From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751569AbcFWDE6 (ORCPT <rfc822;w@1wt.eu>);
	Wed, 22 Jun 2016 23:04:58 -0400
Received: from szxga03-in.huawei.com ([119.145.14.66]:58178 "EHLO
	szxga03-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750721AbcFWDE5 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 22 Jun 2016 23:04:57 -0400
Subject: Re: [PATCH 5/5] perf tools: Fix NULL pointer deference when vdso not
 found
To: "Wangnan (F)" <wangnan0@huawei.com>, <peterz@infradead.org>,
        <mingo@redhat.com>, <acme@kernel.org>,
        <alexander.shishkin@linux.intel.com>, <jolsa@redhat.com>,
        <jpoimboe@redhat.com>, <ak@linux.intel.com>, <eranian@google.com>,
        <namhyung@kernel.org>, <adrian.hunter@intel.com>,
        <sukadev@linux.vnet.ibm.com>, <masami.hiramatsu.pt@hitachi.com>,
        <tumanova@linux.vnet.ibm.com>, <kan.liang@intel.com>,
        <penberg@kernel.org>, <dsahern@gmail.com>
References: <1466578626-92406-1-git-send-email-hekuang@huawei.com>
 <1466578626-92406-6-git-send-email-hekuang@huawei.com>
 <576B433F.4080202@huawei.com>
CC: <linux-kernel@vger.kernel.org>
From: Hekuang <hekuang@huawei.com>
Message-ID: <576B516F.7030902@huawei.com>
Date: Thu, 23 Jun 2016 11:03:11 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <576B433F.4080202@huawei.com>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 8bit
X-Originating-IP: [10.110.55.166]
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0),
	refid=str=0001.0A020204.576B5181.01E1,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0,
	ip=0.0.0.0,
	so=2013-05-26 15:14:31,
	dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 014f538b4db1d53886c4d5741bb3530e
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



在 2016/6/23 10:02, Wangnan (F) 写道:
> Hi,
>
> This patch fixes a real crash problem when we do 'perf report'
> on an arm64 platform with arm32 program.
> It is introduced by commit f9b2bdf228 ("perf tools: Find vdso
> with the consider of cross-platform"). From dmesg report, perf
> crashes in dso__type() because dso is NULL.
>
> Still don't know why on x86 it never crash, but it is obviously

This is because the fault only occured while
dso_type==DSO__TYPE_32BIT, run 64bit executable won't enter the
fault branch, but if we run a 32bit executable on x86_64, this
bug can be reproduced easily.

   # file ~/hello
   ~/hello: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), 
dynamically linked (uses shared libs), for GNU/Linux 4.5.0, not stripped

   # perf record -g hello
   Segmentation fault

Thank you.

> that we need to check the return vaule from __dso__find(): it can
> be NULL.
>
> So please consider pulling.
>
> Thank you.
>
> On 2016/6/22 14:57, He Kuang wrote:
>> We should check if 'dso' is a null pointer before passing it to the
>> function dso__type(), otherwise a segfault will be raised in
>> dso__data_get_fd(). In function machine__find_vdso(), the return value
>> checking of 'dso' is missed and this patch fixes this issue.
>>
>> Signed-off-by: He Kuang <hekuang@huawei.com>
>> ---
>>   tools/perf/util/vdso.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/tools/perf/util/vdso.c b/tools/perf/util/vdso.c
>> index 8f81c41..7bdcad4 100644
>> --- a/tools/perf/util/vdso.c
>> +++ b/tools/perf/util/vdso.c
>> @@ -296,7 +296,7 @@ static struct dso *machine__find_vdso(struct 
>> machine *machine,
>>           if (!dso) {
>>               dso = __dsos__find(&machine->dsos, DSO__NAME_VDSO,
>>                          true);
>> -            if (dso_type != dso__type(dso, machine))
>> +            if (dso && dso_type != dso__type(dso, machine))
>>                   dso = NULL;
>>           }
>>           break;
>
>
>