1. 02 9月, 2017 1 次提交
    • S
      ftrace: Fix memleak when unregistering dynamic ops when tracing disabled · edb096e0
      Steven Rostedt (VMware) 提交于
      If function tracing is disabled by the user via the function-trace option or
      the proc sysctl file, and a ftrace_ops that was allocated on the heap is
      unregistered, then the shutdown code exits out without doing the proper
      clean up. This was found via kmemleak and running the ftrace selftests, as
      one of the tests unregisters with function tracing disabled.
      
       # cat kmemleak
      unreferenced object 0xffffffffa0020000 (size 4096):
        comm "swapper/0", pid 1, jiffies 4294668889 (age 569.209s)
        hex dump (first 32 bytes):
          55 ff 74 24 10 55 48 89 e5 ff 74 24 18 55 48 89  U.t$.UH...t$.UH.
          e5 48 81 ec a8 00 00 00 48 89 44 24 50 48 89 4c  .H......H.D$PH.L
        backtrace:
          [<ffffffff81d64665>] kmemleak_vmalloc+0x85/0xf0
          [<ffffffff81355631>] __vmalloc_node_range+0x281/0x3e0
          [<ffffffff8109697f>] module_alloc+0x4f/0x90
          [<ffffffff81091170>] arch_ftrace_update_trampoline+0x160/0x420
          [<ffffffff81249947>] ftrace_startup+0xe7/0x300
          [<ffffffff81249bd2>] register_ftrace_function+0x72/0x90
          [<ffffffff81263786>] trace_selftest_ops+0x204/0x397
          [<ffffffff82bb8971>] trace_selftest_startup_function+0x394/0x624
          [<ffffffff81263a75>] run_tracer_selftest+0x15c/0x1d7
          [<ffffffff82bb83f1>] init_trace_selftests+0x75/0x192
          [<ffffffff81002230>] do_one_initcall+0x90/0x1e2
          [<ffffffff82b7d620>] kernel_init_freeable+0x350/0x3fe
          [<ffffffff81d61ec3>] kernel_init+0x13/0x122
          [<ffffffff81d72c6a>] ret_from_fork+0x2a/0x40
          [<ffffffffffffffff>] 0xffffffffffffffff
      
      Cc: stable@vger.kernel.org
      Fixes: 12cce594 ("ftrace/x86: Allow !CONFIG_PREEMPT dynamic ops to use allocated trampolines")
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      edb096e0
  2. 01 9月, 2017 1 次提交
    • S
      ftrace: Zero out ftrace hashes when a module is removed · 2a5bfe47
      Steven Rostedt (VMware) 提交于
      When a ftrace filter has a module function, and that module is removed, the
      filter still has its address as being enabled. This can cause interesting
      side effects. Nothing dangerous, but unwanted functions can be traced
      because of it.
      
       # cd /sys/kernel/tracing
       # echo ':mod:snd_seq' > set_ftrace_filter
       # cat set_ftrace_filter
      snd_use_lock_sync_helper [snd_seq]
      check_event_type_and_length [snd_seq]
      snd_seq_ioctl_pversion [snd_seq]
      snd_seq_ioctl_client_id [snd_seq]
      snd_seq_ioctl_get_queue_tempo [snd_seq]
      update_timestamp_of_queue [snd_seq]
      snd_seq_ioctl_get_queue_status [snd_seq]
      snd_seq_set_queue_tempo [snd_seq]
      snd_seq_ioctl_set_queue_tempo [snd_seq]
      snd_seq_ioctl_get_queue_timer [snd_seq]
      seq_free_client1 [snd_seq]
      [..]
       # rmmod snd_seq
       # cat set_ftrace_filter
      
       # modprobe kvm
       # cat set_ftrace_filter
      kvm_set_cr4 [kvm]
      kvm_emulate_hypercall [kvm]
      kvm_set_dr [kvm]
      
      This is because removing the snd_seq module after it was being filtered,
      left the address of the snd_seq functions in the hash. When the kvm module
      was loaded, some of its functions were loaded at the same address as the
      snd_seq module. This would enable them to be filtered and traced.
      
      Now we don't want to clear the hash completely. That would cause removing a
      module where only its functions are filtered, to cause the tracing to enable
      all functions, as an empty filter means to trace all functions. Instead,
      just set the hash ip address to zero. Then it will never match any function.
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      2a5bfe47
  3. 24 8月, 2017 1 次提交
    • S
      ftrace: Check for null ret_stack on profile function graph entry function · a8f0f9e4
      Steven Rostedt (VMware) 提交于
      There's a small race when function graph shutsdown and the calling of the
      registered function graph entry callback. The callback must not reference
      the task's ret_stack without first checking that it is not NULL. Note, when
      a ret_stack is allocated for a task, it stays allocated until the task exits.
      The problem here, is that function_graph is shutdown, and a new task was
      created, which doesn't have its ret_stack allocated. But since some of the
      functions are still being traced, the callbacks can still be called.
      
      The normal function_graph code handles this, but starting with commit
      8861dd30 ("ftrace: Access ret_stack->subtime only in the function
      profiler") the profiler code references the ret_stack on function entry, but
      doesn't check if it is NULL first.
      
