tracing, perf_events: Protect the buffer from recursion in perf

While tracing using events with perf, if one enables the lockdep:lock_acquire event, it will infect every other perf trace events. Basically, you can enable whatever set of trace events through perf but if this event is part of the set, the only result we can get is a long list of lock_acquire events of rcu read lock, and only that. This is because of a recursion inside perf. 1) When a trace event is triggered, it will fill a per cpu buffer and submit it to perf. 2) Perf will commit this event but will also protect some data using rcu_read_lock 3) A recursion appears: rcu_read_lock triggers a lock_acquire event that will fill the per cpu event and then submit the buffer to perf. 4) Perf detects a recursion and ignores it 5) Perf continues its work on the previous event, but its buffer has been overwritten by the lock_acquire event, it has then been turned into a lock_acquire event of rcu read lock Such scenario also happens with lock_release with rcu_read_unlock(). We could turn the rcu_read_lock() into __rcu_read_lock() to drop the lock debugging from perf fast path, but that would make us lose the rcu debugging and that doesn't prevent from other possible kind of recursion from perf in the future. This patch adds a recursion protection based on a counter on the perf trace per cpu buffers to solve the problem. -v2: Fixed lost whitespace, added reviewed-by tag Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com> Reviewed-by: Masami Hiramatsu <mhiramat@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Mike Galbraith <efault@gmx.de> Cc: Paul Mackerras <paulus@samba.org> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Li Zefan <lizf@cn.fujitsu.com> Cc: Jason Baron <jbaron@redhat.com> LKML-Reference: <1257477185-7838-1-git-send-email-fweisbec@gmail.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
author: Frederic Weisbecker <fweisbec@gmail.com> 2009-11-05 22:13:05 -0500
committer: Ingo Molnar <mingo@elte.hu> 2009-11-08 04:31:42 -0500
commit: 444a2a3bcd6d5bed5c823136f68fcc93c0fe283f (patch)
tree: 6a57308586b4e723238646074e79298845803520 /kernel/trace/trace_syscalls.c
parent: 09879b99d44d701c603935ef2549004405d7f8f9 (diff)
1 files changed, 36 insertions, 8 deletions
diff --git a/kernel/trace/trace_syscalls.c b/kernel/trace/trace_syscalls.c
index 58b8e5370767..51213b0aa81b 100644
--- a/kernel/trace/trace_syscalls.c
+++ b/kernel/trace/trace_syscalls.c
@@ -477,6 +477,7 @@ static int sys_prof_refcount_exit;
 static void prof_syscall_enter(struct pt_regs *regs, long id)
 {
        struct syscall_metadata *sys_data;
+        struct perf_trace_buf *trace_buf;
        struct syscall_trace_enter *rec;
        unsigned long flags;
        char *raw_data;
@@ -507,14 +508,25 @@ static void prof_syscall_enter(struct pt_regs *regs, long id)
        cpu = smp_processor_id();
        if (in_nmi())
-                raw_data = rcu_dereference(trace_profile_buf_nmi);
+                trace_buf = rcu_dereference(perf_trace_buf_nmi);
        else
-                raw_data = rcu_dereference(trace_profile_buf);
+                trace_buf = rcu_dereference(perf_trace_buf);
-        if (!raw_data)
+        if (!trace_buf)
                goto end;
-        raw_data = per_cpu_ptr(raw_data, cpu);
+        trace_buf = per_cpu_ptr(trace_buf, cpu);
+        if (trace_buf->recursion++)
+                goto end_recursion;
+        /*
+         * Make recursion update visible before entering perf_tp_event
+         * so that we protect from perf recursions.
+         */
+        barrier();
+        raw_data = trace_buf->buf;
        /* zero the dead bytes from align to not leak stack to user */
        *(u64 *)(&raw_data[size - sizeof(u64)]) = 0ULL;
@@ -527,6 +539,8 @@ static void prof_syscall_enter(struct pt_regs *regs, long id)
                               (unsigned long *)&rec->args);
        perf_tp_event(sys_data->enter_id, 0, 1, rec, size);
+end_recursion:
+        trace_buf->recursion--;
 end:
        local_irq_restore(flags);
 }
@@ -574,6 +588,7 @@ static void prof_syscall_exit(struct pt_regs *regs, long ret)
 {
        struct syscall_metadata *sys_data;
        struct syscall_trace_exit *rec;
+        struct perf_trace_buf *trace_buf;
        unsigned long flags;
        int syscall_nr;
        char *raw_data;
@@ -605,14 +620,25 @@ static void prof_syscall_exit(struct pt_regs *regs, long ret)
        cpu = smp_processor_id();
        if (in_nmi())
-                raw_data = rcu_dereference(trace_profile_buf_nmi);
+                trace_buf = rcu_dereference(perf_trace_buf_nmi);
        else
-                raw_data = rcu_dereference(trace_profile_buf);
+                trace_buf = rcu_dereference(perf_trace_buf);
-        if (!raw_data)
+        if (!trace_buf)
                goto end;
-        raw_data = per_cpu_ptr(raw_data, cpu);
+        trace_buf = per_cpu_ptr(trace_buf, cpu);
+        if (trace_buf->recursion++)
+                goto end_recursion;
+        /*
+         * Make recursion update visible before entering perf_tp_event
+         * so that we protect from perf recursions.
+         */
+        barrier();
+        raw_data = trace_buf->buf;
        /* zero the dead bytes from align to not leak stack to user */
        *(u64 *)(&raw_data[size - sizeof(u64)]) = 0ULL;
@@ -626,6 +652,8 @@ static void prof_syscall_exit(struct pt_regs *regs, long ret)
        perf_tp_event(sys_data->exit_id, 0, 1, rec, size);
+end_recursion:
+        trace_buf->recursion--;
 end:
        local_irq_restore(flags);
 }
author	Frederic Weisbecker <fweisbec@gmail.com>	2009-11-05 22:13:05 -0500
committer	Ingo Molnar <mingo@elte.hu>	2009-11-08 04:31:42 -0500
commit	444a2a3bcd6d5bed5c823136f68fcc93c0fe283f (patch)
tree	6a57308586b4e723238646074e79298845803520 /kernel/trace/trace_syscalls.c
parent	09879b99d44d701c603935ef2549004405d7f8f9 (diff)