From 0fa6b44e14687a3d21fd55003157d06ef5f70327 Mon Sep 17 00:00:00 2001 From: Guixin Liu Date: Wed, 15 Apr 2026 16:22:07 +0800 Subject: [PATCH] anolis: perf/x86/intel/uncore: Re-register PMU on PCI device hot-add MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ANBZ: #33246 When an uncore PCI device is removed and then rescanned back, the PMU and its associated box are unregistered during removal but never re-registered during the rescan. This causes a NULL pointer dereference (on box) when the device is removed again. Reproduction steps: 1. Boot the system with uncore PCI devices enumerated 2. Remove an uncore PCI device (e.g., via sysfs or physical removal) - BUS_NOTIFY_DEL_DEVICE triggers uncore_pci_pmu_unregister() - pmu->boxes[die] is set to NULL and the box is freed 3. Rescan the PCI bus to re-enumerate the device - The PCI device appears again, but uncore does not re-register the PMU/box because uncore_pci_pmus_register() only runs during module initialization, not on PCI hotplug events 4. Remove the device again - BUS_NOTIFY_DEL_DEVICE triggers uncore_pci_pmu_unregister() - box = pmu->boxes[die] returns NULL → BUG() / crash Root cause: The uncore subsystem only registers PMUs and boxes during module initialization (uncore_pci_pmus_register). It does not handle PCI hotplug/rescan events to re-register PMUs when devices reappear. Fix: Extend the uncore PCI bus notifier to handle BUS_NOTIFY_ADD_DEVICE events. When a previously-registered uncore PCI device is re-added, call uncore_pci_pmu_register() to recreate the box and restore the PMU state. This ensures that subsequent removal operations work correctly. Fixes: 42839ef4a20a ("perf/x86/intel/uncore: Generic support for the PCI type of uncore blocks") Signed-off-by: Guixin Liu --- arch/x86/events/intel/uncore.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/arch/x86/events/intel/uncore.c b/arch/x86/events/intel/uncore.c index 56ad62097c80..5828ea96cd24 100644 --- a/arch/x86/events/intel/uncore.c +++ b/arch/x86/events/intel/uncore.c @@ -1281,8 +1281,7 @@ static int uncore_bus_notify(struct notifier_block *nb, struct intel_uncore_pmu *pmu; int die; - /* Unregister the PMU when the device is going to be deleted. */ - if (action != BUS_NOTIFY_DEL_DEVICE) + if (action != BUS_NOTIFY_DEL_DEVICE && action != BUS_NOTIFY_ADD_DEVICE) return NOTIFY_DONE; pmu = uncore_pci_find_dev_pmu(pdev, ids); @@ -1292,7 +1291,16 @@ static int uncore_bus_notify(struct notifier_block *nb, if (uncore_pci_get_dev_die_info(pdev, &die)) return NOTIFY_DONE; - uncore_pci_pmu_unregister(pmu, die); + switch (action) { + case BUS_NOTIFY_DEL_DEVICE: + uncore_pci_pmu_unregister(pmu, die); + break; + case BUS_NOTIFY_ADD_DEVICE: + uncore_pci_pmu_register(pdev, pmu->type, pmu, die); + break; + default: + return NOTIFY_DONE; + } return NOTIFY_OK; } -- Gitee