Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2249110imm; Mon, 28 May 2018 04:45:31 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoFun1WvMukHX8rHgIUeUn+0hbn6eTBMywmGjuBtU43S7bb+njQzQNXjIF6qnQr2P+qnwI1 X-Received: by 2002:a62:9f15:: with SMTP id g21-v6mr12903625pfe.207.1527507931842; Mon, 28 May 2018 04:45:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527507931; cv=none; d=google.com; s=arc-20160816; b=Zm/qrpu8RT4d2YQ2a1bLscEYi5rlHteo6VCs0IaTzZHV7coNClO35/0ceB2DIpw3zW RQhEmhoeLffq9EkVCx56bZ8u1+ZIdjD7aMSJzHVnrYoQUAEpk763/Q4VLyYaORq92yKu 5kpuWnXha8YbaIhL9mXp2d3Ru+Y187oKuDcPwaYLVHM2j9zkvCgWp/2ygsHM5Ni9W2zH NMdQaprp7Nb7AqMXCnTQi04+buNqxieyyd+NlofdNtelCJ0b3y4PH65lyb6rIJk1049l HqaDBQy3WSAhvap/lLSumo6n1Eu+HRmPPwT0I7PhZq550uUUSlLo/2Hi0TSXf+vxP5e9 bAMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=lD9o+/XYmiO++TSlgvm9S4HaIeIKjAYpU8MP0M2nHus=; b=EMWbn4RPi72wwZ6d8IiOhJdz43QT3YpsigZ0b9JiUhL3IrNGXGp8b/65c3/RThOjaL N9+lr88vDmif8xs6t81GIELxDIxWj5+BGlyfxwxd6uskE1xU+VDIH6W51eEHrTfsTVhV sXEoUX5MQH0K+aBaP9iXZvO3TbbFIJA5CDKVSUZ4WYVhSh4+I4inEGTaQllT3TX1Rv4i QiSbOZrKe6rsU58zbBOGmkdWQQTeqXcqhlJ/xQkGuUw7/uww6ZbPh0cscEM1mzi+hoMm FVAIeIeT81mZ3BJWYWHMwahnrLGLyTJLOwx2Xh3Q5JwnMoJEanyP0W9YPnK0KCD5LAdW g0BA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=y+ixE5fi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d75-v6si16583437pga.322.2018.05.28.04.45.17; Mon, 28 May 2018 04:45:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=y+ixE5fi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1424036AbeE1LLS (ORCPT + 99 others); Mon, 28 May 2018 07:11:18 -0400 Received: from mail.kernel.org ([198.145.29.99]:59230 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1424014AbeE1LLM (ORCPT ); Mon, 28 May 2018 07:11:12 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 003FF2089E; Mon, 28 May 2018 11:11:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1527505871; bh=2lvQe9xloqbAynkTDxfR8hYTnm+ArYJpjnavIpn8aho=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=y+ixE5filUcoFrhMbS49b8np7v6J6TC2Jw8BJr/BtmwfKidBBtitYRxNoqxxc+L1X miQsf+a5KpT0ixRbqi6e58P4bw4uU1Mm9glIrtFr4kD3/MlafH5CXHR4taXdSvoloG EES0fDLeZU3LpNvLrsM4j4SrNvAN+PtfWIqhIOvM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Thomas Richter , Heiko Carstens , Hendrik Brueckner , Martin Schwidefsky , Arnaldo Carvalho de Melo , Sasha Levin Subject: [PATCH 4.16 159/272] perf stat: Fix core dump when flag T is used Date: Mon, 28 May 2018 12:03:12 +0200 Message-Id: <20180528100254.202837109@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180528100240.256525891@linuxfoundation.org> References: <20180528100240.256525891@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.16-stable review patch. If anyone has any objections, please let me know. ------------------ From: Thomas Richter [ Upstream commit fca32340a5e8b896f57d41fd94b8b1701df25eb1 ] Executing command 'perf stat -T -- ls' dumps core on x86 and s390. Here is the call back chain (done on x86): # gdb ./perf .... (gdb) r stat -T -- ls ... Program received signal SIGSEGV, Segmentation fault. 0x00007ffff56d1963 in vasprintf () from /lib64/libc.so.6 (gdb) where #0 0x00007ffff56d1963 in vasprintf () from /lib64/libc.so.6 #1 0x00007ffff56ae484 in asprintf () from /lib64/libc.so.6 #2 0x00000000004f1982 in __parse_events_add_pmu (parse_state=0x7fffffffd580, list=0xbfb970, name=0xbf3ef0 "cpu", head_config=0xbfb930, auto_merge_stats=false) at util/parse-events.c:1233 #3 0x00000000004f1c8e in parse_events_add_pmu (parse_state=0x7fffffffd580, list=0xbfb970, name=0xbf3ef0 "cpu", head_config=0xbfb930) at util/parse-events.c:1288 #4 0x0000000000537ce3 in parse_events_parse (_parse_state=0x7fffffffd580, scanner=0xbf4210) at util/parse-events.y:234 #5 0x00000000004f2c7a in parse_events__scanner (str=0x6b66c0 "task-clock,{instructions,cycles,cpu/cycles-t/,cpu/tx-start/}", parse_state=0x7fffffffd580, start_token=258) at util/parse-events.c:1673 #6 0x00000000004f2e23 in parse_events (evlist=0xbe9990, str=0x6b66c0 "task-clock,{instructions,cycles,cpu/cycles-t/,cpu/tx-start/}", err=0x0) at util/parse-events.c:1713 #7 0x000000000044e137 in add_default_attributes () at builtin-stat.c:2281 #8 0x000000000044f7b5 in cmd_stat (argc=1, argv=0x7fffffffe3b0) at builtin-stat.c:2828 #9 0x00000000004c8b0f in run_builtin (p=0xab01a0 , argc=4, argv=0x7fffffffe3b0) at perf.c:297 #10 0x00000000004c8d7c in handle_internal_command (argc=4, argv=0x7fffffffe3b0) at perf.c:349 #11 0x00000000004c8ece in run_argv (argcp=0x7fffffffe20c, argv=0x7fffffffe200) at perf.c:393 #12 0x00000000004c929c in main (argc=4, argv=0x7fffffffe3b0) at perf.c:537 (gdb) It turns out that a NULL pointer is referenced. Here are the function calls: ... cmd_stat() +---> add_default_attributes() +---> parse_events(evsel_list, transaction_attrs, NULL); 3rd parameter set to NULL Function parse_events(xx, xx, struct parse_events_error *err) dives into a bison generated scanner and creates parser state information for it first: struct parse_events_state parse_state = { .list = LIST_HEAD_INIT(parse_state.list), .idx = evlist->nr_entries, .error = err, <--- NULL POINTER !!! .evlist = evlist, }; Now various functions inside the bison scanner are called to end up in __parse_events_add_pmu(struct parse_events_state *parse_state, ..) with first parameter being a pointer to above structure definition. Now the PMU event name is not found (because being executed in a VM) and this function tries to create an error message with asprintf(&parse_state->error.str, ....) which references a NULL pointer and dumps core. Fix this by providing a pointer to the necessary error information instead of NULL. Technically only the else part is needed to avoid the core dump, just lets be safe... Signed-off-by: Thomas Richter Cc: Heiko Carstens Cc: Hendrik Brueckner Cc: Martin Schwidefsky Link: http://lkml.kernel.org/r/20180308145735.64717-1-tmricht@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- tools/perf/builtin-stat.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) --- a/tools/perf/builtin-stat.c +++ b/tools/perf/builtin-stat.c @@ -2274,11 +2274,16 @@ static int add_default_attributes(void) return 0; if (transaction_run) { + struct parse_events_error errinfo; + if (pmu_have_event("cpu", "cycles-ct") && pmu_have_event("cpu", "el-start")) - err = parse_events(evsel_list, transaction_attrs, NULL); + err = parse_events(evsel_list, transaction_attrs, + &errinfo); else - err = parse_events(evsel_list, transaction_limited_attrs, NULL); + err = parse_events(evsel_list, + transaction_limited_attrs, + &errinfo); if (err) { fprintf(stderr, "Cannot set up transaction events\n"); return -1;