 48 89 44 24 f8 b9
[ 9680.197779] RSP: 002b:00007fff595603a8 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13
[ 9680.205489] RAX: 0000000000004985 RBX: 000000000000000c RCX: 00000000000365ca
[ 9680.212748] RDX: 00001e15d36cec84 RSI: 0000000000000000 RDI: 0000000000000001
[ 9680.220059] RBP: 00007fff595603c0 R08: 0000000000000000 R09: 00007fccbb62e540
[ 9680.227362] R10: fffffffffffffd4e R11: 0000000000000246 R12: 000055dad779a4c0
[ 9680.234630] R13: 00007fff595627b0 R14: 0000000000000000 R15: 0000000000000000
[ 9680.310017] ---[ end trace 511b9368cf14c65a ]---