iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel
History
Peter Zijlstra c127449944 perf: Fix race in perf_event_exec() 
I managed to tickle this warning:

  [ 2338.884942] ------------[ cut here ]------------
  [ 2338.890112] WARNING: CPU: 13 PID: 35162 at ../kernel/events/core.c:2702 task_ctx_sched_out+0x6b/0x80()
  [ 2338.900504] Modules linked in:
  [ 2338.903933] CPU: 13 PID: 35162 Comm: bash Not tainted 4.4.0-rc4-dirty #244
  [ 2338.911610] Hardware name: Intel Corporation S2600GZ/S2600GZ, BIOS SE5C600.86B.02.02.0002.122320131210 12/23/2013
  [ 2338.923071]  ffffffff81f1468e ffff8807c6457cb8 ffffffff815c680c 0000000000000000
  [ 2338.931382]  ffff8807c6457cf0 ffffffff810c8a56 ffffe8ffff8c1bd0 ffff8808132ed400
  [ 2338.939678]  0000000000000286 ffff880813170380 ffff8808132ed400 ffff8807c6457d00
  [ 2338.947987] Call Trace:
  [ 2338.950726]  [<ffffffff815c680c>] dump_stack+0x4e/0x82
  [ 2338.956474]  [<ffffffff810c8a56>] warn_slowpath_common+0x86/0xc0
  [ 2338.963195]  [<ffffffff810c8b4a>] warn_slowpath_null+0x1a/0x20
  [ 2338.969720]  [<ffffffff811a49cb>] task_ctx_sched_out+0x6b/0x80
  [ 2338.976244]  [<ffffffff811a62d2>] perf_event_exec+0xe2/0x180
  [ 2338.982575]  [<ffffffff8121fb6f>] setup_new_exec+0x6f/0x1b0
  [ 2338.988810]  [<ffffffff8126de83>] load_elf_binary+0x393/0x1660
  [ 2338.995339]  [<ffffffff811dc772>] ? get_user_pages+0x52/0x60
  [ 2339.001669]  [<ffffffff8121e297>] search_binary_handler+0x97/0x200
  [ 2339.008581]  [<ffffffff8121f8b3>] do_execveat_common.isra.33+0x543/0x6e0
  [ 2339.016072]  [<ffffffff8121fcea>] SyS_execve+0x3a/0x50
  [ 2339.021819]  [<ffffffff819fc165>] stub_execve+0x5/0x5
  [ 2339.027469]  [<ffffffff819fbeb2>] ? entry_SYSCALL_64_fastpath+0x12/0x71
  [ 2339.034860] ---[ end trace ee1337c59a0ddeac ]---

Which is a WARN_ON_ONCE() indicating that cpuctx->task_ctx is not
what we expected it to be.

This is because context switches can swap the task_struct::perf_event_ctxp[]
pointer around. Therefore you have to either disable preemption when looking
at current, or hold ctx->lock.

Fix perf_event_enable_on_exec(), it loads current->perf_event_ctxp[]
before disabling interrupts, therefore a preemption in the right place
can swap contexts around and we're using the wrong one.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Potapenko <glider@google.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Kostya Serebryany <kcc@google.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Cc: syzkaller <syzkaller@googlegroups.com>
Link: http://lkml.kernel.org/r/20151210195740.GG6357@twins.programming.kicks-ass.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-01-06 10:52:38 +01:00
..
bpf
bpf, verifier: annotate verbose printer with __printf
2015-11-03 11:29:56 -05:00
configs
kconfig: add xenconfig defconfig helper
2015-06-16 11:04:29 +01:00
debug
debug: prevent entering debug mode on panic/exception.
