iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel/trace
History
Steven Rostedt (VMware) d4ad9a1cca ftrace: Reset fgd->hash in ftrace_graph_write() 
fgd->hash is saved and then freed, but is never reset to either
ftrace_graph_hash nor ftrace_graph_notrace_hash. But if multiple writes are
performed, then the freed hash could be accessed again.

 # cd /sys/kernel/debug/tracing
 # head -1000 available_filter_functions > /tmp/funcs
 # cat /tmp/funcs > set_graph_function

Causes:

 general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC
 Modules linked in:  [...]
 CPU: 2 PID: 1337 Comm: cat Not tainted 4.10.0-rc2-test-00010-g6b052e9 #32
 Hardware name: Hewlett-Packard HP Compaq Pro 6300 SFF/339A, BIOS K01 v02.05 05/07/2012
 task: ffff880113a12200 task.stack: ffffc90001940000
 RIP: 0010:free_ftrace_hash+0x7c/0x160
 RSP: 0018:ffffc90001943db0 EFLAGS: 00010246
 RAX: 6b6b6b6b6b6b6b6b RBX: 6b6b6b6b6b6b6b6b RCX: 6b6b6b6b6b6b6b6b
 RDX: 0000000000000002 RSI: 0000000000000001 RDI: ffff8800ce1e1d40
 RBP: ffff8800ce1e1d50 R08: 0000000000000000 R09: 0000000000006400
 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
 R13: ffff8800ce1e1d40 R14: 0000000000004000 R15: 0000000000000001
 FS:  00007f9408a07740(0000) GS:ffff88011e500000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 0000000000aee1f0 CR3: 0000000116bb4000 CR4: 00000000001406e0
 Call Trace:
  ? ftrace_graph_write+0x150/0x190
  ? __vfs_write+0x1f6/0x210
  ? __audit_syscall_entry+0x17f/0x200
  ? rw_verify_area+0xdb/0x210
  ? _cond_resched+0x2b/0x50
  ? __sb_start_write+0xb4/0x130
  ? vfs_write+0x1c8/0x330
  ? SyS_write+0x62/0xf0
  ? do_syscall_64+0xa3/0x1b0
  ? entry_SYSCALL64_slow_path+0x25/0x25
 Code: 01 48 85 db 0f 84 92 00 00 00 b8 01 00 00 00 d3 e0 85 c0 7e 3f 83 e8 01 48 8d 6f 10 45 31 e4 4c 8d 34 c5 08 00 00 00 49 8b 45 08 <4a> 8b 34 20 48 85 f6 74 13 48 8b 1e 48 89 ef e8 20 fa ff ff 48
 RIP: free_ftrace_hash+0x7c/0x160 RSP: ffffc90001943db0
 ---[ end trace 999b48216bf4b393 ]---

