rds: Node crashes when trace buffer is opened

The problem is that trace_printk() cannot handle a format string like
%p* which prints out the content from a pointer.  It stores the
pointer value.  When the trace file is opened, that pointer is
de-referenced and causes problems.  To use ftrace with such format
string, __trace_printk() needs to be used.  It stores the formatted
string in the trace buffer instead.

Orabug: 27708872

Signed-off-by: Ka-Cheong Poon <[email protected]>
Reviewed-by: Yuval Shaia <[email protected]>
Reviewed-by: Tom Hromatka <[email protected]>
Signed-off-by: Somasundaram Krishnasamy <[email protected]>

Author: kcp-git

net/rds/connection.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, 2017 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -387,11 +387,12 @@ void rds_conn_shutdown(struct rds_conn_path *cp)
 
 	/* shut it down unless it's down already */
 	if (!rds_conn_path_transition(cp, RDS_CONN_DOWN, RDS_CONN_DOWN)) {
-		rds_rtd(RDS_RTD_CM_EXT,
-			"RDS/%s: shutdown init <%pI6c,%pI6c,%d>, cn %p, cn->c_p %p\n",
-			conn->c_trans->t_type == RDS_TRANS_TCP ? "TCP" : "IB",
-			&conn->c_laddr, &conn->c_faddr,
-			conn->c_tos, conn, conn->c_passive);
+		rds_rtd_ptr(RDS_RTD_CM_EXT,
+			    "RDS/%s: shutdown init <%pI6c,%pI6c,%d>, cn %p, cn->c_p %p\n",
+			    conn->c_trans->t_type == RDS_TRANS_TCP ? "TCP" :
+			    "IB",
+			    &conn->c_laddr, &conn->c_faddr,
+			    conn->c_tos, conn, conn->c_passive);
 		/*
 		 * Quiesce the connection mgmt handlers before we start tearing
 		 * things down. We don't hold the mutex for the entire
@@ -518,9 +519,9 @@ void rds_conn_destroy(struct rds_connection *conn, int shutdown)
 	int i;
 	int npaths = (conn->c_trans->t_mp_capable ? RDS_MPATH_WORKERS : 1);
 
-	rds_rtd(RDS_RTD_CM, "freeing conn %p <%pI6c,%pI6c,%d>\n",
-		conn, &conn->c_laddr, &conn->c_faddr,
-		conn->c_tos);
+	rds_rtd_ptr(RDS_RTD_CM, "freeing conn %p <%pI6c,%pI6c,%d>\n",
+		    conn, &conn->c_laddr, &conn->c_faddr,
+		    conn->c_tos);
 
 	conn->c_destroy_in_prog = 1;
 	/* Ensure conn will not be scheduled for reconnect */
@@ -987,11 +988,11 @@ void rds_conn_path_drop(struct rds_conn_path *cp, int reason)
 
 	atomic_set(&cp->cp_state, RDS_CONN_ERROR);
 
-	rds_rtd(RDS_RTD_CM_EXT,
-		"RDS/%s: queueing shutdown work, conn %p, <%pI6c,%pI6c,%d>\n",
-		conn->c_trans->t_type == RDS_TRANS_TCP ? "TCP" : "IB",
-		conn, &conn->c_laddr, &conn->c_faddr,
-		conn->c_tos);
+	rds_rtd_ptr(RDS_RTD_CM_EXT,
+		    "RDS/%s: queueing shutdown work, conn %p, <%pI6c,%pI6c,%d>\n",
+		    conn->c_trans->t_type == RDS_TRANS_TCP ? "TCP" : "IB",
+		    conn, &conn->c_laddr, &conn->c_faddr,
+		    conn->c_tos);
 
 	queue_work(cp->cp_wq, &cp->cp_down_w);
 }
@@ -1014,10 +1015,10 @@ void rds_conn_path_connect_if_down(struct rds_conn_path *cp)
 
 	if (rds_conn_path_state(cp) == RDS_CONN_DOWN &&
 	    !test_and_set_bit(RDS_RECONNECT_PENDING, &cp->cp_flags)) {
-		rds_rtd(RDS_RTD_CM_EXT,
-			"queueing connect work, conn %p, <%pI6c,%pI6c,%d>\n",
-			conn, &conn->c_laddr, &conn->c_faddr,
-			conn->c_tos);
+		rds_rtd_ptr(RDS_RTD_CM_EXT,
+			    "queueing connect work, conn %p, <%pI6c,%pI6c,%d>\n",
+			    conn, &conn->c_laddr, &conn->c_faddr,
+			    conn->c_tos);
 		queue_delayed_work(cp->cp_wq, &cp->cp_conn_w, 0);
 	}
 }

