malhuda/msm-4.14
1
0
Fork 0
mirror of https://github.com/rd-stuffs/msm-4.14.git synced 2025-02-20 11:45:48 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
msm-4.14/kernel
History
Huang Ying 18fab912d4 tracing: Fix ring_buffer_read_page reading out of page boundary 
With the configuration: CONFIG_DEBUG_PAGEALLOC=y and Shaohua's patch:

[PATCH]x86: make spurious_fault check correct pte bit

Function call graph trace with the following will trigger a page fault.

# cd /sys/kernel/debug/tracing/
# echo function_graph > current_tracer
# cat per_cpu/cpu1/trace_pipe_raw > /dev/null

BUG: unable to handle kernel paging request at ffff880006e99000
IP: [<ffffffff81085572>] rb_event_length+0x1/0x3f
PGD 1b19063 PUD 1b1d063 PMD 3f067 PTE 6e99160
Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
last sysfs file: /sys/devices/virtual/net/lo/operstate
CPU 1
Modules linked in:

Pid: 1982, comm: cat Not tainted 2.6.35-rc6-aes+ #300 /Bochs
RIP: 0010:[<ffffffff81085572>]  [<ffffffff81085572>] rb_event_length+0x1/0x3f
RSP: 0018:ffff880006475e38  EFLAGS: 00010006
RAX: 0000000000000ff0 RBX: ffff88000786c630 RCX: 000000000000001d
RDX: ffff880006e98000 RSI: 0000000000000ff0 RDI: ffff880006e99000
RBP: ffff880006475eb8 R08: 000000145d7008bd R09: 0000000000000000
R10: 0000000000008000 R11: ffffffff815d9336 R12: ffff880006d08000
R13: ffff880006e605d8 R14: 0000000000000000 R15: 0000000000000018
FS:  00007f2b83e456f0(0000) GS:ffff880002100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: ffff880006e99000 CR3: 00000000064a8000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process cat (pid: 1982, threadinfo ffff880006474000, task ffff880006e40770)
Stack:
 ffff880006475eb8 ffffffff8108730f 0000000000000ff0 000000145d7008bd
<0> ffff880006e98010 ffff880006d08010 0000000000000296 ffff88000786c640
<0> ffffffff81002956 0000000000000000 ffff8800071f4680 ffff8800071f4680
Call Trace:
 [<ffffffff8108730f>] ? ring_buffer_read_page+0x15a/0x24a
 [<ffffffff81002956>] ? return_to_handler+0x15/0x2f
 [<ffffffff8108a575>] tracing_buffers_read+0xb9/0x164
 [<ffffffff810debfe>] vfs_read+0xaf/0x150
 [<ffffffff81002941>] return_to_handler+0x0/0x2f
 [<ffffffff810248b0>] __bad_area_nosemaphore+0x17e/0x1a1
 [<ffffffff81002941>] return_to_handler+0x0/0x2f
 [<ffffffff810248e6>] bad_area_nosemaphore+0x13/0x15
Code: 80 25 b2 16 b3 00 fe c9 c3 55 48 89 e5 f0 80 0d a4 16 b3 00 02 c9 c3 55 31 c0 48 89 e5 48 83 3d 94 16 b3 00 01 c9 0f 94 c0 c3 55 <8a> 0f 48 89 e5 83 e1 1f b8 08 00 00 00 0f b6 d1 83 fa 1e 74 27
RIP  [<ffffffff81085572>] rb_event_length+0x1/0x3f
 RSP <ffff880006475e38>
CR2: ffff880006e99000
---[ end trace a6877bb92ccb36bb ]---

The root cause is that ring_buffer_read_page() may read out of page
boundary, because the boundary checking is done after reading. This is
fixed via doing boundary checking before reading.

