Re: [GIT PULL] updates for oprofile
From: Phil Carmody
Date: Tue Apr 27 2010 - 11:26:35 EST
Ingo, et al.,
Regarding today's pulled request, containing:
commit bc078e4eab65f11bbaeed380593ab8151b30d703
Author: Martin Schwidefsky <schwidef...@xxxxxxxxxx>
Date: Tue Mar 2 16:01:10 2010 +0100
oprofile: convert oprofile from timer_hook to hrtimer
Information is a touch scant, as I'm doing the investigation as I
write, but I believe that that patch can cause ooops regressions
via a null-pointer dereference in oprofile_add_sample().
That function declares:
"""
/**
* Add a sample. This may be called from any context.
*/
void oprofile_add_sample(struct pt_regs * const regs, unsigned long event);
"""
And begins:
"""
void oprofile_add_sample(struct pt_regs * const regs, unsigned long event)
{
int is_kernel = !user_mode(regs);
"""
Where on at least two major architectures (Arm, x86), user_mode()
unconditionally dereferences its parameter.
Now oprofile_add_sample() is called from this context:
"""
static enum hrtimer_restart oprofile_hrtimer_notify(struct hrtimer *hrtimer)
{
oprofile_add_sample(get_irq_regs(), 0);
"""
And get_irq_regs() is NULL when not in an IRQ context.
Bang.
An example of this kind of thing kicking in has already been encountered
last year:
http://www.mail-archive.com/linux-omap@xxxxxxxxxxxxxxx/msg14069.html
(That thread got a little side-tracked onto OMAP specifics, but the
original report is topical.)
Now would be a very good time for the "many eyes" principle to kick in.
I'm now looking into workarounds, but nothing that I'd necessarily
want to submit as a real fix.
Phil
cc:'d replies appreciated
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/