linux-hardened/kernel/trace
Linus Torvalds 23aa4b416a This holds a few fixes to the ftrace infrastructure as well as
the mixture of function graph tracing and kprobes.
 
 When jprobes and function graph tracing is enabled at the same time
 it will crash the system.
 
   # modprobe jprobe_example
   # echo function_graph > /sys/kernel/debug/tracing/current_tracer
 
 After the first fork (jprobe_example probes it), the system will crash.
 This is due to the way jprobes copies the stack frame and does not
 do a normal function return. This messes up with the function graph
 tracing accounting which hijacks the return address from the stack
 and replaces it with a hook function. It saves the return addresses in
 a separate stack to put back the correct return address when done.
 But because the jprobe functions do not do a normal return, their
 stack addresses are not put back until the function they probe is called,
 which means that the probed function will get the return address of
 the jprobe handler instead of its own.
 
 The simple fix here was to disable function graph tracing while the
 jprobe handler is being called.
 
 While debugging this I found two minor bugs with the function graph
 tracing.
 
 The first was about the function graph tracer sharing its function hash
 with the function tracer (they both get filtered by the same input).
 The changing of the set_ftrace_filter would not sync the function recording
 records after a change if the function tracer was disabled but the
 function graph tracer was enabled. This was due to the update only checking
 one of the ops instead of the shared ops to see if they were enabled and
 should perform the sync. This caused the ftrace accounting to break and
 a ftrace_bug() would be triggered, disabling ftrace until a reboot.
 
 The second was that the check to update records only checked one of the
 filter hashes. It needs to test both the "filter" and "notrace" hashes.
 The "filter" hash determines what functions to trace where as the "notrace"
 hash determines what functions not to trace (trace all but these).
 Both hashes need to be passed to the update code to find out what change
 is being done during the update. This also broke the ftrace record
 accounting and triggered a ftrace_bug().
 
 This patch set also include two more fixes that were reported separately
 from the kprobe issue.
 
 One was that init_ftrace_syscalls() was called twice at boot up.
 This is not a major bug, but that call performed a rather large kmalloc
 (NR_syscalls * sizeof(*syscalls_metadata)). The second call made the first
 one a memory leak, and wastes memory.
 
 The other fix is a regression caused by an update in the v3.19 merge window.
 The moving to enable events early, moved the enabling before PID 1 was
 created. The syscall events require setting the TIF_SYSCALL_TRACEPOINT
 for all tasks. But for_each_process_thread() does not include the swapper
 task (PID 0), and ended up being a nop. A suggested fix was to add
 the init_task() to have its flag set, but I didn't really want to mess
 with PID 0 for this minor bug. Instead I disable and re-enable events again
 at early_initcall() where it use to be enabled. This also handles any other
 event that might have its own reg function that could break at early
 boot up.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJUt9vmAAoJEEjnJuOKh9ldLHEIAJ9XrPW2xMIY5yI69jT1F7pv
 PkSRqENnOK0l4UulD52SvIBecQTTBcEEjao4yVGkc7DCJBOws/1LZ5gW8OfNlKjq
 rMB8yaosL1tXJ1ARVPMjcQVy+228zkgTXznwEZCjku1g7LuScQ28qyXsXO7B6yiK
 xKoHqKjygmM/a2aVn+8tdiVKiDp6jdmkbYicbaFT4xP7XB5DaMmIiXRHxdvW6xdR
 azKrVfYiMyJqTZNt/EVSWUk2WjeaYhoXyNtvgPx515wTo/llCnzhjcsocXBtH2P/
 YOtwl+1L7Z89ukV9oXqrtrUJZ6Ps7+g7I1flJuL7/1FlNGnklcP9JojD+t6HeT8=
 =vkec
 -----END PGP SIGNATURE-----

Merge tag 'trace-fixes-v3.19-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull ftrace fixes from Steven Rostedt:
 "This holds a few fixes to the ftrace infrastructure as well as the
  mixture of function graph tracing and kprobes.

  When jprobes and function graph tracing is enabled at the same time it
  will crash the system:

      # modprobe jprobe_example
      # echo function_graph > /sys/kernel/debug/tracing/current_tracer

  After the first fork (jprobe_example probes it), the system will
  crash.

