1. Patchew
  2. linux
  3. View series

[PATCH] perf: Fix missing RCU reader protection in perf_event_clear_cpumask()

kan.liang@linux.intel.com posted 1 patch 1 year, 4 months ago
There is a newer version of this series
kernel/events/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] perf: Fix missing RCU reader protection in perf_event_clear_cpumask()
Posted by kan.liang@linux.intel.com 1 year, 4 months ago 
From: Kan Liang <kan.liang@linux.intel.com>

Running rcutorture scenario TREE05, the below warning is triggered.

[   32.604594] WARNING: suspicious RCU usage
[   32.605928] 6.11.0-rc5-00040-g4ba4f1afb6a9 #55238 Not tainted
[   32.607812] -----------------------------
[   32.609140] kernel/events/core.c:13946 RCU-list traversed in non-reader section!!
[   32.611595] other info that might help us debug this:
[   32.614247] rcu_scheduler_active = 2, debug_locks = 1
[   32.616392] 3 locks held by cpuhp/4/35:
[   32.617687]  #0: ffffffffb666a650 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
[   32.620563]  #1: ffffffffb666cd20 (cpuhp_state-down){+.+.}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
[   32.623412]  #2: ffffffffb677c288 (pmus_lock){+.+.}-{3:3}, at: perf_event_exit_cpu_context+0x32/0x2f0

In perf_event_clear_cpumask(), uses list_for_each_entry_rcu() without an
obvious RCU read-side critical section.

Either pmus_srcu or pmus_lock is good enough to protect the pmus list.
In the current context, pmus_lock is already held. The
list_for_each_entry_rcu() is not required.

Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope")
Reported-by: Paul E. McKenney <paulmck@kernel.org>
Closes: https://lore.kernel.org/lkml/2b66dff8-b827-494b-b151-1ad8d56f13e6@paulmck-laptop/
Tested-by: Paul E. McKenney <paulmck@kernel.org>
Reported-by: kernel test robot <oliver.sang@intel.com>
Closes: https://lore.kernel.org/oe-lkp/202409131559.545634cc-oliver.sang@intel.com
Signed-off-by: Kan Liang <kan.liang@linux.intel.com>
---
 kernel/events/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/events/core.c b/kernel/events/core.c
index 20e97c1aa4d6..5ba9934b49df 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -13912,7 +13912,7 @@ static void perf_event_clear_cpumask(unsigned int cpu)
 	}
 
 	/* migrate */
-	list_for_each_entry_rcu(pmu, &pmus, entry, lockdep_is_held(&pmus_srcu)) {
+	list_for_each_entry(pmu, &pmus, entry) {
 		if (pmu->scope == PERF_PMU_SCOPE_NONE ||
 		    WARN_ON_ONCE(pmu->scope >= PERF_PMU_MAX_SCOPE))
 			continue;
-- 
2.38.1
Re: [PATCH] perf: Fix missing RCU reader protection in perf_event_clear_cpumask()
Posted by Liang, Kan 1 year, 4 months ago 

On 2024-09-13 12:23 p.m., kan.liang@linux.intel.com wrote:
> From: Kan Liang <kan.liang@linux.intel.com>
> 
> Running rcutorture scenario TREE05, the below warning is triggered.
> 
> [   32.604594] WARNING: suspicious RCU usage
> [   32.605928] 6.11.0-rc5-00040-g4ba4f1afb6a9 #55238 Not tainted
> [   32.607812] -----------------------------
> [   32.609140] kernel/events/core.c:13946 RCU-list traversed in non-reader section!!
> [   32.611595] other info that might help us debug this:
> [   32.614247] rcu_scheduler_active = 2, debug_locks = 1
> [   32.616392] 3 locks held by cpuhp/4/35:
> [   32.617687]  #0: ffffffffb666a650 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
> [   32.620563]  #1: ffffffffb666cd20 (cpuhp_state-down){+.+.}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
> [   32.623412]  #2: ffffffffb677c288 (pmus_lock){+.+.}-{3:3}, at: perf_event_exit_cpu_context+0x32/0x2f0
> 
> In perf_event_clear_cpumask(), uses list_for_each_entry_rcu() without an
> obvious RCU read-side critical section.
> 
> Either pmus_srcu or pmus_lock is good enough to protect the pmus list.
> In the current context, pmus_lock is already held. The
> list_for_each_entry_rcu() is not required.
> 
> Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope")
> Reported-by: Paul E. McKenney <paulmck@kernel.org>
> Closes: https://lore.kernel.org/lkml/2b66dff8-b827-494b-b151-1ad8d56f13e6@paulmck-laptop/
> Tested-by: Paul E. McKenney <paulmck@kernel.org>
> Reported-by: kernel test robot <oliver.sang@intel.com>
> Closes: https://lore.kernel.org/oe-lkp/202409131559.545634cc-oliver.sang@intel.com

