linux_dsm_epyc7002/include/trace/events/afs.h

801 lines
23 KiB
C
Raw Normal View History

/* AFS tracepoints
*
* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public Licence
* as published by the Free Software Foundation; either version
* 2 of the Licence, or (at your option) any later version.
*/
#undef TRACE_SYSTEM
#define TRACE_SYSTEM afs
#if !defined(_TRACE_AFS_H) || defined(TRACE_HEADER_MULTI_READ)
#define _TRACE_AFS_H
#include <linux/tracepoint.h>
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
/*
* Define enums for tracing information.
*/
#ifndef __AFS_DECLARE_TRACE_ENUMS_ONCE_ONLY
#define __AFS_DECLARE_TRACE_ENUMS_ONCE_ONLY
enum afs_call_trace {
afs_call_trace_alloc,
afs_call_trace_free,
afs_call_trace_put,
afs_call_trace_wake,
afs_call_trace_work,
};
enum afs_fs_operation {
afs_FS_FetchData = 130, /* AFS Fetch file data */
afs_FS_FetchStatus = 132, /* AFS Fetch file status */
afs_FS_StoreData = 133, /* AFS Store file data */
afs_FS_StoreStatus = 135, /* AFS Store file status */
afs_FS_RemoveFile = 136, /* AFS Remove a file */
afs_FS_CreateFile = 137, /* AFS Create a file */
afs_FS_Rename = 138, /* AFS Rename or move a file or directory */
afs_FS_Symlink = 139, /* AFS Create a symbolic link */
afs_FS_Link = 140, /* AFS Create a hard link */
afs_FS_MakeDir = 141, /* AFS Create a directory */
afs_FS_RemoveDir = 142, /* AFS Remove a directory */
afs_FS_GetVolumeInfo = 148, /* AFS Get information about a volume */
afs_FS_GetVolumeStatus = 149, /* AFS Get volume status information */
afs_FS_GetRootVolume = 151, /* AFS Get root volume name */
afs_FS_SetLock = 156, /* AFS Request a file lock */
afs_FS_ExtendLock = 157, /* AFS Extend a file lock */
afs_FS_ReleaseLock = 158, /* AFS Release a file lock */
afs_FS_Lookup = 161, /* AFS lookup file in directory */
afs_FS_InlineBulkStatus = 65536, /* AFS Fetch multiple file statuses with errors */
afs_FS_FetchData64 = 65537, /* AFS Fetch file data */
afs_FS_StoreData64 = 65538, /* AFS Store file data */
afs_FS_GiveUpAllCallBacks = 65539, /* AFS Give up all our callbacks on a server */
afs_FS_GetCapabilities = 65540, /* AFS Get FS server capabilities */
yfs_FS_FetchData = 130, /* YFS Fetch file data */
yfs_FS_FetchACL = 64131, /* YFS Fetch file ACL */
yfs_FS_FetchStatus = 64132, /* YFS Fetch file status */
yfs_FS_StoreACL = 64134, /* YFS Store file ACL */
yfs_FS_StoreStatus = 64135, /* YFS Store file status */
yfs_FS_RemoveFile = 64136, /* YFS Remove a file */
yfs_FS_CreateFile = 64137, /* YFS Create a file */
yfs_FS_Rename = 64138, /* YFS Rename or move a file or directory */
yfs_FS_Symlink = 64139, /* YFS Create a symbolic link */
yfs_FS_Link = 64140, /* YFS Create a hard link */
