Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1960537ybl; Thu, 9 Jan 2020 04:40:10 -0800 (PST) X-Google-Smtp-Source: APXvYqyfnq5F8JpdieWxJe9QTVRwj0rdK3g8snLSs2xnxqYVgSPrOmgCtN9XA3u+7rI86lR2icQw X-Received: by 2002:aca:33d5:: with SMTP id z204mr2788485oiz.120.1578573610596; Thu, 09 Jan 2020 04:40:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578573610; cv=none; d=google.com; s=arc-20160816; b=myzLke25QMRcnYDOpdkRH2lsIwf2Sf0dG7V788hWNmuRz5CZwa3iFjp1O25FZ3/Tar Rz72RQgRCJ1PUEKpV0ci1jOWdIEBERZFCaf4a4/GLR7FVSMh+eVvFD2/QgKWCfFS9zYE I3lODtjiq2co8g7b1qmCBRfTUX8sKOVdea7lLU7VODR17w7GvooRl0md5HUAJDQFa0Dx KLpzsTdoBCSUKgSZipqu0su7hkCPMZRe8hIaRxN2tWODICJx71tYBIkx3jt6jNtjYyzw G/7jNAtXMVNl+UQGkAcDF17m/z/CwrPlnNu/pEcLYudahZ9OGYeTFwvE6ygws9o/keEc wDbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :mime-version:dkim-signature; bh=WX2CWxZsF25FdPcrd0lrQ8iO70D1PYU6ADU7KID3ipU=; b=tqkuK7EJ/Ywg5Y0qskw2GlGh/lXs11eIHHz46fUJ3bLvNiKkTQX10awBE5Mukw8Bpv ejxkMms5rRa3fVpyX1v0CuWLleyiyjIHP6GLiE0KeutOaMHNQmfD6G1FJqKUfud3GCOx NJ7/PS0n2+sn6x69S0xaPVgyKtJGtW8JBiBwajpUKjYyXaEhWogYBg7qpEvsBC65OtiQ dmTXnj0dM8SIvuT+LbS9PwiuC7fn5QXzL+AIx165WeIeCm8/ZFVeZmRSEXbDV4x2mpR8 zessJ8bI5adaN0yamziK/clM6KJSp4IDeqgbwXu3saZZVNv10AWTHnt++cG+GzOp+fyN n0aQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="enc/0q9W"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x5si3615577oic.72.2020.01.09.04.39.58; Thu, 09 Jan 2020 04:40:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="enc/0q9W"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727980AbgAILhn (ORCPT + 99 others); Thu, 9 Jan 2020 06:37:43 -0500 Received: from mail-oi1-f180.google.com ([209.85.167.180]:33531 "EHLO mail-oi1-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725997AbgAILhm (ORCPT ); Thu, 9 Jan 2020 06:37:42 -0500 Received: by mail-oi1-f180.google.com with SMTP id v140so5602457oie.0 for ; Thu, 09 Jan 2020 03:37:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=WX2CWxZsF25FdPcrd0lrQ8iO70D1PYU6ADU7KID3ipU=; b=enc/0q9Wylb8LffZ/mi1G3sUmrmIXiW2wnEti2u1Vps7CzEMCSdx/vWhY12/7qsLMM xebfuHEiUfjyylj52sqfk4oEUSRWDlxZEtcZUwmbIPGphAAY6P0bSOIMbPKH2hUwkeD0 0xlTmEePZ/hkNyPy0f91g8bM6z7vJHgHVl7mU4FD5QbZx1Xd2b/7h+TrW0MaUn63BZKs 0UFbwwe+1l+Tgv+z8BKv6SA2JlEIzFHZ4Wp93pfvh9rGg22OQSjL8CPnqUcBtug2dAUL EHoqTtTEJDFp4k7eUGYutGGJv0F7qYaU7buDoXkvmAyDJBWa5T6vACLOcm7LCvXsdc3G H18g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=WX2CWxZsF25FdPcrd0lrQ8iO70D1PYU6ADU7KID3ipU=; b=ClpdwOOl09AqA7D/tvXa5yw/llAZ/Ai9sj3VRFjYTWUUGMdgoZl47GnRxTVXgd0zbW /8xZtRVOo8UyQnskzKITPbPheGs1PyknfIm6/PLmfgegCbUy5sSC/Zvtg8aTMXXZLBXq UNH1uD7uhhDCdsCr7CEGakfSmudKl6cwaqoLfya9/VQE8HjaEFQLyQQt0TzyizaVk7Jw c8h3SenTQ03+bZ7ItCzZCMeX/mN+s0DCT/0N4obfiGjZgUqbodA2Z7WpNzXhL/7a98G3 L6E1fjXpoXd9RqhMP7pRnJEGQTvVunyl7Ymj1KWJF65NeTpErP/HnxcTdpDgmBGYqPlW Zbgg== X-Gm-Message-State: APjAAAXCbEU/8ihEfipEto0s/hWfpe6M47pJpzE/+1mCMVT6ingPqctg Zl4TGEEE1apUa2/m4p0utAJutl7eT3Hq/zny8IwUtQ== X-Received: by 2002:aca:b187:: with SMTP id a129mr2765924oif.175.1578569860196; Thu, 09 Jan 2020 03:37:40 -0800 (PST) MIME-Version: 1.0 From: Jann Horn Date: Thu, 9 Jan 2020 12:37:14 +0100 Message-ID: Subject: "perf ftrace" segfault because ->cpus!=NULL but ->all_cpus==NULL To: Andi Kleen , Peter Zijlstra , Ingo Molnar , Arnaldo Carvalho de Melo , Mark Rutland , Alexander Shishkin , Jiri Olsa , Namhyung Kim Cc: kernel list Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org I was clumsily trying to use "perf ftrace" from git master (I might very well be using it wrong), and it's falling over with a NULL deref. I don't really understand the perf code, but it looks to me like it might be related to Andi Kleen's refactoring that introduced evlist->all_cpus? I think the problem is that evlist_close() assumes that ->cpus!=NULL implies ->all_cpus!=NULL, but perf_evlist__propagate_maps() doesn't set ->all_cpus if the evlist is empty. Here's the crash I encountered: root@vm:~# /linux-llvm/tools/perf/perf ftrace -a -T kmem_cache_alloc failed to reset ftrace Segmentation fault (core dumped) root@vm:~# gdb /linux-llvm/tools/perf/perf core [...] Core was generated by `/linux-llvm/tools/perf/perf ftrace -a -T kmem_cache_alloc'. Program terminated with signal SIGSEGV, Segmentation fault. #0 perf_cpu_map__cpu (cpus=0x0, idx=idx@entry=0) at cpumap.c:250 [...] (gdb) list 245 return cpus; 246 } 247 248 int perf_cpu_map__cpu(const struct perf_cpu_map *cpus, int idx) 249 { 250 if (idx < cpus->nr) 251 return cpus->map[idx]; 252 253 return -1; 254 } (gdb) print cpus $1 = (const struct perf_cpu_map *) 0x0 (gdb) bt #0 perf_cpu_map__cpu (cpus=0x0, idx=idx@entry=0) at cpumap.c:250 #1 0x00005579cbf38731 in evlist__close (evlist=evlist@entry=0x5579cd1c22c0) at util/evlist.c:1222 #2 0x00005579cbf388f6 in evlist__delete (evlist=0x5579cd1c22c0) at util/evlist.c:152 #3 0x00005579cbf389c1 in evlist__delete (evlist=) at util/evlist.c:148 #4 0x00005579cbe9e3b5 in cmd_ftrace (argc=0, argv=0x7ffe818a16e0) at builtin-ftrace.c:520 #5 0x00005579cbf2287d in run_builtin (p=0x5579cc2a9740 , argc=4, argv=0x7ffe818a16e0) at perf.c:312 #6 0x00005579cbe96baa in handle_internal_command (argv=0x7ffe818a16e0, argc=4) at perf.c:364 #7 run_argv (argcp=, argv=) at perf.c:408 #8 main (argc=4, argv=0x7ffe818a16e0) at perf.c:538 (gdb) frame 1 #1 0x00005579cbf38731 in evlist__close (evlist=evlist@entry=0x5579cd1c22c0) at util/evlist.c:1222 1222 evlist__for_each_cpu(evlist, i, cpu) { (gdb) print evlist $2 = (struct evlist *) 0x5579cd1c22c0 (gdb) print *evlist $3 = {core = {entries = {next = 0x5579cd1c22c0, prev = 0x5579cd1c22c0}, nr_entries = 0, has_user_cpus = false, cpus = 0x5579cd1b8fe0, all_cpus = 0x0, threads = 0x5579cd1c2d60, nr_mmaps = 0, mmap_len = 0, pollfd = {nr = 0, nr_alloc = 0, nr_autogrow = 64, entries = 0x0, priv = 0x0}, heads = {{first = 0x0} }, mmap = 0x0, mmap_ovw = 0x0, mmap_first = 0x0, mmap_ovw_first = 0x0}, nr_groups = 0, enabled = false, id_pos = 0, is_pos = 0, combined_sample_type = 0, bkw_mmap_state = BKW_MMAP_NOTREADY, workload = {cork_fd = 0, pid = -1}, mmap = 0x0, overwrite_mmap = 0x0, selected = 0x0, stats = {total_period = 0, total_non_filtered_period = 0, total_lost = 0, total_lost_samples = 0, total_aux_lost = 0, total_aux_partial = 0, total_invalid_chains = 0, nr_events = {0 }, nr_non_filtered_samples = 0, nr_lost_warned = 0, nr_unknown_events = 0, nr_invalid_chains = 0, nr_unknown_id = 0, nr_unprocessable_samples = 0, nr_auxtrace_errors = {0, 0}, nr_proc_map_timeout = 0}, env = 0x0, trace_event_sample_raw = 0x0, first_sample_time = 0, last_sample_time = 0, thread = {th = 0, done = 0}} (gdb)