  This is due to the way jprobes copies the stack frame and does not do
  a normal function return.  This messes up with the function graph
  tracing accounting which hijacks the return address from the stack and
  replaces it with a hook function.  It saves the return addresses in a
  separate stack to put back the correct return address when done.  But
  because the jprobe functions do not do a normal return, their stack
  addresses are not put back until the function they probe is called,
  which means that the probed function will get the return address of
  the jprobe handler instead of its own.

  The simple fix here was to disable function graph tracing while the
  jprobe handler is being called.

  While debugging this I found two minor bugs with the function graph
  tracing.

  The first was about the function graph tracer sharing its function
  hash with the function tracer (they both get filtered by the same
  input).  The changing of the set_ftrace_filter would not sync the
  function recording records after a change if the function tracer was
  disabled but the function graph tracer was enabled.  This was due to
  the update only checking one of the ops instead of the shared ops to
  see if they were enabled and should perform the sync.  This caused the
  ftrace accounting to break and a ftrace_bug() would be triggered,
  disabling ftrace until a reboot.

  The second was that the check to update records only checked one of
  the filter hashes.  It needs to test both the "filter" and "notrace"
  hashes.  The "filter" hash determines what functions to trace where as
  the "notrace" hash determines what functions not to trace (trace all
  but these).  Both hashes need to be passed to the update code to find
  out what change is being done during the update.  This also broke the
  ftrace record accounting and triggered a ftrace_bug().

  This patch set also include two more fixes that were reported
  separately from the kprobe issue.

  One was that init_ftrace_syscalls() was called twice at boot up.  This
  is not a major bug, but that call performed a rather large kmalloc
  (NR_syscalls * sizeof(*syscalls_metadata)).  The second call made the
  first one a memory leak, and wastes memory.

  The other fix is a regression caused by an update in the v3.19 merge
  window.  The moving to enable events early, moved the enabling before
  PID 1 was created.  The syscall events require setting the
  TIF_SYSCALL_TRACEPOINT for all tasks.  But for_each_process_thread()
  does not include the swapper task (PID 0), and ended up being a nop.

  A suggested fix was to add the init_task() to have its flag set, but I
  didn't really want to mess with PID 0 for this minor bug.  Instead I
  disable and re-enable events again at early_initcall() where it use to
  be enabled.  This also handles any other event that might have its own
  reg function that could break at early boot up"

