From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
"zhangwei(Jovi)" <jovi.zhangwei@huawei.com>,
Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>,
Steven Rostedt <rostedt@goodmis.org>
Subject: [ 096/103] tracing: Failed to create system directory
Date: Tue, 23 Jul 2013 15:26:47 -0700 [thread overview]
Message-ID: <20130723220432.460187468@linuxfoundation.org> (raw)
In-Reply-To: <20130723220418.532514378@linuxfoundation.org>
3.10-stable review patch. If anyone has any objections, please let me know.
------------------
From: Steven Rostedt <rostedt@goodmis.org>
commit 6e94a780374ed31b280f939d4757e8d7858dff16 upstream.
Running the following:
# cd /sys/kernel/debug/tracing
# echo p:i do_sys_open > kprobe_events
# echo p:j schedule >> kprobe_events
# cat kprobe_events
p:kprobes/i do_sys_open
p:kprobes/j schedule
# echo p:i do_sys_open >> kprobe_events
# cat kprobe_events
p:kprobes/j schedule
p:kprobes/i do_sys_open
# ls /sys/kernel/debug/tracing/events/kprobes/
enable filter j
Notice that the 'i' is missing from the kprobes directory.
The console produces:
"Failed to create system directory kprobes"
This is because kprobes passes in a allocated name for the system
and the ftrace event subsystem saves off that name instead of creating
a duplicate for it. But the kprobes may free the system name making
the pointer to it invalid.
This bug was introduced by 92edca073c37 "tracing: Use direct field, type
and system names" which switched from using kstrdup() on the system name
in favor of just keeping apointer to it, as the internal ftrace event
system names are static and exist for the life of the computer being booted.
Instead of reverting back to duplicating system names again, we can use
core_kernel_data() to determine if the passed in name was allocated or
static. Then use the MSB of the ref_count to be a flag to keep track if
the name was allocated or not. Then we can still save from having to duplicate
strings that will always exist, but still copy the ones that may be freed.
Reported-by: "zhangwei(Jovi)" <jovi.zhangwei@huawei.com>
Reported-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Tested-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/trace/trace_events.c | 41 +++++++++++++++++++++++++++++++++++------
1 file changed, 35 insertions(+), 6 deletions(-)
--- a/kernel/trace/trace_events.c
+++ b/kernel/trace/trace_events.c
@@ -41,6 +41,23 @@ static LIST_HEAD(ftrace_common_fields);
static struct kmem_cache *field_cachep;
static struct kmem_cache *file_cachep;
+#define SYSTEM_FL_FREE_NAME (1 << 31)
+
+static inline int system_refcount(struct event_subsystem *system)
+{
+ return system->ref_count & ~SYSTEM_FL_FREE_NAME;
+}
+
+static int system_refcount_inc(struct event_subsystem *system)
+{
+ return (system->ref_count++) & ~SYSTEM_FL_FREE_NAME;
+}
+
+static int system_refcount_dec(struct event_subsystem *system)
+{
+ return (--system->ref_count) & ~SYSTEM_FL_FREE_NAME;
+}
+
/* Double loops, do not use break, only goto's work */
#define do_for_each_event_file(tr, file) \
list_for_each_entry(tr, &ftrace_trace_arrays, list) { \
@@ -349,8 +366,8 @@ static void __put_system(struct event_su
{
struct event_filter *filter = system->filter;
- WARN_ON_ONCE(system->ref_count == 0);
- if (--system->ref_count)
