Received: by 10.223.164.197 with SMTP id h5csp287917wrb; Sat, 4 Nov 2017 10:54:29 -0700 (PDT) X-Google-Smtp-Source: ABhQp+TNlT21ZnFH04mANVVy9RYSxjpqRiREMWM0QkFaFZbal793FrJSY9bpXJbEDaD2N1z6uxmf X-Received: by 10.98.102.132 with SMTP id s4mr11527897pfj.168.1509818069184; Sat, 04 Nov 2017 10:54:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1509818069; cv=none; d=google.com; s=arc-20160816; b=RUUUw2CG3K9dSlXdcGxW98YlMxkKJHBfHtsN/yB3D2/RJO4IHfr8NowIgRXw7W8IXl pxv4t9QWKo1OkVdKOi+P7ShJoA7OfyP4nob3OCrq/8hwBQp10fmc6N3p1KJiH/e4Zurq uqU/cg8TxnSf0iFQUJv7yFgLr+63QlTYkH0zujYH6UZYOnwXwjNb3bwKIHR3PQTESwCk IcAksiTiYI6MmbSfkbNYKtD86hKZxUagLD3fGv9u2fsutffrzFWME9tgtnVZgl84eyeH CNoz6VwPuc478kXuo5e5M9wXx1PuJr88uL8Xa52FaRhBHXEZ15+ZVAIveeE83Vnq1+P9 5o5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:from:subject:dkim-signature :arc-authentication-results; bh=z6+h7LMYQ/y+VPGaFnDYdEJwx3FHNNj8U6nGt/zWj7w=; b=bfz1+1+Cw2UhE5ToGk5ul9NGTfyWh9DN8LrqvRV9TRGxLHLQYga3uFbeivJojag5LM k9XkCGL1x8dvwYqbA3JkeJeB4llF5VGS4E7j84JfUhOum3sBUfgRA6o6lNKCAG8ji4Vy vAS1ziXDO7BMgSWT2xzmaFwU/3AeEFdRejVfR4rebTOl1BbAiaIjydzoNb9OvmV6qSby aBeVzwtWMo15V7P2ZtKGJEeXj7UEjwfNG1GSrBj8F2DSCRzfMKwj13bz/2H1o85XHpLZ CYfHoyjTPWGnySGEqmfebmbe83rEU8Xmtb//mF0l+RcZvLqVPRj26kBamehvBpGmIfB/ XTng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel-dk.20150623.gappssmtp.com header.s=20150623 header.b=jcWqSaYU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id ba12si7523823plb.448.2017.11.04.10.54.04; Sat, 04 Nov 2017 10:54:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel-dk.20150623.gappssmtp.com header.s=20150623 header.b=jcWqSaYU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932440AbdKDRxL (ORCPT + 93 others); Sat, 4 Nov 2017 13:53:11 -0400 Received: from mail-io0-f193.google.com ([209.85.223.193]:49886 "EHLO mail-io0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932111AbdKDRxK (ORCPT ); Sat, 4 Nov 2017 13:53:10 -0400 Received: by mail-io0-f193.google.com with SMTP id n137so11753330iod.6 for ; Sat, 04 Nov 2017 10:53:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel-dk.20150623.gappssmtp.com; s=20150623; h=subject:from:to:cc:references:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=z6+h7LMYQ/y+VPGaFnDYdEJwx3FHNNj8U6nGt/zWj7w=; b=jcWqSaYUAVYPCbrQn4fBFSkb/FEASQ8RALT42GRSzaPE83dOsbeKXKalQbM0te5bJy wPz5g2QyXQkFmeDPUGOvCk0nlN3PC3ameaoTaRmQF00fOIDmE4GfM9WAjYfpJBOHPmJT 5d1QGEjSFAHSiPMGupJYpkvLzv59gSukIlQEL3kj6XSqVtFOJw6EO+yWdcrHL3qTd8XG xnhHZK2TYYwSt9zZQDC1L3I/VwJLUOXwWViXDm8Z4MAt0vnmTwP0NpzHOjtdX3LiV1OO eXW4KAqMnk8SYhngWIriWV919rNZqrsV4LF9BhNl1fOxU7oHJby5qYhl3hvcZTrfl3tE ZPhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=z6+h7LMYQ/y+VPGaFnDYdEJwx3FHNNj8U6nGt/zWj7w=; b=cXNh2LRGZ1JevjbskPtyXtnd/fCWv9181HIeDblwsPzhZNZPoIvou3hNtaOsbeBbKS mwsvOXPi9IGhzmZFhcomodh9fjGoUAdokRyirtAz7izCwO2wZoq+vBELB4dUdyqysHBD ndHrG4gXK69YeNAs5RX6yLRn/ywzykAvRriKO7Xp4QZHYMeBcdvUyZZSm0d2JpUe+Dta fBz0wiAgT4w7qybaRMfwItcOmJwKTmN5peW5ElrViXjMHGCAcexu2Pz/p0F0V2H1l2xW xnlrLwrK+eGJGHkzbVu3TrZBRqs10L93GN2Wn4Xr9buKodhTV/7pEq5Hfn25V23RmN1m rtJg== X-Gm-Message-State: AJaThX4ww2Pm6w8daosHJmWrMigzIDQAZbjwGvEvlOK2PpoN5dPktBZZ CeThLjFtjgrkplu0QPIg5Wx5eA== X-Received: by 10.107.135.166 with SMTP id r38mr13919880ioi.171.1509817989672; Sat, 04 Nov 2017 10:53:09 -0700 (PDT) Received: from [192.168.1.154] ([216.160.245.98]) by smtp.gmail.com with ESMTPSA id m137sm2397553itg.21.2017.11.04.10.53.