* [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
@ 2009-09-11 22:05 Carsten Emde
2009-09-11 22:15 ` Steven Rostedt
2009-09-13 15:01 ` [tip:tracing/core] tracing: prevent " tip-bot for Carsten Emde
0 siblings, 2 replies; 3+ messages in thread
From: Carsten Emde @ 2009-09-11 22:05 UTC (permalink / raw)
To: Steven Rostedt
Cc: Thomas Gleixner, Arnaldo Carvalho de Melo, Ingo Molnar, Li Zefan,
LKML
Booting 2.6.31 and executing
echo 1 >/sys/kernel/debug/tracing/events/enable
leads to
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c032a583>] ftrace_raw_event_block_bio_bounce+0x4b/0xb9
Apparently,
bio = bio_map_user(q, NULL, uaddr, len, reading, gfp_mask);
is called in block/blk-map.c:58 where bio->bi_bdev in set to NULL and
still is NULL when an attempt is made to evaluate bio->bi_bdev->bd_dev
in include/trace/events/block.h:189.
The tracepoint should ensure bio->bi_bdev is not dereferenced, if NULL.
Signed-Off-By: Carsten Emde <C.Emde@osadl.org>
--- a/include/trace/events/block.h 2009-09-11 21:20:56.000000000 +0200
+++ b/include/trace/events/block.h 2009-09-11 22:01:52.000000000 +0200
@@ -186,7 +186,8 @@
),
TP_fast_assign(
- __entry->dev = bio->bi_bdev->bd_dev;
+ __entry->dev = bio->bi_bdev ?
+ bio->bi_bdev->bd_dev : 0;
__entry->sector = bio->bi_sector;
__entry->nr_sector = bio->bi_size >> 9;
blk_fill_rwbs(__entry->rwbs, bio->bi_rw, bio->bi_size);
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
2009-09-11 22:05 [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce Carsten Emde
@ 2009-09-11 22:15 ` Steven Rostedt
2009-09-13 15:01 ` [tip:tracing/core] tracing: prevent " tip-bot for Carsten Emde
1 sibling, 0 replies; 3+ messages in thread
From: Steven Rostedt @ 2009-09-11 22:15 UTC (permalink / raw)
To: Carsten Emde
Cc: Thomas Gleixner, Arnaldo Carvalho de Melo, Ingo Molnar, Li Zefan,
LKML
On Sat, 2009-09-12 at 00:05 +0200, Carsten Emde wrote:
> Booting 2.6.31 and executing
> echo 1 >/sys/kernel/debug/tracing/events/enable
> leads to
> BUG: unable to handle kernel NULL pointer dereference at (null)
> IP: [<c032a583>] ftrace_raw_event_block_bio_bounce+0x4b/0xb9
>
> Apparently,
> bio = bio_map_user(q, NULL, uaddr, len, reading, gfp_mask);
> is called in block/blk-map.c:58 where bio->bi_bdev in set to NULL and
> still is NULL when an attempt is made to evaluate bio->bi_bdev->bd_dev
> in include/trace/events/block.h:189.
>
> The tracepoint should ensure bio->bi_bdev is not dereferenced, if NULL.
>
> Signed-Off-By: Carsten Emde <C.Emde@osadl.org>
Thanks Carsten!
I'll apply it and push it off to Ingo.
-- Steve
>
> --- a/include/trace/events/block.h 2009-09-11 21:20:56.000000000 +0200
> +++ b/include/trace/events/block.h 2009-09-11 22:01:52.000000000 +0200
> @@ -186,7 +186,8 @@
> ),
>
> TP_fast_assign(
> - __entry->dev = bio->bi_bdev->bd_dev;
> + __entry->dev = bio->bi_bdev ?
> + bio->bi_bdev->bd_dev : 0;
> __entry->sector = bio->bi_sector;
> __entry->nr_sector = bio->bi_size >> 9;
> blk_fill_rwbs(__entry->rwbs, bio->bi_rw, bio->bi_size);
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [tip:tracing/core] tracing: prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
2009-09-11 22:05 [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce Carsten Emde
2009-09-11 22:15 ` Steven Rostedt
@ 2009-09-13 15:01 ` tip-bot for Carsten Emde
1 sibling, 0 replies; 3+ messages in thread
From: tip-bot for Carsten Emde @ 2009-09-13 15:01 UTC (permalink / raw)
To: linux-tip-commits
Cc: linux-kernel, hpa, mingo, rostedt, Carsten.Emde, tglx, C.Emde
Commit-ID: fe63b94a430c0c8058de317f0a8ce921c69dbee4
Gitweb: http://git.kernel.org/tip/fe63b94a430c0c8058de317f0a8ce921c69dbee4
Author: Carsten Emde <Carsten.Emde@osadl.org>
AuthorDate: Sat, 12 Sep 2009 00:05:37 +0200
Committer: Steven Rostedt <rostedt@goodmis.org>
CommitDate: Sat, 12 Sep 2009 21:31:19 -0400
tracing: prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
Booting 2.6.31 and executing
echo 1 >/sys/kernel/debug/tracing/events/enable
leads to
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c032a583>] ftrace_raw_event_block_bio_bounce+0x4b/0xb9
Apparently,
bio = bio_map_user(q, NULL, uaddr, len, reading, gfp_mask);
is called in block/blk-map.c:58 where bio->bi_bdev in set to NULL and
still is NULL when an attempt is made to evaluate bio->bi_bdev->bd_dev
in include/trace/events/block.h:189.
The tracepoint should ensure bio->bi_bdev is not dereferenced, if NULL.
Signed-off-by: Carsten Emde <C.Emde@osadl.org>
LKML-Reference: <4AAAC9B1.9060505@osadl.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
---
include/trace/events/block.h | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/include/trace/events/block.h b/include/trace/events/block.h
index 9a74b46..d86af94 100644
--- a/include/trace/events/block.h
+++ b/include/trace/events/block.h
@@ -171,6 +171,7 @@ TRACE_EVENT(block_rq_complete,
(unsigned long long)__entry->sector,
__entry->nr_sector, __entry->errors)
);
+
TRACE_EVENT(block_bio_bounce,
TP_PROTO(struct request_queue *q, struct bio *bio),
@@ -186,7 +187,8 @@ TRACE_EVENT(block_bio_bounce,
),
TP_fast_assign(
- __entry->dev = bio->bi_bdev->bd_dev;
+ __entry->dev = bio->bi_bdev ?
+ bio->bi_bdev->bd_dev : 0;
__entry->sector = bio->bi_sector;
__entry->nr_sector = bio->bi_size >> 9;
blk_fill_rwbs(__entry->rwbs, bio->bi_rw, bio->bi_size);
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-09-13 15:02 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-09-11 22:05 [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce Carsten Emde
2009-09-11 22:15 ` Steven Rostedt
2009-09-13 15:01 ` [tip:tracing/core] tracing: prevent " tip-bot for Carsten Emde
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.