+ WARN_ON_ONCE(system_refcount(system) == 0);
+ if (system_refcount_dec(system))
return;
list_del(&system->list);
@@ -359,13 +376,15 @@ static void __put_system(struct event_su
kfree(filter->filter_string);
kfree(filter);
}
+ if (system->ref_count & SYSTEM_FL_FREE_NAME)
+ kfree(system->name);
kfree(system);
}
static void __get_system(struct event_subsystem *system)
{
- WARN_ON_ONCE(system->ref_count == 0);
- system->ref_count++;
+ WARN_ON_ONCE(system_refcount(system) == 0);
+ system_refcount_inc(system);
}
static void __get_system_dir(struct ftrace_subsystem_dir *dir)
@@ -379,7 +398,7 @@ static void __put_system_dir(struct ftra
{
WARN_ON_ONCE(dir->ref_count == 0);
/* If the subsystem is about to be freed, the dir must be too */
- WARN_ON_ONCE(dir->subsystem->ref_count == 1 && dir->ref_count != 1);
+ WARN_ON_ONCE(system_refcount(dir->subsystem) == 1 && dir->ref_count != 1);
__put_system(dir->subsystem);
if (!--dir->ref_count)
@@ -1279,7 +1298,15 @@ create_new_subsystem(const char *name)
return NULL;
system->ref_count = 1;
- system->name = name;
+
+ /* Only allocate if dynamic (kprobes and modules) */
+ if (!core_kernel_data((unsigned long)name)) {
+ system->ref_count |= SYSTEM_FL_FREE_NAME;
+ system->name = kstrdup(name, GFP_KERNEL);
+ if (!system->name)
+ goto out_free;
+ } else
+ system->name = name;
system->filter = NULL;
@@ -1292,6 +1319,8 @@ create_new_subsystem(const char *name)
return system;
out_free:
+ if (system->ref_count & SYSTEM_FL_FREE_NAME)
+ kfree(system->name);
kfree(system);
return NULL;
}
next prev parent reply other threads:[~2013-07-23 22:26 UTC|newest]
Thread overview: 119+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-23 22:25 [ 000/103] 3.10.3-stable review Greg Kroah-Hartman
2013-07-23 22:25 ` [ 001/103] powerpc/hw_brk: Fix setting of length for exact mode breakpoints Greg Kroah-Hartman
2013-07-23 22:25 ` [ 002/103] powerpc/hw_brk: Fix clearing of extraneous IRQ Greg Kroah-Hartman
2013-07-23 22:25 ` [ 003/103] powerpc/hw_brk: Fix off by one error when validating DAWR region end Greg Kroah-Hartman
2013-07-23 22:25 ` [ 004/103] powerpc/powernv: Fix iommu initialization again Greg Kroah-Hartman
2013-07-23 22:25 ` [ 005/103] powerpc/tm: Fix writing top half of MSR on 32 bit signals Greg Kroah-Hartman
2013-07-23 22:25 ` [ 006/103] powerpc/tm: Fix 32 bit non-rt signals Greg Kroah-Hartman
2013-07-23 22:25 ` [ 007/103] powerpc/tm: Fix restoration of MSR on 32bit signal return Greg Kroah-Hartman
2013-07-23 22:25 ` [ 008/103] powerpc/tm: Fix return of 32bit rt signals to active transactions Greg Kroah-Hartman
2013-07-23 22:25 ` [ 009/103] powerpc/tm: Fix return of active 64bit signals Greg Kroah-Hartman
2013-07-23 22:25 ` [ 010/103] powerpc: Remove unreachable relocation on exception handlers Greg Kroah-Hartman
2013-07-23 22:25 ` [ 011/103] powerpc: Remove KVMTEST from RELON " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 012/103] powerpc: Rename and flesh out the facility unavailable exception handler Greg Kroah-Hartman
2013-07-23 22:25 ` [ 013/103] powerpc: Wire up the HV facility unavailable exception Greg Kroah-Hartman
2013-07-23 22:25 ` [ 014/103] powerpc/smp: Section mismatch from smp_release_cpus to __initdata spinning_secondaries Greg Kroah-Hartman
2013-07-23 22:25 ` [ 015/103] powerpc/numa: Do not update sysfs cpu registration from invalid context Greg Kroah-Hartman
