From: tip-bot for Shaohua Li <shaohua.li@intel.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@redhat.com,
rostedt@goodmis.org, stable@kernel.org, shaohua.li@intel.com,
tglx@linutronix.de
Subject: [tip:perf/urgent] tracing: Fix an unallocated memory access in function_graph
Date: Mon, 16 Aug 2010 17:30:40 GMT [thread overview]
Message-ID: <tip-575570f02761bd680ba5731c1dfd4701062e7fb2@git.kernel.org> (raw)
In-Reply-To: <1280217994.32400.76.camel@sli10-desk.sh.intel.com>
Commit-ID: 575570f02761bd680ba5731c1dfd4701062e7fb2
Gitweb: http://git.kernel.org/tip/575570f02761bd680ba5731c1dfd4701062e7fb2
Author: Shaohua Li <shaohua.li@intel.com>
AuthorDate: Tue, 27 Jul 2010 16:06:34 +0800
Committer: Steven Rostedt <rostedt@goodmis.org>
CommitDate: Fri, 6 Aug 2010 12:19:15 -0400
tracing: Fix an unallocated memory access in function_graph
With CONFIG_DEBUG_PAGEALLOC, I observed an unallocated memory access in
function_graph trace. It appears we find a small size entry in ring buffer,
but we access it as a big size entry. The access overflows the page size
and touches an unallocated page.
Cc: <stable@kernel.org>
Signed-off-by: Shaohua Li <shaohua.li@intel.com>
LKML-Reference: <1280217994.32400.76.camel@sli10-desk.sh.intel.com>
[ Added a comment to explain the problem - SDR ]
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
---
kernel/trace/trace_functions_graph.c | 10 +++++++++-
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c
index 79f4bac..b4c179a 100644
--- a/kernel/trace/trace_functions_graph.c
+++ b/kernel/trace/trace_functions_graph.c
@@ -507,7 +507,15 @@ get_return_for_leaf(struct trace_iterator *iter,
* if the output fails.
*/
data->ent = *curr;
- data->ret = *next;
+ /*
+ * If the next event is not a return type, then
+ * we only care about what type it is. Otherwise we can
+ * safely copy the entire event.
+ */
+ if (next->ent.type == TRACE_GRAPH_RET)
+ data->ret = *next;
+ else
+ data->ret.ent.type = next->ent.type;
}
}
prev parent reply other threads:[~2010-08-16 17:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-27 8:06 [RFC]ftrace: fix a unallocated memory access in function_graph Shaohua Li
2010-08-06 16:09 ` Steven Rostedt
2010-08-16 17:30 ` tip-bot for Shaohua Li [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-575570f02761bd680ba5731c1dfd4701062e7fb2@git.kernel.org \
--to=shaohua.li@intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rostedt@goodmis.org \
--cc=stable@kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.