Fix: list_lttng_agent_events: unbalanced RCU read-side lock on error
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Thu, 27 May 2021 21:11:22 +0000 (17:11 -0400)
committerJérémie Galarneau <jeremie.galarneau@efficios.com>
Thu, 27 May 2021 21:32:28 +0000 (17:32 -0400)
The error label jumps to the end label which releases the RCU read-side
lock. There are many error paths in this function which goto error
without holding the RCU read-side lock, thus causing unbalanced RCU
read-side lock.

There is no point in keeping so short RCU read-side critical sections,
so cover the entire function with a single read-side critical section.

[ Applies to stable-2.12 and possibly prior versions. Does _not_ apply
  to stable-2.13+. ]

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Change-Id: I5b20c229a5df22d22ecfdc64dbbb87ee118649d2

src/bin/lttng-sessiond/cmd.c

index b608df1e145fc41979792c191d0e5ed5dbc55b22..eb5da1b76c44b70dcaf9fa221cb07fef8d2b0cdd 100644 (file)
@@ -510,7 +510,6 @@ static int list_lttng_agent_events(struct agent *agt,
 
        rcu_read_lock();
        nb_event = lttng_ht_get_count(agt->events);
-       rcu_read_unlock();
        if (nb_event == 0) {
                ret = nb_event;
                *total_size = 0;
@@ -524,7 +523,6 @@ static int list_lttng_agent_events(struct agent *agt,
         * This is only valid because the commands which add events are
         * processed in the same thread as the listing.
         */
-       rcu_read_lock();
        cds_lfht_for_each_entry(agt->events->ht, &iter.iter, event, node.node) {
                ret = increment_extended_len(event->filter_expression, NULL, NULL,
                                &extended_len);
@@ -534,7 +532,6 @@ static int list_lttng_agent_events(struct agent *agt,
                        goto error;
                }
        }
-       rcu_read_unlock();
 
        *total_size = nb_event * sizeof(*tmp_events) + extended_len;
        tmp_events = zmalloc(*total_size);
@@ -547,7 +544,6 @@ static int list_lttng_agent_events(struct agent *agt,
        extended_at = ((uint8_t *) tmp_events) +
                nb_event * sizeof(struct lttng_event);
 
-       rcu_read_lock();
        cds_lfht_for_each_entry(agt->events->ht, &iter.iter, event, node.node) {
                strncpy(tmp_events[i].name, event->name, sizeof(tmp_events[i].name));
                tmp_events[i].name[sizeof(tmp_events[i].name) - 1] = '\0';
This page took 0.032556 seconds and 4 git commands to generate.