Reported-by: Shaohua Li <shaohua.li@intel.com>
Cc: <stable@kernel.org>
Signed-off-by: Huang Ying <ying.huang@intel.com>
LKML-Reference: <1280297641.2771.307.camel@yhuang-dev>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2010-08-06 14:34:45 -04:00
..
debug
module: fix kdb's illicit use of struct module_use.
2010-06-05 11:17:36 +09:30
gcov
microblaze: Enable GCOV_PROFILE_ALL
2009-09-21 14:29:21 +02:00
irq
genirq: Deal with desc->set_type() changing desc->chip
2010-06-09 17:05:08 +02:00
power
suspend: Move NVS save/restore code to generic suspend functionality
2010-06-10 11:02:34 -04:00
time
Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
2010-07-02 09:52:58 -07:00
trace
tracing: Fix ring_buffer_read_page reading out of page boundary
2010-08-06 14:34:45 -04:00
.gitignore
acct.c
Merge branch 'next' into for-linus
2010-05-18 08:57:00 +10:00
async.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
audit_tree.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
audit_watch.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
audit.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
audit.h
auditfilter.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
auditsc.c
audit: preface audit printk with audit
2010-04-05 13:19:45 -07:00
backtracetest.c
bounds.c
kbuild: move bounds.h to include/generated
2009-12-12 13:08:14 +01:00
capability.c
sched: Remove remaining USER_SCHED code
2010-04-02 20:12:00 +02:00
cgroup_freezer.c
Freezer / cgroup freezer: Update stale locking comments
2010-05-10 23:18:47 +02:00
cgroup.c
cgroups: alloc_css_id() increments hierarchy depth
2010-06-04 15:21:45 -07:00
compat.c
cpumask: fix compat getaffinity
2010-05-19 11:48:18 -07:00
configs.c
cpu.c
fix cpu_chain section mismatch...
2010-06-01 09:22:50 -07:00
cpuset.c
cpusets: new round-robin rotor for SLAB allocations
2010-05-27 09:12:44 -07:00
cred.c
umh: creds: kill subprocess_info->cred logic
2010-05-27 09:12:45 -07:00
delayacct.c
dma.c
early_res.c
x86: Do not free zero sized per cpu areas
2010-03-29 18:55:40 +02:00
elfcore.c
elf coredump: add extended numbering support
2010-03-06 11:26:46 -08:00
exec_domain.c
sys_personality: change sys_personality() to accept "unsigned int" instead of u_long
2010-06-04 15:21:45 -07:00
exit.c
proc: turn signal_struct->count into "int nr_threads"
2010-05-27 09:12:47 -07:00
extable.c
fork.c
Revert "cpusets: randomize node rotor used in cpuset_mem_spread_node()"
2010-05-30 09:00:03 -07:00
freezer.c
futex_compat.c
futex: Protect pid lookup in compat code with RCU
2009-12-09 14:22:14 +01:00
futex.c
futex: futex_find_get_task remove credentails check
2010-06-30 15:43:44 -07:00
groups.c
security: remove dead hook task_setgroups
2010-04-12 12:19:18 +10:00
hrtimer.c
hrtimer: Avoid double seqlock
2010-05-26 16:15:37 +02:00
hung_task.c
softlockup: Fix hung_task_check_count sysctl
2009-11-27 06:21:57 +01:00
hw_breakpoint.c
hw_breakpoints: Fix percpu build failure
2010-05-04 08:39:36 +02:00
itimer.c
itimers: Fix racy writes to cpu_itimer fields
2009-11-18 16:32:12 +01:00
kallsyms.c
kdb: core for kgdb back end (2 of 2)
2010-05-20 21:04:21 -05:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
mutex: Better control mutex adaptive spinning config
2009-12-03 11:50:11 +01:00
Kconfig.preempt
kexec.c
kexec: fix Oops in crash_shrink_memory()
2010-06-29 15:29:31 -07:00
kfifo.c
kfifo: Don't use integer as NULL pointer
2010-02-16 15:11:08 -08:00
kmod.c
call_usermodehelper: UMH_WAIT_EXEC ignores kernel_thread() failure
2010-05-27 09:12:45 -07:00
kprobes.c
kprobes: Move enable/disable_kprobe() out from debugfs code
2010-05-08 18:08:30 +02:00
ksysfs.c
sysfs: add struct file* to bin_attr callbacks
2010-05-21 09:37:31 -07:00
kthread.c
cpuset: fix the problem that cpuset_mem_spread_node() returns an offline node
2010-03-24 16:31:21 -07:00
latencytop.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
lockdep_internals.h
lockdep: No need to disable preemption in debug atomic ops
2010-05-04 05:38:16 +02:00
lockdep_proc.c
lockstat: Make lockstat counting per cpu
2010-04-06 00:15:37 +02:00
lockdep_states.h
lockdep.c
lockdep: Add novalidate class for dev->mutex conversion
2010-05-21 09:37:30 -07:00
Makefile
Move kernel/kgdb.c to kernel/debug/debug_core.c
2010-05-20 21:04:18 -05:00
module.c
module: initialize module dynamic debug later
2010-07-04 20:17:22 -07:00
mutex-debug.c
headers: remove sched.h from interrupt.h
2009-10-11 11:20:58 -07:00
mutex-debug.h
locking: Implement new raw_spinlock
2009-12-14 23:55:32 +01:00
mutex.c
mutex: Fix optimistic spinning vs. BKL
2010-05-19 08:18:44 +02:00
mutex.h
notifier.c
sched: Use lockdep-based checking on rcu_dereference()
2010-02-25 10:34:26 +01:00
ns_cgroup.c
cgroups: let ss->can_attach and ss->attach do whole threadgroups at a time
2009-09-24 07:20:58 -07:00
nsproxy.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
padata.c
kernel/: convert cpu notifier to return encapsulate errno value
2010-05-27 09:12:48 -07:00
panic.c
panic: call console_verbose() in panic
2010-05-27 09:12:53 -07:00
params.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2010-03-12 16:04:50 -08:00
perf_event.c
perf: Fix signed comparison in perf_adjust_period()
2010-06-08 18:43:00 +02:00
pid_namespace.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
pid.c
pids: increase pid_max based on num_possible_cpus
2010-05-27 09:12:51 -07:00
pm_qos_params.c
PM: PM QOS update fix
2010-05-17 00:21:03 +02:00
posix-cpu-timers.c
posix-cpu-timers: avoid "task->signal != NULL" checks
2010-05-27 09:12:46 -07:00
posix-timers.c
posix_timer: Fix error path in timer_create
2010-05-27 22:38:15 +02:00
printk.c
printk,kdb: capture printk() when in kdb shell
2010-05-20 21:04:27 -05:00
profile.c
numa: in-kernel profiling: use cpu_to_mem() for per cpu allocations
2010-05-27 09:12:57 -07:00
ptrace.c
ptrace: PTRACE_GETFDPIC: fix the unsafe usage of child->mm
2010-05-27 09:12:44 -07:00
range.c
x86: Change range end to start+size
2010-02-10 17:47:17 -08:00
rcupdate.c
rcu: slim down rcutiny by removing rcu_scheduler_active and friends
2010-05-10 11:08:34 -07:00
rcutiny_plugin.h
rcu: slim down rcutiny by removing rcu_scheduler_active and friends
2010-05-10 11:08:34 -07:00
rcutiny.c
rcu: remove all rcu head initializations, except on_stack initializations
2010-05-11 16:10:47 -07:00
rcutorture.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
2010-05-18 08:27:54 -07:00
rcutree_plugin.h
rcu: remove all rcu head initializations, except on_stack initializations
2010-05-11 16:10:47 -07:00
rcutree_trace.c
rcu: reduce the number of spurious RCU_SOFTIRQ invocations
2010-05-10 11:08:35 -07:00
rcutree.c
rcu: remove all rcu head initializations, except on_stack initializations
2010-05-11 16:10:47 -07:00
rcutree.h
rcu: reduce the number of spurious RCU_SOFTIRQ invocations
2010-05-10 11:08:35 -07:00
relay.c
kernel/: convert cpu notifier to return encapsulate errno value
2010-05-27 09:12:48 -07:00
res_counter.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
resource.c
resource: shared I/O region support
2010-05-11 12:01:10 -07:00
rtmutex_common.h
rtmutex-debug.c
sched: Convert pi_lock to raw_spinlock
2009-12-14 23:55:33 +01:00
rtmutex-debug.h
rtmutex-tester.c
rtmutex.c
rtmutes: Convert rtmutex.lock to raw_spinlock
2009-12-14 23:55:33 +01:00
rtmutex.h
rwsem.c
sched_clock.c
blkio: fix for modular blk-cgroup build
2010-04-15 08:54:59 +02:00
sched_cpupri.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
sched_cpupri.h
sched: Convert cpupri lock to raw_spinlock
2009-12-14 23:55:33 +01:00
sched_debug.c
proc_sched_show_task(): use get_nr_threads()
2010-05-27 09:12:47 -07:00
sched_fair.c
rcu: apply RCU protection to wake_affine()
2010-06-23 06:50:44 -07:00
sched_features.h
sched: Remove ASYM_GRAN feature
2010-03-11 18:32:53 +01:00
sched_idletask.c
sched: Cure load average vs NO_HZ woes
2010-04-23 11:02:02 +02:00
sched_rt.c
sched: Add enqueue/dequeue flags
2010-04-02 20:12:05 +02:00
sched_stats.h
sched.c
Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
2010-07-02 09:52:58 -07:00
seccomp.c
semaphore.c
signal.c
exit: change zap_other_threads() to count sub-threads
2010-05-27 09:12:46 -07:00
slow-work-debugfs.c
SLOW_WORK: Move slow_work's proc file to debugfs
2009-12-01 08:20:31 -08:00
slow-work.c
slow-work: use get_ref wrapper instead of directly calling get_ref
2010-03-29 09:13:30 -07:00
slow-work.h
SLOW_WORK: CONFIG_SLOW_WORK_PROC should be CONFIG_SLOW_WORK_DEBUG
2010-03-29 09:14:47 -07:00
smp.c
kernel/: convert cpu notifier to return encapsulate errno value
2010-05-27 09:12:48 -07:00
softirq.c
kernel/: fix BUG_ON checks for cpu notifier callbacks direct call
2010-06-04 15:21:45 -07:00
softlockup.c
softlockup: Stop spurious softlockup messages due to overflow
2010-03-21 19:30:13 +01:00
spinlock.c
locking: Cleanup the name space completely
2009-12-14 23:55:33 +01:00
srcu.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
stacktrace.c
stop_machine.c
sched: Make sure timers have migrated before killing the migration_thread
2010-05-31 08:37:44 +02:00
sys_ni.c
Add generic sys_ipc wrapper
2010-03-12 15:52:32 -08:00
sys.c
kmod: add init function to usermodehelper
2010-05-27 09:12:44 -07:00
sysctl_binary.c
sysctl: don't use own implementation of hex_to_bin()
2010-05-25 08:07:05 -07:00
sysctl_check.c
ipv4 05/05: add sysctl to accept packets with local source addresses
2009-12-03 12:14:38 -08:00
sysctl.c
pipe: change /proc/sys/fs/pipe-max-pages to byte sized interface
2010-06-03 14:54:39 +02:00
taskstats.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
test_kprobes.c
time.c
timekeeping: Fix timezone update
2010-05-24 11:50:38 +02:00
timeconst.pl
timer.c
kernel/: fix BUG_ON checks for cpu notifier callbacks direct call
2010-06-04 15:21:45 -07:00
tracepoint.c
tracing: Let tracepoints have data passed to tracepoint callbacks
2010-05-14 09:50:34 -04:00
tsacct.c
mm: clean up mm_counter
2010-03-06 11:26:23 -08:00
uid16.c
headers: utsname.h redux
2009-09-23 18:13:10 -07:00
up.c
user_namespace.c
kref: remove kref_set
2010-05-21 09:37:29 -07:00
user-return-notifier.c
core: Clean up user return notifers use of per_cpu
2009-12-02 10:22:59 +01:00
user.c
sched: Remove a stale comment
2010-05-10 08:48:39 +02:00
utsname_sysctl.c
sysctl kernel: Remove binary sysctl logic
2009-11-12 02:04:55 -08:00
utsname.c
wait.c
workqueue.c
kernel/: convert cpu notifier to return encapsulate errno value
2010-05-27 09:12:48 -07:00