From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Shuah Khan <shuah.kh@samsung.com>,
Jovi Zhangwei <jovi.zhangwei@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>
Subject: [PATCH 3.4 53/60] tracing: Allow events to have NULL strings
Date: Mon, 2 Dec 2013 11:06:34 -0800 [thread overview]
Message-ID: <20131202190341.896067464@linuxfoundation.org> (raw)
In-Reply-To: <20131202190330.152596462@linuxfoundation.org>
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: "Steven Rostedt (Red Hat)" <rostedt@goodmis.org>
commit 4e58e54754dc1fec21c3a9e824bc108b05fdf46e upstream.
If an TRACE_EVENT() uses __assign_str() or __get_str on a NULL pointer
then the following oops will happen:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c127a17b>] strlen+0x10/0x1a
*pde = 00000000 ^M
Oops: 0000 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 3.13.0-rc1-test+ #2
Hardware name: /DG965MQ, BIOS MQ96510J.86A.0372.2006.0605.1717 06/05/2006^M
task: f5cde9f0 ti: f5e5e000 task.ti: f5e5e000
EIP: 0060:[<c127a17b>] EFLAGS: 00210046 CPU: 1
EIP is at strlen+0x10/0x1a
EAX: 00000000 EBX: c2472da8 ECX: ffffffff EDX: c2472da8
ESI: c1c5e5fc EDI: 00000000 EBP: f5e5fe84 ESP: f5e5fe80
DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
CR0: 8005003b CR2: 00000000 CR3: 01f32000 CR4: 000007d0
Stack:
f5f18b90 f5e5feb8 c10687a8 0759004f 00000005 00000005 00000005 00200046
00000002 00000000 c1082a93 f56c7e28 c2472da8 c1082a93 f5e5fee4 c106bc61^M
00000000 c1082a93 00000000 00000000 00000001 00200046 00200082 00000000
Call Trace:
[<c10687a8>] ftrace_raw_event_lock+0x39/0xc0
[<c1082a93>] ? ktime_get+0x29/0x69
[<c1082a93>] ? ktime_get+0x29/0x69
[<c106bc61>] lock_release+0x57/0x1a5
[<c1082a93>] ? ktime_get+0x29/0x69
[<c10824dd>] read_seqcount_begin.constprop.7+0x4d/0x75
[<c1082a93>] ? ktime_get+0x29/0x69^M
[<c1082a93>] ktime_get+0x29/0x69
[<c108a46a>] __tick_nohz_idle_enter+0x1e/0x426
[<c10690e8>] ? lock_release_holdtime.part.19+0x48/0x4d
[<c10bc184>] ? time_hardirqs_off+0xe/0x28
[<c1068c82>] ? trace_hardirqs_off_caller+0x3f/0xaf
[<c108a8cb>] tick_nohz_idle_enter+0x59/0x62
[<c1079242>] cpu_startup_entry+0x64/0x192
[<c102299c>] start_secondary+0x277/0x27c
Code: 90 89 c6 89 d0 88 c4 ac 38 e0 74 09 84 c0 75 f7 be 01 00 00 00 89 f0 48 5e 5d c3 55 89 e5 57 66 66 66 66 90 83 c9 ff 89 c7 31 c0 <f2> ae f7 d1 8d 41 ff 5f 5d c3 55 89 e5 57 66 66 66 66 90 31 ff
EIP: [<c127a17b>] strlen+0x10/0x1a SS:ESP 0068:f5e5fe80
CR2: 0000000000000000
---[ end trace 01bc47bf519ec1b2 ]---
New tracepoints have been added that have allowed for NULL pointers
being assigned to strings. To fix this, change the TRACE_EVENT() code
to check for NULL and if it is, it will assign "(null)" to it instead
(similar to what glibc printf does).
Reported-by: Shuah Khan <shuah.kh@samsung.com>
Reported-by: Jovi Zhangwei <jovi.zhangwei@gmail.com>
Link: http://lkml.kernel.org/r/CAGdX0WFeEuy+DtpsJzyzn0343qEEjLX97+o1VREFkUEhndC+5Q@mail.gmail.com
Link: http://lkml.kernel.org/r/528D6972.9010702@samsung.com
Fixes: 9cbf117662e2 ("tracing/events: provide string with undefined size support")
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
include/trace/ftrace.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/include/trace/ftrace.h
+++ b/include/trace/ftrace.h
@@ -379,7 +379,8 @@ ftrace_define_fields_##call(struct ftrac
__data_size += (len) * sizeof(type);
#undef __string
-#define __string(item, src) __dynamic_array(char, item, strlen(src) + 1)
+#define __string(item, src) __dynamic_array(char, item, \
+ strlen((src) ? (const char *)(src) : "(null)") + 1)
#undef DECLARE_EVENT_CLASS
#define DECLARE_EVENT_CLASS(call, proto, args, tstruct, assign, print) \
@@ -504,7 +505,7 @@ static inline notrace int ftrace_get_off
#undef __assign_str
#define __assign_str(dst, src) \
- strcpy(__get_str(dst), src);
+ strcpy(__get_str(dst), (src) ? (const char *)(src) : "(null)");
#undef TP_fast_assign
#define TP_fast_assign(args...) args
next prev parent reply other threads:[~2013-12-02 19:06 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-02 19:05 [PATCH 3.4 00/60] 3.4.72-stable review Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 01/60] ARM: sa11x0/assabet: ensure CS2 is configured appropriately Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 02/60] ARM: integrator_cp: Set LCD{0,1} enable lines when turning on CLCD Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 03/60] Staging: tidspbridge: disable driver Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 04/60] backlight: atmel-pwm-bl: fix reported brightness Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 05/60] ASoC: ak4642: prevent un-necessary changes to SG_SL1 Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 06/60] ASoC: wm8962: Turn on regcache_cache_only before disabling regulator Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 07/60] ASoC: blackfin: Fix missing break Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 08/60] alarmtimer: return EINVAL instead of ENOTSUPP if rtcdev doesnt exist Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 09/60] devpts: plug the memory leak in kill_sb Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 10/60] can: flexcan: fix flexcan_chip_start() on imx6 Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 11/60] libata: Fix display of sata speed Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 12/60] drivers/libata: Set max sector to 65535 for Slimtype DVD A DS8A9SH drive Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 13/60] vsprintf: check real user/group id for %pK Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 14/60] rtlwifi: rtl8192se: Fix wrong assignment Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 15/60] rtlwifi: rtl8192cu: Fix more pointer arithmetic errors Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 16/60] ahci: disabled FBS prior to issuing software reset Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 17/60] ahci: add Marvell 9230 to the AHCI PCI device list Greg Kroah-Hartman
2013-12-02 19:05 ` [PATCH 3.4 18/60] iscsi-target: fix extract_param to handle buffer length corner case Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 19/60] iscsi-target: chap auth shouldnt match username with trailing garbage Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 20/60] IB/ipath: Convert ipath_user_sdma_pin_pages() to use get_user_pages_fast() Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 21/60] loop: fix crash if blk_alloc_queue fails Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 22/60] mtd: nand: hack ONFI for non-power-of-2 dimensions Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 23/60] mtd: map: fixed bug in 64-bit systems Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 24/60] mtd: gpmi: fix kernel BUG due to racing DMA operations Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 25/60] ext4: avoid bh leak in retry path of ext4_expand_extra_isize_ea() Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 26/60] xen/blkback: fix reference counting Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 27/60] staging: vt6656: [BUG] Fix for TX USB resets from vendors driver Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 28/60] rtlwifi: rtl8192de: Fix incorrect signal strength for unassociated AP Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 29/60] rtlwifi: rtl8192se: " Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 30/60] rtlwifi: rtl8192cu: " Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 31/60] qeth: avoid buffer overflow in snmp ioctl Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 32/60] rt2400pci: fix RSSI read Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 33/60] dm: allocate buffer for messages with small number of arguments using GFP_NOIO Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 34/60] PM / hibernate: Avoid overflow in hibernate_preallocate_memory() Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 35/60] mwifiex: correct packet length for packets from SDIO interface Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 36/60] audit: printk USER_AVC messages when audit isnt enabled Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 37/60] audit: use nlmsg_len() to get message payload length Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 38/60] audit: fix info leak in AUDIT_GET requests Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 39/60] PCI: Remove duplicate pci_disable_device() from pcie_portdrv_remove() Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 40/60] selinux: correct locking in selinux_netlbl_socket_connect) Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 41/60] avr32: setup crt for early panic() Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 42/60] avr32: fix out-of-range jump in large kernels Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 43/60] prism54: set netdev type to "wlan" Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 44/60] drm/ttm: Handle in-memory region copies Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 45/60] drm/i915: flush cursors harder Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 46/60] drm/nouveau: when bailing out of a pushbuf ioctl, do not remove previous fence Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 47/60] drm/radeon/si: fix define for MC_SEQ_TRAIN_WAKEUP_CNTL Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 48/60] radeon: workaround pinning failure on low ram gpu Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 49/60] md: fix calculation of stacking limits on level change Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 50/60] powerpc/signals: Improved mark VSX not saved with small contexts fix Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 51/60] cpuset: Fix memory allocator deadlock Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 52/60] ALSA: hda/realtek - Set pcbeep amp for ALC668 Greg Kroah-Hartman
2013-12-02 19:06 ` Greg Kroah-Hartman [this message]
2013-12-02 19:06 ` [PATCH 3.4 54/60] Input: i8042 - add PNP modaliases Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 55/60] KVM: perform an invalid memslot step for gpa base change Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 56/60] KVM: Fix iommu map/unmap to handle memory slot moves Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 57/60] ftrace: Fix function graph with loading of modules Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 58/60] media: lirc_zilog: Dont use dynamic static allocation Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 59/60] HID: roccat: fix Coverity CID 141438 Greg Kroah-Hartman
2013-12-02 19:06 ` [PATCH 3.4 60/60] HID: apple: option to swap the Option ("Alt") and Command ("Flag") keys Greg Kroah-Hartman
2013-12-03 2:50 ` [PATCH 3.4 00/60] 3.4.72-stable review Guenter Roeck
2013-12-03 3:04 ` Greg Kroah-Hartman
2013-12-03 21:56 ` Shuah Khan
2013-12-04 10:23 ` Satoru Takeuchi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131202190341.896067464@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jovi.zhangwei@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rostedt@goodmis.org \
--cc=shuah.kh@samsung.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox