From: Ian Rogers <irogers@google.com>
To: "Peter Zijlstra" <peterz@infradead.org>,
"Ingo Molnar" <mingo@redhat.com>,
"Arnaldo Carvalho de Melo" <acme@kernel.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Alexander Shishkin" <alexander.shishkin@linux.intel.com>,
"Jiri Olsa" <jolsa@redhat.com>,
"Namhyung Kim" <namhyung@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Darren Hart" <dvhart@infradead.org>,
"Davidlohr Bueso" <dave@stgolabs.net>,
"André Almeida" <andrealmeid@collabora.com>,
"James Clark" <james.clark@arm.com>,
"John Garry" <john.garry@huawei.com>,
"Riccardo Mancini" <rickyman7@gmail.com>,
"Yury Norov" <yury.norov@gmail.com>,
"Andy Shevchenko" <andriy.shevchenko@linux.intel.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Jin Yao" <yao.jin@linux.intel.com>,
"Adrian Hunter" <adrian.hunter@intel.com>,
"Leo Yan" <leo.yan@linaro.org>, "Andi Kleen" <ak@linux.intel.com>,
"Thomas Richter" <tmricht@linux.ibm.com>,
"Kan Liang" <kan.liang@linux.intel.com>,
"Madhavan Srinivasan" <maddy@linux.ibm.com>,
"Shunsuke Nakamura" <nakamura.shun@fujitsu.com>,
"Song Liu" <song@kernel.org>,
"Masami Hiramatsu" <mhiramat@kernel.org>,
"Steven Rostedt" <rostedt@goodmis.org>,
"Miaoqian Lin" <linmq006@gmail.com>,
"Stephen Brennan" <stephen.s.brennan@oracle.com>,
"Kajol Jain" <kjain@linux.ibm.com>,
"Alexey Bayduraev" <alexey.v.bayduraev@linux.intel.com>,
"German Gomez" <german.gomez@arm.com>,
linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org,
"Eric Dumazet" <edumazet@google.com>,
"Dmitry Vyukov" <dvyukov@google.com>
Cc: eranian@google.com, Ian Rogers <irogers@google.com>
Subject: [PATCH v2 3/4] perf dso: Hold lock when accessing nsinfo
Date: Tue, 25 Jan 2022 12:46:01 -0800 [thread overview]
Message-ID: <20220125204602.4137477-4-irogers@google.com> (raw)
In-Reply-To: <20220125204602.4137477-1-irogers@google.com>
There may be threads racing to update dso->nsinfo:
https://lore.kernel.org/linux-perf-users/CAP-5=fWZH20L4kv-BwVtGLwR=Em3AOOT+Q4QGivvQuYn5AsPRg@mail.gmail.com/
Holding the dso->lock avoids use-after-free, memory leaks and other
such bugs. Apply the fix in:
https://lore.kernel.org/linux-perf-users/20211118193714.2293728-1-irogers@google.com/
of there being a missing nsinfo__put now that the accesses are data race
free.
Signed-off-by: Ian Rogers <irogers@google.com>
---
tools/perf/builtin-inject.c | 4 ++++
tools/perf/util/dso.c | 5 ++++-
tools/perf/util/map.c | 3 +++
tools/perf/util/probe-event.c | 2 ++
tools/perf/util/symbol.c | 2 +-
5 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/tools/perf/builtin-inject.c b/tools/perf/builtin-inject.c
index fbf43a454cba..bede332bf0e2 100644
--- a/tools/perf/builtin-inject.c
+++ b/tools/perf/builtin-inject.c
@@ -363,8 +363,10 @@ static struct dso *findnew_dso(int pid, int tid, const char *filename,
}
if (dso) {
+ BUG_ON(pthread_mutex_lock(&dso->lock) != 0);
nsinfo__put(dso->nsinfo);
dso->nsinfo = nsi;
+ pthread_mutex_unlock(&dso->lock);
} else
nsinfo__put(nsi);
@@ -547,7 +549,9 @@ static int dso__read_build_id(struct dso *dso)
if (dso->has_build_id)
return 0;
+ BUG_ON(pthread_mutex_lock(&dso->lock) != 0);
nsinfo__mountns_enter(dso->nsinfo, &nsc);
+ pthread_mutex_unlock(&dso->lock);
if (filename__read_build_id(dso->long_name, &dso->bid) > 0)
dso->has_build_id = true;
nsinfo__mountns_exit(&nsc);
diff --git a/tools/perf/util/dso.c b/tools/perf/util/dso.c
index 6beccffeef7b..b2f570adba35 100644
--- a/tools/perf/util/dso.c
+++ b/tools/perf/util/dso.c
@@ -548,8 +548,11 @@ static int open_dso(struct dso *dso, struct machine *machine)
int fd;
struct nscookie nsc;
- if (dso->binary_type != DSO_BINARY_TYPE__BUILD_ID_CACHE)
+ if (dso->binary_type != DSO_BINARY_TYPE__BUILD_ID_CACHE) {
+ BUG_ON(pthread_mutex_lock(&dso->lock) != 0);
nsinfo__mountns_enter(dso->nsinfo, &nsc);
+ pthread_mutex_unlock(&dso->lock);
+ }
fd = __open_dso(dso, machine);
if (dso->binary_type != DSO_BINARY_TYPE__BUILD_ID_CACHE)
nsinfo__mountns_exit(&nsc);
diff --git a/tools/perf/util/map.c b/tools/perf/util/map.c
index 8af693d9678c..ae99b52502d5 100644
--- a/tools/perf/util/map.c
+++ b/tools/perf/util/map.c
@@ -192,7 +192,10 @@ struct map *map__new(struct machine *machine, u64 start, u64 len,
if (!(prot & PROT_EXEC))
dso__set_loaded(dso);
}
+ BUG_ON(pthread_mutex_lock(&dso->lock) != 0);
+ nsinfo__put(dso->nsinfo);
dso->nsinfo = nsi;
+ pthread_mutex_unlock(&dso->lock);
if (build_id__is_defined(bid))
dso__set_build_id(dso, bid);
diff --git a/tools/perf/util/probe-event.c b/tools/perf/util/probe-event.c
index a834918a0a0d..7444e689ece7 100644
--- a/tools/perf/util/probe-event.c
+++ b/tools/perf/util/probe-event.c
@@ -180,8 +180,10 @@ struct map *get_target_map(const char *target, struct nsinfo *nsi, bool user)
map = dso__new_map(target);
if (map && map->dso) {
+ BUG_ON(pthread_mutex_lock(&map->dso->lock) != 0);
nsinfo__put(map->dso->nsinfo);
map->dso->nsinfo = nsinfo__get(nsi);
+ pthread_mutex_unlock(&map->dso->lock);
}
return map;
} else {
diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
index 43f47532696f..a504346feb05 100644
--- a/tools/perf/util/symbol.c
+++ b/tools/perf/util/symbol.c
@@ -1774,6 +1774,7 @@ int dso__load(struct dso *dso, struct map *map)
char newmapname[PATH_MAX];
const char *map_path = dso->long_name;
+ BUG_ON(pthread_mutex_lock(&dso->lock) != 0);
perfmap = strncmp(dso->name, "/tmp/perf-", 10) == 0;
if (perfmap) {
if (dso->nsinfo && (dso__find_perf_map(newmapname,
@@ -1783,7 +1784,6 @@ int dso__load(struct dso *dso, struct map *map)
}
nsinfo__mountns_enter(dso->nsinfo, &nsc);
- BUG_ON(pthread_mutex_lock(&dso->lock) != 0);
/* check again under the dso->lock */
if (dso__loaded(dso)) {
--
2.35.0.rc0.227.g00780c9af4-goog
next prev parent reply other threads:[~2022-01-25 20:47 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-25 20:45 [PATCH v2 0/4] Reference count checker and related fixes Ian Rogers
2022-01-25 20:45 ` [PATCH v2 1/4] perf cpumap: Add reference count checking Ian Rogers
2022-01-31 14:44 ` Arnaldo Carvalho de Melo
2022-01-25 20:46 ` [PATCH v2 2/4] perf dso: Make lock error check and add BUG_ONs Ian Rogers
2022-01-25 20:46 ` Ian Rogers [this message]
2022-01-25 20:46 ` [PATCH v2 4/4] perf namespaces: Add reference count checking Ian Rogers
2022-01-27 21:33 ` [PATCH v2 0/4] Reference count checker and related fixes Ian Rogers
2022-01-28 5:23 ` Masami Hiramatsu
2022-01-28 6:24 ` Ian Rogers
2022-01-28 15:34 ` Masami Hiramatsu
2022-01-28 18:26 ` Ian Rogers
2022-01-28 19:59 ` Arnaldo Carvalho de Melo
2022-01-30 8:04 ` Masami Hiramatsu
2022-01-31 14:28 ` Arnaldo Carvalho de Melo
2022-01-30 7:54 ` Masami Hiramatsu
2022-01-30 17:40 ` Ian Rogers
2022-02-04 14:57 ` Masami Hiramatsu
2022-02-04 19:11 ` Ian Rogers
2022-02-05 4:41 ` Masami Hiramatsu
2022-01-31 13:56 ` Arnaldo Carvalho de Melo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220125204602.4137477-4-irogers@google.com \
--to=irogers@google.com \
--cc=acme@kernel.org \
--cc=adrian.hunter@intel.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=alexander.shishkin@linux.intel.com \
--cc=alexey.v.bayduraev@linux.intel.com \
--cc=andrealmeid@collabora.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=dave@stgolabs.net \
--cc=dvhart@infradead.org \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=eranian@google.com \
--cc=german.gomez@arm.com \
--cc=james.clark@arm.com \
--cc=john.garry@huawei.com \
--cc=jolsa@redhat.com \
--cc=kan.liang@linux.intel.com \
--cc=kjain@linux.ibm.com \
--cc=leo.yan@linaro.org \
--cc=linmq006@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=maddy@linux.ibm.com \
--cc=mark.rutland@arm.com \
--cc=mhiramat@kernel.org \
--cc=mingo@redhat.com \
--cc=nakamura.shun@fujitsu.com \
--cc=namhyung@kernel.org \
--cc=peterz@infradead.org \
--cc=rickyman7@gmail.com \
--cc=rostedt@goodmis.org \
--cc=song@kernel.org \
--cc=stephen.s.brennan@oracle.com \
--cc=tglx@linutronix.de \
--cc=tmricht@linux.ibm.com \
--cc=yao.jin@linux.intel.com \
--cc=yury.norov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).