2015-02-19 12:39:03 -06:00
events
perf: Fix race in perf_event_exec()
2016-01-06 10:52:38 +01:00
gcov
gcov: add support for GCC 5.1
2015-06-30 19:44:57 -07:00
irq
Merge branches 'irq-urgent-for-linus' and 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2015-11-15 09:30:48 -08:00
livepatch
livepatch: x86: fix relocation computation with kASLR
2015-11-11 17:36:04 +01:00
locking
treewide: Remove old email address
2015-11-23 09:44:58 +01:00
power
mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIM
2015-11-06 17:50:42 -08:00
printk
printk: prevent userland from spoofing kernel messages
2015-11-06 17:50:42 -08:00
rcu
Merge branches 'doc.2015.10.06a', 'percpu-rwsem.2015.10.06a' and 'torture.2015.10.06a' into HEAD
2015-10-07 16:06:25 -07:00
sched
treewide: Remove old email address
2015-11-23 09:44:58 +01:00
time
Merge branches 'irq-urgent-for-linus' and 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2015-11-15 09:30:48 -08:00
trace
treewide: Remove old email address
2015-11-23 09:44:58 +01:00
.gitignore
certs: add .gitignore to stop git nagging about x509_certificate_list
2015-10-21 15:18:35 +01:00
acct.c
acct: check FMODE_CAN_WRITE
2015-04-11 22:27:55 -04:00
async.c
audit_fsnotify.c
audit: clean simple fsnotify implementation
2015-08-06 16:14:53 -04:00
audit_tree.c
audit: audit_tree_match can be boolean
2015-11-04 08:23:51 -05:00
audit_watch.c
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit
2015-09-08 13:34:59 -07:00
audit.c
mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd
2015-11-06 17:50:42 -08:00
audit.h
audit: audit_tree_match can be boolean
2015-11-04 08:23:51 -05:00
auditfilter.c
audit: fix comment block whitespace
2015-11-04 08:23:51 -05:00
auditsc.c
Merge branch 'upstream' of git://git.infradead.org/users/pcmoore/audit
2015-09-08 13:34:59 -07:00
backtracetest.c
bounds.c
capability.c
kernel: conditionally support non-root users, groups and capabilities
2015-04-15 16:35:22 -07:00
cgroup_freezer.c
cgroup: allow a cgroup subsystem to reject a fork
2015-07-14 17:29:23 -04:00
cgroup_pids.c
cgroup: add cgroup_subsys->free() method and use it to fix pids controller
2015-10-15 16:41:53 -04:00
cgroup.c
mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd
2015-11-06 17:50:42 -08:00
compat.c
compat: cleanup coding in compat_get_bitmap() and compat_put_bitmap()
2015-06-04 23:57:18 +02:00
configs.c
context_tracking.c
context_tracking: avoid irq_save/irq_restore on guest entry and exit
2015-11-10 12:06:23 +01:00
cpu_pm.c
kernel/cpu_pm: fix cpu_cluster_pm_exit comment
2015-09-03 02:42:20 +02:00
cpu.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2015-11-03 18:03:50 -08:00
cpuset.c
Merge branch 'akpm' (patches from Andrew)
2015-11-05 23:10:54 -08:00
crash_dump.c
cred.c
kernel/cred.c: remove unnecessary kdebug atomic reads
2015-09-10 13:29:01 -07:00
delayacct.c
dma.c
elfcore.c
exec_domain.c
Remove rest of exec domains.
2015-04-12 21:03:31 +02:00
exit.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2015-11-03 18:03:50 -08:00
extable.c
kernel/extable.c: remove duplicated include
2015-09-10 13:29:01 -07:00
fork.c
Merge branch 'akpm' (patches from Andrew)
2015-11-05 23:10:54 -08:00
freezer.c
freezer: remove obsolete comments in __thaw_task()
2014-10-21 23:44:20 +02:00
futex_compat.c
futex.c
driver core update for 4.4-rc1
2015-11-04 21:50:37 -08:00
groups.c
kernel: conditionally support non-root users, groups and capabilities
2015-04-15 16:35:22 -07:00
hung_task.c
kernel/hung_task.c: change hung_task.c to use for_each_process_thread()
2015-04-15 16:35:22 -07:00
irq_work.c
treewide: Remove old email address
2015-11-23 09:44:58 +01:00
jump_label.c
treewide: Remove old email address
2015-11-23 09:44:58 +01:00
kallsyms.c
kernel/kallsyms.c: use __seq_open_private()
2014-10-14 02:18:16 +02:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
locking/qrwlock: Rename QUEUE_RWLOCK to QUEUED_RWLOCKS
2015-05-12 09:46:00 +02:00
Kconfig.preempt
kexec_core.c
kexec: use file name as the output message prefix
2015-11-06 17:50:42 -08:00
kexec_file.c
kexec: use file name as the output message prefix
2015-11-06 17:50:42 -08:00
kexec_internal.h
kexec: split kexec_file syscall code to kexec_file.c
2015-09-10 13:29:01 -07:00
kexec.c
kexec: use file name as the output message prefix
2015-11-06 17:50:42 -08:00
kmod.c
kmod: don't run async usermode helper as a child of kworker thread
2015-10-23 17:55:10 +09:00
kprobes.c
perf/x86/hw_breakpoints: Disallow kernel breakpoints unless kprobe-safe
2015-08-04 10:16:54 +02:00
ksysfs.c
kexec: split kexec_load syscall from kexec core code
2015-09-10 13:29:01 -07:00
kthread.c
kernel/kthread.c:kthread_create_on_node(): clarify documentation
2015-09-04 16:54:41 -07:00
latencytop.c
Makefile
sys_membarrier(): system-wide memory barrier (generic, x86)
2015-09-11 15:21:34 -07:00
membarrier.c
sys_membarrier(): system-wide memory barrier (generic, x86)
2015-09-11 15:21:34 -07:00
memremap.c
libnvdimm for 4.4:
2015-11-10 12:07:22 -08:00
module_signing.c
KEYS: Merge the type-specific data with the payload data
2015-10-21 15:18:36 +01:00
module-internal.h
module.c
module: Fix locking in symbol_put_addr()
2015-08-24 10:37:01 +09:30
notifier.c
Merge branch 'x86-asm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2015-09-01 08:40:25 -07:00
nsproxy.c
bury struct proc_ns in fs/proc
2014-12-04 14:34:54 -05:00
padata.c
padata: use %*pb[l] to print bitmaps including cpumasks and nodemasks
2015-02-13 21:21:38 -08:00
panic.c
kernel/panic.c: turn off locks debug before releasing console lock
2015-11-20 16:17:32 -08:00
params.c
Nothing exciting, minor tweaks and cleanups.