yfs_FS_MakeDir = 64141, /* YFS Create a directory */
yfs_FS_RemoveDir = 64142, /* YFS Remove a directory */
yfs_FS_GetVolumeStatus = 64149, /* YFS Get volume status information */
yfs_FS_SetVolumeStatus = 64150, /* YFS Set volume status information */
yfs_FS_SetLock = 64156, /* YFS Request a file lock */
yfs_FS_ExtendLock = 64157, /* YFS Extend a file lock */
yfs_FS_ReleaseLock = 64158, /* YFS Release a file lock */
yfs_FS_Lookup = 64161, /* YFS lookup file in directory */
yfs_FS_FlushCPS = 64165,
yfs_FS_FetchOpaqueACL = 64168,
yfs_FS_WhoAmI = 64170,
yfs_FS_RemoveACL = 64171,
yfs_FS_RemoveFile2 = 64173,
yfs_FS_StoreOpaqueACL2 = 64174,
yfs_FS_InlineBulkStatus = 64536, /* YFS Fetch multiple file statuses with errors */
yfs_FS_FetchData64 = 64537, /* YFS Fetch file data */
yfs_FS_StoreData64 = 64538, /* YFS Store file data */
yfs_FS_UpdateSymlink = 64540,
};
enum afs_vl_operation {
afs_VL_GetEntryByNameU = 527, /* AFS Get Vol Entry By Name operation ID */
afs_VL_GetAddrsU = 533, /* AFS Get FS server addresses */
afs_YFSVL_GetEndpoints = 64002, /* YFS Get FS & Vol server addresses */
afs_VL_GetCapabilities = 65537, /* AFS Get VL server capabilities */
};
enum afs_edit_dir_op {
afs_edit_dir_create,
afs_edit_dir_create_error,
afs_edit_dir_create_inval,
afs_edit_dir_create_nospc,
afs_edit_dir_delete,
afs_edit_dir_delete_error,
afs_edit_dir_delete_inval,
afs_edit_dir_delete_noent,
};
enum afs_edit_dir_reason {
afs_edit_dir_for_create,
afs_edit_dir_for_link,
afs_edit_dir_for_mkdir,
afs_edit_dir_for_rename,
afs_edit_dir_for_rmdir,
afs_edit_dir_for_symlink,
afs_edit_dir_for_unlink,
};
enum afs_eproto_cause {
afs_eproto_bad_status,
afs_eproto_cb_count,
afs_eproto_cb_fid_count,
afs_eproto_file_type,
afs_eproto_ibulkst_cb_count,
afs_eproto_ibulkst_count,
afs_eproto_motd_len,
afs_eproto_offline_msg_len,
afs_eproto_volname_len,
afs_eproto_yvl_fsendpt4_len,
afs_eproto_yvl_fsendpt6_len,
afs_eproto_yvl_fsendpt_num,
afs_eproto_yvl_fsendpt_type,
afs_eproto_yvl_vlendpt4_len,
afs_eproto_yvl_vlendpt6_len,
afs_eproto_yvl_vlendpt_type,
};
enum afs_io_error {
afs_io_error_cm_reply,
afs_io_error_extract,
afs_io_error_fs_probe_fail,
afs_io_error_vl_lookup_fail,
afs_io_error_vl_probe_fail,
};
enum afs_file_error {
afs_file_error_dir_bad_magic,
afs_file_error_dir_big,
afs_file_error_dir_missing_page,
afs_file_error_dir_over_end,
afs_file_error_dir_small,
afs_file_error_dir_unmarked_ext,
afs_file_error_mntpt,
afs_file_error_writeback_fail,
};
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
#endif /* end __AFS_DECLARE_TRACE_ENUMS_ONCE_ONLY */
/*
* Declare tracing information enums and their string mappings for display.
*/
#define afs_call_traces \
EM(afs_call_trace_alloc, "ALLOC") \
EM(afs_call_trace_free, "FREE ") \
EM(afs_call_trace_put, "PUT ") \
EM(afs_call_trace_wake, "WAKE ") \
E_(afs_call_trace_work, "WORK ")
#define afs_fs_operations \
EM(afs_FS_FetchData, "FS.FetchData") \
EM(afs_FS_FetchStatus, "FS.FetchStatus") \
EM(afs_FS_StoreData, "FS.StoreData") \
EM(afs_FS_StoreStatus, "FS.StoreStatus") \
EM(afs_FS_RemoveFile, "FS.RemoveFile") \
EM(afs_FS_CreateFile, "FS.CreateFile") \
EM(afs_FS_Rename, "FS.Rename") \
EM(afs_FS_Symlink, "FS.Symlink") \
EM(afs_FS_Link, "FS.Link") \
EM(afs_FS_MakeDir, "FS.MakeDir") \
EM(afs_FS_RemoveDir, "FS.RemoveDir") \
EM(afs_FS_GetVolumeInfo, "FS.GetVolumeInfo") \
EM(afs_FS_GetVolumeStatus, "FS.GetVolumeStatus") \
EM(afs_FS_GetRootVolume, "FS.GetRootVolume") \
EM(afs_FS_SetLock, "FS.SetLock") \
EM(afs_FS_ExtendLock, "FS.ExtendLock") \
EM(afs_FS_ReleaseLock, "FS.ReleaseLock") \
EM(afs_FS_Lookup, "FS.Lookup") \
EM(afs_FS_InlineBulkStatus, "FS.InlineBulkStatus") \
EM(afs_FS_FetchData64, "FS.FetchData64") \
EM(afs_FS_StoreData64, "FS.StoreData64") \
EM(afs_FS_GiveUpAllCallBacks, "FS.GiveUpAllCallBacks") \
EM(afs_FS_GetCapabilities, "FS.GetCapabilities") \
EM(yfs_FS_FetchACL, "YFS.FetchACL") \
EM(yfs_FS_FetchStatus, "YFS.FetchStatus") \
EM(yfs_FS_StoreACL, "YFS.StoreACL") \
EM(yfs_FS_StoreStatus, "YFS.StoreStatus") \
EM(yfs_FS_RemoveFile, "YFS.RemoveFile") \
EM(yfs_FS_CreateFile, "YFS.CreateFile") \
EM(yfs_FS_Rename, "YFS.Rename") \
EM(yfs_FS_Symlink, "YFS.Symlink") \
EM(yfs_FS_Link, "YFS.Link") \
EM(yfs_FS_MakeDir, "YFS.MakeDir") \
EM(yfs_FS_RemoveDir, "YFS.RemoveDir") \
EM(yfs_FS_GetVolumeStatus, "YFS.GetVolumeStatus") \
EM(yfs_FS_SetVolumeStatus, "YFS.SetVolumeStatus") \
EM(yfs_FS_SetLock, "YFS.SetLock") \
EM(yfs_FS_ExtendLock, "YFS.ExtendLock") \
EM(yfs_FS_ReleaseLock, "YFS.ReleaseLock") \
EM(yfs_FS_Lookup, "YFS.Lookup") \
EM(yfs_FS_FlushCPS, "YFS.FlushCPS") \
EM(yfs_FS_FetchOpaqueACL, "YFS.FetchOpaqueACL") \
EM(yfs_FS_WhoAmI, "YFS.WhoAmI") \
EM(yfs_FS_RemoveACL, "YFS.RemoveACL") \
EM(yfs_FS_RemoveFile2, "YFS.RemoveFile2") \
EM(yfs_FS_StoreOpaqueACL2, "YFS.StoreOpaqueACL2") \
EM(yfs_FS_InlineBulkStatus, "YFS.InlineBulkStatus") \
EM(yfs_FS_FetchData64, "YFS.FetchData64") \
EM(yfs_FS_StoreData64, "YFS.StoreData64") \
E_(yfs_FS_UpdateSymlink, "YFS.UpdateSymlink")
#define afs_vl_operations \
EM(afs_VL_GetEntryByNameU, "VL.GetEntryByNameU") \
EM(afs_VL_GetAddrsU, "VL.GetAddrsU") \
EM(afs_YFSVL_GetEndpoints, "YFSVL.GetEndpoints") \
E_(afs_VL_GetCapabilities, "VL.GetCapabilities")
#define afs_edit_dir_ops \
EM(afs_edit_dir_create, "create") \
EM(afs_edit_dir_create_error, "c_fail") \
EM(afs_edit_dir_create_inval, "c_invl") \
EM(afs_edit_dir_create_nospc, "c_nspc") \
EM(afs_edit_dir_delete, "delete") \
EM(afs_edit_dir_delete_error, "d_err ") \
EM(afs_edit_dir_delete_inval, "d_invl") \
E_(afs_edit_dir_delete_noent, "d_nent")
#define afs_edit_dir_reasons \
EM(afs_edit_dir_for_create, "Create") \
EM(afs_edit_dir_for_link, "Link ") \
EM(afs_edit_dir_for_mkdir, "MkDir ") \
EM(afs_edit_dir_for_rename, "Rename") \
EM(afs_edit_dir_for_rmdir, "RmDir ") \
EM(afs_edit_dir_for_symlink, "Symlnk") \
E_(afs_edit_dir_for_unlink, "Unlink")
#define afs_eproto_causes \
EM(afs_eproto_bad_status, "BadStatus") \
EM(afs_eproto_cb_count, "CbCount") \
EM(afs_eproto_cb_fid_count, "CbFidCount") \
EM(afs_eproto_file_type, "FileTYpe") \
EM(afs_eproto_ibulkst_cb_count, "IBS.CbCount") \
EM(afs_eproto_ibulkst_count, "IBS.FidCount") \
EM(afs_eproto_motd_len, "MotdLen") \
EM(afs_eproto_offline_msg_len, "OfflineMsgLen") \
EM(afs_eproto_volname_len, "VolNameLen") \
EM(afs_eproto_yvl_fsendpt4_len, "YVL.FsEnd4Len") \
EM(afs_eproto_yvl_fsendpt6_len, "YVL.FsEnd6Len") \
EM(afs_eproto_yvl_fsendpt_num, "YVL.FsEndCount") \
EM(afs_eproto_yvl_fsendpt_type, "YVL.FsEndType") \
EM(afs_eproto_yvl_vlendpt4_len, "YVL.VlEnd4Len") \
EM(afs_eproto_yvl_vlendpt6_len, "YVL.VlEnd6Len") \
E_(afs_eproto_yvl_vlendpt_type, "YVL.VlEndType")
#define afs_io_errors \
EM(afs_io_error_cm_reply, "CM_REPLY") \
EM(afs_io_error_extract, "EXTRACT") \
EM(afs_io_error_fs_probe_fail, "FS_PROBE_FAIL") \
EM(afs_io_error_vl_lookup_fail, "VL_LOOKUP_FAIL") \
E_(afs_io_error_vl_probe_fail, "VL_PROBE_FAIL")
#define afs_file_errors \
EM(afs_file_error_dir_bad_magic, "DIR_BAD_MAGIC") \
EM(afs_file_error_dir_big, "DIR_BIG") \
EM(afs_file_error_dir_missing_page, "DIR_MISSING_PAGE") \
EM(afs_file_error_dir_over_end, "DIR_ENT_OVER_END") \
EM(afs_file_error_dir_small, "DIR_SMALL") \
EM(afs_file_error_dir_unmarked_ext, "DIR_UNMARKED_EXT") \
EM(afs_file_error_mntpt, "MNTPT_READ_FAILED") \
E_(afs_file_error_writeback_fail, "WRITEBACK_FAILED")
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
/*
* Export enum symbols via userspace.
*/
#undef EM
#undef E_
#define EM(a, b) TRACE_DEFINE_ENUM(a);
#define E_(a, b) TRACE_DEFINE_ENUM(a);
afs_call_traces;
afs_fs_operations;
afs_vl_operations;
afs_edit_dir_ops;
afs_edit_dir_reasons;
afs_eproto_causes;
afs_io_errors;
afs_file_errors;
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
/*
* Now redefine the EM() and E_() macros to map the enums to the strings that
* will be printed in the output.
*/
#undef EM
#undef E_
#define EM(a, b) { a, b },
#define E_(a, b) { a, b }
TRACE_EVENT(afs_receive_data,
TP_PROTO(struct afs_call *call, struct iov_iter *iter,
bool want_more, int ret),
TP_ARGS(call, iter, want_more, ret),
TP_STRUCT__entry(
__field(loff_t, remain )
__field(unsigned int, call )
__field(enum afs_call_state, state )
__field(unsigned short, unmarshall )
__field(bool, want_more )
__field(int, ret )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->state = call->state;
__entry->unmarshall = call->unmarshall;
__entry->remain = iov_iter_count(iter);
__entry->want_more = want_more;
__entry->ret = ret;
),
TP_printk("c=%08x r=%llu u=%u w=%u s=%u ret=%d",
__entry->call,
__entry->remain,
__entry->unmarshall,
__entry->want_more,
__entry->state,
__entry->ret)
);
TRACE_EVENT(afs_notify_call,
TP_PROTO(struct rxrpc_call *rxcall, struct afs_call *call),
TP_ARGS(rxcall, call),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(enum afs_call_state, state )
__field(unsigned short, unmarshall )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->state = call->state;
__entry->unmarshall = call->unmarshall;
),
TP_printk("c=%08x s=%u u=%u",
__entry->call,
__entry->state, __entry->unmarshall)
);
TRACE_EVENT(afs_cb_call,
TP_PROTO(struct afs_call *call),
TP_ARGS(call),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(const char *, name )
__field(u32, op )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->name = call->type->name;
__entry->op = call->operation_ID;
),
TP_printk("c=%08x %s o=%u",
__entry->call,
__entry->name,
__entry->op)
);
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
TRACE_EVENT(afs_call,
TP_PROTO(struct afs_call *call, enum afs_call_trace op,
int usage, int outstanding, const void *where),
TP_ARGS(call, op, usage, outstanding, where),
TP_STRUCT__entry(
__field(unsigned int, call )
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
__field(int, op )
__field(int, usage )
__field(int, outstanding )
__field(const void *, where )
),
TP_fast_assign(
__entry->call = call->debug_id;
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
__entry->op = op;
__entry->usage = usage;
__entry->outstanding = outstanding;
__entry->where = where;
),
TP_printk("c=%08x %s u=%d o=%d sp=%pSR",
afs: Refcount the afs_call struct A static checker warning occurs in the AFS filesystem: fs/afs/cmservice.c:155 SRXAFSCB_CallBack() error: dereferencing freed memory 'call' due to the reply being sent before we access the server it points to. The act of sending the reply causes the call to be freed if an error occurs (but not if it doesn't). On top of this, the lifetime handling of afs_call structs is fragile because they get passed around through workqueues without any sort of refcounting. Deal with the issues by: (1) Fix the maybe/maybe not nature of the reply sending functions with regards to whether they release the call struct. (2) Refcount the afs_call struct and sort out places that need to get/put references. (3) Pass a ref through the work queue and release (or pass on) that ref in the work function. Care has to be taken because a work queue may already own a ref to the call. (4) Do the cleaning up in the put function only. (5) Simplify module cleanup by always incrementing afs_outstanding_calls whenever a call is allocated. (6) Set the backlog to 0 with kernel_listen() at the beginning of the process of closing the socket to prevent new incoming calls from occurring and to remove the contribution of preallocated calls from afs_outstanding_calls before we wait on it. A tracepoint is also added to monitor the afs_call refcount and lifetime. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Fixes: 08e0e7c82eea: "[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC."
2017-01-05 17:38:36 +07:00
__entry->call,
__print_symbolic(__entry->op, afs_call_traces),
__entry->usage,
__entry->outstanding,
__entry->where)
);
TRACE_EVENT(afs_make_fs_call,
TP_PROTO(struct afs_call *call, const struct afs_fid *fid),
TP_ARGS(call, fid),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(enum afs_fs_operation, op )
