From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: "Jiri Olsa" <jolsa@kernel.org>,
"Namhyung Kim" <namhyung@kernel.org>,
"Clark Williams" <williams@redhat.com>,
linux-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org,
"Arnaldo Carvalho de Melo" <acme@redhat.com>,
"Adrian Hunter" <adrian.hunter@intel.com>,
"Luis Cláudio Gonçalves" <lclaudio@redhat.com>,
"Wang Nan" <wangnan0@huawei.com>
Subject: [PATCH 15/43] perf trace: Check if the 'fd' is negative when mapping it to pathname
Date: Thu, 14 Feb 2019 21:45:11 -0300 [thread overview]
Message-ID: <20190215004539.23571-16-acme@kernel.org> (raw)
In-Reply-To: <20190215004539.23571-1-acme@kernel.org>
From: Arnaldo Carvalho de Melo <acme@redhat.com>
We were crashing when processing a negative fd:
Program received signal SIGSEGV, Segmentation fault.
0x0000000000609bbf in syscall_arg__scnprintf_ioctl_cmd (bf=0x1172eca "", size=2038, arg=0x7fffffff8360) at trace/beauty/ioctl.c:182
182 if (file->dev_maj == USB_DEVICE_MAJOR)
Missing separate debuginfos, use: dnf debuginfo-install bzip2-libs-1.0.6-28.fc29.x86_64 elfutils-libelf-0.174-5.fc29.x86_64 elfutils-libs-0.174-5.fc29.x86_64 glib2-2.58.3-1.fc29.x86_64 libbabeltrace-1.5.6-1.fc29.x86_64 libunwind-1.2.1-6.fc29.x86_64 libuuid-2.32.1-1.fc29.x86_64 libxcrypt-4.4.3-2.fc29.x86_64 numactl-libs-2.0.12-1.fc29.x86_64 openssl-libs-1.1.1a-1.fc29.x86_64 pcre-8.42-6.fc29.x86_64 perl-libs-5.28.1-427.fc29.x86_64 popt-1.16-15.fc29.x86_64 python2-libs-2.7.15-11.fc29.x86_64 slang-2.3.2-4.fc29.x86_64 xz-libs-5.2.4-3.fc29.x86_64
(gdb) bt
#0 0x0000000000609bbf in syscall_arg__scnprintf_ioctl_cmd (bf=0x1172eca "", size=2038, arg=0x7fffffff8360) at trace/beauty/ioctl.c:182
#1 0x000000000048e295 in syscall__scnprintf_val (sc=0x123b500, bf=0x1172eca "", size=2038, arg=0x7fffffff8360, val=21519)
at builtin-trace.c:1594
#2 0x000000000048e60d in syscall__scnprintf_args (sc=0x123b500, bf=0x1172ec6 "-1, ", size=2042, args=0x7ffff6a7c034 "\377\377\377\377",
augmented_args=0x7ffff6a7c064, augmented_args_size=4, trace=0x7fffffffa8d0, thread=0x1175cd0) at builtin-trace.c:1661
#3 0x000000000048f04e in trace__sys_enter (trace=0x7fffffffa8d0, evsel=0xb260b0, event=0x7ffff6a7bfe8, sample=0x7fffffff84f0)
at builtin-trace.c:1880
#4 0x00000000004915a4 in trace__handle_event (trace=0x7fffffffa8d0, event=0x7ffff6a7bfe8, sample=0x7fffffff84f0) at builtin-trace.c:2590
#5 0x0000000000491eed in __trace__deliver_event (trace=0x7fffffffa8d0, event=0x7ffff6a7bfe8) at builtin-trace.c:2818
#6 0x0000000000492030 in trace__deliver_event (trace=0x7fffffffa8d0, event=0x7ffff6a7bfe8) at builtin-trace.c:2845
#7 0x0000000000492896 in trace__run (trace=0x7fffffffa8d0, argc=0, argv=0x7fffffffdb58) at builtin-trace.c:3040
#8 0x000000000049603a in cmd_trace (argc=0, argv=0x7fffffffdb58) at builtin-trace.c:3952
#9 0x00000000004d5103 in main (argc=1, argv=0x7fffffffdb58) at perf.c:474
(gdb) p fd
$1 = -1
(gdb) p file
$7 = (struct file *) 0xfffffffffffffff0
(gdb) p ((struct thread_trace *)arg->thread)->files.table + fd
$8 = (struct file *) 0xfffffffffffffff0
(gdb)
Check for that and return NULL instead.
This problem was introduced recently, the other codepaths leading to
thread_trace__files_entry() check for negative fds, like thread__fd_path(),
but we need to do it at thread_trace__files_entry() as more users are now
calling it directly.