Forgot to add the below tag, please fold it.

Suggested-by: Peter Zijlstra <peterz@infradead.org>

Thanks,
Kan
> Signed-off-by: Kan Liang <kan.liang@linux.intel.com>
> ---
>  kernel/events/core.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index 20e97c1aa4d6..5ba9934b49df 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -13912,7 +13912,7 @@ static void perf_event_clear_cpumask(unsigned int cpu)
>  	}
>  
>  	/* migrate */
> -	list_for_each_entry_rcu(pmu, &pmus, entry, lockdep_is_held(&pmus_srcu)) {
> +	list_for_each_entry(pmu, &pmus, entry) {
>  		if (pmu->scope == PERF_PMU_SCOPE_NONE ||
>  		    WARN_ON_ONCE(pmu->scope >= PERF_PMU_MAX_SCOPE))
>  			continue;
Re: [PATCH] perf: Fix missing RCU reader protection in perf_event_clear_cpumask()
Posted by Paul E. McKenney 1 year, 4 months ago 
On Fri, Sep 13, 2024 at 12:25:59PM -0400, Liang, Kan wrote:
> 
> 
> On 2024-09-13 12:23 p.m., kan.liang@linux.intel.com wrote:
> > From: Kan Liang <kan.liang@linux.intel.com>
> > 
> > Running rcutorture scenario TREE05, the below warning is triggered.
> > 
> > [   32.604594] WARNING: suspicious RCU usage
> > [   32.605928] 6.11.0-rc5-00040-g4ba4f1afb6a9 #55238 Not tainted
> > [   32.607812] -----------------------------
> > [   32.609140] kernel/events/core.c:13946 RCU-list traversed in non-reader section!!
> > [   32.611595] other info that might help us debug this:
> > [   32.614247] rcu_scheduler_active = 2, debug_locks = 1
> > [   32.616392] 3 locks held by cpuhp/4/35:
> > [   32.617687]  #0: ffffffffb666a650 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
> > [   32.620563]  #1: ffffffffb666cd20 (cpuhp_state-down){+.+.}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
> > [   32.623412]  #2: ffffffffb677c288 (pmus_lock){+.+.}-{3:3}, at: perf_event_exit_cpu_context+0x32/0x2f0
> > 
> > In perf_event_clear_cpumask(), uses list_for_each_entry_rcu() without an
> > obvious RCU read-side critical section.
> > 
> > Either pmus_srcu or pmus_lock is good enough to protect the pmus list.
> > In the current context, pmus_lock is already held. The
> > list_for_each_entry_rcu() is not required.
> > 
> > Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope")
> > Reported-by: Paul E. McKenney <paulmck@kernel.org>
> > Closes: https://lore.kernel.org/lkml/2b66dff8-b827-494b-b151-1ad8d56f13e6@paulmck-laptop/
> > Tested-by: Paul E. McKenney <paulmck@kernel.org>
> > Reported-by: kernel test robot <oliver.sang@intel.com>
> > Closes: https://lore.kernel.org/oe-lkp/202409131559.545634cc-oliver.sang@intel.com
> 
> Forgot to add the below tag, please fold it.
> 
> Suggested-by: Peter Zijlstra <peterz@infradead.org>

