Re: perf/tracepoint: another fuzzer generated lockup

From: Peter Zijlstra
Date: Thu Nov 14 2013 - 12:14:26 EST

Next message: Maxime Coquelin: "Re: [PATCH v6 1/4] i2c: busses: i2c-st: Add ST I2C controller"
Previous message: Phillip Lougher: "Re: [PATCH 3/6] Squashfs: add multi-threaded decompression usingpercpu variables"
In reply to: Vince Weaver: "Re: perf/tracepoint: another fuzzer generated lockup"
Next in thread: Steven Rostedt: "Re: perf/tracepoint: another fuzzer generated lockup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Nov 14, 2013 at 12:20:35PM -0500, Vince Weaver wrote:
>
> possibly not an issue with your patch, but found in nearby code:
>
> in perf_trace_init:
>
> int event_id = p_event->attr.config;
>
> ...
>
> if (tp_event->event.type == event_id &&
>
>
> note that "attr.config" is 64-bit but "event_id" is only 32-bit,
> so things like 0xffffffff00000018 will map to irq_work_exit.

I will have a look.

> I'm not sure if your PERM code properly handles this case, I don't have
> time to work through the macro-magic in your patch.

Can't blame you; took me a fair chunk of the day to come up with this.
That trace event stuff is horrid.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Maxime Coquelin: "Re: [PATCH v6 1/4] i2c: busses: i2c-st: Add ST I2C controller"
Previous message: Phillip Lougher: "Re: [PATCH 3/6] Squashfs: add multi-threaded decompression usingpercpu variables"
In reply to: Vince Weaver: "Re: perf/tracepoint: another fuzzer generated lockup"
Next in thread: Steven Rostedt: "Re: perf/tracepoint: another fuzzer generated lockup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]