[PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
@ 2009-09-11 22:05 Carsten Emde
  2009-09-11 22:15 ` Steven Rostedt
  2009-09-13 15:01 ` [tip:tracing/core] tracing: prevent " tip-bot for Carsten Emde
  0 siblings, 2 replies; 3+ messages in thread
From: Carsten Emde @ 2009-09-11 22:05 UTC (permalink / raw)
  To: Steven Rostedt
  Cc: Thomas Gleixner, Arnaldo Carvalho de Melo, Ingo Molnar, Li Zefan,
	LKML

Booting 2.6.31 and executing
   echo 1 >/sys/kernel/debug/tracing/events/enable
leads to
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c032a583>] ftrace_raw_event_block_bio_bounce+0x4b/0xb9

Apparently,
   bio = bio_map_user(q, NULL, uaddr, len, reading, gfp_mask);
is called in block/blk-map.c:58 where bio->bi_bdev in set to NULL and 
still is NULL when an attempt is made to evaluate bio->bi_bdev->bd_dev 
in include/trace/events/block.h:189.

The tracepoint should ensure bio->bi_bdev is not dereferenced, if NULL.

Signed-Off-By: Carsten Emde <C.Emde@osadl.org>

--- a/include/trace/events/block.h 2009-09-11 21:20:56.000000000 +0200
+++ b/include/trace/events/block.h 2009-09-11 22:01:52.000000000 +0200
@@ -186,7 +186,8 @@
  	),

  	TP_fast_assign(
-		__entry->dev		= bio->bi_bdev->bd_dev;
+		__entry->dev		= bio->bi_bdev ?
+					  bio->bi_bdev->bd_dev : 0;
  		__entry->sector		= bio->bi_sector;
  		__entry->nr_sector	= bio->bi_size >> 9;
  		blk_fill_rwbs(__entry->rwbs, bio->bi_rw, bio->bi_size);


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
  2009-09-11 22:05 [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce Carsten Emde
@ 2009-09-11 22:15 ` Steven Rostedt
  2009-09-13 15:01 ` [tip:tracing/core] tracing: prevent " tip-bot for Carsten Emde
  1 sibling, 0 replies; 3+ messages in thread
From: Steven Rostedt @ 2009-09-11 22:15 UTC (permalink / raw)
  To: Carsten Emde
  Cc: Thomas Gleixner, Arnaldo Carvalho de Melo, Ingo Molnar, Li Zefan,
	LKML

On Sat, 2009-09-12 at 00:05 +0200, Carsten Emde wrote:
> Booting 2.6.31 and executing
>    echo 1 >/sys/kernel/debug/tracing/events/enable
> leads to
> BUG: unable to handle kernel NULL pointer dereference at (null)
> IP: [<c032a583>] ftrace_raw_event_block_bio_bounce+0x4b/0xb9
> 
> Apparently,
>    bio = bio_map_user(q, NULL, uaddr, len, reading, gfp_mask);
> is called in block/blk-map.c:58 where bio->bi_bdev in set to NULL and 
> still is NULL when an attempt is made to evaluate bio->bi_bdev->bd_dev 
> in include/trace/events/block.h:189.
> 
> The tracepoint should ensure bio->bi_bdev is not dereferenced, if NULL.
> 
> Signed-Off-By: Carsten Emde <C.Emde@osadl.org>

Thanks Carsten!

I'll apply it and push it off to Ingo.

-- Steve

> 
> --- a/include/trace/events/block.h 2009-09-11 21:20:56.000000000 +0200
> +++ b/include/trace/events/block.h 2009-09-11 22:01:52.000000000 +0200
> @@ -186,7 +186,8 @@
>   	),
> 
>   	TP_fast_assign(
> -		__entry->dev		= bio->bi_bdev->bd_dev;
> +		__entry->dev		= bio->bi_bdev ?
> +					  bio->bi_bdev->bd_dev : 0;
>   		__entry->sector		= bio->bi_sector;
>   		__entry->nr_sector	= bio->bi_size >> 9;
>   		blk_fill_rwbs(__entry->rwbs, bio->bi_rw, bio->bi_size);
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [tip:tracing/core] tracing: prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce
  2009-09-11 22:05 [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce Carsten Emde
  2009-09-11 22:15 ` Steven Rostedt
@ 2009-09-13 15:01 ` tip-bot for Carsten Emde
  1 sibling, 0 replies; 3+ messages in thread
From: tip-bot for Carsten Emde @ 2009-09-13 15:01 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: linux-kernel, hpa, mingo, rostedt, Carsten.Emde, tglx, C.Emde

Commit-ID:  fe63b94a430c0c8058de317f0a8ce921c69dbee4
Gitweb:     http://git.kernel.org/tip/fe63b94a430c0c8058de317f0a8ce921c69dbee4
Author:     Carsten Emde <Carsten.Emde@osadl.org>
AuthorDate: Sat, 12 Sep 2009 00:05:37 +0200
Committer:  Steven Rostedt <rostedt@goodmis.org>
CommitDate: Sat, 12 Sep 2009 21:31:19 -0400

tracing: prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce

Booting 2.6.31 and executing
   echo 1 >/sys/kernel/debug/tracing/events/enable
leads to
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c032a583>] ftrace_raw_event_block_bio_bounce+0x4b/0xb9

Apparently,
   bio = bio_map_user(q, NULL, uaddr, len, reading, gfp_mask);
is called in block/blk-map.c:58 where bio->bi_bdev in set to NULL and
still is NULL when an attempt is made to evaluate bio->bi_bdev->bd_dev
in include/trace/events/block.h:189.

The tracepoint should ensure bio->bi_bdev is not dereferenced, if NULL.

Signed-off-by: Carsten Emde <C.Emde@osadl.org>
LKML-Reference: <4AAAC9B1.9060505@osadl.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>


---
 include/trace/events/block.h |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/include/trace/events/block.h b/include/trace/events/block.h
index 9a74b46..d86af94 100644
--- a/include/trace/events/block.h
+++ b/include/trace/events/block.h
@@ -171,6 +171,7 @@ TRACE_EVENT(block_rq_complete,
 		  (unsigned long long)__entry->sector,
 		  __entry->nr_sector, __entry->errors)
 );
+
 TRACE_EVENT(block_bio_bounce,
 
 	TP_PROTO(struct request_queue *q, struct bio *bio),
@@ -186,7 +187,8 @@ TRACE_EVENT(block_bio_bounce,
 	),
 
 	TP_fast_assign(
-		__entry->dev		= bio->bi_bdev->bd_dev;
+		__entry->dev		= bio->bi_bdev ?
+					  bio->bi_bdev->bd_dev : 0;
 		__entry->sector		= bio->bi_sector;
 		__entry->nr_sector	= bio->bi_size >> 9;
 		blk_fill_rwbs(__entry->rwbs, bio->bi_rw, bio->bi_size);

^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2009-09-13 15:02 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-09-11 22:05 [PATCH] Prevent NULL pointer dereference in ftrace_raw_event_block_bio_bounce Carsten Emde
2009-09-11 22:15 ` Steven Rostedt
2009-09-13 15:01 ` [tip:tracing/core] tracing: prevent " tip-bot for Carsten Emde

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.