Re: [PATCH] x86/virt: Fix RCU lockdep splat in emergency virt callback path

Next message: Rob Herring (Arm): "Re: [PATCH 2/4] Revert &quot;dt-bindings: display: bridge: ldb: Fill in reg property&quot;"
Previous message: Song Liu: "Re: [PATCH v2 1/2] bpf: add bpf_init_inode_xattr kfunc for atomic inode labeling"
In reply to: Mikhail Gavrilov: "Re: [PATCH] x86/virt: Fix RCU lockdep splat in emergency virt callback path"
Next in thread: Sean Christopherson: "Re: [PATCH] x86/virt: Fix RCU lockdep splat in emergency virt callback path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Mikhail Gavrilov

Date: Mon May 04 2026 - 17:40:41 EST

On Mon, May 4, 2026 at 11:50 PM Mikhail Gavrilov
<mikhail.v.gavrilov@xxxxxxxxx> wrote:
>
> What direction would you prefer? I'm happy to spin v2 as needed.
>

After looking at how other places in the kernel handle this — kernel/notifier.c,
kernel/cgroup/cgroup.c, kernel/fork.c, kernel/sched/fair.c all use
rcu_dereference_raw() when the caller has context-specific knowledge that
makes lockdep checks inappropriate.

I'll send v2 using rcu_dereference_raw() with a comment explaining the
panic-context reasoning. The diff would look like:

/*
* The crashing CPU may be outside RCU's watching set in panic context.
* Use rcu_dereference_raw() to avoid lockdep complaints — the writers
* (KVM module load/unload) cannot run during emergency virt callback
* invocation, so the pointer is effectively stable here.
*/
kvm_callback = rcu_dereference_raw(kvm_emergency_callback);

Let me know if you'd prefer a different approach (option (b) from my
previous mail — converting away from RCU entirely — is a bigger change
but I can do that instead).

--
Best Regards,
Mike Gavrilov.