• A
    powerpc/perf: Fix kfree memory allocated for nest pmus · 110df8bd
    Anju T Sudhakar 提交于
    imc_common_cpuhp_mem_free() is the common function for all
    IMC (In-memory Collection counters) domains to unregister cpuhotplug
    callback and free memory. Since kfree of memory allocated for
    nest-imc (per_nest_pmu_arr) is in the common code, all
    domains (core/nest/thread) can do the kfree in the failure case.
    
    This could potentially create a call trace as shown below, where
    core(/thread/nest) imc pmu initialization fails and in the failure
    path imc_common_cpuhp_mem_free() free the memory(per_nest_pmu_arr),
    which is allocated by successfully registered nest units.
    
    The call trace is generated in a scenario where core-imc
    initialization is made to fail and a cpuhotplug is performed in a p9
    system. During cpuhotplug ppc_nest_imc_cpu_offline() tries to access
    per_nest_pmu_arr, which is already freed by core-imc.
    
      NIP [c000000000cb6a94] mutex_lock+0x34/0x90
      LR [c000000000cb6a88] mutex_lock+0x28/0x90
      Call Trace:
        mutex_lock+0x28/0x90 (unreliable)
        perf_pmu_migrate_context+0x90/0x3a0
        ppc_nest_imc_cpu_offline+0x190/0x1f0
        cpuhp_invoke_callback+0x160/0x820
        cpuhp_thread_fun+0x1bc/0x270
        smpboot_thread_fn+0x250/0x290
        kthread+0x1a8/0x1b0
        ret_from_kernel_thread+0x5c/0x74
    
    To address this scenario do the kfree(per_nest_pmu_arr) only in case
    of nest-imc initialization failure, and when there is no other nest
    units registered.
    
    Fixes: 73ce9aec ("powerpc/perf: Fix IMC_MAX_PMU macro")
    Signed-off-by: NAnju T Sudhakar <anju@linux.vnet.ibm.com>
    Reviewed-by: NMadhavan Srinivasan <maddy@linux.vnet.ibm.com>
    Signed-off-by: NMichael Ellerman <mpe@ellerman.id.au>
    110df8bd
imc-pmu.c 33.9 KB