mirror of https://gitee.com/openkylin/linux.git
3a4acda1ec
intel_pt_process_auxtrace_info() creates a pt->unknown_thread thread that eventually needs to be freed by the last thread__put() on it, when its refcount hits zero, which may happen in intel_pt_process_auxtrace_info() error handling path and triggers the following segfault, which would happen as well at intel_pt_free, when tools using this intel_pt codebase frees up resources: # perf record -I -e intel_pt/tsc=1,noretcomp=1/u /bin/ls 0 a anaconda-ks.cfg bin perf.data perf.data.old perf-f23-bringup.todo [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.217 MB perf.data ] # # perf script -F event,comm,pid,tid,time,addr,ip,sym,dso,iregs Samples for 'instructions:u' event do not have IREGS attribute set. Cannot print 'iregs' field. intel_pt_synth_events: failed to synthesize 'instructions' event type Segmentation fault (core dumped) # The problem is: there's a union in 'struct thread' combines a list_head and a rb_node. The standard life cycle of a thread is: init rb_node in the constructor, insert it into machine->threads rbtree using rb_node, move it to machine->dead_threads using list_head, clean in the last thread__put: list_del_init(&thread->node). In the above command, it clean a thread before adding it into list, causes the above segfault. Since pt->unknown_thread will never live in an rbtree, initialize its list node so that when list_del_init() is done on it we don't segfault. After this patch: # perf script -F event,comm,pid,tid,time,addr,ip,sym,dso,iregs Samples for 'instructions:u' event do not have IREGS attribute set. Cannot print 'iregs' field. intel_pt_synth_events: failed to synthesize 'instructions' event type 0x248 [0x88]: failed to process type: 70 # Reported-by: Tong Zhang <ztong@vt.edu> Reported-by: Wang Nan <wangnan0@huawei.com> Signed-off-by: Adrian Hunter <adrian.hunter@intel.com> Tested-by: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Link: http://lkml.kernel.org/r/1454296865-19749-1-git-send-email-wangnan0@huawei.com Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> |
||
|---|---|---|
| .. | ||
| Documentation | ||
| arch | ||
| bench | ||
| config | ||
| python | ||
| scripts | ||
| tests | ||
| trace/strace/groups | ||
| ui | ||
| util | ||
| .gitignore | ||
| Build | ||
| CREDITS | ||
| MANIFEST | ||
| Makefile | ||
| Makefile.perf | ||
| builtin-annotate.c | ||
| builtin-bench.c | ||
| builtin-buildid-cache.c | ||
| builtin-buildid-list.c | ||
| builtin-config.c | ||
| builtin-data.c | ||
| builtin-diff.c | ||
| builtin-evlist.c | ||
| builtin-help.c | ||
| builtin-inject.c | ||
| builtin-kmem.c | ||
| builtin-kvm.c | ||
| builtin-list.c | ||
| builtin-lock.c | ||
| builtin-mem.c | ||
| builtin-probe.c | ||
| builtin-record.c | ||
| builtin-report.c | ||
| builtin-sched.c | ||
| builtin-script.c | ||
| builtin-stat.c | ||
| builtin-timechart.c | ||
| builtin-top.c | ||
| builtin-trace.c | ||
| builtin-version.c | ||
| builtin.h | ||
| command-list.txt | ||
| design.txt | ||
| perf-archive.sh | ||
| perf-completion.sh | ||
| perf-read-vdso.c | ||
| perf-sys.h | ||
| perf-with-kcore.sh | ||
| perf.c | ||
| perf.h | ||