linux/tools
Thomas Richter fca32340a5 perf stat: Fix core dump when flag T is used
Executing command 'perf stat -T -- ls' dumps core on x86 and s390.

Here is the call back chain (done on x86):

 # gdb ./perf
 ....
 (gdb) r stat -T -- ls
...
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff56d1963 in vasprintf () from /lib64/libc.so.6
(gdb) where
 #0  0x00007ffff56d1963 in vasprintf () from /lib64/libc.so.6
 #1  0x00007ffff56ae484 in asprintf () from /lib64/libc.so.6
 #2  0x00000000004f1982 in __parse_events_add_pmu (parse_state=0x7fffffffd580,
    list=0xbfb970, name=0xbf3ef0 "cpu",
    head_config=0xbfb930, auto_merge_stats=false) at util/parse-events.c:1233
 #3  0x00000000004f1c8e in parse_events_add_pmu (parse_state=0x7fffffffd580,
    list=0xbfb970, name=0xbf3ef0 "cpu",
    head_config=0xbfb930) at util/parse-events.c:1288
 #4  0x0000000000537ce3 in parse_events_parse (_parse_state=0x7fffffffd580,
    scanner=0xbf4210) at util/parse-events.y:234
 #5  0x00000000004f2c7a in parse_events__scanner (str=0x6b66c0
    "task-clock,{instructions,cycles,cpu/cycles-t/,cpu/tx-start/}",
    parse_state=0x7fffffffd580, start_token=258) at util/parse-events.c:1673
 #6  0x00000000004f2e23 in parse_events (evlist=0xbe9990, str=0x6b66c0
    "task-clock,{instructions,cycles,cpu/cycles-t/,cpu/tx-start/}", err=0x0)
    at util/parse-events.c:1713
 #7  0x000000000044e137 in add_default_attributes () at builtin-stat.c:2281
 #8  0x000000000044f7b5 in cmd_stat (argc=1, argv=0x7fffffffe3b0) at
    builtin-stat.c:2828
 #9  0x00000000004c8b0f in run_builtin (p=0xab01a0 <commands+288>, argc=4,
    argv=0x7fffffffe3b0) at perf.c:297
 #10 0x00000000004c8d7c in handle_internal_command (argc=4,
    argv=0x7fffffffe3b0) at perf.c:349
 #11 0x00000000004c8ece in run_argv (argcp=0x7fffffffe20c,
   argv=0x7fffffffe200) at perf.c:393
 #12 0x00000000004c929c in main (argc=4, argv=0x7fffffffe3b0) at perf.c:537
(gdb)

It turns out that a NULL pointer is referenced. Here are the
function calls:

  ...
  cmd_stat()
  +---> add_default_attributes()
	+---> parse_events(evsel_list, transaction_attrs, NULL);
	             3rd parameter set to NULL

Function parse_events(xx, xx, struct parse_events_error *err) dives
into a bison generated scanner and creates
parser state information for it first:

   struct parse_events_state parse_state = {
                .list   = LIST_HEAD_INIT(parse_state.list),
                .idx    = evlist->nr_entries,
                .error  = err,   <--- NULL POINTER !!!
                .evlist = evlist,
        };

Now various functions inside the bison scanner are called to end up in
__parse_events_add_pmu(struct parse_events_state *parse_state, ..) with
first parameter being a pointer to above structure definition.

Now the PMU event name is not found (because being executed in a VM) and
this function tries to create an error message with

   asprintf(&parse_state->error.str, ....)

which references a NULL pointer and dumps core.

Fix this by providing a pointer to the necessary error information
instead of NULL. Technically only the else part is needed to avoid the
core dump, just lets be safe...

Signed-off-by: Thomas Richter <tmricht@linux.vnet.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Link: http://lkml.kernel.org/r/20180308145735.64717-1-tmricht@linux.vnet.ibm.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
2018-03-16 13:55:29 -03:00
..
accounting License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
arch Merge branch 'perf/urgent' into perf/core, to resolve conflict 2018-03-07 09:23:12 +01:00
bpf tools: bpftool: preserve JSON output on errors on batch file parsing 2018-02-15 10:01:05 +01:00
build perf build: Force llvm/clang test compile output to .make.output 2018-03-08 11:30:50 -03:00
cgroup tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
firewire License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gpio tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
hv tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
iio tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
include perf/core: Implement fast breakpoint modification via _IOC_MODIFY_ATTRIBUTES 2018-03-13 15:24:02 +01:00
kvm/kvm_stat tools/kvm_stat: print 'Total' line for multiple events only 2018-02-24 01:43:46 +01:00
laptop tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
leds tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
lib Linux 4.16-rc4 2018-03-06 07:30:22 +01:00
nfsd License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
objtool objtool: Fix another switch table detection issue 2018-02-28 16:03:19 +01:00
pci License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pcmcia License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
perf perf stat: Fix core dump when flag T is used 2018-03-16 13:55:29 -03:00
power tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
scripts tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
spi tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
testing Merge tag 'linux-kselftest-4.16-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest 2018-02-28 13:38:52 -08:00
thermal/tmon Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2017-11-17 14:31:27 -08:00
time
usb tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
virtio virtio, vhost: fixes, cleanups, features 2018-02-08 10:41:00 -08:00
vm tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
wmi tools: fix cross-compile var clobbering 2018-02-21 15:35:42 -08:00
Makefile platform-drivers-x86 for v4.15-1 2017-11-18 10:26:57 -08:00