From 78f41931d3dd351b81b73d5404695e8ff55efe5a Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 23 Jul 2013 14:47:49 -0700 Subject: [PATCH] 3.0-stable patches added patches: perf-clone-child-context-from-parent-context-pmu.patch perf-fix-perf_lock_task_context-vs-rcu.patch perf-remove-warn_on_once-check-in-__perf_event_enable-for-valid-scenario.patch --- ...hild-context-from-parent-context-pmu.patch | 85 ++++++++++++++++ ...rf-fix-perf_lock_task_context-vs-rcu.patch | 88 +++++++++++++++++ ...perf_event_enable-for-valid-scenario.patch | 97 +++++++++++++++++++ queue-3.0/series | 3 + 4 files changed, 273 insertions(+) create mode 100644 queue-3.0/perf-clone-child-context-from-parent-context-pmu.patch create mode 100644 queue-3.0/perf-fix-perf_lock_task_context-vs-rcu.patch create mode 100644 queue-3.0/perf-remove-warn_on_once-check-in-__perf_event_enable-for-valid-scenario.patch diff --git a/queue-3.0/perf-clone-child-context-from-parent-context-pmu.patch b/queue-3.0/perf-clone-child-context-from-parent-context-pmu.patch new file mode 100644 index 00000000000..820640d250d --- /dev/null +++ b/queue-3.0/perf-clone-child-context-from-parent-context-pmu.patch @@ -0,0 +1,85 @@ +From 734df5ab549ca44f40de0f07af1c8803856dfb18 Mon Sep 17 00:00:00 2001 +From: Jiri Olsa +Date: Tue, 9 Jul 2013 17:44:10 +0200 +Subject: perf: Clone child context from parent context pmu + +From: Jiri Olsa + +commit 734df5ab549ca44f40de0f07af1c8803856dfb18 upstream. + +Currently when the child context for inherited events is +created, it's based on the pmu object of the first event +of the parent context. + +This is wrong for the following scenario: + + - HW context having HW and SW event + - HW event got removed (closed) + - SW event stays in HW context as the only event + and its pmu is used to clone the child context + +The issue starts when the cpu context object is touched +based on the pmu context object (__get_cpu_context). In +this case the HW context will work with SW cpu context +ending up with following WARN below. + +Fixing this by using parent context pmu object to clone +from child context. + +Addresses the following warning reported by Vince Weaver: + +[ 2716.472065] ------------[ cut here ]------------ +[ 2716.476035] WARNING: at kernel/events/core.c:2122 task_ctx_sched_out+0x3c/0x) +[ 2716.476035] Modules linked in: nfsd auth_rpcgss oid_registry nfs_acl nfs locn +[ 2716.476035] CPU: 0 PID: 3164 Comm: perf_fuzzer Not tainted 3.10.0-rc4 #2 +[ 2716.476035] Hardware name: AOpen DE7000/nMCP7ALPx-DE R1.06 Oct.19.2012, BI2 +[ 2716.476035] 0000000000000000 ffffffff8102e215 0000000000000000 ffff88011fc18 +[ 2716.476035] ffff8801175557f0 0000000000000000 ffff880119fda88c ffffffff810ad +[ 2716.476035] ffff880119fda880 ffffffff810af02a 0000000000000009 ffff880117550 +[ 2716.476035] Call Trace: +[ 2716.476035] [] ? warn_slowpath_common+0x5b/0x70 +[ 2716.476035] [] ? task_ctx_sched_out+0x3c/0x5f +[ 2716.476035] [] ? perf_event_exit_task+0xbf/0x194 +[ 2716.476035] [] ? do_exit+0x3e7/0x90c +[ 2716.476035] [] ? __do_fault+0x359/0x394 +[ 2716.476035] [] ? do_group_exit+0x66/0x98 +[ 2716.476035] [] ? get_signal_to_deliver+0x479/0x4ad +[ 2716.476035] [] ? __perf_event_task_sched_out+0x230/0x2d1 +[ 2716.476035] [] ? do_signal+0x3c/0x432 +[ 2716.476035] [] ? ctx_sched_in+0x43/0x141 +[ 2716.476035] [] ? perf_event_context_sched_in+0x7a/0x90 +[ 2716.476035] [] ? __perf_event_task_sched_in+0x31/0x118 +[ 2716.476035] [] ? mmdrop+0xd/0x1c +[ 2716.476035] [] ? finish_task_switch+0x7d/0xa6 +[ 2716.476035] [] ? do_notify_resume+0x20/0x5d +[ 2716.476035] [] ? retint_signal+0x3d/0x78 +[ 2716.476035] ---[ end trace 827178d8a5966c3d ]--- + +Reported-by: Vince Weaver +Signed-off-by: Jiri Olsa +Cc: Corey Ashford +Cc: Frederic Weisbecker +Cc: Ingo Molnar +Cc: Namhyung Kim +Cc: Paul Mackerras +Cc: Arnaldo Carvalho de Melo +Signed-off-by: Peter Zijlstra +Link: http://lkml.kernel.org/r/1373384651-6109-1-git-send-email-jolsa@redhat.