Re: perf: fuzzer triggered warning in intel_pmu_drain_pebs_nhm()

From: Peter Zijlstra
Date: Fri Jul 03 2015 - 15:04:53 EST


On Fri, Jul 03, 2015 at 08:56:57PM +0200, Stephane Eranian wrote:
> Where do you see that we use cpuc->pebs_enabled after clearing it
> in pebs_disable() to check for overflow or active in drain_pebs()?
> I only see it used in get_next_pebs_record_by_bit()?


| static inline bool pebs_is_enabled(struct cpu_hw_events *cpuc)
| {
| return (cpuc->pebs_enabled & ((1ULL << MAX_PEBS_EVENTS) - 1));
| }


| void intel_pmu_pebs_disable(struct perf_event *event)
| {
| struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
| struct hw_perf_event *hwc = &event->hw;
| struct debug_store *ds = cpuc->ds;
|
| cpuc->pebs_enabled &= ~(1ULL << hwc->idx);

Here we clear it...

| if (event->hw.flags & PERF_X86_EVENT_PEBS_LDLAT)
| cpuc->pebs_enabled &= ~(1ULL << (hwc->idx + 32));
| else if (event->hw.flags & PERF_X86_EVENT_PEBS_ST)
| cpuc->pebs_enabled &= ~(1ULL << 63);
|
| if (ds->pebs_interrupt_threshold >
| ds->pebs_buffer_base + x86_pmu.pebs_record_size) {
| intel_pmu_drain_pebs_buffer();

Here we drain the buffer; which uses ->pebs_enabled

| if (!pebs_is_enabled(cpuc))

And here we test it

| perf_sched_cb_dec(event->ctx->pmu);
| }
|
| if (cpuc->enabled)
| wrmsrl(MSR_IA32_PEBS_ENABLE, cpuc->pebs_enabled);
|
| hwc->config |= ARCH_PERFMON_EVENTSEL_INT;
| }

That said, its far too warm and I might just not be making sense.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/