* tag 'trace-fixes-v3.19-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  tracing: Fix enabling of syscall events on the command line
  tracing: Remove extra call to init_ftrace_syscalls()
  ftrace/jprobes/x86: Fix conflict between jprobes and function graph tracing
  ftrace: Check both notrace and filter for old hash
  ftrace: Fix updating of filters for shared global_ops filters
2015-01-17 07:55:52 +13:00
..
blktrace.c Merge branch 'for-3.19/core' of git://git.kernel.dk/linux-block 2014-12-13 14:14:23 -08:00
ftrace.c ftrace: Check both notrace and filter for old hash 2015-01-15 09:37:33 -05:00
Kconfig tracing: Remove function_trace_stop and HAVE_FUNCTION_TRACE_MCOUNT_TEST 2014-07-18 13:58:12 -04:00
Makefile tracing / PM: Replace CONFIG_PM_RUNTIME with CONFIG_PM 2014-12-13 02:23:30 +01:00
power-traces.c PM / tracing: remove deprecated power trace API 2013-01-26 00:39:12 +01:00
ring_buffer.c There was a lot of clean ups and minor fixes. One of those clean ups was 2014-12-10 19:58:13 -08:00
ring_buffer_benchmark.c sched, cleanup, treewide: Remove set_current_state(TASK_RUNNING) after schedule() 2014-09-19 12:35:17 +02:00
rpm-traces.c PM / Runtime: Introduce trace points for tracing rpm_* functions 2011-09-27 22:53:27 +02:00
trace.c tracing: Remove extra call to init_ftrace_syscalls() 2015-01-15 09:41:11 -05:00
trace.h tracing: Add tp_printk cmdline to have tracepoints go to printk() 2014-12-15 10:17:38 -05:00
trace_benchmark.c tracing: Only calculate stats of tracepoint benchmarks for 2^32 times 2014-06-06 00:41:38 -04:00
trace_benchmark.h tracing: Add tracepoint benchmark tracepoint 2014-05-29 22:49:54 -04:00
trace_branch.c tracing: Have branch tracer use trace_handle_return() helper function 2014-11-19 15:25:41 -05:00
trace_clock.c tracing: Fix wraparound problems in "uptime" trace clock 2014-07-21 09:56:12 -04:00
trace_entries.h tracing: Add trace_puts() for even faster trace_printk() tracing 2013-03-15 00:35:55 -04:00
trace_event_perf.c perf: Check permission only for parent tracepoint event 2014-07-28 10:01:38 +02:00
trace_events.c tracing: Fix enabling of syscall events on the command line 2015-01-15 09:42:50 -05:00
trace_events_filter.c tracing: Allow NOT to filter AND and OR clauses 2014-12-03 10:00:27 -05:00
trace_events_filter_test.h tracing/filter: Add startup tests for events filter 2011-08-19 14:35:59 -04:00
trace_events_trigger.c trace: Replace single-character seq_puts with seq_putc 2014-11-14 07:55:55 -05:00
trace_export.c tracing: Fix anonymous unions in struct ftrace_event_call 2014-04-09 20:02:55 -04:00
trace_functions.c tracing/trivial: Fix typos and make an int into a bool 2014-11-20 10:05:36 -05:00
trace_functions_graph.c This code is a fork from the trace-3.19 pull as it needed the trace_seq 2014-12-10 20:35:41 -08:00
trace_irqsoff.c tracing: Allow irq/preempt tracers to be used by instances 2014-04-21 13:59:29 -04:00
trace_kdb.c KGDB/KDB fixes and cleanups 2015-01-09 20:51:10 -08:00
trace_kprobe.c kprobes/tracing: Use trace_seq_has_overflowed() for overflow checks 2014-11-19 15:25:43 -05:00
trace_mmiotrace.c tracing: Do not check return values of trace_seq_p*() for mmio tracer 2014-11-19 15:25:44 -05:00
trace_nop.c tracing: Remove mock up poll wait function 2014-04-30 08:40:05 -04:00
trace_output.c tracing: Add additional marks to signal very large time deltas 2014-12-03 17:10:13 -05:00
trace_output.h tracing: Add trace_seq_has_overflowed() and trace_handle_return() 2014-11-19 15:25:39 -05:00
trace_printk.c trace: Replace single-character seq_puts with seq_putc 2014-11-14 07:55:55 -05:00
trace_probe.c tracing/probes: Do not use return value of trace_seq_printf() 2014-11-19 15:25:44 -05:00
trace_probe.h kprobes, ftrace: Use NOKPROBE_SYMBOL macro in ftrace 2014-04-24 10:26:39 +02:00
trace_sched_switch.c tracing: Move tracing_sched_{switch,wakeup}() into wakeup tracer 2014-11-11 12:43:15 -05:00
trace_sched_wakeup.c tracing: Move tracing_sched_{switch,wakeup}() into wakeup tracer 2014-11-11 12:43:15 -05:00
trace_selftest.c Seems that Peter Zijlstra added a new check that is making old 2014-10-12 07:28:55 -04:00
trace_selftest_dynamic.c
trace_seq.c tracing: Use trace_seq_used() and seq_buf_used() instead of len 2014-11-19 22:01:15 -05:00
trace_stack.c sched: Add helper for task stack page overrun checking 2014-09-19 12:35:23 +02:00
trace_stat.c trace/trace_stat: use rbtree postorder iteration helper instead of opencoding 2013-11-05 16:01:47 -05:00
trace_stat.h
trace_syscalls.c As the merge window is still open, and this code was not as complex 2014-12-16 12:53:59 -08:00
trace_uprobe.c tracing: Deletion of an unnecessary check before iput() 2014-11-19 16:28:45 -05:00