Have one of these to go along with it.  ;-)

Tested-by: Paul E. McKenney <paulmck@kernel.org>

> Thanks,
> Kan
> > Signed-off-by: Kan Liang <kan.liang@linux.intel.com>
> > ---
> >  kernel/events/core.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/kernel/events/core.c b/kernel/events/core.c
> > index 20e97c1aa4d6..5ba9934b49df 100644
> > --- a/kernel/events/core.c
> > +++ b/kernel/events/core.c
> > @@ -13912,7 +13912,7 @@ static void perf_event_clear_cpumask(unsigned int cpu)
> >  	}
> >  
> >  	/* migrate */
> > -	list_for_each_entry_rcu(pmu, &pmus, entry, lockdep_is_held(&pmus_srcu)) {
> > +	list_for_each_entry(pmu, &pmus, entry) {
> >  		if (pmu->scope == PERF_PMU_SCOPE_NONE ||
> >  		    WARN_ON_ONCE(pmu->scope >= PERF_PMU_MAX_SCOPE))
> >  			continue;
Re: [PATCH] perf: Fix missing RCU reader protection in perf_event_clear_cpumask()
Posted by Paul E. McKenney 1 year, 3 months ago 
On Fri, Sep 13, 2024 at 11:14:41AM -0700, Paul E. McKenney wrote:
> On Fri, Sep 13, 2024 at 12:25:59PM -0400, Liang, Kan wrote:
> > 
> > 
> > On 2024-09-13 12:23 p.m., kan.liang@linux.intel.com wrote:
> > > From: Kan Liang <kan.liang@linux.intel.com>
> > > 
> > > Running rcutorture scenario TREE05, the below warning is triggered.
> > > 
> > > [   32.604594] WARNING: suspicious RCU usage
> > > [   32.605928] 6.11.0-rc5-00040-g4ba4f1afb6a9 #55238 Not tainted
> > > [   32.607812] -----------------------------
> > > [   32.609140] kernel/events/core.c:13946 RCU-list traversed in non-reader section!!
> > > [   32.611595] other info that might help us debug this:
> > > [   32.614247] rcu_scheduler_active = 2, debug_locks = 1
> > > [   32.616392] 3 locks held by cpuhp/4/35:
> > > [   32.617687]  #0: ffffffffb666a650 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
> > > [   32.620563]  #1: ffffffffb666cd20 (cpuhp_state-down){+.+.}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
> > > [   32.623412]  #2: ffffffffb677c288 (pmus_lock){+.+.}-{3:3}, at: perf_event_exit_cpu_context+0x32/0x2f0
> > > 
> > > In perf_event_clear_cpumask(), uses list_for_each_entry_rcu() without an
> > > obvious RCU read-side critical section.
> > > 
> > > Either pmus_srcu or pmus_lock is good enough to protect the pmus list.
> > > In the current context, pmus_lock is already held. The
> > > list_for_each_entry_rcu() is not required.
> > > 
> > > Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope")
> > > Reported-by: Paul E. McKenney <paulmck@kernel.org>
> > > Closes: https://lore.kernel.org/lkml/2b66dff8-b827-494b-b151-1ad8d56f13e6@paulmck-laptop/
> > > Tested-by: Paul E. McKenney <paulmck@kernel.org>
> > > Reported-by: kernel test robot <oliver.sang@intel.com>
> > > Closes: https://lore.kernel.org/oe-lkp/202409131559.545634cc-oliver.sang@intel.com
> > 
> > Forgot to add the below tag, please fold it.
> > 
> > Suggested-by: Peter Zijlstra <peterz@infradead.org>
> 
> Have one of these to go along with it.  ;-)
> 
> Tested-by: Paul E. McKenney <paulmck@kernel.org>

Just following up, seeing how this is not yet in -next.

Is this on its way upstream?

							Thanx, Paul

> > Thanks,
> > Kan
> > > Signed-off-by: Kan Liang <kan.liang@linux.intel.com>
> > > ---
> > >  kernel/events/core.c | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/kernel/events/core.c b/kernel/events/core.c
> > > index 20e97c1aa4d6..5ba9934b49df 100644
> > > --- a/kernel/events/core.c
> > > +++ b/kernel/events/core.c
> > > @@ -13912,7 +13912,7 @@ static void perf_event_clear_cpumask(unsigned int cpu)
> > >  	}
> > >  
> > >  	/* migrate */
> > > -	list_for_each_entry_rcu(pmu, &pmus, entry, lockdep_is_held(&pmus_srcu)) {
> > > +	list_for_each_entry(pmu, &pmus, entry) {
> > >  		if (pmu->scope == PERF_PMU_SCOPE_NONE ||
> > >  		    WARN_ON_ONCE(pmu->scope >= PERF_PMU_MAX_SCOPE))
> > >  			continue;
[tip: perf/urgent] perf: Fix missing RCU reader protection in perf_event_clear_cpumask()
Posted by tip-bot2 for Kan Liang 1 year, 3 months ago 
The following commit has been merged into the perf/urgent branch of tip:

Commit-ID:     e3dfd64c1f344ebec9397719244c27b360255855
Gitweb:        https://git.kernel.org/tip/e3dfd64c1f344ebec9397719244c27b360255855
Author:        Kan Liang <kan.liang@linux.intel.com>
AuthorDate:    Fri, 13 Sep 2024 09:23:40 -07:00
Committer:     Peter Zijlstra <peterz@infradead.org>
CommitterDate: Wed, 23 Oct 2024 20:52:25 +02:00

perf: Fix missing RCU reader protection in perf_event_clear_cpumask()

Running rcutorture scenario TREE05, the below warning is triggered.

[   32.604594] WARNING: suspicious RCU usage
[   32.605928] 6.11.0-rc5-00040-g4ba4f1afb6a9 #55238 Not tainted
[   32.607812] -----------------------------
[   32.609140] kernel/events/core.c:13946 RCU-list traversed in non-reader section!!
[   32.611595] other info that might help us debug this:
[   32.614247] rcu_scheduler_active = 2, debug_locks = 1
[   32.616392] 3 locks held by cpuhp/4/35:
[   32.617687]  #0: ffffffffb666a650 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
[   32.620563]  #1: ffffffffb666cd20 (cpuhp_state-down){+.+.}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200
[   32.623412]  #2: ffffffffb677c288 (pmus_lock){+.+.}-{3:3}, at: perf_event_exit_cpu_context+0x32/0x2f0

In perf_event_clear_cpumask(), uses list_for_each_entry_rcu() without an
obvious RCU read-side critical section.

Either pmus_srcu or pmus_lock is good enough to protect the pmus list.
In the current context, pmus_lock is already held. The
list_for_each_entry_rcu() is not required.

Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope")
Closes: https://lore.kernel.org/lkml/2b66dff8-b827-494b-b151-1ad8d56f13e6@paulmck-laptop/
Closes: https://lore.kernel.org/oe-lkp/202409131559.545634cc-oliver.sang@intel.com
Reported-by: "Paul E. McKenney" <paulmck@kernel.org>
Reported-by: kernel test robot <oliver.sang@intel.com>
Suggested-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Kan Liang <kan.liang@linux.intel.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: "Paul E. McKenney" <paulmck@kernel.org>
Link: https://lore.kernel.org/r/20240913162340.2142976-1-kan.liang@linux.intel.com
---
 kernel/events/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/events/core.c b/kernel/events/core.c
index cdd0976..df27d08 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -13959,7 +13959,7 @@ static void perf_event_clear_cpumask(unsigned int cpu)
 	}
 
 	/* migrate */
-	list_for_each_entry_rcu(pmu, &pmus, entry, lockdep_is_held(&pmus_srcu)) {
+	list_for_each_entry(pmu, &pmus, entry) {
 		if (pmu->scope == PERF_PMU_SCOPE_NONE ||
 		    WARN_ON_ONCE(pmu->scope >= PERF_PMU_MAX_SCOPE))
 			continue;

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.