From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
"Steven Rostedt (VMware)" <rostedt@goodmis.org>
Subject: [PATCH 4.9 42/69] ftrace: Fix removing of second function probe
Date: Wed, 19 Apr 2017 16:42:58 +0200 [thread overview]
Message-ID: <20170419141618.670531375@linuxfoundation.org> (raw)
In-Reply-To: <20170419141616.919951169@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Steven Rostedt (VMware) <rostedt@goodmis.org>
commit 82cc4fc2e70ec5baeff8f776f2773abc8b2cc0ae upstream.
When two function probes are added to set_ftrace_filter, and then one of
them is removed, the update to the function locations is not performed, and
the record keeping of the function states are corrupted, and causes an
ftrace_bug() to occur.
This is easily reproducable by adding two probes, removing one, and then
adding it back again.
# cd /sys/kernel/debug/tracing
# echo schedule:traceoff > set_ftrace_filter
# echo do_IRQ:traceoff > set_ftrace_filter
# echo \!do_IRQ:traceoff > /debug/tracing/set_ftrace_filter
# echo do_IRQ:traceoff > set_ftrace_filter
Causes:
------------[ cut here ]------------
WARNING: CPU: 2 PID: 1098 at kernel/trace/ftrace.c:2369 ftrace_get_addr_curr+0x143/0x220
Modules linked in: [...]
CPU: 2 PID: 1098 Comm: bash Not tainted 4.10.0-test+ #405
Hardware name: Hewlett-Packard HP Compaq Pro 6300 SFF/339A, BIOS K01 v02.05 05/07/2012
Call Trace:
dump_stack+0x68/0x9f
__warn+0x111/0x130
? trace_irq_work_interrupt+0xa0/0xa0
warn_slowpath_null+0x1d/0x20
ftrace_get_addr_curr+0x143/0x220
? __fentry__+0x10/0x10
ftrace_replace_code+0xe3/0x4f0
? ftrace_int3_handler+0x90/0x90
? printk+0x99/0xb5
? 0xffffffff81000000
ftrace_modify_all_code+0x97/0x110
arch_ftrace_update_code+0x10/0x20
ftrace_run_update_code+0x1c/0x60
ftrace_run_modify_code.isra.48.constprop.62+0x8e/0xd0
register_ftrace_function_probe+0x4b6/0x590
? ftrace_startup+0x310/0x310
? debug_lockdep_rcu_enabled.part.4+0x1a/0x30
? update_stack_state+0x88/0x110
? ftrace_regex_write.isra.43.part.44+0x1d3/0x320
? preempt_count_sub+0x18/0xd0
? mutex_lock_nested+0x104/0x800
? ftrace_regex_write.isra.43.part.44+0x1d3/0x320
? __unwind_start+0x1c0/0x1c0
? _mutex_lock_nest_lock+0x800/0x800
ftrace_trace_probe_callback.isra.3+0xc0/0x130
? func_set_flag+0xe0/0xe0
? __lock_acquire+0x642/0x1790
? __might_fault+0x1e/0x20
? trace_get_user+0x398/0x470
? strcmp+0x35/0x60
ftrace_trace_onoff_callback+0x48/0x70
ftrace_regex_write.isra.43.part.44+0x251/0x320
? match_records+0x420/0x420
ftrace_filter_write+0x2b/0x30
__vfs_write+0xd7/0x330
? do_loop_readv_writev+0x120/0x120
? locks_remove_posix+0x90/0x2f0
? do_lock_file_wait+0x160/0x160
? __lock_is_held+0x93/0x100
? rcu_read_lock_sched_held+0x5c/0xb0
? preempt_count_sub+0x18/0xd0
? __sb_start_write+0x10a/0x230
? vfs_write+0x222/0x240
vfs_write+0xef/0x240
SyS_write+0xab/0x130
? SyS_read+0x130/0x130
? trace_hardirqs_on_caller+0x182/0x280
? trace_hardirqs_on_thunk+0x1a/0x1c
entry_SYSCALL_64_fastpath+0x18/0xad
RIP: 0033:0x7fe61c157c30
RSP: 002b:00007ffe87890258 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: ffffffff8114a410 RCX: 00007fe61c157c30
RDX: 0000000000000010 RSI: 000055814798f5e0 RDI: 0000000000000001
RBP: ffff8800c9027f98 R08: 00007fe61c422740 R09: 00007fe61ca53700
R10: 0000000000000073 R11: 0000000000000246 R12: 0000558147a36400
R13: 00007ffe8788f160 R14: 0000000000000024 R15: 00007ffe8788f15c
? trace_hardirqs_off_caller+0xc0/0x110
---[ end trace 99fa09b3d9869c2c ]---
Bad trampoline accounting at: ffffffff81cc3b00 (do_IRQ+0x0/0x150)
Fixes: 59df055f1991 ("ftrace: trace different functions with a different tracer")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
kernel/trace/ftrace.c | 20 ++++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -3736,23 +3736,24 @@ static void __enable_ftrace_function_pro
ftrace_probe_registered = 1;
}
-static void __disable_ftrace_function_probe(void)
+static bool __disable_ftrace_function_probe(void)
{
int i;
if (!ftrace_probe_registered)
- return;
+ return false;
for (i = 0; i < FTRACE_FUNC_HASHSIZE; i++) {
struct hlist_head *hhd = &ftrace_func_hash[i];
if (hhd->first)
- return;
+ return false;
}
/* no more funcs left */
ftrace_shutdown(&trace_probe_ops, 0);
ftrace_probe_registered = 0;
+ return true;
}
@@ -3882,6 +3883,7 @@ static void
__unregister_ftrace_function_probe(char *glob, struct ftrace_probe_ops *ops,
void *data, int flags)
{
+ struct ftrace_ops_hash old_hash_ops;
struct ftrace_func_entry *rec_entry;
struct ftrace_func_probe *entry;
struct ftrace_func_probe *p;
@@ -3893,6 +3895,7 @@ __unregister_ftrace_function_probe(char
struct hlist_node *tmp;
char str[KSYM_SYMBOL_LEN];
int i, ret;
+ bool disabled;
if (glob && (strcmp(glob, "*") == 0 || !strlen(glob)))
func_g.search = NULL;
@@ -3911,6 +3914,10 @@ __unregister_ftrace_function_probe(char
mutex_lock(&trace_probe_ops.func_hash->regex_lock);
+ old_hash_ops.filter_hash = old_hash;
+ /* Probes only have filters */
+ old_hash_ops.notrace_hash = NULL;
+
hash = alloc_and_copy_ftrace_hash(FTRACE_HASH_DEFAULT_BITS, *orig_hash);
if (!hash)
/* Hmm, should report this somehow */
@@ -3948,12 +3955,17 @@ __unregister_ftrace_function_probe(char
}
}
mutex_lock(&ftrace_lock);
- __disable_ftrace_function_probe();
+ disabled = __disable_ftrace_function_probe();
/*
* Remove after the disable is called. Otherwise, if the last
* probe is removed, a null hash means *all enabled*.
*/
ret = ftrace_hash_move(&trace_probe_ops, 1, orig_hash, hash);
+
+ /* still need to update the function call sites */
+ if (ftrace_enabled && !disabled)
+ ftrace_run_modify_code(&trace_probe_ops, FTRACE_UPDATE_CALLS,
+ &old_hash_ops);
synchronize_sched();
if (!ret)
free_ftrace_hash_rcu(old_hash);
next prev parent reply other threads:[~2017-04-19 14:44 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-19 14:42 [PATCH 4.9 00/69] 4.9.24-stable review Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 01/69] cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 02/69] tcmu: Fix possible overwrite of t_data_sgs last iov[] Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 03/69] tcmu: Fix wrongly calculating of the base_command_size Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 04/69] tcmu: Skip Data-Out blocks before gathering Data-In buffer for BIDI case Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 05/69] thp: fix MADV_DONTNEED vs. MADV_FREE race Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 06/69] thp: fix MADV_DONTNEED vs clear soft dirty race Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 07/69] zsmalloc: expand class bit Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 08/69] orangefs: free superblock when mount fails Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 09/69] drm/nouveau/mpeg: mthd returns true on success now Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 10/69] drm/nouveau/mmu/nv4a: use nv04 mmu rather than the nv44 one Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 11/69] drm/etnaviv: fix missing unlock on error in etnaviv_gpu_submit() Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 12/69] CIFS: reconnect thread reschedule itself Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 13/69] CIFS: store results of cifs_reopen_file to avoid infinite wait Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 14/69] Input: xpad - add support for Razer Wildcat gamepad Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 15/69] perf/x86: Avoid exposing wrong/stale data in intel_pmu_lbr_read_32() Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 16/69] x86/efi: Dont try to reserve runtime regions Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 17/69] x86/signals: Fix lower/upper bound reporting in compat siginfo Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 18/69] x86, pmem: fix broken __copy_user_nocache cache-bypass assumptions Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 19/69] x86/vdso: Ensure vdso32_enabled gets set to valid values only Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 20/69] x86/vdso: Plug race between mapping and ELF header setup Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 21/69] acpi, nfit, libnvdimm: fix interleave set cookie calculation (64-bit comparison) Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 22/69] ACPI / scan: Set the visited flag for all enumerated devices Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 23/69] parisc: fix bugs in pa_memcpy Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 24/69] efi/libstub: Skip GOP with PIXEL_BLT_ONLY format Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 25/69] efi/fb: Avoid reconfiguration of BAR that covers the framebuffer Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 26/69] iscsi-target: Fix TMR reference leak during session shutdown Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 27/69] iscsi-target: Drop work-around for legacy GlobalSAN initiator Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 28/69] scsi: sr: Sanity check returned mode data Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 29/69] scsi: sd: Consider max_xfer_blocks if opt_xfer_blocks is unusable Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 30/69] scsi: qla2xxx: Add fix to read correct register value for ISP82xx Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 31/69] scsi: sd: Fix capacity calculation with 32-bit sector_t Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 32/69] target: Avoid mappedlun symlink creation during lun shutdown Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 33/69] xen, fbfront: fix connecting to backend Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 34/69] [iov_iter] new privimitive: iov_iter_revert() Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 35/69] make skb_copy_datagram_msg() et.al. preserve ->msg_iter on error Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 36/69] libnvdimm: fix blk free space accounting Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 37/69] libnvdimm: fix reconfig_mutex, mmap_sem, and jbd2_handle lockdep splat Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 38/69] can: ifi: use correct register to read rx status Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 39/69] pwm: rockchip: State of PWM clock should synchronize with PWM enabled state Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 40/69] cpufreq: Bring CPUs up even if cpufreq_online() failed Greg Kroah-Hartman
2017-04-19 14:42 ` [PATCH 4.9 41/69] irqchip/irq-imx-gpcv2: Fix spinlock initialization Greg Kroah-Hartman
2017-04-19 14:42 ` Greg Kroah-Hartman [this message]
2017-04-19 14:42 ` [PATCH 4.9 43/69] char: lack of bool string made CONFIG_DEVPORT always on Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 44/69] Revert "MIPS: Lantiq: Fix cascaded IRQ setup" Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 45/69] kvm: fix page struct leak in handle_vmon Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 46/69] zram: do not use copy_page with non-page aligned address Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 47/69] ftrace: Fix function pid filter on instances Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 48/69] crypto: algif_aead - Fix bogus request dereference in completion function Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 49/69] crypto: ahash - Fix EINPROGRESS notification callback Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 50/69] parisc: Fix get_user() for 64-bit value on 32-bit kernel Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 51/69] ath9k: fix NULL pointer dereference Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 52/69] [media] dvb-usb-v2: avoid use-after-free Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 53/69] ext4: fix inode checksum calculation problem if i_extra_size is small Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 54/69] mm: memcontrol: use special workqueue for creating per-memcg caches Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 55/69] drm/nouveau/disp/mcp7x: disable dptmds workaround Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 56/69] nbd: use loff_t for blocksize and nbd_set_size args Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 57/69] nbd: fix 64-bit division Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 58/69] ASoC: Intel: select DW_DMAC_CORE since its mandatory Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 60/69] x86/xen: Fix APIC id mismatch warning on Intel Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 61/69] ACPI / EC: Use busy polling mode when GPE is not enabled Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 62/69] rtc: tegra: Implement clock handling Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 63/69] mm: Tighten x86 /dev/mem with zeroing reads Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 64/69] [media] dvb-usb: dont use stack for firmware load Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 67/69] virtio-console: avoid DMA from stack Greg Kroah-Hartman
2017-04-19 14:43 ` [PATCH 4.9 69/69] sctp: deny peeloff operation on asocs with threads sleeping on it Greg Kroah-Hartman
2017-04-19 20:39 ` [PATCH 4.9 00/69] 4.9.24-stable review Shuah Khan
2017-04-19 23:21 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170419141618.670531375@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rostedt@goodmis.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).