2013-07-23 22:25 ` [ 016/103] powerpc/perf: Check that events only include valid bits on Power8 Greg Kroah-Hartman
2013-07-23 22:25 ` [ 017/103] powerpc/perf: Rework disable logic in pmu_disable() Greg Kroah-Hartman
2013-07-23 22:25 ` [ 018/103] powerpc/perf: Freeze PMC5/6 if were not using them Greg Kroah-Hartman
2013-07-23 22:25 ` [ 019/103] powerpc/perf: Use existing out label in power_pmu_enable() Greg Kroah-Hartman
2013-07-23 22:25 ` [ 020/103] powerpc/perf: Dont enable if we have zero events Greg Kroah-Hartman
2013-07-23 22:25 ` [ 021/103] cpufreq: Revert commit a66b2e to fix suspend/resume regression Greg Kroah-Hartman
2013-07-23 22:25 ` [ 022/103] cpufreq: Revert commit 2f7021a8 to fix CPU hotplug regression Greg Kroah-Hartman
2013-07-23 22:25 ` [ 023/103] arm64: mm: dont treat user cache maintenance faults as writes Greg Kroah-Hartman
2013-07-23 22:25 ` [ 024/103] iio: Fix iio_channel_has_info Greg Kroah-Hartman
2013-07-23 22:25 ` [ 025/103] iio: inkern: fix iio_convert_raw_to_processed_unlocked Greg Kroah-Hartman
2013-07-23 22:25 ` [ 026/103] ALSA: hda - Fix EAPD vmaster hook for AD1884 & co Greg Kroah-Hartman
2013-07-23 22:25 ` [ 027/103] ALSA: hda - Fix return value of snd_hda_check_power_state() Greg Kroah-Hartman
2013-07-23 22:25 ` [ 028/103] ALSA: hda - Cache the MUX selection for generic HDMI Greg Kroah-Hartman
2013-07-23 22:25 ` [ 029/103] ALSA: hda - Fix missing Mic Boost controls for VIA codecs Greg Kroah-Hartman
2013-07-23 22:25 ` [ 030/103] ALSA: hda - Fix the max length of control name in generic parser Greg Kroah-Hartman
2013-07-23 22:25 ` [ 031/103] ALSA: hda - Add new GPU codec ID to snd-hda Greg Kroah-Hartman
2013-07-23 22:25 ` [ 032/103] ALSA: seq-oss: Initialize MIDI clients asynchronously Greg Kroah-Hartman
2013-07-23 22:25 ` [ 033/103] ALSA: 6fire: Fix unlocked snd_pcm_stop() call Greg Kroah-Hartman
2013-07-23 22:25 ` [ 034/103] ALSA: ua101: " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 035/103] ALSA: pxa2xx: " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 036/103] ALSA: atiixp: " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 037/103] ALSA: asihpi: " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 038/103] ALSA: usx2y: " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 039/103] hwmon: (nct6775) Fix temperature alarm attributes Greg Kroah-Hartman
2013-07-23 22:25 ` [ 040/103] hwmon: (nct6775) Drop unsupported fan alarm attributes for NCT6775 Greg Kroah-Hartman
2013-07-23 22:25 ` [ 041/103] libata-zpodd: must use ata_tf_init() Greg Kroah-Hartman
2013-07-23 22:25 ` [ 042/103] libata: skip SRST for all SIMG [34]7x port-multipliers Greg Kroah-Hartman
2013-07-23 22:25 ` [ 043/103] ata_piix: IDE-mode SATA patch for Intel Coleto Creek DeviceIDs Greg Kroah-Hartman
2013-07-23 22:25 ` [ 044/103] sata_highbank: increase retry count but shorten duration for Calxeda controller Greg Kroah-Hartman
2013-07-23 22:25 ` [ 045/103] i2c-piix4: Add AMD CZ SMBus device ID Greg Kroah-Hartman
2013-07-23 22:25 ` [ 046/103] ASoC: s6000: Fix unlocked snd_pcm_stop() call Greg Kroah-Hartman
2013-07-23 22:25 ` [ 047/103] ASoC: atmel: " Greg Kroah-Hartman
2013-07-23 22:25 ` [ 048/103] ASoC: sglt5000: Fix SGTL5000_PLL_FRAC_DIV_MASK Greg Kroah-Hartman
2013-07-23 22:26 ` [ 049/103] md/raid10: fix bug which causes all RAID10 reshapes to move no data Greg Kroah-Hartman
2013-07-23 22:26 ` [ 050/103] md/raid10: fix two bugs affecting RAID10 reshape Greg Kroah-Hartman
2013-07-23 22:26 ` [ 051/103] md/raid10: fix two problems with RAID10 resync Greg Kroah-Hartman
2013-07-23 22:26 ` [ 052/103] tick: Sanitize broadcast control logic Greg Kroah-Hartman
2013-07-23 22:26 ` [ 053/103] tick: Prevent uncontrolled switch to oneshot mode Greg Kroah-Hartman
2013-07-23 22:26 ` [ 054/103] clocksource: dw_apb: Fix error check Greg Kroah-Hartman
2013-07-23 22:26 ` [ 055/103] rt2x00: read 5GHz TX power values from the correct offset Greg Kroah-Hartman
2013-07-23 22:26 ` [ 056/103] rt2x00: rt2800lib: fix default TX power check for RT55xx Greg Kroah-Hartman
2013-07-23 22:26 ` [ 057/103] ath9k_hw: Assign default xlna config for AR9485 Greg Kroah-Hartman
2013-07-23 22:26 ` [ 058/103] ath9k: Fix noisefloor calibration Greg Kroah-Hartman
2013-07-23 22:26 ` [ 059/103] ath9k: Do not assign noise for NULL caldata Greg Kroah-Hartman
2013-07-23 22:26 ` [ 060/103] SCSI: sd: Update WRITE SAME heuristics Greg Kroah-Hartman
2013-07-23 22:26 ` [ 061/103] SCSI: aacraid: Fix for arrays are going offline in the system. System hangs Greg Kroah-Hartman
2013-07-23 22:26 ` [ 062/103] SCSI: zfcp: fix adapter (re)open recovery while link to SAN is down Greg Kroah-Hartman
2013-07-23 22:26 ` [ 063/103] SCSI: zfcp: block queue limits with data router Greg Kroah-Hartman
2013-07-23 22:26 ` [ 064/103] SCSI: zfcp: status read buffers on first adapter open with link down Greg Kroah-Hartman
2013-07-23 22:26 ` [ 065/103] SCSI: mpt2sas: fix firmware failure with wrong task attribute Greg Kroah-Hartman
2013-07-23 22:26 ` [ 066/103] SCSI: mpt2sas: Fix for issue Missing delay not getting set during system bootup Greg Kroah-Hartman
2013-07-23 22:26 ` [ 067/103] SUNRPC: fix races on PipeFS MOUNT notifications Greg Kroah-Hartman
2013-07-23 22:26 ` [ 068/103] SUNRPC: fix races on PipeFS UMOUNT notifications Greg Kroah-Hartman
2013-07-23 22:30 ` Myklebust, Trond
2013-07-23 22:50 ` Greg Kroah-Hartman
2013-07-23 22:26 ` [ 069/103] virtio_balloon: leak_balloon(): only tell host if we got pages deflated Greg Kroah-Hartman
2013-07-23 22:26 ` [ 070/103] b43: ensue that BCMA is "y" when B43 is "y" Greg Kroah-Hartman
2013-07-23 22:26 ` [ 071/103] mac80211: close AP_VLAN interfaces before unregistering all Greg Kroah-Hartman
2013-07-23 22:26 ` [ 072/103] printk: Fix rq->lock vs logbuf_lock unlock lock inversion Greg Kroah-Hartman
2013-07-23 22:26 ` [ 073/103] uprobes: Fix return value in error handling path Greg Kroah-Hartman
2013-07-23 22:26 ` [ 074/103] svcrpc: fix failures to handle -1 uids Greg Kroah-Hartman
2013-07-23 22:26 ` [ 075/103] svcrpc: fix handling of too-short rpcs Greg Kroah-Hartman
2013-07-23 22:26 ` [ 076/103] svcrpc: dont error out on small tcp fragment Greg Kroah-Hartman
2013-07-23 22:26 ` [ 077/103] of: Fix address decoding on Bimini and js2x machines Greg Kroah-Hartman
2013-07-23 22:26 ` [ 078/103] drm/i915: Fix up sdvo hpd pins for i965g/gm Greg Kroah-Hartman
2013-07-23 22:26 ` [ 079/103] drm/i915: Fix context sizes on HSW Greg Kroah-Hartman
2013-07-23 22:26 ` [ 080/103] drm/i915: Only clear write-domains after a successful wait-seqno Greg Kroah-Hartman
