qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/kernel
History
Tengda Wu ced94e137e ftrace: Fix potential warning in trace_printk_seq during ftrace_dump 
[ Upstream commit 4013aef2ce ]

When calling ftrace_dump_one() concurrently with reading trace_pipe,
a WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race
condition.

The issue occurs because:

CPU0 (ftrace_dump)                              CPU1 (reader)
echo z > /proc/sysrq-trigger

!trace_empty(&iter)
trace_iterator_reset(&iter) <- len = size = 0
                                                cat /sys/kernel/tracing/trace_pipe
trace_find_next_entry_inc(&iter)
  __find_next_entry
    ring_buffer_empty_cpu <- all empty
  return NULL

trace_printk_seq(&iter.seq)
  WARN_ON_ONCE(s->seq.len >= s->seq.size)

In the context between trace_empty() and trace_find_next_entry_inc()
during ftrace_dump, the ring buffer data was consumed by other readers.
This caused trace_find_next_entry_inc to return NULL, failing to populate
`iter.seq`. At this point, due to the prior trace_iterator_reset, both
`iter.seq.len` and `iter.seq.size` were set to 0. Since they are equal,
the WARN_ON_ONCE condition is triggered.

Move the trace_printk_seq() into the if block that checks to make sure the
return value of trace_find_next_entry_inc() is non-NULL in
ftrace_dump_one(), ensuring the 'iter.seq' is properly populated before
subsequent operations.

Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Ingo Molnar <mingo@elte.hu>
Link: https://lore.kernel.org/20250822033343.3000289-1-wutengda@huaweicloud.com
Fixes: d769041f86 ("ring_buffer: implement new locking")
Signed-off-by: Tengda Wu <wutengda@huaweicloud.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2025-09-04 15:31:43 +02:00
..
bpf bpf: Make reg_not_null() true for CONST_PTR_TO_MAP 2025-08-20 18:30:39 +02:00
cgroup cgroup/cpuset: Fix a partition error with CPU hotplug 2025-08-28 16:31:11 +02:00
configs tinyconfig: remove unnecessary 'is not set' for choice blocks 2024-09-01 20:34:38 +09:00
debug move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
dma dma-mapping: Fix warning reported for missing prototype 2025-05-29 11:01:59 +02:00
entry
events perf/core: Prevent VMA split of buffer mappings 2025-08-15 12:14:09 +02:00
futex futex: Pass in task to futex_queue() 2025-03-22 12:54:14 -07:00
gcov
irq genirq/irq_sim: Initialize work context pointers properly 2025-07-10 16:05:07 +02:00
kcsan kcsan: test: Initialize dummy variable 2025-08-15 12:13:46 +02:00
livepatch
locking locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() 2025-04-20 10:15:45 +02:00
module module: Prevent silent truncation of module name in delete_module(2) 2025-08-20 18:30:46 +02:00
power PM: sleep: console: Fix the black screen issue 2025-08-20 18:30:25 +02:00
printk printk: nbcon: Allow reacquire during panic 2025-08-20 18:30:47 +02:00
rcu rcu: Fix racy re-initialization of irq_work causing hangs 2025-08-20 18:30:58 +02:00
sched sched_ext: initialize built-in idle state before ops.init() 2025-08-28 16:31:05 +02:00
time timekeeping: Zero initialize system_counterval when querying time from phc drivers 2025-08-01 09:48:42 +01:00
trace ftrace: Fix potential warning in trace_printk_seq during ftrace_dump 2025-09-04 15:31:43 +02:00
.gitignore
Kconfig.freezer
Kconfig.hz
Kconfig.kexec crash, powerpc: default to CRASH_DUMP=n on PPC_BOOK3S_32 2024-11-14 22:43:48 -08:00
Kconfig.locks
Kconfig.preempt
Makefile mm: move kernel/numa.c to mm/ 2024-09-03 21:15:26 -07:00
acct.c acct: block access to kernel internal filesystems 2025-02-27 04:30:23 -08:00
async.c
audit.c audit: Make use of str_enabled_disabled() helper 2024-09-03 16:35:16 -04:00
audit.h audit,module: restore audit logging in load failure case 2025-08-15 12:13:31 +02:00
audit_fsnotify.c
audit_tree.c
audit_watch.c
auditfilter.c audit: use task_tgid_nr() instead of task_pid_nr() 2024-08-28 16:48:28 -04:00
auditsc.c audit,module: restore audit logging in load failure case 2025-08-15 12:13:31 +02:00
backtracetest.c
bounds.c
capability.c
cfi.c
compat.c
configs.c
context_tracking.c context_tracking, rcu: Rename rcu_dyntick trace event into rcu_watching 2024-08-15 21:30:43 +05:30
cpu.c watchdog/hardlockup/perf: Fix perf_event memory leak 2025-04-10 14:39:11 +02:00
cpu_pm.c
crash_core.c Document/kexec: generalize crash hotplug description 2024-09-01 20:43:37 -07:00
crash_reserve.c crash: fix crash memory reserve exceed system memory bug 2024-09-01 20:43:30 -07:00
cred.c
delayacct.c
dma.c
elfcorehdr.c
exec_domain.c
exit.c perf: Fix sample vs do_exit() 2025-06-27 11:11:45 +01:00
exit.h
extable.c
fail_function.c
fork.c kernel/fork: only call untrack_pfn_clear() on VMAs duplicated for fork() 2025-05-29 11:03:14 +02:00
freezer.c sched,freezer: Remove unnecessary warning in __thaw_task 2025-07-24 08:56:37 +02:00
gen_kheaders.sh kheaders: Ignore silly-rename files 2025-01-23 17:22:55 +01:00
groups.c
hung_task.c
iomem.c
irq_work.c
jump_label.c jump_label: Fix static_key_slow_dec() yet again 2024-09-10 11:57:27 +02:00
kallsyms.c kallsyms: Match symbols exactly with CONFIG_LTO_CLANG 2024-08-15 09:33:35 -07:00
kallsyms_internal.h
kallsyms_selftest.c kallsyms: Match symbols exactly with CONFIG_LTO_CLANG 2024-08-15 09:33:35 -07:00
kallsyms_selftest.h
kcmp.c
kcov.c kcov: mark in_softirq_really() as __always_inline 2025-01-09 13:33:49 +01:00
kexec.c
kexec_core.c
kexec_elf.c kexec: initialize ELF lowest address to ULONG_MAX 2025-04-10 14:39:24 +02:00
kexec_file.c kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y 2024-09-01 17:59:01 -07:00
kexec_internal.h kexec: use atomic_try_cmpxchg_acquire() in kexec_trylock() 2024-09-01 20:43:23 -07:00
kheaders.c
kprobes.c kprobes: Fix to check symbol prefixes correctly 2024-08-05 14:04:03 +09:00
ksyms_common.c
ksysfs.c
kthread.c kthread: unpark only parked kthread 2024-10-09 12:47:19 -07:00
latencytop.c
module_signature.c
notifier.c
nsproxy.c introduce fd_file(), convert all accessors to it. 2024-08-12 22:00:43 -04:00
padata.c padata: do not leak refcount in reorder_work 2025-05-29 11:03:19 +02:00
panic.c objtool, panic: Disable SMAP in __stack_chk_fail() 2025-05-02 07:59:19 +02:00
params.c module: ensure that kobject_put() is safe for module type kobjects 2025-05-18 08:24:54 +02:00
pid.c introduce fd_file(), convert all accessors to it. 2024-08-12 22:00:43 -04:00
pid_namespace.c
pid_sysctl.h
profile.c profiling: remove profile=sleep support 2024-08-04 13:36:28 -07:00
ptrace.c
range.c
reboot.c Flush console log from kernel_power_off() 2025-04-20 10:15:12 +02:00
regset.c
relay.c [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
resource.c resource: fix false warning in __request_region() 2025-08-01 09:48:44 +01:00
resource_kunit.c resource, kunit: fix user-after-free in resource_test_region_intersects() 2024-10-09 12:47:19 -07:00
rseq.c rseq: Fix segfault on registration when rseq_cs is non-zero 2025-07-17 18:37:24 +02:00
scftorture.c
scs.c
seccomp.c seccomp: passthrough uretprobe systemcall without filtering 2025-02-17 10:05:12 +01:00
signal.c pidfs: improve multi-threaded exec and premature thread-group leader exit polling 2025-05-29 11:02:09 +02:00
smp.c smp: print only local CPU info when sched_clock goes backward 2024-08-15 00:06:48 +05:30
smpboot.c
smpboot.h
softirq.c lockdep: Fix wait context check on softirq for PREEMPT_RT 2025-05-29 11:02:08 +02:00
stackleak.c
stacktrace.c
static_call.c
static_call_inline.c x86/static-call: provide a way to do very early static-call updates 2024-12-19 18:13:23 +01:00
stop_machine.c sched/core: Fix migrate_swap() vs. hotplug 2025-07-17 18:37:03 +02:00
sys.c struct fd layout change (and conversion to accessor helpers) 2024-09-23 09:35:36 -07:00
sys_ni.c
sysctl-test.c
sysctl.c
task_work.c sched/core: Disable page allocation in task_tick_mm_cid() 2024-10-11 10:49:32 +02:00
taskstats.c introduce fd_file(), convert all accessors to it. 2024-08-12 22:00:43 -04:00
torture.c
tracepoint.c tracepoint: Support iterating tracepoints in a loading module 2024-09-25 23:23:44 +09:00
tsacct.c
ucount.c ucount: fix atomic_long_inc_below() argument type 2025-08-15 12:13:59 +02:00
uid16.c
uid16.h
umh.c
up.c
user-return-notifier.c
user.c uidgid: make sure we fit into one cacheline 2024-09-12 12:16:09 +02:00
user_namespace.c user_namespace: use kmemdup_array() instead of kmemdup() for multiple allocation 2024-09-09 16:47:42 -07:00
usermode_driver.c
utsname.c
utsname_sysctl.c
vhost_task.c vhost_task: fix vhost_task_create() documentation 2025-05-29 11:01:59 +02:00
vmcore_info.c mm: support only one page_type per page 2024-09-03 21:15:43 -07:00
watch_queue.c watch_queue: fix pipe accounting mismatch 2025-04-10 14:39:10 +02:00
watchdog.c watchdog: fix watchdog may detect false positive of softlockup 2025-06-27 11:11:22 +01:00
watchdog_buddy.c
watchdog_perf.c watchdog/hardlockup/perf: Fix perf_event memory leak 2025-04-10 14:39:11 +02:00
workqueue.c workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() 2025-06-27 11:11:42 +01:00
workqueue_internal.h