net/rds/ib_cm.c

@@ -663,10 +663,10 @@ static void rds_ib_qp_event_handler(struct ib_event *event, void *data)
 		complete(&ic->i_last_wqe_complete);
 		break;
 	default:
-		rds_rtd(RDS_RTD_ERR,
-			"Fatal QP Event %u (%s) - connection %pI6c->%pI6c tos %d, reconnecting\n",
-			event->event, rds_ib_event_str(event->event),
-			&conn->c_laddr,	&conn->c_faddr, conn->c_tos);
+		rds_rtd_ptr(RDS_RTD_ERR,
+			    "Fatal QP Event %u (%s) - connection %pI6c->%pI6c tos %d, reconnecting\n",
+			    event->event, rds_ib_event_str(event->event),
+			    &conn->c_laddr, &conn->c_faddr, conn->c_tos);
 		rds_conn_drop(conn, DR_IB_QP_EVENT);
 		break;
 	}
@@ -1027,14 +1027,14 @@ int rds_ib_cm_handle_connect(struct rdma_cm_id *cm_id,
 		daddr6 = &d_mapped_addr;
 	}
 
-	rds_rtd(RDS_RTD_CM,
-		"saddr %pI6c daddr %pI6c RDSv%u.%u lguid 0x%llx fguid 0x%llx tos %d\n",
-		saddr6, daddr6,
-		RDS_PROTOCOL_MAJOR(version),
-		RDS_PROTOCOL_MINOR(version),
-		(unsigned long long)be64_to_cpu(lguid),
-		(unsigned long long)be64_to_cpu(fguid),
-		dp_cmn->ricpc_tos);
+	rds_rtd_ptr(RDS_RTD_CM,
+		    "saddr %pI6c daddr %pI6c RDSv%u.%u lguid 0x%llx fguid 0x%llx tos %d\n",
+		    saddr6, daddr6,
+		    RDS_PROTOCOL_MAJOR(version),
+		    RDS_PROTOCOL_MINOR(version),
+		    (unsigned long long)be64_to_cpu(lguid),
+		    (unsigned long long)be64_to_cpu(fguid),
+		    dp_cmn->ricpc_tos);
 
 #ifdef CONFIG_RDS_ACL
 

net/rds/rdma_transport.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2017 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2018 Oracle and/or its affiliates. All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -166,10 +166,10 @@ int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 				cm_id->route.path_rec[0].qos_class = conn->c_tos;
 				ret = trans->cm_initiate_connect(cm_id, isv6);
 			} else {
-				rds_rtd(RDS_RTD_CM,
-					"ROUTE_RESOLVED: calling rds_conn_drop, conn %p <%pI6c,%pI6c,%d>\n",
-					conn, &conn->c_laddr,
-					&conn->c_faddr, conn->c_tos);
+				rds_rtd_ptr(RDS_RTD_CM,
+					    "ROUTE_RESOLVED: calling rds_conn_drop, conn %p <%pI6c,%pI6c,%d>\n",
+					    conn, &conn->c_laddr,
+					    &conn->c_faddr, conn->c_tos);
 				rds_conn_drop(conn, DR_IB_RDMA_CM_ID_MISMATCH);
 			}
 		}
@@ -197,10 +197,10 @@ int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 		}
 
