aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorIngo Molnar <mingo@elte.hu>2009-05-17 05:08:41 -0400
committerIngo Molnar <mingo@elte.hu>2009-05-19 18:22:24 -0400
commit33b2fb303fe7f6b08bbb32f708e67b96eaa94a7a (patch)
tree32ab4cb3cca6c61a2d6cf351bb8f732045464e28 /kernel
parentb68f1d2e7aa21029d73c7d453a8046e95d351740 (diff)
perf_counter: fix counter freeing logic
Fix counter lifetime bugs which explain the crashes reported by Marcelo Tosatti and Arnaldo Carvalho de Melo. The new rule is: flushing + freeing is only done for a task's own counters, never for other tasks. [ Impact: fix crashes/lockups with inherited counters ] Reported-by: Arnaldo Carvalho de Melo <acme@redhat.com> Reported-by: Marcelo Tosatti <mtosatti@redhat.com> Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Paul Mackerras <paulus@samba.org> Cc: Corey Ashford <cjashfor@linux.vnet.ibm.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/exit.c19
-rw-r--r--kernel/perf_counter.c2
2 files changed, 9 insertions, 12 deletions
diff --git a/kernel/exit.c b/kernel/exit.c
index 73affd35e76d..f9dfedd94af0 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -178,12 +178,6 @@ repeat:
178 178
179 proc_flush_task(p); 179 proc_flush_task(p);
180 180
181 /*
182 * Flush inherited counters to the parent - before the parent
183 * gets woken up by child-exit notifications.
184 */
185 perf_counter_exit_task(p);
186
187 write_lock_irq(&tasklist_lock); 181 write_lock_irq(&tasklist_lock);
188 tracehook_finish_release_task(p); 182 tracehook_finish_release_task(p);
189 __exit_signal(p); 183 __exit_signal(p);
@@ -985,6 +979,13 @@ NORET_TYPE void do_exit(long code)
985 module_put(tsk->binfmt->module); 979 module_put(tsk->binfmt->module);
986 980
987 proc_exit_connector(tsk); 981 proc_exit_connector(tsk);
982
983 /*
984 * Flush inherited counters to the parent - before the parent
985 * gets woken up by child-exit notifications.
986 */
987 perf_counter_exit_task(tsk);
988
988 exit_notify(tsk, group_dead); 989 exit_notify(tsk, group_dead);
989#ifdef CONFIG_NUMA 990#ifdef CONFIG_NUMA
990 mpol_put(tsk->mempolicy); 991 mpol_put(tsk->mempolicy);
@@ -1257,12 +1258,6 @@ static int wait_task_zombie(struct task_struct *p, int options,
1257 */ 1258 */
1258 read_unlock(&tasklist_lock); 1259 read_unlock(&tasklist_lock);
1259 1260
1260 /*
1261 * Flush inherited counters to the parent - before the parent
1262 * gets woken up by child-exit notifications.
1263 */
1264 perf_counter_exit_task(p);
1265
1266 retval = ru ? getrusage(p, RUSAGE_BOTH, ru) : 0; 1261 retval = ru ? getrusage(p, RUSAGE_BOTH, ru) : 0;
1267 status = (p->signal->flags & SIGNAL_GROUP_EXIT) 1262 status = (p->signal->flags & SIGNAL_GROUP_EXIT)
1268 ? p->signal->group_exit_code : p->exit_code; 1263 ? p->signal->group_exit_code : p->exit_code;
diff --git a/kernel/perf_counter.c b/kernel/perf_counter.c
index 59a926d04baf..7af16d1c480f 100644
--- a/kernel/perf_counter.c
+++ b/kernel/perf_counter.c
@@ -3299,6 +3299,8 @@ void perf_counter_exit_task(struct task_struct *child)
3299 struct perf_counter *child_counter, *tmp; 3299 struct perf_counter *child_counter, *tmp;
3300 struct perf_counter_context *child_ctx; 3300 struct perf_counter_context *child_ctx;
3301 3301
3302 WARN_ON_ONCE(child != current);
3303
3302 child_ctx = &child->perf_counter_ctx; 3304 child_ctx = &child->perf_counter_ctx;
3303 3305
3304 if (likely(!child_ctx->nr_counters)) 3306 if (likely(!child_ctx->nr_counters))