LKML Archive on lore.kernel.org
 help / color / Atom feed
From: tip-bot for Milian Wolff <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, jolsa@redhat.com,
	yao.jin@linux.intel.com, acme@kernel.org,
	torvalds@linux-foundation.org, acme@redhat.com,
	milian.wolff@kdab.com, mingo@kernel.org, namhyung@kernel.org,
	jolsa@kernel.org, tglx@linutronix.de, hpa@zytor.com,
	peterz@infradead.org, dsahern@gmail.com, a.p.zijlstra@chello.nl
Subject: [tip:perf/urgent] perf report: Don't crash on invalid maps in `-g srcline` mode
Date: Wed, 24 May 2017 00:03:55 -0700
Message-ID: <tip-7d4df089d77306914426a604c890175f91a9a459@git.kernel.org> (raw)
In-Reply-To: <20170524062129.32529-2-namhyung@kernel.org>

Commit-ID:  7d4df089d77306914426a604c890175f91a9a459
Gitweb:     http://git.kernel.org/tip/7d4df089d77306914426a604c890175f91a9a459
Author:     Milian Wolff <milian.wolff@kdab.com>
AuthorDate: Wed, 24 May 2017 15:21:23 +0900
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Wed, 24 May 2017 08:41:47 +0200

perf report: Don't crash on invalid maps in `-g srcline` mode

I just hit a segfault when doing `perf report -g srcline`.
Valgrind pointed me at this code as the culprit:

  ==8359== Invalid read of size 8
  ==8359==    at 0x3096D9: map__rip_2objdump (map.c:430)
  ==8359==    by 0x2FC1A3: match_chain_srcline (callchain.c:645)
  ==8359==    by 0x2FC1A3: match_chain (callchain.c:700)
  ==8359==    by 0x2FC1A3: append_chain (callchain.c:895)
  ==8359==    by 0x2FC1A3: append_chain_children (callchain.c:846)
  ==8359==    by 0x2FF719: callchain_append (callchain.c:944)
  ==8359==    by 0x2FF719: hist_entry__append_callchain (callchain.c:1058)
  ==8359==    by 0x32FA06: iter_add_single_cumulative_entry (hist.c:908)
  ==8359==    by 0x33195C: hist_entry_iter__add (hist.c:1050)
  ==8359==    by 0x258F65: process_sample_event (builtin-report.c:204)
  ==8359==    by 0x30D60C: perf_session__deliver_event (session.c:1310)
  ==8359==    by 0x30D60C: ordered_events__deliver_event (session.c:119)
  ==8359==    by 0x310D12: __ordered_events__flush (ordered-events.c:210)
  ==8359==    by 0x310D12: ordered_events__flush.part.3 (ordered-events.c:277)
  ==8359==    by 0x30DD3C: perf_session__process_user_event (session.c:1349)
  ==8359==    by 0x30DD3C: perf_session__process_event (session.c:1475)
  ==8359==    by 0x30FC3C: __perf_session__process_events (session.c:1867)
  ==8359==    by 0x30FC3C: perf_session__process_events (session.c:1921)
  ==8359==    by 0x25A985: __cmd_report (builtin-report.c:575)
  ==8359==    by 0x25A985: cmd_report (builtin-report.c:1054)
  ==8359==    by 0x2B9A80: run_builtin (perf.c:296)
  ==8359==  Address 0x70 is not stack'd, malloc'd or (recently) free'd

This patch fixes the issue.

Signed-off-by: Milian Wolff <milian.wolff@kdab.com>
[ Remove dependency from another change ]
Signed-off-by: Namhyung Kim <namhyung@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: David Ahern <dsahern@gmail.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Yao Jin <yao.jin@linux.intel.com>
Cc: kernel-team@lge.com
Link: http://lkml.kernel.org/r/20170524062129.32529-2-namhyung@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 tools/perf/util/callchain.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/tools/perf/util/callchain.c b/tools/perf/util/callchain.c
index 81fc29a..b4204b4 100644
--- a/tools/perf/util/callchain.c
+++ b/tools/perf/util/callchain.c
@@ -621,14 +621,19 @@ enum match_result {
 static enum match_result match_chain_srcline(struct callchain_cursor_node *node,
 					     struct callchain_list *cnode)
 {
-	char *left = get_srcline(cnode->ms.map->dso,
+	char *left = NULL;
+	char *right = NULL;
+	enum match_result ret = MATCH_EQ;
+	int cmp;
+
+	if (cnode->ms.map)
+		left = get_srcline(cnode->ms.map->dso,
 				 map__rip_2objdump(cnode->ms.map, cnode->ip),
 				 cnode->ms.sym, true, false);
-	char *right = get_srcline(node->map->dso,
+	if (node->map)
+		right = get_srcline(node->map->dso,
 				  map__rip_2objdump(node->map, node->ip),
 				  node->sym, true, false);
-	enum match_result ret = MATCH_EQ;
-	int cmp;
 
