[PATCH] Kprobes: Fix deadlock in function-return probes

[Ananth N Mavinakayanahalli]

From: Ananth N Mavinakayanahalli <ananth@xxxxxxxxxx>

When two function-return probes are inserted on kfree()[1] and the
second on say, sys_link()[2], and later [2] is unregistered, we have
a deadlock as kfree is called with the kretprobe_lock held and the
function-return probe on kfree will also try to grab the same lock.

However, we can move the kfree() during unregistration to outside
the spinlock as we are sure that no instances from the free list
will be used after synchronized_sched() returns during the
unregistration process. Thanks to Masami Hiramatsu for spotting this.

Signed-off-by: Ananth N Mavinakayanahalli <ananth@xxxxxxxxxx>
---


 kernel/kprobes.c |    2 +-
 1 files changed, 1 insertion(+), 1 deletion(-)

Index: linux-2.6.16-rc1/kernel/kprobes.c
===================================================================
--- linux-2.6.16-rc1.orig/kernel/kprobes.c
+++ linux-2.6.16-rc1/kernel/kprobes.c
@@ -631,12 +631,12 @@ void __kprobes unregister_kretprobe(stru
 	unregister_kprobe(&rp->kp);
 	/* No race here */
 	spin_lock_irqsave(&kretprobe_lock, flags);
-	free_rp_inst(rp);
 	while ((ri = get_used_rp_inst(rp)) != NULL) {
 		ri->rp = NULL;
 		hlist_del(&ri->uflist);
 	}
 	spin_unlock_irqrestore(&kretprobe_lock, flags);
+	free_rp_inst(rp);
 }
 
 static int __init init_kprobes(void)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/