From: Li Zefan <lizf@cn.fujitsu.com>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>,
Ingo Molnar <mingo@elte.hu>, LKML <linux-kernel@vger.kernel.org>,
Tom Zanussi <tzanussi@gmail.com>,
Peter Zijlstra <a.p.zijlstra@chello.nl>
Subject: [PATCH v2] tracing/events: fix concurrent access to ftrace_events list
Date: Wed, 06 May 2009 13:30:09 +0800 [thread overview]
Message-ID: <4A012061.6010400@cn.fujitsu.com> (raw)
In-Reply-To: <4A00F709.3080800@cn.fujitsu.com>
A module will add/remove its trace events when it gets loaded/unloaded, so
the ftrace_events list is not "const", and concurrent access needs to be
protected.
This patch thus fixes races between loading/unloding modules and read
'available_events' or read/write 'set_event', etc.
Below shows how to reproduce the race:
# for ((; ;)) { cat /mnt/tracing/available_events; } > /dev/null &
# for ((; ;)) { insmod trace-events-sample.ko; rmmod sample; } &
After a while:
BUG: unable to handle kernel paging request at 0010011c
IP: [<c1080f27>] t_next+0x1b/0x2d
...
Call Trace:
[<c10c90e6>] ? seq_read+0x217/0x30d
[<c10c8ecf>] ? seq_read+0x0/0x30d
[<c10b4c19>] ? vfs_read+0x8f/0x136
[<c10b4fc3>] ? sys_read+0x40/0x65
[<c1002a68>] ? sysenter_do_call+0x12/0x36
Changelog v1 -> v2:
- Fix deadlock when writing invalid pred into subsystem filter.
[ Impact: fix races when concurrent accessing ftrace_events list ]
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
---
kernel/trace/trace.h | 1 +
kernel/trace/trace_event_profile.c | 19 ++++++++++++++-----
kernel/trace/trace_events.c | 20 +++++++++++---------
kernel/trace/trace_events_filter.c | 5 +++++
4 files changed, 31 insertions(+), 14 deletions(-)
diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h
index 83984ab..0bba080 100644
--- a/kernel/trace/trace.h
+++ b/kernel/trace/trace.h
@@ -827,6 +827,7 @@ static int filter_pred_##size(struct filter_pred *pred, void *event, \
return match; \
}
+extern struct mutex event_mutex;
extern struct list_head ftrace_events;
extern const char *__start___trace_bprintk_fmt[];
diff --git a/kernel/trace/trace_event_profile.c b/kernel/trace/trace_event_profile.c
index 7bf2ad6..5b5895a 100644
--- a/kernel/trace/trace_event_profile.c
+++ b/kernel/trace/trace_event_profile.c
@@ -10,21 +10,30 @@
int ftrace_profile_enable(int event_id)
{
struct ftrace_event_call *event;
+ int ret = -EINVAL;
+ mutex_lock(&event_mutex);
list_for_each_entry(event, &ftrace_events, list) {
- if (event->id == event_id)
- return event->profile_enable(event);
+ if (event->id == event_id) {
+ ret = event->profile_enable(event);
+ break;
+ }
}
+ mutex_unlock(&event_mutex);
- return -EINVAL;
+ return ret;
}
void ftrace_profile_disable(int event_id)
{
struct ftrace_event_call *event;
+ mutex_lock(&event_mutex);
list_for_each_entry(event, &ftrace_events, list) {
- if (event->id == event_id)
- return event->profile_disable(event);
+ if (event->id == event_id) {
+ event->profile_disable(event);
+ break;
+ }
}
+ mutex_unlock(&event_mutex);
}
diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c
index 72d619d..ac5b1c2 100644
--- a/kernel/trace/trace_events.c
+++ b/kernel/trace/trace_events.c
@@ -21,7 +21,7 @@
#define TRACE_SYSTEM "TRACE_SYSTEM"
-static DEFINE_MUTEX(event_mutex);
+DEFINE_MUTEX(event_mutex);
LIST_HEAD(ftrace_events);
@@ -80,6 +80,7 @@ static void ftrace_clear_events(void)
{
struct ftrace_event_call *call;
+ mutex_lock(&event_mutex);
list_for_each_entry(call, &ftrace_events, list) {
if (call->enabled) {
@@ -87,6 +88,7 @@ static void ftrace_clear_events(void)
call->unregfunc();
}
}
+ mutex_unlock(&event_mutex);
}
static void ftrace_event_enable_disable(struct ftrace_event_call *call,
@@ -274,6 +276,9 @@ t_next(struct seq_file *m, void *v, loff_t *pos)
