This is a note to let you know that I've just added the patch titled
tracing: Use a copy of the va_list for __assign_vstr()
to the 5.19-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
tracing-use-a-copy-of-the-va_list-for-__assign_vstr.patch
and it can be found in the queue-5.19 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 3a2dcbaf4d31023106975d6ae75b6df080c454cb Mon Sep 17 00:00:00 2001
From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx>
Date: Tue, 19 Jul 2022 18:20:04 -0400
Subject: tracing: Use a copy of the va_list for __assign_vstr()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
commit 3a2dcbaf4d31023106975d6ae75b6df080c454cb upstream.
If an instance of tracing enables the same trace event as another
instance, or the top level instance, or even perf, then the va_list passed
into some tracepoints can be used more than once.
As va_list can only be traversed once, this can cause issues:
# cat /sys/kernel/tracing/instances/qla2xxx/trace
cat-56106 [012] ..... 2419873.470098: ql_dbg_log: qla2xxx [0000:05:00.0]-1054:14: Entered (null).
cat-56106 [012] ..... 2419873.470101: ql_dbg_log: qla2xxx [0000:05:00.0]-1000:14: Entered ×+<96>²Ü<98>^H.
cat-56106 [012] ..... 2419873.470102: ql_dbg_log: qla2xxx [0000:05:00.0]-1006:14: Prepare to issue mbox cmd=0xde589000.
# cat /sys/kernel/tracing/trace
cat-56106 [012] ..... 2419873.470097: ql_dbg_log: qla2xxx [0000:05:00.0]-1054:14: Entered qla2x00_get_firmware_state.
cat-56106 [012] ..... 2419873.470100: ql_dbg_log: qla2xxx [0000:05:00.0]-1000:14: Entered qla2x00_mailbox_command.
cat-56106 [012] ..... 2419873.470102: ql_dbg_log: qla2xxx [0000:05:00.0]-1006:14: Prepare to issue mbox cmd=0x69.
The instance version is corrupted because the top level instance iterated
the va_list first.
Use va_copy() in the __assign_vstr() macro to make sure that each trace
event for each use case gets a fresh va_list.
Link: https://lore.kernel.org/all/259d53a5-958e-6508-4e45-74dba2821242@xxxxxxxxxxx/
Link: https://lkml.kernel.org/r/20220719182004.21daa83e@xxxxxxxxxxxxxxxxxx
Fixes: 0563231f93c6d ("tracing/events: Add __vstring() and __assign_vstr() helper macros")
Reported-by: Arun Easi <aeasi@xxxxxxxxxxx>
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
include/trace/stages/stage6_event_callback.h | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
--- a/include/trace/stages/stage6_event_callback.h
+++ b/include/trace/stages/stage6_event_callback.h
@@ -40,7 +40,12 @@
#undef __assign_vstr
#define __assign_vstr(dst, fmt, va) \
- vsnprintf(__get_str(dst), TRACE_EVENT_STR_MAX, fmt, *(va))
+ do { \
+ va_list __cp_va; \
+ va_copy(__cp_va, *(va)); \
+ vsnprintf(__get_str(dst), TRACE_EVENT_STR_MAX, fmt, __cp_va); \
+ va_end(__cp_va); \
+ } while (0)
#undef __bitmask
#define __bitmask(item, nr_bits) __dynamic_array(unsigned long, item, -1)
Patches currently in stable-queue which might be from rostedt@xxxxxxxxxxx are
queue-5.19/batman-adv-tracing-use-the-new-__vstring-helper.patch
queue-5.19/ftrace-x86-add-back-ftrace_expected-assignment.patch
queue-5.19/rtla-utils-use-calloc-and-check-the-potential-memory.patch
queue-5.19/rtla-fix-double-free.patch
queue-5.19/tracing-use-a-copy-of-the-va_list-for-__assign_vstr.patch
queue-5.19/sched-core-always-flush-pending-blk_plug.patch
queue-5.19/spmi-trace-fix-stack-out-of-bound-access-in-spmi-tracing-functions.patch
queue-5.19/tracing-use-a-struct-alignof-to-determine-trace-even.patch
queue-5.19/tracing-events-add-__vstring-and-__assign_vstr-helpe.patch
queue-5.19/rtla-fix-makefile-when-called-from-c-tools.patch
