Re: [PATCH 2/5] perf: Destroy event's children on task exit

From: Peter Zijlstra
Date: Tue Jul 15 2014 - 05:11:23 EST

Next message: Klemen Jan Enova: "[PATCH] scripts: sortextable: change type and initialise variable"
Previous message: Li, ZhenHua: "Re: [PATCH 1/1] driver/tty: Fix a warning in check_tty_count"
In reply to: Jiri Olsa: "Re: [PATCH 2/5] perf: Destroy event's children on task exit"
Next in thread: Jiri Olsa: "Re: [PATCH 2/5] perf: Destroy event's children on task exit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 14, 2014 at 10:18:54PM +0200, Jiri Olsa wrote:
> On Mon, Jul 14, 2014 at 01:18:33PM +0200, Peter Zijlstra wrote:
> > On Fri, Jul 11, 2014 at 01:56:19PM +0200, Jiri Olsa wrote:
> > > From: Jiri Olsa <jolsa@xxxxxxxxxx>

> > > +static void perf_event_exit_children(struct perf_event *parent)
> > > +{
> > > + struct perf_event *child, *tmp;
> > > +
> > > + mutex_lock(&parent->child_mutex);
> > > + list_for_each_entry_safe(child, tmp, &parent->child_list,
> > > + child_list) {
> > > + struct perf_event_context *child_ctx = child->ctx;
> > > +
> > > + /*
> > > + * Child events got removed from child_list under
> > > + * child_mutex and then freed. So it's safe to access
> > > + * childs context in here, because the child holds
> > > + * context ref.
> > > + */
> > > + mutex_lock(&child_ctx->mutex);
> > > + perf_remove_from_context(child, true);
> > > + mutex_unlock(&child_ctx->mutex);
> > > +
> > > + list_del_init(&child->child_list);
> > > + put_event(parent);
> > > + free_event(child);
> > > + }
> > > + mutex_unlock(&parent->child_mutex);
> > > +}

> > I don't think this is correct, perf_event_init_context() can come in
> > concurrently and the first place it runs into ->child_mutex is after its
> > already allocated and created the (first) child event.
>
> just noticed this.. I'm working on the other version we decide, but FWIW
> there's also mutex_lock(&child_ctx->mutex); before removing the context,
> that should protect it against perf_event_init_context call

Oh, more fail :-)

You have:

perf_event::child_mutex
perf_event_context::mutex

The existing code has:

perf_event_context::mutex
perf_event::child_context

See for example:

perf_event_init_context()
mutex_lock(&parent_ctx->mutex)
inherit_task_group()
inherit_group()
inherit_event()
mutex_lock(&parent_event->child_mutex)

and

perf_event_for_each()
mutex_lock(&ctx->mutex)
perf_event_for_each_child()
mutex_lock(&event->child_mutex)

So the patch creates an AB-BA deadlock.

Attachment: pgpMeeXi9p3S5.pgp
Description: PGP signature

Next message: Klemen Jan Enova: "[PATCH] scripts: sortextable: change type and initialise variable"
Previous message: Li, ZhenHua: "Re: [PATCH 1/1] driver/tty: Fix a warning in check_tty_count"
In reply to: Jiri Olsa: "Re: [PATCH 2/5] perf: Destroy event's children on task exit"
Next in thread: Jiri Olsa: "Re: [PATCH 2/5] perf: Destroy event's children on task exit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]