This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug tapsets/20589] New: kernel warning from calling kernel_buffer_quoted()

From: "dsmith at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: systemtap at sourceware dot org
Date: Thu, 08 Sep 2016 18:57:01 +0000
Subject: [Bug tapsets/20589] New: kernel warning from calling kernel_buffer_quoted()
Auto-submitted: auto-generated

https://sourceware.org/bugzilla/show_bug.cgi?id=20589

            Bug ID: 20589
           Summary: kernel warning from calling kernel_buffer_quoted()
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: tapsets
          Assignee: systemtap at sourceware dot org
          Reporter: dsmith at redhat dot com
  Target Milestone: ---

While running the testsuite on ppc64, I'm seeing the following backtrace:

====
[ 5627.892752] WARNING: at lib/vsprintf.c:1734
[ 5627.892757] Modules linked in:
stap_01e26654eb602f02ed6501518ab88513__13266(OE) binfmt_misc s_19766(OE) tun sg
pseries_rng nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c
sd_mod crc_t10dif crct10dif_generic crct10dif_common ibmvscsi
scsi_transport_srp scsi_tgt ibmveth dm_mirror dm_region_hash dm_log dm_mod
[last unloaded: stap_e4bb9f29face9c5be42f41e5ba4f3785_12354]
[ 5627.892826] CPU: 13 PID: 13266 Comm: stapio Tainted: G      D W  OE 
------------   3.10.0-327.el7.ppc64le.debug #1
[ 5627.892834] task: c000000417c2fb00 ti: c000000486ebc000 task.ti:
c000000486ebc000
[ 5627.892840] NIP: c000000000535ec4 LR: c0000000005366d0 CTR: c0000000005366a0
[ 5627.892846] REGS: c000000486ebf7c0 TRAP: 0700   Tainted: G      D W  OE 
------------    (3.10.0-327.el7.ppc64le.debug)
[ 5627.892853] MSR: 8000000000029033 <SF,EE,ME,IR,DR,RI,LE>  CR: 88004448  XER:
20000002
[ 5627.892875] CFAR: c0000000005359dc SOFTE: 1 
GPR00: c0000000005366d0 c000000486ebfa40 c0000000017bb5b0 d00000000b1a22a0 
GPR04: ffffffffffffffff d00000000ab97110 c000000486ebfb18 c00000000171b5b0 
GPR08: 0000000000000000 0000000000000001 d00000000ac96a74 d00000000ab81670 
GPR12: c0000000005366a0 c000000007b37500 0000000000000000 0000000000000004 
GPR16: 0000000010029028 000000001000d228 0000000000000001 000000001000d230 
GPR20: 0000000000000001 0000000000000001 d00000000ac24698 c000000000a83780 
GPR24: ffffffffffffffff c000000000a83778 d00000000acacb30 0000000000000010 
GPR28: d00000000ac2d548 d00000000b1a3cb0 d00000000b1a3cb8 d00000000b1a0000 
[ 5627.892978] NIP [c000000000535ec4] vsnprintf+0x534/0x560
[ 5627.892987] LR [c0000000005366d0] snprintf+0x30/0x40
[ 5627.892992] Call Trace:
[ 5627.892997] [c000000486ebfac0] [c0000000005366d0] snprintf+0x30/0x40
[ 5627.893021] [c000000486ebfae0] [d00000000aa74fd8]
function___global_kernel_buffer_quoted__overload_1+0xf8/0x110
[stap_01e26654eb602f02ed6501518ab88513__13266]
[ 5627.893048] [c000000486ebfb60] [d00000000aaefda4] probe_6260+0xc4/0x110
[stap_01e26654eb602f02ed6501518ab88513__13266]
[ 5627.893070] [c000000486ebfb90] [d00000000ab78aa4] enter_be_probe+0x1c4/0x370
[stap_01e26654eb602f02ed6501518ab88513__13266]
[ 5627.893093] [c000000486ebfc20] [d00000000ab7ce44]
systemtap_module_init+0x11d4/0x1f80
[stap_01e26654eb602f02ed6501518ab88513__13266]
[ 5627.893120] [c000000486ebfd10] [d00000000ab7df08]
_stp_ctl_write_cmd+0x318/0x1410 [stap_01e26654eb602f02ed6501518ab88513__13266]
[ 5627.893130] [c000000486ebfdd0] [c000000000358250] SyS_write+0x150/0x400
[ 5627.893138] [c000000486ebfe30] [c00000000000a188] system_call+0x38/0xb4
[ 5627.893144] Instruction dump:
[ 5627.893149] 80ba0000 88c10021 3b5a0008 7ca50774 4bffff28 80ba0000 88c10021
3b5a0008 
[ 5627.893166] 4bffff18 3ce2fff6 89277c48 69290001 <0b090000> 2fa90000 41fe0010
39200001 
[ 5627.893183] ---[ end trace 4b8c064ff3338824 ]---
====

That warning is coming from the following kernel code:

====
int vsnprintf(char *buf, size_t size, const char *fmt, va_list args)
{
        unsigned long long num;
        char *str, *end;
        struct printf_spec spec = {0};

        /* Reject out-of-range values early.  Large positive sizes are
           used for unknown buffer sizes. */
        if (WARN_ON_ONCE((int) size < 0))
                return 0;
        ...
====

Looking at the module source for stap_01e26654eb602f02ed6501518ab88513 I see
that we're deliberately calling kernel_buffer_quoted() with a -1 for the last
parameter, 'outlen'.

To avoid this warning, kernel_buffer_quoted() should validate outlen.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Follow-Ups:
- [Bug tapsets/20589] kernel warning from calling kernel_buffer_quoted()
  - From: dsmith at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]