1. Patchew
  2. linux
  3. View series

[PATCH] scsi: ufs: mediatek: Fix page faults in ufs_mtk_clk_scale trace event

Keita Morisaki posted 1 patch 5 days ago 
drivers/ufs/host/ufs-mediatek-trace.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
[PATCH] scsi: ufs: mediatek: Fix page faults in ufs_mtk_clk_scale trace event
Posted by Keita Morisaki 5 days ago 
The ufs_mtk_clk_scale trace event currently stores the address of the
name string directly via __field(const char *, name). This pointer may
become invalid after the module is unloaded, causing page faults when
the trace buffer is subsequently accessed.

This can occur because the MediaTek UFS driver can be configured as a
loadable module (tristate in Kconfig), meaning the name string passed
to the trace event may reside in module memory that becomes invalid
after module unload.

Fix this by using __string() and __assign_str() to copy the string
contents into the ring buffer instead of storing the pointer. This
ensures the trace data remains valid regardless of module state.

This change increases the memory usage for each ftrace entry by a few
bytes (clock names are typically 7-15 characters like "ufs_sel" or
"ufs_sel_max_src") compared to storing an 8-byte pointer.

Note that this change does not affect anything unless all of the
following conditions are met:
- CONFIG_SCSI_UFS_MEDIATEK is enabled
- ftrace tracing is enabled
- The ufs_mtk_clk_scale event is enabled in ftrace

Signed-off-by: Keita Morisaki <keita.morisaki@tier4.jp>
---
 drivers/ufs/host/ufs-mediatek-trace.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/ufs/host/ufs-mediatek-trace.h b/drivers/ufs/host/ufs-mediatek-trace.h
index b5f2ec314..0df8ac843 100644
--- a/drivers/ufs/host/ufs-mediatek-trace.h
+++ b/drivers/ufs/host/ufs-mediatek-trace.h
@@ -33,19 +33,19 @@ TRACE_EVENT(ufs_mtk_clk_scale,
 	TP_ARGS(name, scale_up, clk_rate),
 
 	TP_STRUCT__entry(
-		__field(const char*, name)
+		__string(name, name)
 		__field(bool, scale_up)
 		__field(unsigned long, clk_rate)
 	),
 
 	TP_fast_assign(
-		__entry->name = name;
+		__assign_str(name);
 		__entry->scale_up = scale_up;
 		__entry->clk_rate = clk_rate;
 	),
 
 	TP_printk("ufs: clk (%s) scaled %s @ %lu",
-		  __entry->name,
+		  __get_str(name),
 		  __entry->scale_up ? "up" : "down",
 		  __entry->clk_rate)
 );

base-commit: 18f7fcd5e69a04df57b563360b88be72471d6b62
-- 
2.34.1
Re: [PATCH] scsi: ufs: mediatek: Fix page faults in ufs_mtk_clk_scale trace event
Posted by Martin K. Petersen 2 days, 23 hours ago 
Keita,

> The ufs_mtk_clk_scale trace event currently stores the address of the
> name string directly via __field(const char *, name). This pointer may
> become invalid after the module is unloaded, causing page faults when
> the trace buffer is subsequently accessed.

Applied to 6.20/scsi-staging, thanks!

-- 
Martin K. Petersen
Re: [PATCH] scsi: ufs: mediatek: Fix page faults in ufs_mtk_clk_scale trace event
Posted by Keita Morisaki 2 days, 23 hours ago 
Hi Martin,

> Applied to 6.20/scsi-staging, thanks!

Thank you for the update! Greatful to contribute!
Re: [PATCH] scsi: ufs: mediatek: Fix page faults in ufs_mtk_clk_scale trace event
Posted by Peter Wang (王信友) 4 days, 19 hours ago 
On Mon, 2026-02-02 at 11:45 +0900, Keita Morisaki wrote:
> The ufs_mtk_clk_scale trace event currently stores the address of the
> name string directly via __field(const char *, name). This pointer
> may
> become invalid after the module is unloaded, causing page faults when
> the trace buffer is subsequently accessed.
> 
> This can occur because the MediaTek UFS driver can be configured as a
> loadable module (tristate in Kconfig), meaning the name string passed
> to the trace event may reside in module memory that becomes invalid
> after module unload.
> 
> Fix this by using __string() and __assign_str() to copy the string
> contents into the ring buffer instead of storing the pointer. This
> ensures the trace data remains valid regardless of module state.
> 
> This change increases the memory usage for each ftrace entry by a few
> bytes (clock names are typically 7-15 characters like "ufs_sel" or
> "ufs_sel_max_src") compared to storing an 8-byte pointer.
> 
> Note that this change does not affect anything unless all of the
> following conditions are met:
> - CONFIG_SCSI_UFS_MEDIATEK is enabled
> - ftrace tracing is enabled
> - The ufs_mtk_clk_scale event is enabled in ftrace
> 
> Signed-off-by: Keita Morisaki <keita.morisaki@tier4.jp>
> ---
>  drivers/ufs/host/ufs-mediatek-trace.h | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/ufs/host/ufs-mediatek-trace.h
> b/drivers/ufs/host/ufs-mediatek-trace.h
> index b5f2ec314..0df8ac843 100644
> --- a/drivers/ufs/host/ufs-mediatek-trace.h
> +++ b/drivers/ufs/host/ufs-mediatek-trace.h
> @@ -33,19 +33,19 @@ TRACE_EVENT(ufs_mtk_clk_scale,
>         TP_ARGS(name, scale_up, clk_rate),
> 
>         TP_STRUCT__entry(
> -               __field(const char*, name)
> +               __string(name, name)
>                 __field(bool, scale_up)
>                 __field(unsigned long, clk_rate)
>         ),
> 
>         TP_fast_assign(
> -               __entry->name = name;
> +               __assign_str(name);
>                 __entry->scale_up = scale_up;
>                 __entry->clk_rate = clk_rate;
>         ),
> 
>         TP_printk("ufs: clk (%s) scaled %s @ %lu",
> -                 __entry->name,
> +                 __get_str(name),
>                   __entry->scale_up ? "up" : "down",
>                   __entry->clk_rate)
>  );
> 

Hi Keita Morisaki,

Thank you for fixing this bug.

Reviewed-by: Peter Wang <peter.wang@mediatek.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.