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/events/core.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/kernel/events/core.c ++++ b/kernel/events/core.c +@@ -7064,7 +7064,7 @@ inherit_task_group(struct perf_event *ev + * child. + */ + +- child_ctx = alloc_perf_context(event->pmu, child); ++ child_ctx = alloc_perf_context(parent_ctx->pmu, child); + if (!child_ctx) + return -ENOMEM; + diff --git a/queue-3.0/perf-fix-perf_lock_task_context-vs-rcu.patch b/queue-3.0/perf-fix-perf_lock_task_context-vs-rcu.patch new file mode 100644 index 00000000000..7634e94d265 --- /dev/null +++ b/queue-3.0/perf-fix-perf_lock_task_context-vs-rcu.patch @@ -0,0 +1,88 @@ +From 058ebd0eba3aff16b144eabf4510ed9510e1416e Mon Sep 17 00:00:00 2001 +From: Peter Zijlstra +Date: Fri, 12 Jul 2013 11:08:33 +0200 +Subject: perf: Fix perf_lock_task_context() vs RCU + +From: Peter Zijlstra + +commit 058ebd0eba3aff16b144eabf4510ed9510e1416e upstream. + +Jiri managed to trigger this warning: + + [] ====================================================== + [] [ INFO: possible circular locking dependency detected ] + [] 3.10.0+ #228 Tainted: G W + [] ------------------------------------------------------- + [] p/6613 is trying to acquire lock: + [] (rcu_node_0){..-...}, at: [] rcu_read_unlock_special+0xa7/0x250 + [] + [] but task is already holding lock: + [] (&ctx->lock){-.-...}, at: [] perf_lock_task_context+0xd9/0x2c0 + [] + [] which lock already depends on the new lock. + [] + [] the existing dependency chain (in reverse order) is: + [] + [] -> #4 (&ctx->lock){-.-...}: + [] -> #3 (&rq->lock){-.-.-.}: + [] -> #2 (&p->pi_lock){-.-.-.}: + [] -> #1 (&rnp->nocb_gp_wq[1]){......}: + [] -> #0 (rcu_node_0){..-...}: + +Paul was quick to explain that due to preemptible RCU we cannot call +rcu_read_unlock() while holding scheduler (or nested) locks when part +of the read side critical section was preemptible. + +Therefore solve it by making the entire RCU read side non-preemptible. + +Also pull out the retry from under the non-preempt to play nice with RT. + +Reported-by: Jiri Olsa +Helped-out-by: Paul E. McKenney +Signed-off-by: Peter Zijlstra +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/events/core.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +--- a/kernel/events/core.c ++++ b/kernel/events/core.c +@@ -651,8 +651,18 @@ perf_lock_task_context(struct task_struc + { + struct perf_event_context *ctx; + +- rcu_read_lock(); + retry: ++ /* ++ * One of the few rules of preemptible RCU is that one cannot do ++ * rcu_read_unlock() while holding a scheduler (or nested) lock when ++ * part of the read side critical section was preemptible -- see ++ * rcu_read_unlock_special(). ++ * ++ * Since ctx->lock nests under rq->lock we must ensure the entire read ++ * side critical section is non-preemptible. ++ */ ++ preempt_disable(); ++ rcu_read_lock(); + ctx = rcu_dereference(task->perf_event_ctxp[ctxn]); + if (ctx) { + /* +@@ -668,6 +678,8 @@ retry: + raw_spin_lock_irqsave(&ctx->lock, *flags); + if (ctx != rcu_dereference(task->perf_event_ctxp[ctxn])) { + raw_spin_unlock_irqrestore(&ctx->lock, *flags); ++ rcu_read_unlock(); ++ preempt_enable(); + goto retry; + } + +@@ -677,6 +689,7 @@ retry: + } + } + rcu_read_unlock(); ++ preempt_enable(); + return ctx; + } + diff --git a/queue-3.0/perf-remove-warn_on_once-check-in-__perf_event_enable-for-valid-scenario.patch b/queue-3.0/perf-remove-warn_on_once-check-in-__perf_event_enable-for-valid-scenario.patch new file mode 100644 index 00000000000..a28acb3ae87 --- /dev/null +++ b/queue-3.0/perf-remove-warn_on_once-check-in-__perf_event_enable-for-valid-scenario.patch @@ -0,0 +1,97 @@ +From 06f417968beac6e6b614e17b37d347aa6a6b1d30 Mon Sep 17 00:00:00 2001 +From: Jiri Olsa +Date: Tue, 9 Jul 2013 17:44:11 +0200 +Subject: perf: Remove WARN_ON_ONCE() check in __perf_event_enable() for valid scenario + +From: Jiri Olsa + +commit 06f417968beac6e6b614e17b37d347aa6a6b1d30 upstream. + +The '!ctx->is_active' check has a valid scenario, so +there's no need for the warning. + +The reason is that there's a time window between the +'ctx->is_active' check in the perf_event_enable() function +and the __perf_event_enable() function having: + + - IRQs on + - ctx->lock unlocked + +where the task could be killed and 'ctx' deactivated by +perf_event_exit_task(), ending up with the warning below. + +So remove the WARN_ON_ONCE() check and add comments to +explain it all. + +This addresses the following warning reported by Vince Weaver: + +[ 324.983534] ------------[ cut here ]------------ +[ 324.984420] WARNING: at kernel/events/core.c:1953 __perf_event_enable+0x187/0x190() +[ 324.984420] Modules linked in: +[ 324.984420] CPU: 19 PID: 2715 Comm: nmi_bug_snb Not tainted 3.10.0+ #246 +[ 324.984420] Hardware name: Supermicro X8DTN/X8DTN, BIOS 4.6.3 01/08/2010 +[ 324.984420] 0000000000000009 ffff88043fce3ec8 ffffffff8160ea0b ffff88043fce3f00 +[ 324.984420] ffffffff81080ff0 ffff8802314fdc00 ffff880231a8f800 ffff88043fcf7860 +[ 324.984420] 0000000000000286 ffff880231a8f800 ffff88043fce3f10 ffffffff8108103a +[ 324.984420] Call Trace: +[ 324.984420] [] dump_stack+0x19/0x1b +[ 324.984420] [] warn_slowpath_common+0x70/0xa0 +[ 324.984420] [] warn_slowpath_null+0x1a/0x20 +[ 324.984420] [] __perf_event_enable+0x187/0x190 +[ 324.984420] [] remote_function+0x40/0x50 +[ 324.984420] [] generic_smp_call_function_single_interrupt+0xbe/0x130 +[ 324.984420] [] smp_call_function_single_interrupt+0x27/0x40 +[ 324.984420] [] call_function_single_interrupt+0x6f/0x80 +[ 324.984420] [] ? _raw_spin_unlock_irqrestore+0x41/0x70 +[ 324.984420] [] perf_event_exit_task+0x14d/0x210 +[ 324.984420] [] ? switch_task_namespaces+0x24/0x60 +[ 324.984420] [] do_exit+0x2b6/0xa40 +[ 324.984420] [] ? _raw_spin_unlock_irq+0x2c/0x30 +[ 324.984420] [] do_group_exit+0x49/0xc0 +[ 324.984420] [] get_signal_to_deliver+0x254/0x620 +[ 324.984420] [] do_signal+0x57/0x5a0 +[ 324.984420] [] ? __do_page_fault+0x2a4/0x4e0 +[ 324.984420] [] ? retint_restore_args+0xe/0xe +[ 324.984420] [] ? retint_signal+0x11/0x84 +[ 324.984420] [] do_notify_resume+0x65/0x80 +[ 324.984420] [] retint_signal+0x46/0x84 +[ 324.984420] ---[ end trace 442ec2f04db3771a ]--- + +Reported-by: Vince Weaver +Signed-off-by: Jiri Olsa +Suggested-by: Peter Zijlstra +Cc: Corey Ashford +Cc: Frederic Weisbecker +Cc: Ingo Molnar +Cc: Namhyung Kim +Cc: Paul Mackerras +Cc: Arnaldo Carvalho de Melo +Signed-off-by: Peter Zijlstra +Link: http://lkml.kernel.org/r/1373384651-6109-2-git-send-email-jolsa@redhat.com +Signed-off-by: Ingo Molnar +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/events/core.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +--- a/kernel/events/core.c ++++ b/kernel/events/core.c +@@ -1616,7 +1616,16 @@ static int __perf_event_enable(void *inf + struct perf_cpu_context *cpuctx = __get_cpu_context(ctx); + int err; + +- if (WARN_ON_ONCE(!ctx->is_active)) ++ /* ++ * There's a time window between 'ctx->is_active' check ++ * in perf_event_enable function and this place having: ++ * - IRQs on ++ * - ctx->lock unlocked ++ * ++ * where the task could be killed and 'ctx' deactivated ++ * by perf_event_exit_task. ++ */ ++ if (!ctx->is_active) + return -EINVAL; + + raw_spin_lock(&ctx->lock); diff --git a/queue-3.0/series b/queue-3.0/series index cf0d14fe9c4..44cbc279463 100644 --- a/queue-3.0/series +++ b/queue-3.0/series @@ -4,3 +4,6 @@ rt2x00-read-5ghz-tx-power-values-from-the-correct-offset.patch scsi-zfcp-fix-adapter-re-open-recovery-while-link-to-san-is-down.patch scsi-mpt2sas-fix-firmware-failure-with-wrong-task-attribute.patch tracing-use-current_uid-for-critical-time-tracing.patch +perf-clone-child-context-from-parent-context-pmu.patch +perf-remove-warn_on_once-check-in-__perf_event_enable-for-valid-scenario.patch +perf-fix-perf_lock_task_context-vs-rcu.patch -- 2.47.3