 		if (conn) {
-			rds_rtd(RDS_RTD_ERR,
-				"ROUTE_ERROR: conn %p, calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
-				conn, &conn->c_laddr,
-				&conn->c_faddr, conn->c_tos);
+			rds_rtd_ptr(RDS_RTD_ERR,
+				    "ROUTE_ERROR: conn %p, calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
+				    conn, &conn->c_laddr,
+				    &conn->c_faddr, conn->c_tos);
 			rds_conn_drop(conn, DR_IB_ROUTE_ERR);
 		}
 		break;
@@ -211,10 +211,10 @@ int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 
 	case RDMA_CM_EVENT_ADDR_ERROR:
 		if (conn) {
-			rds_rtd(RDS_RTD_ERR,
-				"ADDR_ERROR: conn %p, calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
-				conn, &conn->c_laddr,
-				&conn->c_faddr, conn->c_tos);
+			rds_rtd_ptr(RDS_RTD_ERR,
+				    "ADDR_ERROR: conn %p, calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
+				    conn, &conn->c_laddr,
+				    &conn->c_faddr, conn->c_tos);
 			rds_conn_drop(conn, DR_IB_ADDR_ERR);
 		}
 		break;
@@ -223,10 +223,10 @@ int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 	case RDMA_CM_EVENT_UNREACHABLE:
 	case RDMA_CM_EVENT_DEVICE_REMOVAL:
 		if (conn) {
-			rds_rtd(RDS_RTD_ERR,
-				"CONN/UNREACHABLE/RMVAL ERR: conn %p, calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
-				conn, &conn->c_laddr,
-				&conn->c_faddr, conn->c_tos);
+			rds_rtd_ptr(RDS_RTD_ERR,
+				    "CONN/UNREACHABLE/RMVAL ERR: conn %p, calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
+				    conn, &conn->c_laddr,
+				    &conn->c_faddr, conn->c_tos);
 			rds_conn_drop(conn, DR_IB_CONNECT_ERR);
 		}
 		break;
@@ -255,27 +255,27 @@ int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 				       conn->c_tos);
 				rds_ib_conn_destroy_init(conn);
 			} else {
-				rds_rtd(RDS_RTD_ERR,
-					"Rejected: *err %d status %d calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
-					*err, event->status,
-					&conn->c_laddr,
-					&conn->c_faddr,
-					conn->c_tos);
+				rds_rtd_ptr(RDS_RTD_ERR,
+					    "Rejected: *err %d status %d calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
+					    *err, event->status,
+					    &conn->c_laddr,
+					    &conn->c_faddr,
+					    conn->c_tos);
 				rds_conn_drop(conn, DR_IB_REJECTED_EVENT);
 			}
 		}
 		break;
 
 	case RDMA_CM_EVENT_ADDR_CHANGE:
-		rds_rtd(RDS_RTD_CM_EXT,
-			"ADDR_CHANGE event <%pI6c,%pI6c>\n",
-			&conn->c_laddr,
-			&conn->c_faddr);
+		rds_rtd_ptr(RDS_RTD_CM_EXT,
+			    "ADDR_CHANGE event <%pI6c,%pI6c>\n",
+			    &conn->c_laddr,
+			    &conn->c_faddr);
 		if (conn) {
-			rds_rtd(RDS_RTD_CM,
-				"ADDR_CHANGE: calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
-				&conn->c_laddr, &conn->c_faddr,
-				conn->c_tos);
+			rds_rtd_ptr(RDS_RTD_CM,
+				    "ADDR_CHANGE: calling rds_conn_drop <%pI6c,%pI6c,%d>\n",
+				    &conn->c_laddr, &conn->c_faddr,
+				    conn->c_tos);
 			if (!rds_conn_self_loopback_passive(conn)) {
 				queue_delayed_work(conn->c_path[0].cp_wq,
 						   &conn->c_reconn_w,
@@ -286,9 +286,9 @@ int rds_rdma_cm_event_handler_cmn(struct rdma_cm_id *cm_id,
 		break;
 
 	case RDMA_CM_EVENT_DISCONNECTED:
-		rds_rtd(RDS_RTD_CM,
-			"DISCONNECT event - dropping connection %pI6c->%pI6c tos %d\n",
-			&conn->c_laddr, &conn->c_faddr,	conn->c_tos);
+		rds_rtd_ptr(RDS_RTD_CM,
+			    "DISCONNECT event - dropping connection %pI6c->%pI6c tos %d\n",
+			    &conn->c_laddr, &conn->c_faddr, conn->c_tos);
 		rds_conn_drop(conn, DR_IB_DISCONNECTED_EVENT);
 		break;
 

net/rds/rds.h

@@ -88,12 +88,14 @@ enum {
 	RDS_RTD_TCP			= 1 << 28,	/* 0x10000000 */
 };
 
-#define rds_rtd_printk(format, arg...)		\
-	trace_printk("%d: " format, __LINE__, ## arg)
-
 #define rds_rtd(enabling_bit, format, arg...)				     \
 	do { if (likely(!(enabling_bit & kernel_rds_rt_debug_bitmap))) break;\
-		 rds_rtd_printk(format, ## arg);			     \
+		trace_printk("%d: " format, __LINE__, ## arg);		     \
+	} while (0)
+
+#define rds_rtd_ptr(enabling_bit, format, arg...)			      \
+	do { if (likely(!(enabling_bit & kernel_rds_rt_debug_bitmap))) break; \
+		__trace_printk(_THIS_IP_, "%d: " format, __LINE__, ## arg);   \
 	} while (0)
 
 /* XXX is there one of these somewhere? */

net/rds/recv.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, 2017 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2018 Oracle and/or its affiliates. All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -383,9 +383,9 @@ void rds_recv_incoming(struct rds_connection *conn, struct in6_addr *saddr,
 	skb = alloc_skb(sizeof(struct rds_nf_hdr) * 2, gfp);
 	if (NULL == skb) {
 		/* if we have allocation problems, then we just need to depart */
-		rds_rtd(RDS_RTD_ERR,
-			"failure to allocate space for inc %p, %pI6c -> %pI6c tos %d\n",
-			inc, saddr, daddr, conn->c_tos);
+		rds_rtd_ptr(RDS_RTD_ERR,
+			    "failure to allocate space for inc %p, %pI6c -> %pI6c tos %d\n",
+			    inc, saddr, daddr, conn->c_tos);
 		rds_recv_local(cp, saddr, daddr, inc, gfp, rs);
 		/* drop the reference if we had taken one */
 		if (NULL != rs)
@@ -434,9 +434,9 @@ void rds_recv_incoming(struct rds_connection *conn, struct in6_addr *saddr,
 	}
 	/* if we had a failure to convert, then just assuming to continue as local */
 	else {
-		rds_rtd(RDS_RTD_RCV_EXT,
-			"failed to create skb form, conn %p, inc %p, %pI6c -> %pI6c tos %d\n",
-			conn, inc, saddr, daddr, conn->c_tos);
+		rds_rtd_ptr(RDS_RTD_RCV_EXT,
+			    "failed to create skb form, conn %p, inc %p, %pI6c -> %pI6c tos %d\n",
+			    conn, inc, saddr, daddr, conn->c_tos);
 		ret = 1;
 	}
 
@@ -560,10 +560,10 @@ rds_recv_forward(struct rds_conn_path *cp, struct rds_incoming *inc,
 	/* find the proper output socket - it should be the local one on which we originated */
 	rs = rds_find_bound(&dst->saddr, dst->sport, conn->c_dev_if);
 	if (!rs) {
-		rds_rtd(RDS_RTD_RCV,
-			"failed to find output rds_socket dst %pI6c : %u, inc %p, conn %p tos %d\n",
-			&dst->daddr, dst->dport, inc, conn,
-			conn->c_tos);
+		rds_rtd_ptr(RDS_RTD_RCV,
+			    "failed to find output rds_socket dst %pI6c : %u, inc %p, conn %p tos %d\n",
+			    &dst->daddr, dst->dport, inc, conn,
+			    conn->c_tos);
 		rds_stats_inc(s_recv_drop_no_sock);
 		goto out;
 	}
@@ -574,10 +574,10 @@ rds_recv_forward(struct rds_conn_path *cp, struct rds_incoming *inc,
 	/* now lets see if we can send it all */
 	ret = rds_send_internal(conn, rs, inc->i_skb, gfp);
 	if (len != ret) {
-		rds_rtd(RDS_RTD_RCV,
-			"failed to send rds_data dst %pI6c : %u, inc %p, conn %p tos %d, len %d != ret %d\n",
-			&dst->daddr, dst->dport, inc, conn, conn->c_tos,
-			len, ret);
+		rds_rtd_ptr(RDS_RTD_RCV,
+			    "failed to send rds_data dst %pI6c : %u, inc %p, conn %p tos %d, len %d != ret %d\n",
+			    &dst->daddr, dst->dport, inc, conn, conn->c_tos,
+			    len, ret);
 		goto out;
 	}
 
@@ -652,11 +652,11 @@ rds_recv_local(struct rds_conn_path *cp, struct in6_addr *saddr,
 	inc_hdr_h_sequence = be64_to_cpu(inc->i_hdr.h_sequence);
 
 	if (inc_hdr_h_sequence != cp->cp_next_rx_seq) {
-		rds_rtd(RDS_RTD_RCV,
-			"conn %p <%pI6c,%pI6c,%d> expect seq# %llu, recved seq# %llu, retrans bit %d\n",
-			conn, &conn->c_laddr, &conn->c_faddr,
-			conn->c_tos, cp->cp_next_rx_seq, inc_hdr_h_sequence,
-			inc->i_hdr.h_flags & RDS_FLAG_RETRANSMITTED);
+		rds_rtd_ptr(RDS_RTD_RCV,
+			    "conn %p <%pI6c,%pI6c,%d> expect seq# %llu, recved seq# %llu, retrans bit %d\n",
+			    conn, &conn->c_laddr, &conn->c_faddr,
+			    conn->c_tos, cp->cp_next_rx_seq, inc_hdr_h_sequence,
+			    inc->i_hdr.h_flags & RDS_FLAG_RETRANSMITTED);
 	}
 
 	if (inc_hdr_h_sequence < cp->cp_next_rx_seq