      Link: https://bugzilla.kernel.org/show_bug.cgi?id=196611
      
      Cc: stable@vger.kernel.org
      Fixes: 8861dd30 ("ftrace: Access ret_stack->subtime only in the function profiler")
      Reported-by: lilydjwg@gmail.com
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      a8f0f9e4
  4. 20 7月, 2017 1 次提交
  5. 12 7月, 2017 3 次提交
  6. 05 7月, 2017 1 次提交
  7. 29 6月, 2017 1 次提交
    • S
      ftrace: Fix regression with module command in stack_trace_filter · 0f179765
      Steven Rostedt (VMware) 提交于
      When doing the following command:
      
       # echo ":mod:kvm_intel" > /sys/kernel/tracing/stack_trace_filter
      
      it triggered a crash.
      
      This happened with the clean up of probes. It required all callers to the
      regex function (doing ftrace filtering) to have ops->private be a pointer to
      a trace_array. But for the stack tracer, that is not the case.
      
      Allow for the ops->private to be NULL, and change the function command
      callbacks to handle the trace_array pointer being NULL as well.
      
      Fixes: d2afd57a ("tracing/ftrace: Allow instances to have their own function probes")
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      0f179765
  8. 28 6月, 2017 3 次提交
  9. 26 6月, 2017 4 次提交
    • S
      ftrace: Have cached module filters be an active filter · 8c08f0d5
      Steven Rostedt (VMware) 提交于
      When a module filter is added to set_ftrace_filter, if the module is not
      loaded, it is cached. This should be considered an active filter, and
      function tracing should be filtered by this. That is, if a cached module
      filter is the only filter set, then no function tracing should be happening,
      as all the functions available will be filtered out.
      
      This makes sense, as the reason to add a cached module filter, is to trace
      the module when you load it. There shouldn't be any other tracing happening
      until then.
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      8c08f0d5
    • S
      ftrace: Implement cached modules tracing on module load · d7fbf8df
      Steven Rostedt (VMware) 提交于
      If a module is cached in the set_ftrace_filter, and that module is loaded,
      then enable tracing on that module as if the cached module text was written
      into set_ftrace_filter just as the module is loaded.
      
        # echo ":mod:kvm_intel" >
        # cat /sys/kernel/tracing/set_ftrace_filter
       #### all functions enabled ####
       :mod:kvm_intel
        # modprobe kvm_intel
        # cat /sys/kernel/tracing/set_ftrace_filter
       vmx_get_rflags [kvm_intel]
       vmx_get_pkru [kvm_intel]
       vmx_get_interrupt_shadow [kvm_intel]
       vmx_rdtscp_supported [kvm_intel]
       vmx_invpcid_supported [kvm_intel]
       [..]
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      d7fbf8df
    • S
      ftrace: Have the cached module list show in set_ftrace_filter · 5985ea8b
      Steven Rostedt (VMware) 提交于
      When writing in a module filter into set_ftrace_filter for a module that is
      not yet loaded, it it cached, and will be executed when the module is loaded
      (although that is not implemented yet at this commit). Display the list of
      cached modules to be traced.
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      5985ea8b
    • S
      ftrace: Add :mod: caching infrastructure to trace_array · 673feb9d
      Steven Rostedt (VMware) 提交于
      This is the start of the infrastructure work to allow for tracing module
      functions before it is loaded.
      
      Currently the following command:
      
        # echo :mod:some-mod > set_ftrace_filter
      
      will enable tracing of all functions within the module "some-mod" if it is
      loaded. What we want, is if the module is not loaded, that line will be
      saved. When the module is loaded, then the "some-mod" will have that line
      executed on it, so that the functions within it starts being traced.
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      673feb9d
  10. 27 5月, 2017 1 次提交
    • L
      ftrace: Fix memory leak in ftrace_graph_release() · f9797c2f
      Luis Henriques 提交于
      ftrace_hash is being kfree'ed in ftrace_graph_release(), however the
      ->buckets field is not.  This results in a memory leak that is easily
      captured by kmemleak:
      
      unreferenced object 0xffff880038afe000 (size 8192):
        comm "trace-cmd", pid 238, jiffies 4294916898 (age 9.736s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff815f561e>] kmemleak_alloc+0x4e/0xb0
          [<ffffffff8113964d>] __kmalloc+0x12d/0x1a0
          [<ffffffff810bf6d1>] alloc_ftrace_hash+0x51/0x80
          [<ffffffff810c0523>] __ftrace_graph_open.isra.39.constprop.46+0xa3/0x100
          [<ffffffff810c05e8>] ftrace_graph_open+0x68/0xa0
          [<ffffffff8114003d>] do_dentry_open.isra.1+0x1bd/0x2d0
          [<ffffffff81140df7>] vfs_open+0x47/0x60
          [<ffffffff81150f95>] path_openat+0x2a5/0x1020
          [<ffffffff81152d6a>] do_filp_open+0x8a/0xf0
          [<ffffffff811411df>] do_sys_open+0x12f/0x200
          [<ffffffff811412ce>] SyS_open+0x1e/0x20
          [<ffffffff815fa6e0>] entry_SYSCALL_64_fastpath+0x13/0x94
          [<ffffffffffffffff>] 0xffffffffffffffff
      
      Link: http://lkml.kernel.org/r/20170525152038.7661-1-lhenriques@suse.com
      
      Cc: stable@vger.kernel.org
      Fixes: b9b0c831 ("ftrace: Convert graph filter to use hash tables")
      Signed-off-by: NLuis Henriques <lhenriques@suse.com>
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      f9797c2f
  11. 18 5月, 2017 2 次提交
    • N
      ftrace/instances: Clear function triggers when removing instances · a0e6369e
      Naveen N. Rao 提交于
      If instance directories are deleted while there are registered function
      triggers:
      
        # cd /sys/kernel/debug/tracing/instances
        # mkdir test
        # echo "schedule:enable_event:sched:sched_switch" > test/set_ftrace_filter
        # rmdir test
        Unable to handle kernel paging request for data at address 0x00000008
        Unable to handle kernel paging request for data at address 0x00000008
        Faulting instruction address: 0xc0000000021edde8
        Oops: Kernel access of bad area, sig: 11 [#1]
        SMP NR_CPUS=2048
        NUMA
        pSeries
        Modules linked in: iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ipt_REJECT nf_reject_ipv4 xt_tcpudp tun bridge stp llc kvm iptable_filter fuse binfmt_misc pseries_rng rng_core vmx_crypto ib_iser rdma_cm iw_cm ib_cm ib_core libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c multipath virtio_net virtio_blk virtio_pci crc32c_vpmsum virtio_ring virtio
        CPU: 8 PID: 8694 Comm: rmdir Not tainted 4.11.0-nnr+ #113
        task: c0000000bab52800 task.stack: c0000000baba0000
        NIP: c0000000021edde8 LR: c0000000021f0590 CTR: c000000002119620
        REGS: c0000000baba3870 TRAP: 0300   Not tainted  (4.11.0-nnr+)
        MSR: 8000000000009033 <SF,EE,ME,IR,DR,RI,LE>
          CR: 22002422  XER: 20000000
        CFAR: 00007fffabb725a8 DAR: 0000000000000008 DSISR: 40000000 SOFTE: 0
        GPR00: c00000000220f750 c0000000baba3af0 c000000003157e00 0000000000000000
        GPR04: 0000000000000040 00000000000000eb 0000000000000040 0000000000000000
        GPR08: 0000000000000000 0000000000000113 0000000000000000 c00000000305db98
        GPR12: c000000002119620 c00000000fd42c00 0000000000000000 0000000000000000
        GPR16: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
        GPR20: 0000000000000000 0000000000000000 c0000000bab52e90 0000000000000000
        GPR24: 0000000000000000 00000000000000eb 0000000000000040 c0000000baba3bb0
        GPR28: c00000009cb06eb0 c0000000bab52800 c00000009cb06eb0 c0000000baba3bb0
        NIP [c0000000021edde8] ring_buffer_lock_reserve+0x8/0x4e0
        LR [c0000000021f0590] trace_event_buffer_lock_reserve+0xe0/0x1a0
        Call Trace:
        [c0000000baba3af0] [c0000000021f96c8] trace_event_buffer_commit+0x1b8/0x280 (unreliable)
        [c0000000baba3b60] [c00000000220f750] trace_event_buffer_reserve+0x80/0xd0
        [c0000000baba3b90] [c0000000021196b8] trace_event_raw_event_sched_switch+0x98/0x180
        [c0000000baba3c10] [c0000000029d9980] __schedule+0x6e0/0xab0
        [c0000000baba3ce0] [c000000002122230] do_task_dead+0x70/0xc0
        [c0000000baba3d10] [c0000000020ea9c8] do_exit+0x828/0xd00
        [c0000000baba3dd0] [c0000000020eaf70] do_group_exit+0x60/0x100
        [c0000000baba3e10] [c0000000020eb034] SyS_exit_group+0x24/0x30
        [c0000000baba3e30] [c00000000200bcec] system_call+0x38/0x54
        Instruction dump:
        60000000 60420000 7d244b78 7f63db78 4bffaa09 393efff8 793e0020 39200000
        4bfffecc 60420000 3c4c00f7 3842a020 <81230008> 2f890000 409e02f0 a14d0008
        ---[ end trace b917b8985d0e650b ]---
        Unable to handle kernel paging request for data at address 0x00000008
        Faulting instruction address: 0xc0000000021edde8
        Unable to handle kernel paging request for data at address 0x00000008
        Faulting instruction address: 0xc0000000021edde8
        Faulting instruction address: 0xc0000000021edde8
      
      To address this, let's clear all registered function probes before
      deleting the ftrace instance.
      
      Link: http://lkml.kernel.org/r/c5f1ca624043690bd94642bb6bffd3f2fc504035.1494956770.git.naveen.n.rao@linux.vnet.ibm.comReported-by: NMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: NNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Signed-off-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      a0e6369e
    • N
  12. 04 5月, 2017 2 次提交
  13. 21 4月, 2017 17 次提交
  14. 18 4月, 2017 2 次提交