Re: perf: aux area related crash and warnings

[Alexander Shishkin]

Ingo Molnar <mingo@xxxxxxxxxx> writes:

> * Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx> wrote:
>
>> +void rb_free_aux(struct ring_buffer *rb)
>> +{
>> +	/*
>> +	 * hold rb::refcount to make sure rb doesn't disappear
>> +	 * before aux pages are freed
>> +	 */
>> +	if (WARN_ON_ONCE(!atomic_inc_not_zero(&rb->refcount)))
>> +		return;
>> +
>> +	if (atomic_dec_and_test(&rb->aux_refcount))
>> +		call_rcu(&rb->rcu_head, rb_free_rcu);
>> +	else
>> +		ring_buffer_put(rb);	/* matches the increment above */
>
> Is call_rcu() NMI-safe? I don't think so ...

Actually, we couldn't establish that without Paul's help.

> I think the life time rules of this object are really messed up if
> they can be freed from any fast path. How come the freeing can happen
> in NMI context?

We ended up like this because we didn't want to stop the event once its
AUX area gets unmapped, to be consistent with the behavior of normal
perf events [1]. And somehow I completely missed the fact that this
means freeing stuff in fast path.

> Shouldn't the hardware first stop, then we can free things from the system call 
> path, or so?

Yes, that's how we'll do it.

[1] http://marc.info/?l=linux-kernel&m=141017607804348

Regards,
--
Alex
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/