2013-07-23 22:26 ` [ 081/103] drm/gem: fix not to assign error value to gem name Greg Kroah-Hartman
2013-07-23 22:26 ` [ 082/103] drm/mgag200: Added resolution and bandwidth limits for various G200e products Greg Kroah-Hartman
2013-07-23 22:26 ` [ 083/103] drm/nouveau: use vmalloc for pgt allocation Greg Kroah-Hartman
2013-07-23 22:26 ` [ 084/103] drm/radeon: fix AVI infoframe generation Greg Kroah-Hartman
2013-07-23 22:26 ` [ 085/103] drm/radeon: add backlight quirk for hybrid mac Greg Kroah-Hartman
2013-07-23 22:26 ` [ 086/103] drm/nva3/disp: Fix HDMI audio regression Greg Kroah-Hartman
2013-07-23 22:26 ` [ 087/103] drm/nv50-/disp: Use output specific mask in interrupt Greg Kroah-Hartman
2013-07-23 22:26 ` [ 088/103] iommu/amd: Only unmap large pages from the first pte Greg Kroah-Hartman
2013-07-23 22:26 ` [ 089/103] xtensa: adjust boot parameters address when INITIALIZE_XTENSA_MMU_INSIDE_VMLINUX is selected Greg Kroah-Hartman
2013-07-23 22:26 ` [ 090/103] thermal: cpu_cooling: fix stub function Greg Kroah-Hartman
2013-07-23 22:26 ` [ 091/103] MIPS: Octeon: Dont clobber bootloader data structures Greg Kroah-Hartman
2013-07-23 22:26 ` [ 092/103] staging: line6: Fix unlocked snd_pcm_stop() call Greg Kroah-Hartman
2013-07-23 22:26 ` [ 093/103] perf: Clone child context from parent context pmu Greg Kroah-Hartman
2013-07-23 22:26 ` [ 094/103] perf: Remove WARN_ON_ONCE() check in __perf_event_enable() for valid scenario Greg Kroah-Hartman
2013-07-23 22:26 ` [ 095/103] perf: Fix perf_lock_task_context() vs RCU Greg Kroah-Hartman
2013-07-23 22:26 ` Greg Kroah-Hartman [this message]
2013-07-23 22:26 ` [ 097/103] tracing: Fix irqs-off tag display in syscall tracing Greg Kroah-Hartman
2013-07-23 22:26 ` [ 098/103] tracing: Make trace_marker use the correct per-instance buffer Greg Kroah-Hartman
2013-07-23 22:26 ` [ 099/103] tracing: Protect ftrace_trace_arrays list in trace_events.c Greg Kroah-Hartman
2013-07-23 22:26 ` [ 100/103] tracing: Add trace_array_get/put() to handle instance refs better Greg Kroah-Hartman
2013-07-23 22:26 ` [ 101/103] tracing: Get trace_array ref counts when accessing trace files Greg Kroah-Hartman
2013-07-23 22:26 ` [ 102/103] tracing: Fix race between deleting buffer and setting events Greg Kroah-Hartman
2013-07-23 22:26 ` [ 103/103] tracing: Add trace_array_get/put() to event handling Greg Kroah-Hartman
[not found] ` <CAKocOOPO61YUj5kTL7k1HuEeDdB_x=sxWga007nBSiLD4Px5Mg@mail.gmail.com>
2013-07-24 13:40 ` [ 000/103] 3.10.3-stable review Shuah Khan
2013-07-24 14:55 ` gregkh@linuxfoundation.org >> "Kroah-Hartman, Greg"
2013-07-24 17:04 ` Linus Torvalds
2013-07-24 17:15 ` Willy Tarreau
2013-07-24 17:16 ` Steven Rostedt
2013-07-24 17:24 ` Linus Torvalds
2013-07-24 17:46 ` Steven Rostedt
2013-07-24 17:52 ` gregkh@linuxfoundation.org >> Kroah-Hartman, Greg
2013-07-24 18:05 ` Steven Rostedt
2013-07-25 9:52 ` Geert Uytterhoeven
2013-07-25 12:47 ` Steven Rostedt
2013-07-25 3:10 ` linux
2013-07-25 4:20 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130723220432.460187468@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jovi.zhangwei@huawei.com \
--cc=linux-kernel@vger.kernel.org \
--cc=masami.hiramatsu.pt@hitachi.com \
--cc=rostedt@goodmis.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).