static void *t_start(struct seq_file *m, loff_t *pos)
{
+ mutex_lock(&event_mutex);
+ if (*pos == 0)
+ m->private = ftrace_events.next;
return t_next(m, NULL, pos);
}
@@ -303,6 +308,9 @@ s_next(struct seq_file *m, void *v, loff_t *pos)
static void *s_start(struct seq_file *m, loff_t *pos)
{
+ mutex_lock(&event_mutex);
+ if (*pos == 0)
+ m->private = ftrace_events.next;
return s_next(m, NULL, pos);
}
@@ -319,12 +327,12 @@ static int t_show(struct seq_file *m, void *v)
static void t_stop(struct seq_file *m, void *p)
{
+ mutex_unlock(&event_mutex);
}
static int
ftrace_event_seq_open(struct inode *inode, struct file *file)
{
- int ret;
const struct seq_operations *seq_ops;
if ((file->f_mode & FMODE_WRITE) &&
@@ -332,13 +340,7 @@ ftrace_event_seq_open(struct inode *inode, struct file *file)
ftrace_clear_events();
seq_ops = inode->i_private;
- ret = seq_open(file, seq_ops);
- if (!ret) {
- struct seq_file *m = file->private_data;
-
- m->private = ftrace_events.next;
- }
- return ret;
+ return seq_open(file, seq_ops);
}
static ssize_t
diff --git a/kernel/trace/trace_events_filter.c b/kernel/trace/trace_events_filter.c
index 97bd140..de1f821 100644
--- a/kernel/trace/trace_events_filter.c
+++ b/kernel/trace/trace_events_filter.c
@@ -433,6 +433,7 @@ static void filter_free_subsystem_preds(struct event_subsystem *system)
filter->n_preds = 0;
}
+ mutex_lock(&event_mutex);
list_for_each_entry(call, &ftrace_events, list) {
if (!call->define_fields)
continue;
@@ -442,6 +443,7 @@ static void filter_free_subsystem_preds(struct event_subsystem *system)
remove_filter_string(call->filter);
}
}
+ mutex_unlock(&event_mutex);
}
static int filter_add_pred_fn(struct filter_parse_state *ps,
@@ -622,6 +624,7 @@ static int filter_add_subsystem_pred(struct filter_parse_state *ps,
filter->preds[filter->n_preds] = pred;
filter->n_preds++;
+ mutex_lock(&event_mutex);
list_for_each_entry(call, &ftrace_events, list) {
int err;
@@ -633,12 +636,14 @@ static int filter_add_subsystem_pred(struct filter_parse_state *ps,
err = filter_add_pred(ps, call, pred);
if (err) {
+ mutex_unlock(&event_mutex);
filter_free_subsystem_preds(system);
parse_error(ps, FILT_ERR_BAD_SUBSYS_FILTER, 0);
return err;
}
replace_filter_string(call->filter, filter_string);
}
+ mutex_unlock(&event_mutex);
return 0;
}
--
1.5.4.rc3
next prev parent reply other threads:[~2009-05-06 5:29 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-06 2:32 [PATCH 1/4] tracing/events: don't say hi when loading the trace event sample Li Zefan
2009-05-06 2:32 ` [PATCH 2/4] tracing/events: make SAMPLE_TRACE_EVENTS default to n Li Zefan
2009-05-06 12:19 ` [tip:tracing/core] " tip-bot for Li Zefan
2009-05-06 2:33 ` [PATCH 3/4] tracing/events: fix memory leak when unloading module Li Zefan
2009-05-06 2:43 ` Steven Rostedt
2009-05-06 12:19 ` [tip:tracing/core] " tip-bot for Li Zefan
2009-05-06 2:33 ` [PATCH 4/4] tracing/events: fix concurrent access to ftrace_events list Li Zefan
2009-05-06 5:27 ` Frederic Weisbecker
2009-05-06 8:40 ` Ingo Molnar
2009-05-06 5:30 ` Li Zefan [this message]
2009-05-06 12:19 ` [tip:tracing/core] " tip-bot for Li Zefan
2009-05-07 7:11 ` Li Zefan
2009-05-07 8:09 ` Ingo Molnar
2009-05-07 9:20 ` [tip:tracing/core] tracing/events: fix concurrent access to ftrace_events list, fix tip-bot for Li Zefan
2009-05-06 2:41 ` [PATCH 1/4] tracing/events: don't say hi when loading the trace event sample Steven Rostedt
2009-05-06 12:19 ` [tip:tracing/core] " tip-bot for Li Zefan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A012061.6010400@cn.fujitsu.com \
--to=lizf@cn.fujitsu.com \
--cc=a.p.zijlstra@chello.nl \
--cc=fweisbec@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=rostedt@goodmis.org \
--cc=tzanussi@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.