public inbox for linuxppc-dev@ozlabs.org
 help / color / mirror / Atom feed
From: Athira Rajeev <atrajeev@linux.ibm.com>
To: acme@kernel.org, jolsa@kernel.org, adrian.hunter@intel.com,
	mpetlan@redhat.com, tmricht@linux.ibm.com, maddy@linux.ibm.com,
	irogers@google.com, namhyung@kernel.org
Cc: linux-perf-users@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
	atrajeev@linux.ibm.com, hbathini@linux.vnet.ibm.com,
	Tejas.Manhas1@ibm.com, Tanushree.Shah@ibm.com,
	Shivani.Nittor@ibm.com
Subject: [PATCH] perf sched: Fix crash in sched stats diff due to uninitialized perf_data structure
Date: Wed, 22 Apr 2026 23:05:45 +0530	[thread overview]
Message-ID: <20260422173545.73144-1-atrajeev@linux.ibm.com> (raw)

perf sched stats diff fails sometimes with below logs:

 # perf sched stats record ls

 # perf sched stats diff
  *** invalid open64 call: O_CREAT or O_TMPFILE without mode ***: terminated
  Aborted (core dumped)

Also in some runs, perf sched stats tests fails

 ./perf test "perf sched stats tests"
 92: perf sched stats tests                                          : FAILED!

==172375== Conditional jump or move depends on uninitialised value(s)
==172375==    at 0x10393BD0: open_file_read (data.c:264)
==172375==    by 0x10393F63: open_file (data.c:317)
==172375==    by 0x10394067: open_file_dup (data.c:334)
==172375==    by 0x103942DF: perf_data__open (data.c:379)
==172375==    by 0x102F7CAF: __perf_session__new (session.c:169)
==172375==    by 0x100B5E63: perf_session__new (session.h:116)
==172375==    by 0x100D5D37: perf_sched__schedstat_diff (builtin-sched.c:4568)
==172375==    by 0x100D7D6F: cmd_sched (builtin-sched.c:5061)
==172375==    by 0x1010231F: run_builtin (perf.c:348)
==172375==    by 0x1010262F: handle_internal_command (perf.c:398)
==172375==    by 0x1010286F: run_argv (perf.c:442)
==172375==    by 0x10102C67: main (perf.c:549)
==172375==
==172375== Conditional jump or move depends on uninitialised value(s)
==172375==    at 0x10393D20: open_file_read (data.c:282)
==172375==    by 0x10393F63: open_file (data.c:317)
==172375==    by 0x10394067: open_file_dup (data.c:334)
==172375==    by 0x103942DF: perf_data__open (data.c:379)
==172375==    by 0x102F7CAF: __perf_session__new (session.c:169)
==172375==    by 0x100B5E63: perf_session__new (session.h:116)
==172375==    by 0x100D5D37: perf_sched__schedstat_diff (builtin-sched.c:4568)
==172375==    by 0x100D7D6F: cmd_sched (builtin-sched.c:5061)
==172375==    by 0x1010231F: run_builtin (perf.c:348)
==172375==    by 0x1010262F: handle_internal_command (perf.c:398)
==172375==    by 0x1010286F: run_argv (perf.c:442)
==172375==    by 0x10102C67: main (perf.c:549)

The valgrind logs and error message from the logs points to
below snippet:

     static int open_file_read(struct perf_data *data)
     {
            int flags = data->in_place_update ? O_RDWR : O_RDONLY;
            struct stat st;
            int fd;

            fd = open(data->file.path, flags);

The "struct perf_data" is defined here :

    static int perf_sched__schedstat_diff(struct perf_sched *sched,
                                      int argc, const char **argv)
    {
        struct cpu_domain_map **cd_map0 = NULL, **cd_map1 = NULL;
        struct list_head cpu_head_ses0, cpu_head_ses1;
        struct perf_session *session[2];
        struct perf_data data[2];
        int ret = 0, err = 0;
        static const char *defaults[] = {
                "perf.data.old",
                "perf.data",
        };

Here due to uninitialized "struct perf_data", the arguments to "open"
is getting wrongly passed sometimes depending on value in stack.
When perf_data__open() function calls open_file_read(),the
"in_place_update" could contain garbage value.

After initializing "struct perf_data" in perf_sched__schedstat_diff() function,
perf sched stats tests runs without issues in multiple attempts and also
"perf sched stats diff" ran individual without issues.

for i in {0..20}; do ./perf test "perf sched stats tests"; done
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok
 92: perf sched stats tests                                          : Ok

Signed-off-by: Athira Rajeev <atrajeev@linux.ibm.com>
---
 tools/perf/builtin-sched.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/perf/builtin-sched.c b/tools/perf/builtin-sched.c
index 555247568e7a..5d2740099eed 100644
--- a/tools/perf/builtin-sched.c
+++ b/tools/perf/builtin-sched.c
@@ -4538,7 +4538,7 @@ static int perf_sched__schedstat_diff(struct perf_sched *sched,
 	struct cpu_domain_map **cd_map0 = NULL, **cd_map1 = NULL;
 	struct list_head cpu_head_ses0, cpu_head_ses1;
 	struct perf_session *session[2];
-	struct perf_data data[2];
+	struct perf_data data[2] = { 0 };
 	int ret = 0, err = 0;
 	static const char *defaults[] = {
 		"perf.data.old",
-- 
2.47.3



             reply	other threads:[~2026-04-22 17:36 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-22 17:35 Athira Rajeev [this message]
2026-04-24  9:27 ` [PATCH] perf sched: Fix crash in sched stats diff due to uninitialized perf_data structure James Clark
2026-04-24  9:40   ` Venkat

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260422173545.73144-1-atrajeev@linux.ibm.com \
    --to=atrajeev@linux.ibm.com \
    --cc=Shivani.Nittor@ibm.com \
    --cc=Tanushree.Shah@ibm.com \
    --cc=Tejas.Manhas1@ibm.com \
    --cc=acme@kernel.org \
    --cc=adrian.hunter@intel.com \
    --cc=hbathini@linux.vnet.ibm.com \
    --cc=irogers@google.com \
    --cc=jolsa@kernel.org \
    --cc=linux-perf-users@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=maddy@linux.ibm.com \
    --cc=mpetlan@redhat.com \
    --cc=namhyung@kernel.org \
    --cc=tmricht@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox