[RESEND PATCH] perf: top: fix a segfault when kernel map is restricted.

All of lore.kernel.org
 help / color / mirror / Atom feed

* [RESEND PATCH] perf: top: fix a segfault when kernel map is restricted.
@ 2015-04-25  7:25 Wang Nan
  2015-04-27 16:20 ` Arnaldo Carvalho de Melo
  2015-05-01 10:14 ` [tip:perf/urgent] perf top: Fix " tip-bot for Wang Nan
  0 siblings, 2 replies; 3+ messages in thread
From: Wang Nan @ 2015-04-25  7:25 UTC (permalink / raw)
  To: a.p.zijlstra, paulus, acme, dsahern, jolsa; +Cc: mingo, lizefan, linux-kernel

Perf top raise a warning if a kernel sample is collected but kernel map
is restricted. The warning message needs to dereference al.map->dso...
However, previous perf_event__preprocess_sample() doesn't always
guarantee al.map != NULL, for example, when kernel map is restricted.

This patch validates al.map before dereferencing, avoid the segfault.

Before this patch:

 $ cat /proc/sys/kernel/kptr_restrict
 1
 $ perf top -p  120183
 perf: Segmentation fault
 -------- backtrace --------
 /path/to/perf[0x509868]
 /lib64/libc.so.6(+0x3545f)[0x7f9a1540045f]
 /path/to/perf[0x448820]
 /path/to/perf(cmd_top+0xe3c)[0x44a5dc]
 /path/to/perf[0x4766a2]
 /path/to/perf(main+0x5f5)[0x42e545]
 /lib64/libc.so.6(__libc_start_main+0xf4)[0x7f9a153ecbd4]
 /path/to/perf[0x42e674]

And gdb call trace:

 Program received signal SIGSEGV, Segmentation fault.
 perf_event__process_sample (machine=0xa44030, sample=0x7fffffffa4c0, evsel=0xa43b00, event=0x7ffff41c3000, tool=0x7fffffffa8a0)
    at builtin-top.c:736
 736				  !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
 (gdb) bt
 #0  perf_event__process_sample (machine=0xa44030, sample=0x7fffffffa4c0, evsel=0xa43b00, event=0x7ffff41c3000, tool=0x7fffffffa8a0)
     at builtin-top.c:736
 #1  perf_top__mmap_read_idx (top=top@entry=0x7fffffffa8a0, idx=idx@entry=0) at builtin-top.c:855
 #2  0x000000000044a5dd in perf_top__mmap_read (top=0x7fffffffa8a0) at builtin-top.c:872
 #3  __cmd_top (top=0x7fffffffa8a0) at builtin-top.c:997
 #4  cmd_top (argc=<optimized out>, argv=<optimized out>, prefix=<optimized out>) at builtin-top.c:1267
 #5  0x00000000004766a3 in run_builtin (p=p@entry=0x8a6ce8 <commands+264>, argc=argc@entry=3, argv=argv@entry=0x7fffffffdf70)
      at perf.c:371
 #6  0x000000000042e546 in handle_internal_command (argv=0x7fffffffdf70, argc=3) at perf.c:430
 #7  run_argv (argv=0x7fffffffdcf0, argcp=0x7fffffffdcfc) at perf.c:474
 #8  main (argc=3, argv=0x7fffffffdf70) at perf.c:589
 (gdb)

Signed-off-by: Wang Nan <wangnan0@huawei.com>
---

I don't receive previous mail from the list so send it again.

---

 tools/perf/builtin-top.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/perf/builtin-top.c b/tools/perf/builtin-top.c
index 1cb3436..6a4d5d4 100644
--- a/tools/perf/builtin-top.c
+++ b/tools/perf/builtin-top.c
@@ -733,7 +733,7 @@ static void perf_event__process_sample(struct perf_tool *tool,
 "Kernel address maps (/proc/{kallsyms,modules}) are restricted.\n\n"
 "Check /proc/sys/kernel/kptr_restrict.\n\n"
 "Kernel%s samples will not be resolved.\n",
-			  !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
+			  al.map && !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
 			  " modules" : "");
 		if (use_browser <= 0)
 			sleep(5);
-- 
1.8.3.4


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [RESEND PATCH] perf: top: fix a segfault when kernel map is restricted.
  2015-04-25  7:25 [RESEND PATCH] perf: top: fix a segfault when kernel map is restricted Wang Nan
@ 2015-04-27 16:20 ` Arnaldo Carvalho de Melo
  2015-05-01 10:14 ` [tip:perf/urgent] perf top: Fix " tip-bot for Wang Nan
  1 sibling, 0 replies; 3+ messages in thread
From: Arnaldo Carvalho de Melo @ 2015-04-27 16:20 UTC (permalink / raw)
  To: Wang Nan; +Cc: a.p.zijlstra, paulus, dsahern, jolsa, mingo, lizefan,
	linux-kernel