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 04 Nov 2017 10:53:08 -0700 (PDT) Subject: Re: WARNING in tracepoint_probe_register_prio From: Jens Axboe To: Steven Rostedt Cc: syzbot , linux-kernel@vger.kernel.org, mingo@kernel.org, syzkaller-bugs@googlegroups.com, Mathieu Desnoyers References: <001a1146fbf6025d35055cb624df@google.com> <20171031182116.3e34c518@gandalf.local.home> <6d3f6847-b368-37f1-b7c5-2abbba074235@kernel.dk> <20171031191416.08aad0b4@gandalf.local.home> <96953804-88dc-f844-9051-115c649ed19c@kernel.dk> Message-ID: <73987e42-a207-1c65-29c3-ceeee6726804@kernel.dk> Date: Sat, 4 Nov 2017 11:53:07 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <96953804-88dc-f844-9051-115c649ed19c@kernel.dk> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/04/2017 11:26 AM, Jens Axboe wrote: > On 10/31/2017 05:14 PM, Steven Rostedt wrote: >> On Tue, 31 Oct 2017 16:30:41 -0600 >> Jens Axboe wrote: >> >>> This code dates back to: >>> >>> commit c71a896154119f4ca9e89d6078f5f63ad60ef199 >>> Author: Arnaldo Carvalho de Melo >>> Date: Fri Jan 23 12:06:27 2009 -0200 >>> >>> blktrace: add ftrace plugin >>> >>> so not really a recent regression :-) >> >> How many people run two instances of blktrace? ;-> >> Love fuzzers! > > The core code is fine, the bug is actually in sg which added > hooks for both doing setup/teardown and start/stop of tracing. > This was done bypassing the internal locking... > > The below should do the trick. It's a fix for this commit: > > commit 6da127ad0918f93ea93678dad62ce15ffed18797 > Author: Christof Schmitt > Date: Fri Jan 11 10:09:43 2008 +0100 > > blktrace: Add blktrace ioctls to SCSI generic devices Forgot the critical bit, updated. diff --git a/kernel/trace/blktrace.c b/kernel/trace/blktrace.c index 45a3928544ce..206e0e2ace53 100644 --- a/kernel/trace/blktrace.c +++ b/kernel/trace/blktrace.c @@ -66,7 +66,8 @@ static struct tracer_flags blk_tracer_flags = { }; /* Global reference count of probes */ -static atomic_t blk_probes_ref = ATOMIC_INIT(0); +static DEFINE_MUTEX(blk_probe_mutex); +static int blk_probes_ref; static void blk_register_tracepoints(void); static void blk_unregister_tracepoints(void); @@ -329,14 +330,29 @@ static void blk_trace_free(struct blk_trace *bt) kfree(bt); } +static void get_probe_ref(void) +{ + mutex_lock(&blk_probe_mutex); + if (++blk_probes_ref == 1) + blk_register_tracepoints(); + mutex_unlock(&blk_probe_mutex); +} + +static void put_probe_ref(void) +{ + mutex_lock(&blk_probe_mutex); + if (!--blk_probes_ref) + blk_unregister_tracepoints(); + mutex_unlock(&blk_probe_mutex); +} + static void blk_trace_cleanup(struct blk_trace *bt) { blk_trace_free(bt); - if (atomic_dec_and_test(&blk_probes_ref)) - blk_unregister_tracepoints(); + put_probe_ref(); } -int blk_trace_remove(struct request_queue *q) +static int __blk_trace_remove(struct request_queue *q) { struct blk_trace *bt; @@ -349,6 +365,17 @@ int blk_trace_remove(struct request_queue *q) return 0; } + +int blk_trace_remove(struct request_queue *q) +{ + int ret; + + mutex_lock(&q->blk_trace_mutex); + ret = __blk_trace_remove(q); + mutex_unlock(&q->blk_trace_mutex); + + return ret; +} EXPORT_SYMBOL_GPL(blk_trace_remove); static ssize_t blk_dropped_read(struct file *filp, char __user *buffer, @@ -538,8 +565,7 @@ static int do_blk_trace_setup(struct request_queue *q, char *name, dev_t dev, if (cmpxchg(&q->blk_trace, NULL, bt)) goto err; - if (atomic_inc_return(&blk_probes_ref) == 1) - blk_register_tracepoints(); + get_probe_ref(); ret = 0; err: @@ -550,9 +576,8 @@ static int do_blk_trace_setup(struct request_queue *q, char *name, dev_t dev, return ret; } -int blk_trace_setup(struct request_queue *q, char *name, dev_t dev, - struct block_device *bdev, - char __user *arg) +static int __blk_trace_setup(struct request_queue *q, char *name, dev_t dev, + struct block_device *bdev, char __user *arg) { struct blk_user_trace_setup buts; int ret; @@ -571,6 +596,19 @@ int blk_trace_setup(struct request_queue *q, char *name, dev_t dev, } return 0; } + +int blk_trace_setup(struct request_queue *q, char *name, dev_t dev, + struct block_device *bdev, + char __user *arg) +{ + int ret; + + mutex_lock(&q->blk_trace_mutex); + ret = __blk_trace_setup(q, name, dev, bdev, arg); + mutex_unlock(&q->blk_trace_mutex); + + return ret; +} EXPORT_SYMBOL_GPL(blk_trace_setup); #if defined(CONFIG_COMPAT) && defined(CONFIG_X86_64) @@ -607,7 +645,7 @@ static int compat_blk_trace_setup(struct request_queue *q, char *name, } #endif -int blk_trace_startstop(struct request_queue *q, int start) +static int __blk_trace_startstop(struct request_queue *q, int start) { int ret; struct blk_trace *bt = q->blk_trace; @@ -646,6 +684,17 @@ int blk_trace_startstop(struct request_queue *q, int start) return ret; } + +int blk_trace_startstop(struct request_queue *q, int start) +{ + int ret; + + mutex_lock(&q->blk_trace_mutex); + ret = __blk_trace_startstop(q, start); + mutex_unlock(&q->blk_trace_mutex); + + return ret; +} EXPORT_SYMBOL_GPL(blk_trace_startstop); /* @@ -676,7 +725,7 @@ int blk_trace_ioctl(struct block_device *bdev, unsigned cmd, char __user *arg) switch (cmd) { case BLKTRACESETUP: bdevname(bdev, b); - ret = blk_trace_setup(q, b, bdev->bd_dev, bdev, arg); + ret = __blk_trace_setup(q, b, bdev->bd_dev, bdev, arg); break; #if defined(CONFIG_COMPAT) && defined(CONFIG_X86_64) case BLKTRACESETUP32: @@ -687,10 +736,10 @@ int blk_trace_ioctl(struct block_device *bdev, unsigned cmd, char __user *arg) case BLKTRACESTART: start = 1; case BLKTRACESTOP: - ret = blk_trace_startstop(q, start); + ret = __blk_trace_startstop(q, start); break; case BLKTRACETEARDOWN: - ret = blk_trace_remove(q); + ret = __blk_trace_remove(q); break; default: ret = -ENOTTY; @@ -708,10 +757,14 @@ int blk_trace_ioctl(struct block_device *bdev, unsigned cmd, char __user *arg) **/ void blk_trace_shutdown(struct request_queue *q) { + mutex_lock(&q->blk_trace_mutex); + if (q->blk_trace) { - blk_trace_startstop(q, 0); - blk_trace_remove(q); + __blk_trace_startstop(q, 0); + __blk_trace_remove(q); } + + mutex_unlock(&q->blk_trace_mutex); } #ifdef CONFIG_BLK_CGROUP @@ -1558,9 +1611,7 @@ static int blk_trace_remove_queue(struct request_queue *q) if (bt == NULL) return -EINVAL; - if (atomic_dec_and_test(&blk_probes_ref)) - blk_unregister_tracepoints(); - + put_probe_ref(); blk_trace_free(bt); return 0; } @@ -1591,8 +1642,7 @@ static int blk_trace_setup_queue(struct request_queue *q, if (cmpxchg(&q->blk_trace, NULL, bt)) goto free_bt; - if (atomic_inc_return(&blk_probes_ref) == 1) - blk_register_tracepoints(); + get_probe_ref(); return 0; free_bt: -- Jens Axboe From 1583157279123488744@xxx Sat Nov 04 17:27:15 +0000 2017 X-GM-THRID: 1582628660594689087 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread