From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754786AbbFMB60 (ORCPT <rfc822;w@1wt.eu>);
	Fri, 12 Jun 2015 21:58:26 -0400
Received: from e39.co.us.ibm.com ([32.97.110.160]:57725 "EHLO
	e39.co.us.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752101AbbFMB6Y convert rfc822-to-8bit (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Fri, 12 Jun 2015 21:58:24 -0400
X-Helo: d01dlp02.pok.ibm.com
X-MailFrom: sukadev@linux.vnet.ibm.com
X-RcptTo: linux-kernel@vger.kernel.org
Date: Fri, 12 Jun 2015 18:57:38 -0700
From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
To: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Jiri Olsa <jolsa@redhat.com>, Ingo Molnar <mingo@redhat.com>,
        Li Zhang <zhlcindy@linux.vnet.ibm.com>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] perf, tools: Fix crash in 'perf trace'
Message-ID: <20150613015737.GA24169@us.ibm.com>
References: <20150612060003.GA19913@us.ibm.com>
 <20150612193525.GG6850@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8BIT
In-Reply-To: <20150612193525.GG6850@kernel.org>
X-Operating-System: Linux 2.0.32 on an i486
User-Agent: Mutt/1.5.21 (2010-09-15)
X-TM-AS-MML: disable
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 15061301-0033-0000-0000-000004D4EC1D
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Arnaldo Carvalho de Melo [acme@kernel.org] wrote:
| Em Thu, Jun 11, 2015 at 11:00:04PM -0700, Sukadev Bhattiprolu escreveu:
| > >From 6669ed960a3ee4f9a02790f60b6a73ffc82fd6de Mon Sep 17 00:00:00 2001
| > From: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
| > Date: Fri, 12 Jun 2015 01:28:36 -0400
| > Subject: [PATCH] perf, tools: Fix crash in perf trace 
| > 
| > I get following crash on multiple systems and across several releases
| > (at least since v3.18).
| 
| Trying it in perf/core I get:
| 

Ah, I should have based on perf/core.

| util/evlist.c: In function ‘perf_evlist__mmap_read’:
| util/evlist.c:645:6: error: wrong type argument to unary exclamation
| mark
|   if (!md->refcnt)
| 
| Trying after changing it to !atomic_read(&md->refcnt)
| 
| And it fixes the segfault that I reproduced, but this still looks
| strange, i.e. if it hit zero, then it should not have been used at this
| point anymore... Will look at it again in the weekend. :-\

I think its a small window - where application has started exiting,
and set the PERF_EVENT_STATE_EXIT flag, but has not exited "enough"
to issue a SIGCHLD. (Also we check the 'done' flag once - we could
get SIGCHLD just after the check?)

Anyway, the poll() in this window returns with POLLHUP and we unmap
the region.

Sukadev