Acked-by: Namhyung Kim <namhyung@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
2017-02-03 10:59:06 -05:00
..
blktrace.c
block: better op and flags encoding
2016-10-28 08:48:16 -06:00
bpf_trace.c
bpf: add helper for retrieving current numa node id
2016-10-22 17:05:52 -04:00
ftrace.c
ftrace: Reset fgd->hash in ftrace_graph_write()
2017-02-03 10:59:06 -05:00
Kconfig
ftrace: Support full glob matching
2016-11-14 16:42:58 -05:00
Makefile
Disable the __builtin_return_address() warning globally after all
2016-10-12 10:23:41 -07:00
power-traces.c
cpufreq: schedutil: New governor based on scheduler utilization data
2016-04-02 01:09:12 +02:00
ring_buffer_benchmark.c
ring_buffer: Remove unneeded smp_wmb() before wakeup of reader benchmark
2015-11-03 16:19:02 -05:00
ring_buffer.c
This release has a few updates:
2016-12-15 13:49:34 -08:00
rpm-traces.c
trace_benchmark.c
tracing: Allow benchmark to be enabled at early_initcall()
2016-12-09 09:16:15 -05:00
trace_benchmark.h
tracing: Have the reg function allow to fail
2016-12-09 09:13:30 -05:00
trace_branch.c
tracing: Add the constant count for branch tracer
2017-01-19 08:57:41 -05:00
trace_clock.c
tracing: Export tracing clock functions
2015-05-12 15:56:57 -04:00
trace_entries.h
tracing: Add the constant count for branch tracer
2017-01-19 08:57:41 -05:00
trace_event_perf.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2016-05-17 16:26:30 -07:00
trace_events_filter_test.h
trace_events_filter.c
tracing/filter: Define op as the enum that it is
2016-11-14 16:42:59 -05:00
trace_events_hist.c
tracing: Fix use-after-free in hist_register_trigger()
2016-08-02 15:16:30 -04:00
trace_events_trigger.c
tracing: Call traceoff trigger after event is recorded
2016-09-23 09:47:59 -04:00
trace_events.c
tracing: Have system enable return error if one of the events fail
2016-12-09 09:15:41 -05:00
trace_export.c
tracing: ftrace_event_is_function() can return boolean
2015-11-02 14:28:05 -05:00
trace_functions_graph.c
tracing/fgraph: Have wakeup and irqsoff tracers ignore graph functions too
2016-12-09 09:21:35 -05:00
trace_functions.c
ftrace: Have set_ftrace_pid use the bitmap like events do
2016-06-20 09:54:19 -04:00
trace_hwlat.c
tracing: Make __buffer_unlock_commit() always_inline
2016-11-23 20:30:51 -05:00
trace_irqsoff.c
clocksource: Use a plain u64 instead of cycle_t
2016-12-25 11:04:12 +01:00
trace_kdb.c
tracing: Move trace_flags from global to a trace_array field
2015-09-30 15:22:55 -04:00
trace_kprobe.c
kprobes/trace: Fix kprobe selftest for newer gcc
2016-12-12 21:21:43 -05:00
trace_mmiotrace.c
tracing: Expose CPU physical addresses (resource values) for PCI devices
2016-06-20 09:54:22 -04:00
trace_nop.c
tracing: Fix typoes in code comment and printk in trace_nop.c
2016-03-08 11:23:57 -05:00
trace_output.c
tracing: Add new trace_marker_raw
2016-11-15 15:13:59 -05:00
trace_output.h
tracing: Turn seq_print_user_ip() into a static function
2015-09-28 10:16:12 -04:00
trace_printk.c
tracing: Handle NULL formats in hold_module_trace_bprintk_format()
2016-06-20 09:46:12 -04:00
trace_probe.c
ftrace: kprobe: uprobe: Show u8/u16/u32/u64 types in decimal
2016-08-23 17:06:38 -03:00
trace_probe.h
ftrace: kprobe: uprobe: Show u8/u16/u32/u64 types in decimal
2016-08-23 17:06:38 -03:00
trace_sched_switch.c
sched/core: Fix trace_sched_switch()
2015-10-06 17:08:15 +02:00
trace_sched_wakeup.c
clocksource: Use a plain u64 instead of cycle_t
2016-12-25 11:04:12 +01:00
trace_selftest_dynamic.c
trace_selftest.c
Seems that Peter Zijlstra added a new check that is making old
2014-10-12 07:28:55 -04:00
trace_seq.c
tracing: use %*pb[l] to print bitmaps including cpumasks and nodemasks
2015-02-13 21:21:37 -08:00
trace_stack.c
tracing, kasan: Silence Kasan warning in check_stack of stack_tracer
2016-02-19 12:36:44 -05:00
trace_stat.c
kernel/...: convert pr_warning to pr_warn
2016-03-22 15:36:02 -07:00
trace_stat.h
trace_syscalls.c
tracing/syscalls: fix multiline in error message text
2016-09-29 10:25:23 +02:00
trace_uprobe.c
uprobe: Find last occurrence of ':' when parsing uprobe PATH:OFFSET
2017-01-17 12:57:47 -05:00
trace.c
clocksource: Use a plain u64 instead of cycle_t
2016-12-25 11:04:12 +01:00
trace.h
ftrace: Convert graph filter to use hash tables
2017-01-20 14:50:58 -05:00
tracing_map.c
tracing: Handle tracing_map_alloc_elts() error path correctly
2016-04-26 09:40:30 -04:00
tracing_map.h
tracing: Update some tracing_map constants and comments
2016-04-19 12:16:06 -04:00