2015-11-09 15:53:39 -08:00
pid_namespace.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-12-16 15:53:03 -08:00
pid.c
rcu: Rename rcu_lockdep_assert() to RCU_LOCKDEP_WARN()
2015-07-22 15:27:32 -07:00
profile.c
mm: rename alloc_pages_exact_node() to __alloc_pages_node()
2015-09-08 15:35:28 -07:00
ptrace.c
seccomp, ptrace: add support for dumping seccomp filters
2015-10-27 19:55:13 -07:00
range.c
kernel: avoid overflow in cmp_range
2015-01-17 10:02:23 +13:00
reboot.c
kexec: split kexec_load syscall from kexec core code
2015-09-10 13:29:01 -07:00
relay.c
kernel/relay.c: use kvfree() in relay_free_page_array()
2015-06-30 19:44:59 -07:00
resource.c
mm: enhance region_is_ram() to region_intersects()
2015-08-10 23:07:05 -04:00
seccomp.c
seccomp, ptrace: add support for dumping seccomp filters
2015-10-27 19:55:13 -07:00
signal.c
kernel/signal.c: unexport sigsuspend()
2015-11-20 16:17:32 -08:00
smp.c
mm, page_alloc: distinguish between being unable to sleep, unwilling to sleep and avoiding waking kswapd
2015-11-06 17:50:42 -08:00
smpboot.c
stop_machine: Kill smp_hotplug_thread->pre_unpark, introduce stop_machine_unpark()
2015-10-20 10:23:55 +02:00
smpboot.h
softirq.c
Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2015-02-09 15:24:03 -08:00
stacktrace.c
stacktrace: introduce snprint_stack_trace for buffer output
2014-12-13 12:42:48 -08:00
stop_machine.c
sched: Move cpu_active() tests from stop_two_cpus() into migrate_swap_stop()
2015-10-20 10:25:56 +02:00
sys_ni.c
mm: mlock: add new mlock system call
2015-11-05 19:34:48 -08:00
sys.c
pidns: fix set/getpriority and ioprio_set/get in PRIO_USER mode
2015-11-06 17:50:42 -08:00
sysctl_binary.c
kernel: add panic_on_warn
2014-12-10 17:41:10 -08:00
sysctl.c
kernel/watchdog.c: add sysctl knob hardlockup_panic
2015-11-05 19:34:48 -08:00
task_work.c
task_work: remove fifo ordering guarantee
2015-09-05 13:46:58 -07:00
taskstats.c
netlink: make nlmsg_end() and genlmsg_end() void
2015-01-18 01:03:45 -05:00
test_kprobes.c
torture.c
torture: Consolidate cond_resched_rcu_qs() into stutter_wait()
2015-10-06 11:25:01 -07:00
tracepoint.c
tracepoint: Give priority to probes of tracepoints
2015-10-25 21:33:54 -04:00
tsacct.c
uid16.c
groups: Consolidate the setgroups permission checks
2014-12-05 17:19:27 -06:00
up.c
user_namespace.c
capabilities: ambient capabilities
2015-09-04 16:54:41 -07:00
user-return-notifier.c
user.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2014-12-17 12:31:40 -08:00
utsname_sysctl.c
utsname.c
copy address of proc_ns_ops into ns_common
2014-12-04 14:34:47 -05:00
watchdog.c
kernel/watchdog.c: fix race between proc_watchdog_thresh() and watchdog_timer_fn()
2015-11-05 19:34:48 -08:00
workqueue_internal.h
workqueue.c
Merge branch 'for-4.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
2015-11-05 14:16:27 -08:00