__field_struct(struct afs_fid, fid )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->op = call->operation_ID;
if (fid) {
__entry->fid = *fid;
} else {
__entry->fid.vid = 0;
__entry->fid.vnode = 0;
__entry->fid.unique = 0;
}
),
TP_printk("c=%08x %06llx:%06llx:%06x %s",
__entry->call,
__entry->fid.vid,
__entry->fid.vnode,
__entry->fid.unique,
__print_symbolic(__entry->op, afs_fs_operations))
);
TRACE_EVENT(afs_make_vl_call,
TP_PROTO(struct afs_call *call),
TP_ARGS(call),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(enum afs_vl_operation, op )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->op = call->operation_ID;
),
TP_printk("c=%08x %s",
__entry->call,
__print_symbolic(__entry->op, afs_vl_operations))
);
TRACE_EVENT(afs_call_done,
TP_PROTO(struct afs_call *call),
TP_ARGS(call),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(struct rxrpc_call *, rx_call )
__field(int, ret )
__field(u32, abort_code )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->rx_call = call->rxcall;
__entry->ret = call->error;
__entry->abort_code = call->abort_code;
),
TP_printk(" c=%08x ret=%d ab=%d [%p]",
__entry->call,
__entry->ret,
__entry->abort_code,
__entry->rx_call)
);
TRACE_EVENT(afs_send_pages,
TP_PROTO(struct afs_call *call, struct msghdr *msg,
pgoff_t first, pgoff_t last, unsigned int offset),
TP_ARGS(call, msg, first, last, offset),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(pgoff_t, first )
__field(pgoff_t, last )
__field(unsigned int, nr )
__field(unsigned int, bytes )
__field(unsigned int, offset )
__field(unsigned int, flags )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->first = first;
__entry->last = last;
__entry->nr = msg->msg_iter.nr_segs;
__entry->bytes = msg->msg_iter.count;
__entry->offset = offset;
__entry->flags = msg->msg_flags;
),
TP_printk(" c=%08x %lx-%lx-%lx b=%x o=%x f=%x",
__entry->call,
__entry->first, __entry->first + __entry->nr - 1, __entry->last,
__entry->bytes, __entry->offset,
__entry->flags)
);
TRACE_EVENT(afs_sent_pages,
TP_PROTO(struct afs_call *call, pgoff_t first, pgoff_t last,
pgoff_t cursor, int ret),
TP_ARGS(call, first, last, cursor, ret),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(pgoff_t, first )
__field(pgoff_t, last )
__field(pgoff_t, cursor )
__field(int, ret )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->first = first;
__entry->last = last;
__entry->cursor = cursor;
__entry->ret = ret;
),
TP_printk(" c=%08x %lx-%lx c=%lx r=%d",
__entry->call,
__entry->first, __entry->last,
__entry->cursor, __entry->ret)
);
TRACE_EVENT(afs_dir_check_failed,
TP_PROTO(struct afs_vnode *vnode, loff_t off, loff_t i_size),
TP_ARGS(vnode, off, i_size),
TP_STRUCT__entry(
__field(struct afs_vnode *, vnode )
__field(loff_t, off )
__field(loff_t, i_size )
),
TP_fast_assign(
__entry->vnode = vnode;
__entry->off = off;
__entry->i_size = i_size;
),
TP_printk("vn=%p %llx/%llx",
__entry->vnode, __entry->off, __entry->i_size)
);
/*
* We use page->private to hold the amount of the page that we've written to,
* splitting the field into two parts. However, we need to represent a range
* 0...PAGE_SIZE inclusive, so we can't support 64K pages on a 32-bit system.
*/
#if PAGE_SIZE > 32768
#define AFS_PRIV_MAX 0xffffffff
#define AFS_PRIV_SHIFT 32
#else
#define AFS_PRIV_MAX 0xffff
#define AFS_PRIV_SHIFT 16
#endif
TRACE_EVENT(afs_page_dirty,
TP_PROTO(struct afs_vnode *vnode, const char *where,
pgoff_t page, unsigned long priv),
TP_ARGS(vnode, where, page, priv),
TP_STRUCT__entry(
__field(struct afs_vnode *, vnode )
__field(const char *, where )
__field(pgoff_t, page )
__field(unsigned long, priv )
),
TP_fast_assign(
__entry->vnode = vnode;
__entry->where = where;
__entry->page = page;
__entry->priv = priv;
),
TP_printk("vn=%p %lx %s %lu-%lu",
__entry->vnode, __entry->page, __entry->where,
__entry->priv & AFS_PRIV_MAX,
__entry->priv >> AFS_PRIV_SHIFT)
);
TRACE_EVENT(afs_call_state,
TP_PROTO(struct afs_call *call,
enum afs_call_state from,
enum afs_call_state to,
int ret, u32 remote_abort),