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Luis Cláudio Gonçalves <lclaudio@redhat.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Wang Nan <wangnan0@huawei.com>
Fixes: 2d473389f87a ("perf trace beauty: Export function to get the files for a thread")
Link: https://lkml.kernel.org/n/tip-oq7bvaaf07gsd4yqty3107u2@git.kernel.org
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
tools/perf/builtin-trace.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/perf/builtin-trace.c b/tools/perf/builtin-trace.c
index b4e420c41831..a9b51f59ab54 100644
--- a/tools/perf/builtin-trace.c
+++ b/tools/perf/builtin-trace.c
@@ -1041,6 +1041,9 @@ static const size_t trace__entry_str_size = 2048;
static struct file *thread_trace__files_entry(struct thread_trace *ttrace, int fd)
{
+ if (fd < 0)
+ return NULL;
+
if (fd > ttrace->files.max) {
struct file *nfiles = realloc(ttrace->files.table, (fd + 1) * sizeof(struct file));
--
2.19.1
next prev parent reply other threads:[~2019-02-15 0:45 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-15 0:44 [GIT PULL 00/43] perf/core improvements and fixes Arnaldo Carvalho de Melo
2019-02-15 0:44 ` [PATCH 01/43] perf record: Implement --affinity=node|cpu option Arnaldo Carvalho de Melo
2019-02-15 0:44 ` [PATCH 02/43] perf cs-etm: Add proper header file for symbols Arnaldo Carvalho de Melo
2019-02-15 0:44 ` Arnaldo Carvalho de Melo
2019-02-15 0:44 ` [PATCH 03/43] perf report: Add s390 diagnosic sampling descriptor size Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 04/43] perf vendor events power8: Cpi_breakdown & estimated_dcache_miss_cpi metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 05/43] perf vendor events power8: Dl1_reload, instruction_misses, l2_stats, lsu_rejects, memory & pteg_reloads metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 06/43] perf vendor events power8: Branch_prediction, latency, bus_stats, instruction_mix & instruction_stats metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 07/43] perf vendor events power8: Translaton & general metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 08/43] perf vendor events power9: Cpi_breakdown & estimated_dcache_miss_cpi metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 09/43] perf vendor events power9: Dl1_reloads, instruction_misses, l[23]_stats & pteg_reloads metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 10/43] perf vendor events power9: Branch_prediction, instruction_stats, latency, lsu_rejects, memory, prefetch & translation metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 11/43] perf vendor events power9: General metrics Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 12/43] perf utils: Silence "Couldn't synthesize bpf events" warning for EPERM Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 13/43] tools feature: Undef _GNU_SOURCE at the end of feature tests Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 14/43] perf beauty ioctl cmd: The 'fd' arg is signed Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo [this message]
2019-02-15 0:45 ` [PATCH 16/43] perf beauty waitid options: Fix up prefix showing logic Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 17/43] tools build: Add -lrt to FEATURE_CHECK_LDFLAGS-libaio Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 18/43] perf trace: Filter out gnome-terminal* parent Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 19/43] perf coresight: Do not test for libopencsd by default Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 20/43] perf unwind: Do not put libunwind-{x86,aarch64} in FEATURE_TESTS_BASIC Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 21/43] tools build: Add test-reallocarray.c to test-all.c to fix the build Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 22/43] perf build: Add missing FEATURE_CHECK_LDFLAGS-libcrypto Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 23/43] perf cs-etm: Remove unused structure field "state" Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 24/43] perf cs-etm: Remove unused structure field "time" and "timestamp" Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 25/43] perf cs-etm: Fix wrong return values in error path Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 26/43] perf cs-etm: Introducing function cs_etm_decoder__init_dparams() Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 27/43] perf cs-etm: Fix memory leak in error path Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 28/43] perf cs-etm: Introducing function cs_etm__init_trace_params() Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 29/43] perf cs-etm: Fix erroneous comment Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 30/43] perf cs-etm: Cleaning up function cs_etm__alloc_queue() Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 31/43] perf cs-etm: Rethink kernel address initialisation Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 32/43] perf cs-etm: Make cs_etm__run_decoder() queue independent Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 33/43] perf cs-etm: Modularize main decoder function Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 34/43] perf cs-etm: Modularize main packet processing loop Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 35/43] perf cs-etm: Modularize auxtrace_buffer fetch function Arnaldo Carvalho de Melo
2019-02-15 0:45 ` Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 36/43] perf tools: Compile perf with libperf-in.o instead of libperf.a Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 37/43] perf tools: Rename LIB_FILE to LIBPERF_A Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 38/43] perf tools: Rename build libperf to perf Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 39/43] perf tools: Fix legacy events symbol separator parsing Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 40/43] perf list: Display metric expressions for --details option Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 41/43] perf header: Get rid of write_it label Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 42/43] perf header: Remove unused 'cpu_nr' field from 'struct cpu_topo' Arnaldo Carvalho de Melo
2019-02-15 0:45 ` [PATCH 43/43] tools build feature sched_getcpu: Undef _GNU_SOURCE at the end Arnaldo Carvalho de Melo
2019-02-15 9:20 ` [GIT PULL 00/43] perf/core improvements and fixes Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190215004539.23571-16-acme@kernel.org \
--to=acme@kernel.org \
--cc=acme@redhat.com \
--cc=adrian.hunter@intel.com \
--cc=jolsa@kernel.org \
--cc=lclaudio@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=namhyung@kernel.org \
--cc=wangnan0@huawei.com \
--cc=williams@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.