From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Ravi Bangoria <ravi.bangoria@linux.ibm.com>,
Sandipan Das <sandipan@linux.ibm.com>,
Jiri Olsa <jolsa@redhat.com>,
"Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com>,
Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 3.18 31/56] perf report powerpc: Fix crash if callchain is empty
Date: Sun, 26 Aug 2018 08:44:52 +0200 [thread overview]
Message-ID: <20180826064233.886052915@linuxfoundation.org> (raw)
In-Reply-To: <20180826064232.320669119@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Sandipan Das <sandipan@linux.ibm.com>
[ Upstream commit 143c99f6ac6812d23254e80844d6e34be897d3e1 ]
For some cases, the callchain provided by the kernel may be empty. So,
the callchain ip filtering code will cause a crash if we do not check
whether the struct ip_callchain pointer is NULL before accessing any
members.
This can be observed on a powerpc64le system running Fedora 27 as shown
below.
# perf record -b -e cycles:u ls
Before:
# perf report --branch-history
perf: Segmentation fault
-------- backtrace --------
perf[0x1027615c]
linux-vdso64.so.1(__kernel_sigtramp_rt64+0x0)[0x7fff856304d8]
perf(arch_skip_callchain_idx+0x44)[0x10257c58]
perf[0x1017f2e4]
perf(thread__resolve_callchain+0x124)[0x1017ff5c]
perf(sample__resolve_callchain+0xf0)[0x10172788]
...
After:
# perf report --branch-history
Samples: 25 of event 'cycles:u', Event count (approx.): 2306870
Overhead Source:Line Symbol Shared Object
+ 11.60% _init+35736 [.] _init ls
+ 9.84% strcoll_l.c:137 [.] __strcoll_l libc-2.26.so
+ 9.16% memcpy.S:175 [.] __memcpy_power7 libc-2.26.so
+ 9.01% gconv_charset.h:54 [.] _nl_find_locale libc-2.26.so
+ 8.87% dl-addr.c:52 [.] _dl_addr libc-2.26.so
+ 8.83% _init+236 [.] _init ls
...
Reported-by: Ravi Bangoria <ravi.bangoria@linux.ibm.com>
Signed-off-by: Sandipan Das <sandipan@linux.ibm.com>
Acked-by: Ravi Bangoria <ravi.bangoria@linux.ibm.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
Cc: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com>
Link: http://lkml.kernel.org/r/20180611104049.11048-1-sandipan@linux.ibm.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
tools/perf/arch/powerpc/util/skip-callchain-idx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/tools/perf/arch/powerpc/util/skip-callchain-idx.c
+++ b/tools/perf/arch/powerpc/util/skip-callchain-idx.c
@@ -230,7 +230,7 @@ int arch_skip_callchain_idx(struct machi
u64 ip;
u64 skip_slot = -1;
- if (chain->nr < 3)
+ if (!chain || chain->nr < 3)
return skip_slot;
ip = chain->ips[2];
next prev parent reply other threads:[~2018-08-26 6:46 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-26 6:44 [PATCH 3.18 00/56] 3.18.120-stable review Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 01/56] dccp: fix undefined behavior with cwnd shift in ccid2_cwnd_restart() Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 02/56] l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 03/56] llc: use refcount_inc_not_zero() for llc_sap_find() Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 04/56] net_sched: Fix missing res info when create new tc_index filter Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 05/56] net_sched: fix NULL pointer dereference when delete tcindex filter Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 06/56] vsock: split dwork to avoid reinitializations Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 07/56] ALSA: vx222: Fix invalid endian conversions Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 08/56] ALSA: virmidi: Fix too long output trigger loop Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 09/56] ALSA: cs5535audio: Fix invalid endian conversion Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 10/56] ALSA: memalloc: Dont exceed over the requested size Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 11/56] ALSA: vxpocket: Fix invalid endian conversions Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 12/56] USB: serial: sierra: fix potential deadlock at close Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 13/56] serial: 8250_dw: always set baud rate in dw8250_set_termios Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 14/56] Bluetooth: avoid killing an already killed socket Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 15/56] isdn: Disable IIOCDBGVAR Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 16/56] netfilter: ipv6: nf_defrag: reduce struct net memory waste Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 17/56] selftests: sync: add config fragment for testing sync framework Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 18/56] usb: dwc2: fix isoc split in transfer with no data Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 19/56] usb: gadget: composite: fix delayed_status race condition when set_interface Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 20/56] arm64: make secondary_start_kernel() notrace Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 21/56] enic: initialize enic->rfs_h.lock in enic_probe Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 22/56] net: hamradio: use eth_broadcast_addr Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 23/56] net: propagate dev_get_valid_name return code Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 24/56] net: davinci_emac: match the mdio device against its compatible if possible Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 25/56] locking/lockdep: Do not record IRQ state within lockdep code Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 26/56] ipv6: mcast: fix unsolicited report interval after receiving querys Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 27/56] Smack: Mark inode instant in smack_task_to_inode Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 28/56] cxgb4: when disabling dcb set txq dcb priority to 0 Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 29/56] brcmfmac: stop watchdog before detach and free everything Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 30/56] ARM: dts: am437x: make edt-ft5x06 a wakeup source Greg Kroah-Hartman
2018-08-26 6:44 ` Greg Kroah-Hartman [this message]
2018-08-26 6:44 ` [PATCH 3.18 32/56] ARM: dts: da850: Fix interrups property for gpio Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 33/56] dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 34/56] md/raid10: fix that replacement cannot complete recovery after reassemble Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 35/56] drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 36/56] bnx2x: Fix receiving tx-timeout in error or recovery state Greg Kroah-Hartman
2018-08-26 6:44 ` [PATCH 3.18 38/56] ARM: imx_v4_v5_defconfig: Select ULPI support Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 40/56] smsc75xx: Add workaround for gigabit link up hardware errata Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 41/56] netfilter: x_tables: set module owner for icmp(6) matches Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 42/56] ARM: pxa: irq: fix handling of ICMR registers in suspend/resume Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 43/56] drm/armada: fix colorkey mode property Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 44/56] ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 45/56] ixgbe: Be more careful when modifying MAC filters Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 46/56] qlogic: check kstrtoul() for errors Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 47/56] net: usb: rtl8150: demote allmulti message to dev_dbg() Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 48/56] net: qca_spi: Avoid packet drop during initial sync Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 49/56] net: qca_spi: Make sure the QCA7000 reset is triggered Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 51/56] staging: android: ion: check for kref overflow Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 52/56] xfrm_user: prevent leaking 2 bytes of kernel memory Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 53/56] netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 54/56] packet: refine ring v3 block size test to hold one frame Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 55/56] PCI: hotplug: Dont leak pci_slot on registration failure Greg Kroah-Hartman
2018-08-26 6:45 ` [PATCH 3.18 56/56] reiserfs: fix broken xattr handling (heap corruption, bad retval) Greg Kroah-Hartman
2018-08-26 8:14 ` [PATCH 3.18 00/56] 3.18.120-stable review Nathan Chancellor
2018-08-26 8:44 ` Greg Kroah-Hartman
2018-08-26 14:04 ` Guenter Roeck
2018-08-27 19:30 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180826064233.886052915@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=acme@redhat.com \
--cc=alexander.levin@microsoft.com \
--cc=jolsa@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=naveen.n.rao@linux.vnet.ibm.com \
--cc=ravi.bangoria@linux.ibm.com \
--cc=sandipan@linux.ibm.com \
--cc=stable@vger.kernel.org \
--cc=sukadev@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).