[PATCH v2 1/2] perf: arm_spe: Correct setting the PERF_HES_STOPPED flag
Will Deacon
will at kernel.org
Mon Nov 24 11:02:06 PST 2025
On Mon, Nov 24, 2025 at 06:48:15PM +0000, Leo Yan wrote:
> On Mon, Nov 24, 2025 at 04:14:23PM +0000, Will Deacon wrote:
> > On Mon, Nov 10, 2025 at 04:28:31PM +0000, Leo Yan wrote:
> > > In arm_spe_perf_aux_output_begin(), if the calculation of limit fails
> > > and arm_spe_pmu_next_off() returns zero, the driver misses to set the
> > > PERF_HES_STOPPED flag for the event. As a result, hwc->state does not
> > > reflect the latest state, which can mislead subsequent operations.
> > >
> > > Validate the limit when exiting the function: if the limit is 0,
> > > that tracing is disabled, set the PERF_HES_STOPPED flag accordingly.
> > >
> > > Fixes: d5d9696b0380 ("drivers/perf: Add support for ARMv8.2 Statistical Profiling Extension")
> > > Signed-off-by: Leo Yan <leo.yan at arm.com>
> > > ---
> > > drivers/perf/arm_spe_pmu.c | 9 ++++++---
> > > 1 file changed, 6 insertions(+), 3 deletions(-)
> > >
> > > diff --git a/drivers/perf/arm_spe_pmu.c b/drivers/perf/arm_spe_pmu.c
> > > index fa50645feddadbea5dc1e404f80f62cf5aa96fd4..fc8f908c2c3a270f2d1ae574c2badb1fbcf51484 100644
> > > --- a/drivers/perf/arm_spe_pmu.c
> > > +++ b/drivers/perf/arm_spe_pmu.c
> > > @@ -597,7 +597,6 @@ static void arm_spe_perf_aux_output_begin(struct perf_output_handle *handle,
> > > /* Start a new aux session */
> > > buf = perf_aux_output_begin(handle, event);
> > > if (!buf) {
> > > - event->hw.state |= PERF_HES_STOPPED;
> > > /*
> > > * We still need to clear the limit pointer, since the
> > > * profiler might only be disabled by virtue of a fault.
> > > @@ -608,15 +607,19 @@ static void arm_spe_perf_aux_output_begin(struct perf_output_handle *handle,
> > >
> > > limit = buf->snapshot ? arm_spe_pmu_next_snapshot_off(handle)
> > > : arm_spe_pmu_next_off(handle);
> > > - if (limit)
> > > - limit |= PMBLIMITR_EL1_E;
> > > + if (!limit)
> > > + goto out_write_limit;
> >
> > Is 'limit == 0' always indicative of an error, even in snapshot mode?
>
> Yes, the 'limit' would never be zero unless an error occurs.
>
> > If __arm_spe_pmu_next_off() fails, it will call perf_aux_output_end()
> > with the TRUNCATED flag set, which should then disable the event
> > via arm_spe_pmu_del() and update the state there.
> >
> > Is that not happening?
>
> Correct. However, this patch is not for the flow you mentioned.
How is it not for this flow? You're talking about:
arm_spe_pmu_start
=> arm_spe_perf_aux_output_begin
=> arm_spe_pmu_next_off // Returns error
The only way arm_spe_pmu_next_off() returns an error is if
__arm_spe_pmu_next_off() fails, and that's the flow I'm talking about.
> If an error is returned from arm_spe_pmu_next_off(), because hw.state
> is not set to PERF_HES_STOPPED, the caller arm_spe_pmu_start() cannot
> detect error properly:
But why isn't PERF_HES_STOPPED set by the sequence I described?
I have a feeling you're right, but I can't piece it together from the
information here.
Will
More information about the linux-arm-kernel
mailing list