TP_ARGS(call, from, to, ret, remote_abort),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(enum afs_call_state, from )
__field(enum afs_call_state, to )
__field(int, ret )
__field(u32, abort )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->from = from;
__entry->to = to;
__entry->ret = ret;
__entry->abort = remote_abort;
),
TP_printk("c=%08x %u->%u r=%d ab=%d",
__entry->call,
__entry->from, __entry->to,
__entry->ret, __entry->abort)
);
TRACE_EVENT(afs_edit_dir,
TP_PROTO(struct afs_vnode *dvnode,
enum afs_edit_dir_reason why,
enum afs_edit_dir_op op,
unsigned int block,
unsigned int slot,
unsigned int f_vnode,
unsigned int f_unique,
const char *name),
TP_ARGS(dvnode, why, op, block, slot, f_vnode, f_unique, name),
TP_STRUCT__entry(
__field(unsigned int, vnode )
__field(unsigned int, unique )
__field(enum afs_edit_dir_reason, why )
__field(enum afs_edit_dir_op, op )
__field(unsigned int, block )
__field(unsigned short, slot )
__field(unsigned int, f_vnode )
__field(unsigned int, f_unique )
__array(char, name, 18 )
),
TP_fast_assign(
int __len = strlen(name);
__len = min(__len, 17);
__entry->vnode = dvnode->fid.vnode;
__entry->unique = dvnode->fid.unique;
__entry->why = why;
__entry->op = op;
__entry->block = block;
__entry->slot = slot;
__entry->f_vnode = f_vnode;
__entry->f_unique = f_unique;
memcpy(__entry->name, name, __len);
__entry->name[__len] = 0;
),
TP_printk("d=%x:%x %s %s %u[%u] f=%x:%x %s",
__entry->vnode, __entry->unique,
__print_symbolic(__entry->why, afs_edit_dir_reasons),
__print_symbolic(__entry->op, afs_edit_dir_ops),
__entry->block, __entry->slot,
__entry->f_vnode, __entry->f_unique,
__entry->name)
);
TRACE_EVENT(afs_protocol_error,
TP_PROTO(struct afs_call *call, int error, enum afs_eproto_cause cause),
TP_ARGS(call, error, cause),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(int, error )
__field(enum afs_eproto_cause, cause )
),
TP_fast_assign(
__entry->call = call ? call->debug_id : 0;
__entry->error = error;
__entry->cause = cause;
),
TP_printk("c=%08x r=%d %s",
__entry->call, __entry->error,
__print_symbolic(__entry->cause, afs_eproto_causes))
);
TRACE_EVENT(afs_io_error,
TP_PROTO(unsigned int call, int error, enum afs_io_error where),
TP_ARGS(call, error, where),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(int, error )
__field(enum afs_io_error, where )
),
TP_fast_assign(
__entry->call = call;
__entry->error = error;
__entry->where = where;
),
TP_printk("c=%08x r=%d %s",
__entry->call, __entry->error,
__print_symbolic(__entry->where, afs_io_errors))
);
TRACE_EVENT(afs_file_error,
TP_PROTO(struct afs_vnode *vnode, int error, enum afs_file_error where),
TP_ARGS(vnode, error, where),
TP_STRUCT__entry(
__field_struct(struct afs_fid, fid )
__field(int, error )
__field(enum afs_file_error, where )
),
TP_fast_assign(
__entry->fid = vnode->fid;
__entry->error = error;
__entry->where = where;
),
TP_printk("%llx:%llx:%x r=%d %s",
__entry->fid.vid, __entry->fid.vnode, __entry->fid.unique,
__entry->error,
__print_symbolic(__entry->where, afs_file_errors))
);
TRACE_EVENT(afs_cm_no_server,
TP_PROTO(struct afs_call *call, struct sockaddr_rxrpc *srx),
TP_ARGS(call, srx),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(unsigned int, op_id )
__field_struct(struct sockaddr_rxrpc, srx )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->op_id = call->operation_ID;
memcpy(&__entry->srx, srx, sizeof(__entry->srx));
),
TP_printk("c=%08x op=%u %pISpc",
__entry->call, __entry->op_id, &__entry->srx.transport)
);
TRACE_EVENT(afs_cm_no_server_u,
TP_PROTO(struct afs_call *call, const uuid_t *uuid),
TP_ARGS(call, uuid),
TP_STRUCT__entry(
__field(unsigned int, call )
__field(unsigned int, op_id )
__field_struct(uuid_t, uuid )
),
TP_fast_assign(
__entry->call = call->debug_id;
__entry->op_id = call->operation_ID;
memcpy(&__entry->uuid, uuid, sizeof(__entry->uuid));
),
TP_printk("c=%08x op=%u %pU",
__entry->call, __entry->op_id, &__entry->uuid)
);
#endif /* _TRACE_AFS_H */
/* This part must be outside protection */
#include <trace/define_trace.h>