Em Sat, Apr 25, 2015 at 07:25:03AM +0000, Wang Nan escreveu:
> Perf top raise a warning if a kernel sample is collected but kernel map
> is restricted. The warning message needs to dereference al.map->dso...
> However, previous perf_event__preprocess_sample() doesn't always
> guarantee al.map != NULL, for example, when kernel map is restricted.
> 
> This patch validates al.map before dereferencing, avoid the segfault.
> 
> Before this patch:
> 
>  $ cat /proc/sys/kernel/kptr_restrict
>  1
>  $ perf top -p  120183
>  perf: Segmentation fault
>  -------- backtrace --------
>  /path/to/perf[0x509868]
>  /lib64/libc.so.6(+0x3545f)[0x7f9a1540045f]
>  /path/to/perf[0x448820]
>  /path/to/perf(cmd_top+0xe3c)[0x44a5dc]
>  /path/to/perf[0x4766a2]
>  /path/to/perf(main+0x5f5)[0x42e545]
>  /lib64/libc.so.6(__libc_start_main+0xf4)[0x7f9a153ecbd4]
>  /path/to/perf[0x42e674]

Thanks for the detailed report, I reproduced the problem here and I am
applying the patch.

- Arnaldo
 
> And gdb call trace:
> 
>  Program received signal SIGSEGV, Segmentation fault.
>  perf_event__process_sample (machine=0xa44030, sample=0x7fffffffa4c0, evsel=0xa43b00, event=0x7ffff41c3000, tool=0x7fffffffa8a0)
>     at builtin-top.c:736
>  736				  !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
>  (gdb) bt
>  #0  perf_event__process_sample (machine=0xa44030, sample=0x7fffffffa4c0, evsel=0xa43b00, event=0x7ffff41c3000, tool=0x7fffffffa8a0)
>      at builtin-top.c:736
>  #1  perf_top__mmap_read_idx (top=top@entry=0x7fffffffa8a0, idx=idx@entry=0) at builtin-top.c:855
>  #2  0x000000000044a5dd in perf_top__mmap_read (top=0x7fffffffa8a0) at builtin-top.c:872
>  #3  __cmd_top (top=0x7fffffffa8a0) at builtin-top.c:997
>  #4  cmd_top (argc=<optimized out>, argv=<optimized out>, prefix=<optimized out>) at builtin-top.c:1267
>  #5  0x00000000004766a3 in run_builtin (p=p@entry=0x8a6ce8 <commands+264>, argc=argc@entry=3, argv=argv@entry=0x7fffffffdf70)
>       at perf.c:371
>  #6  0x000000000042e546 in handle_internal_command (argv=0x7fffffffdf70, argc=3) at perf.c:430
>  #7  run_argv (argv=0x7fffffffdcf0, argcp=0x7fffffffdcfc) at perf.c:474
>  #8  main (argc=3, argv=0x7fffffffdf70) at perf.c:589
>  (gdb)
> 
> Signed-off-by: Wang Nan <wangnan0@huawei.com>
> ---
> 
> I don't receive previous mail from the list so send it again.
> 
> ---
> 
>  tools/perf/builtin-top.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/perf/builtin-top.c b/tools/perf/builtin-top.c
> index 1cb3436..6a4d5d4 100644
> --- a/tools/perf/builtin-top.c
> +++ b/tools/perf/builtin-top.c
> @@ -733,7 +733,7 @@ static void perf_event__process_sample(struct perf_tool *tool,
>  "Kernel address maps (/proc/{kallsyms,modules}) are restricted.\n\n"
>  "Check /proc/sys/kernel/kptr_restrict.\n\n"
>  "Kernel%s samples will not be resolved.\n",
> -			  !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
> +			  al.map && !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
>  			  " modules" : "");
>  		if (use_browser <= 0)
>  			sleep(5);
> -- 
> 1.8.3.4

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [tip:perf/urgent] perf top: Fix a segfault when kernel map is restricted.
  2015-04-25  7:25 [RESEND PATCH] perf: top: fix a segfault when kernel map is restricted Wang Nan
  2015-04-27 16:20 ` Arnaldo Carvalho de Melo
@ 2015-05-01 10:14 ` tip-bot for Wang Nan
  1 sibling, 0 replies; 3+ messages in thread
From: tip-bot for Wang Nan @ 2015-05-01 10:14 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: lizefan, hpa, jolsa, paulus, a.p.zijlstra, wangnan0, tglx, acme,
	mingo, linux-kernel, dsahern

Commit-ID:  c671835021798c1c40ca0b55b49feff76ed5e0e1
Gitweb:     http://git.kernel.org/tip/c671835021798c1c40ca0b55b49feff76ed5e0e1
Author:     Wang Nan <wangnan0@huawei.com>
AuthorDate: Sat, 25 Apr 2015 07:25:03 +0000
Committer:  Arnaldo Carvalho de Melo <acme@redhat.com>
CommitDate: Mon, 27 Apr 2015 13:24:32 -0300

perf top: Fix a segfault when kernel map is restricted.

Perf top raise a warning if a kernel sample is collected but kernel map
is restricted. The warning message needs to dereference al.map->dso...

However, previous perf_event__preprocess_sample() doesn't always
guarantee al.map != NULL, for example, when kernel map is restricted.

This patch validates al.map before dereferencing, avoid the segfault.

Before this patch:

 $ cat /proc/sys/kernel/kptr_restrict
 1
 $ perf top -p  120183
 perf: Segmentation fault
 -------- backtrace --------
 /path/to/perf[0x509868]
 /lib64/libc.so.6(+0x3545f)[0x7f9a1540045f]
 /path/to/perf[0x448820]
 /path/to/perf(cmd_top+0xe3c)[0x44a5dc]
 /path/to/perf[0x4766a2]
 /path/to/perf(main+0x5f5)[0x42e545]
 /lib64/libc.so.6(__libc_start_main+0xf4)[0x7f9a153ecbd4]
 /path/to/perf[0x42e674]

And gdb call trace:

 Program received signal SIGSEGV, Segmentation fault.
 perf_event__process_sample (machine=0xa44030, sample=0x7fffffffa4c0, evsel=0xa43b00, event=0x7ffff41c3000, tool=0x7fffffffa8a0)
    at builtin-top.c:736
 736				  !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
 (gdb) bt
 #0  perf_event__process_sample (machine=0xa44030, sample=0x7fffffffa4c0, evsel=0xa43b00, event=0x7ffff41c3000, tool=0x7fffffffa8a0)
     at builtin-top.c:736
 #1  perf_top__mmap_read_idx (top=top@entry=0x7fffffffa8a0, idx=idx@entry=0) at builtin-top.c:855
 #2  0x000000000044a5dd in perf_top__mmap_read (top=0x7fffffffa8a0) at builtin-top.c:872
 #3  __cmd_top (top=0x7fffffffa8a0) at builtin-top.c:997
 #4  cmd_top (argc=<optimized out>, argv=<optimized out>, prefix=<optimized out>) at builtin-top.c:1267
 #5  0x00000000004766a3 in run_builtin (p=p@entry=0x8a6ce8 <commands+264>, argc=argc@entry=3, argv=argv@entry=0x7fffffffdf70)
      at perf.c:371
 #6  0x000000000042e546 in handle_internal_command (argv=0x7fffffffdf70, argc=3) at perf.c:430
 #7  run_argv (argv=0x7fffffffdcf0, argcp=0x7fffffffdcfc) at perf.c:474
 #8  main (argc=3, argv=0x7fffffffdf70) at perf.c:589
 (gdb)

Signed-off-by: Wang Nan <wangnan0@huawei.com>
Tested-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: David Ahern <dsahern@gmail.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Zefan Li <lizefan@huawei.com>
Link: http://lkml.kernel.org/r/1429946703-80807-1-git-send-email-wangnan0@huawei.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
 tools/perf/builtin-top.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/perf/builtin-top.c b/tools/perf/builtin-top.c
index 1cb3436..6a4d5d4 100644
--- a/tools/perf/builtin-top.c
+++ b/tools/perf/builtin-top.c
@@ -733,7 +733,7 @@ static void perf_event__process_sample(struct perf_tool *tool,
 "Kernel address maps (/proc/{kallsyms,modules}) are restricted.\n\n"
 "Check /proc/sys/kernel/kptr_restrict.\n\n"
 "Kernel%s samples will not be resolved.\n",
-			  !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
+			  al.map && !RB_EMPTY_ROOT(&al.map->dso->symbols[MAP__FUNCTION]) ?
 			  " modules" : "");
 		if (use_browser <= 0)
 			sleep(5);

^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2015-05-01 10:16 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-04-25  7:25 [RESEND PATCH] perf: top: fix a segfault when kernel map is restricted Wang Nan
2015-04-27 16:20 ` Arnaldo Carvalho de Melo
2015-05-01 10:14 ` [tip:perf/urgent] perf top: Fix " tip-bot for Wang Nan

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.