 	if (left && right)
 		cmp = strcmp(left, right);

  reply index

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-24  6:21 [GIT PULL 0/7] perf/urgent callchain fixes Namhyung Kim
2017-05-24  6:21 ` [PATCH 1/7] perf report: don't crash on invalid maps in `-g srcline` mode Namhyung Kim
2017-05-24  7:03   ` tip-bot for Milian Wolff [this message]
2017-05-24  6:21 ` [PATCH 2/7] perf report: fix memory leak in addr2line when called by addr2inlines Namhyung Kim
2017-05-24  7:04   ` [tip:perf/urgent] perf report: Fix " tip-bot for Milian Wolff
2017-05-24  6:21 ` [PATCH 3/7] perf report: fix off-by-one for non-activation frames Namhyung Kim
2017-05-24  7:05   ` [tip:perf/urgent] perf report: Fix " tip-bot for Milian Wolff
2017-05-24  6:21 ` [PATCH 4/7] perf script: Add --inline option Namhyung Kim
2017-05-24  6:38   ` Ingo Molnar
2017-05-24  7:13     ` Namhyung Kim
2017-05-24  7:21       ` Ingo Molnar
2017-05-24  7:53         ` Milian Wolff
2017-05-24  8:06           ` Ingo Molnar
2017-05-24  7:05   ` [tip:perf/urgent] perf script: Add --inline option for debugging tip-bot for Namhyung Kim
2017-05-24  6:21 ` [PATCH 5/7] perf report: always honor callchain order for inlined nodes Namhyung Kim
2017-05-24  7:06   ` [tip:perf/urgent] perf report: Always " tip-bot for Milian Wolff
2017-05-24  6:21 ` [PATCH 6/7] perf report: do not drop last inlined frame Namhyung Kim
2017-05-24  7:06   ` [tip:perf/urgent] perf report: Do " tip-bot for Milian Wolff
2017-05-24  6:21 ` [PATCH 7/7] perf tools: Fix to put caller above callee in children mode Namhyung Kim
2017-05-24  7:07   ` [tip:perf/urgent] perf tools: Put caller above callee in --children mode tip-bot for Namhyung Kim
2017-05-24  6:53 ` [GIT PULL 0/7] perf/urgent callchain fixes Ingo Molnar
2017-05-24  6:57   ` [PATCH] tools/include: Sync kernel ABI headers with tooling headers Ingo Molnar
2017-05-24  7:07     ` [tip:perf/urgent] " tip-bot for Ingo Molnar
2017-06-08 13:15 ` [GIT PULL 0/7] perf/urgent callchain fixes Milian Wolff
2017-06-08 13:59   ` Arnaldo Carvalho de Melo
2017-06-08 14:34     ` Milian Wolff

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=tip-7d4df089d77306914426a604c890175f91a9a459@git.kernel.org \
    --to=tipbot@zytor.com \
    --cc=a.p.zijlstra@chello.nl \
    --cc=acme@kernel.org \
    --cc=acme@redhat.com \
    --cc=dsahern@gmail.com \
    --cc=hpa@zytor.com \
    --cc=jolsa@kernel.org \
    --cc=jolsa@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-tip-commits@vger.kernel.org \
    --cc=milian.wolff@kdab.com \
    --cc=mingo@kernel.org \
    --cc=namhyung@kernel.org \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    --cc=yao.jin@linux.intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org linux-kernel@archiver.kernel.org
	public-inbox-index lkml


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/ public-inbox