* [PATCH] uprobes: Fix utask->depth accounting in handle_trampoline()
@ 2013-09-11 15:47 Oleg Nesterov
2013-09-12 6:49 ` Srikar Dronamraju
2013-09-12 11:11 ` [tip:perf/urgent] uprobes: Fix utask-> depth " tip-bot for Oleg Nesterov
0 siblings, 2 replies; 3+ messages in thread
From: Oleg Nesterov @ 2013-09-11 15:47 UTC (permalink / raw)
To: Ingo Molnar
Cc: anton, Hemant Kumar Shaw, masami.hiramatsu.pt, Mikhail Kulemin,
srikar, systemtap, linux-kernel
Currently utask->depth is simply the number of allocated/pending
return_instance's in uprobe_task->return_instances list.
handle_trampoline() should decrement this counter every time we
handle/free an instance, but due to typo it does this only if
->chained == T. This means that in the likely case this counter
is never decremented and the probed task can't report more than
MAX_URETPROBE_DEPTH events.
Cc: stable@vger.kernel.org
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reported-by: Mikhail Kulemin <Mikhail.Kulemin@ru.ibm.com>
Reported-by: Hemant Kumar Shaw <hkshaw@linux.vnet.ibm.com>
---
kernel/events/uprobes.c | 4 +---
1 files changed, 1 insertions(+), 3 deletions(-)
diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
index f356974..ad8e1bd 100644
--- a/kernel/events/uprobes.c
+++ b/kernel/events/uprobes.c
@@ -1682,12 +1682,10 @@ static bool handle_trampoline(struct pt_regs *regs)
tmp = ri;
ri = ri->next;
kfree(tmp);
+ utask->depth--;
if (!chained)
break;
-
- utask->depth--;
-
BUG_ON(!ri);
}
--
1.5.5.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] uprobes: Fix utask->depth accounting in handle_trampoline()
2013-09-11 15:47 [PATCH] uprobes: Fix utask->depth accounting in handle_trampoline() Oleg Nesterov
@ 2013-09-12 6:49 ` Srikar Dronamraju
2013-09-12 11:11 ` [tip:perf/urgent] uprobes: Fix utask-> depth " tip-bot for Oleg Nesterov
1 sibling, 0 replies; 3+ messages in thread
From: Srikar Dronamraju @ 2013-09-12 6:49 UTC (permalink / raw)
To: Oleg Nesterov
Cc: Ingo Molnar, anton, Hemant Kumar Shaw, masami.hiramatsu.pt,
Mikhail Kulemin, systemtap, linux-kernel
* Oleg Nesterov <oleg@redhat.com> [2013-09-11 17:47:26]:
> Currently utask->depth is simply the number of allocated/pending
> return_instance's in uprobe_task->return_instances list.
>
> handle_trampoline() should decrement this counter every time we
> handle/free an instance, but due to typo it does this only if
> ->chained == T. This means that in the likely case this counter
> is never decremented and the probed task can't report more than
> MAX_URETPROBE_DEPTH events.
>
> Cc: stable@vger.kernel.org
> Signed-off-by: Oleg Nesterov <oleg@redhat.com>
> Reported-by: Mikhail Kulemin <Mikhail.Kulemin@ru.ibm.com>
> Reported-by: Hemant Kumar Shaw <hkshaw@linux.vnet.ibm.com>
Acked-by: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Mikhail Kulemin has verified that this fix works for him.
> ---
> kernel/events/uprobes.c | 4 +---
> 1 files changed, 1 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
> index f356974..ad8e1bd 100644
> --- a/kernel/events/uprobes.c
> +++ b/kernel/events/uprobes.c
> @@ -1682,12 +1682,10 @@ static bool handle_trampoline(struct pt_regs *regs)
> tmp = ri;
> ri = ri->next;
> kfree(tmp);
> + utask->depth--;
>
> if (!chained)
> break;
> -
> - utask->depth--;
> -
> BUG_ON(!ri);
> }
>
> --
> 1.5.5.1
>
>
--
Thanks and Regards
Srikar Dronamraju
^ permalink raw reply [flat|nested] 3+ messages in thread
* [tip:perf/urgent] uprobes: Fix utask-> depth accounting in handle_trampoline()
2013-09-11 15:47 [PATCH] uprobes: Fix utask->depth accounting in handle_trampoline() Oleg Nesterov
2013-09-12 6:49 ` Srikar Dronamraju
@ 2013-09-12 11:11 ` tip-bot for Oleg Nesterov
1 sibling, 0 replies; 3+ messages in thread
From: tip-bot for Oleg Nesterov @ 2013-09-12 11:11 UTC (permalink / raw)
To: linux-tip-commits
Cc: linux-kernel, hpa, mingo, hkshaw, anton, tglx, oleg, Mikhail.Kulemin
Commit-ID: 878b5a6efd38030c7a90895dc8346e8fb1e09b4c
Gitweb: http://git.kernel.org/tip/878b5a6efd38030c7a90895dc8346e8fb1e09b4c
Author: Oleg Nesterov <oleg@redhat.com>
AuthorDate: Wed, 11 Sep 2013 17:47:26 +0200
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Thu, 12 Sep 2013 08:00:55 +0200
uprobes: Fix utask->depth accounting in handle_trampoline()
Currently utask->depth is simply the number of allocated/pending
return_instance's in uprobe_task->return_instances list.
handle_trampoline() should decrement this counter every time we
handle/free an instance, but due to typo it does this only if
->chained == T. This means that in the likely case this counter
is never decremented and the probed task can't report more than
MAX_URETPROBE_DEPTH events.
Reported-by: Mikhail Kulemin <Mikhail.Kulemin@ru.ibm.com>
Reported-by: Hemant Kumar Shaw <hkshaw@linux.vnet.ibm.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Anton Arapov <anton@redhat.com>
Cc: masami.hiramatsu.pt@hitachi.com
Cc: srikar@linux.vnet.ibm.com
Cc: systemtap@sourceware.org
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/20130911154726.GA8093@redhat.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
kernel/events/uprobes.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
index f356974..ad8e1bd 100644
--- a/kernel/events/uprobes.c
+++ b/kernel/events/uprobes.c
@@ -1682,12 +1682,10 @@ static bool handle_trampoline(struct pt_regs *regs)
tmp = ri;
ri = ri->next;
kfree(tmp);
+ utask->depth--;
if (!chained)
break;
-
- utask->depth--;
-
BUG_ON(!ri);
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-09-12 11:12 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-09-11 15:47 [PATCH] uprobes: Fix utask->depth accounting in handle_trampoline() Oleg Nesterov
2013-09-12 6:49 ` Srikar Dronamraju
2013-09-12 11:11 ` [tip:perf/urgent] uprobes: Fix utask-> depth " tip-bot for Oleg Nesterov
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.