mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-12-04 01:24:12 +08:00
aba5daeb64
FD uses xyarray__entry that may return NULL if an index is out of
bounds. If NULL is returned then a segv happens as FD unconditionally
dereferences the pointer. This was happening in a case of with perf
iostat as shown below. The fix is to make FD an "int*" rather than an
int and handle the NULL case as either invalid input or a closed fd.
$ sudo gdb --args perf stat --iostat list
...
Breakpoint 1, perf_evsel__alloc_fd (evsel=0x5555560951a0, ncpus=1, nthreads=1) at evsel.c:50
50 {
(gdb) bt
#0 perf_evsel__alloc_fd (evsel=0x5555560951a0, ncpus=1, nthreads=1) at evsel.c:50
#1 0x000055555585c188 in evsel__open_cpu (evsel=0x5555560951a0, cpus=0x555556093410,
threads=0x555556086fb0, start_cpu=0, end_cpu=1) at util/evsel.c:1792
#2 0x000055555585cfb2 in evsel__open (evsel=0x5555560951a0, cpus=0x0, threads=0x555556086fb0)
at util/evsel.c:2045
#3 0x000055555585d0db in evsel__open_per_thread (evsel=0x5555560951a0, threads=0x555556086fb0)
at util/evsel.c:2065
#4 0x00005555558ece64 in create_perf_stat_counter (evsel=0x5555560951a0,
config=0x555555c34700 <stat_config>, target=0x555555c2f1c0 <target>, cpu=0) at util/stat.c:590
#5 0x000055555578e927 in __run_perf_stat (argc=1, argv=0x7fffffffe4a0, run_idx=0)
at builtin-stat.c:833
#6 0x000055555578f3c6 in run_perf_stat (argc=1, argv=0x7fffffffe4a0, run_idx=0)
at builtin-stat.c:1048
#7 0x0000555555792ee5 in cmd_stat (argc=1, argv=0x7fffffffe4a0) at builtin-stat.c:2534
#8 0x0000555555835ed3 in run_builtin (p=0x555555c3f540 <commands+288>, argc=3,
argv=0x7fffffffe4a0) at perf.c:313
#9 0x0000555555836154 in handle_internal_command (argc=3, argv=0x7fffffffe4a0) at perf.c:365
#10 0x000055555583629f in run_argv (argcp=0x7fffffffe2ec, argv=0x7fffffffe2e0) at perf.c:409
#11 0x0000555555836692 in main (argc=3, argv=0x7fffffffe4a0) at perf.c:539
...
(gdb) c
Continuing.
Error:
The sys_perf_event_open() syscall returned with 22 (Invalid argument) for event (uncore_iio_0/event=0x83,umask=0x04,ch_mask=0xF,fc_mask=0x07/).
/bin/dmesg | grep -i perf may provide additional information.
Program received signal SIGSEGV, Segmentation fault.
0x00005555559b03ea in perf_evsel__close_fd_cpu (evsel=0x5555560951a0, cpu=1) at evsel.c:166
166 if (FD(evsel, cpu, thread) >= 0)
v3. fixes a bug in perf_evsel__run_ioctl where the sense of a branch was
backward.
Signed-off-by: Ian Rogers <irogers@google.com>
Acked-by: Jiri Olsa <jolsa@redhat.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Link: http://lore.kernel.org/lkml/20210918054440.2350466-1-irogers@google.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
434 lines
8.9 KiB
C
434 lines
8.9 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
#include <errno.h>
|
|
#include <unistd.h>
|
|
#include <sys/syscall.h>
|
|
#include <perf/evsel.h>
|
|
#include <perf/cpumap.h>
|
|
#include <perf/threadmap.h>
|
|
#include <linux/list.h>
|
|
#include <internal/evsel.h>
|
|
#include <linux/zalloc.h>
|
|
#include <stdlib.h>
|
|
#include <internal/xyarray.h>
|
|
#include <internal/cpumap.h>
|
|
#include <internal/mmap.h>
|
|
#include <internal/threadmap.h>
|
|
#include <internal/lib.h>
|
|
#include <linux/string.h>
|
|
#include <sys/ioctl.h>
|
|
#include <sys/mman.h>
|
|
#include <asm/bug.h>
|
|
|
|
void perf_evsel__init(struct perf_evsel *evsel, struct perf_event_attr *attr,
|
|
int idx)
|
|
{
|
|
INIT_LIST_HEAD(&evsel->node);
|
|
evsel->attr = *attr;
|
|
evsel->idx = idx;
|
|
evsel->leader = evsel;
|
|
}
|
|
|
|
struct perf_evsel *perf_evsel__new(struct perf_event_attr *attr)
|
|
{
|
|
struct perf_evsel *evsel = zalloc(sizeof(*evsel));
|
|
|
|
if (evsel != NULL)
|
|
perf_evsel__init(evsel, attr, 0);
|
|
|
|
return evsel;
|
|
}
|
|
|
|
void perf_evsel__delete(struct perf_evsel *evsel)
|
|
{
|
|
free(evsel);
|
|
}
|
|
|
|
#define FD(e, x, y) ((int *) xyarray__entry(e->fd, x, y))
|
|
#define MMAP(e, x, y) (e->mmap ? ((struct perf_mmap *) xyarray__entry(e->mmap, x, y)) : NULL)
|
|
|
|
int perf_evsel__alloc_fd(struct perf_evsel *evsel, int ncpus, int nthreads)
|
|
{
|
|
evsel->fd = xyarray__new(ncpus, nthreads, sizeof(int));
|
|
|
|
if (evsel->fd) {
|
|
int cpu, thread;
|
|
for (cpu = 0; cpu < ncpus; cpu++) {
|
|
for (thread = 0; thread < nthreads; thread++) {
|
|
int *fd = FD(evsel, cpu, thread);
|
|
|
|
if (fd)
|
|
*fd = -1;
|
|
}
|
|
}
|
|
}
|
|
|
|
return evsel->fd != NULL ? 0 : -ENOMEM;
|
|
}
|
|
|
|
static int perf_evsel__alloc_mmap(struct perf_evsel *evsel, int ncpus, int nthreads)
|
|
{
|
|
evsel->mmap = xyarray__new(ncpus, nthreads, sizeof(struct perf_mmap));
|
|
|
|
return evsel->mmap != NULL ? 0 : -ENOMEM;
|
|
}
|
|
|
|
static int
|
|
sys_perf_event_open(struct perf_event_attr *attr,
|
|
pid_t pid, int cpu, int group_fd,
|
|
unsigned long flags)
|
|
{
|
|
return syscall(__NR_perf_event_open, attr, pid, cpu, group_fd, flags);
|
|
}
|
|
|
|
static int get_group_fd(struct perf_evsel *evsel, int cpu, int thread, int *group_fd)
|
|
{
|
|
struct perf_evsel *leader = evsel->leader;
|
|
int *fd;
|
|
|
|
if (evsel == leader) {
|
|
*group_fd = -1;
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Leader must be already processed/open,
|
|
* if not it's a bug.
|
|
*/
|
|
if (!leader->fd)
|
|
return -ENOTCONN;
|
|
|
|
fd = FD(leader, cpu, thread);
|
|
if (fd == NULL || *fd == -1)
|
|
return -EBADF;
|
|
|
|
*group_fd = *fd;
|
|
|
|
return 0;
|
|
}
|
|
|
|
int perf_evsel__open(struct perf_evsel *evsel, struct perf_cpu_map *cpus,
|
|
struct perf_thread_map *threads)
|
|
{
|
|
int cpu, thread, err = 0;
|
|
|
|
if (cpus == NULL) {
|
|
static struct perf_cpu_map *empty_cpu_map;
|
|
|
|
if (empty_cpu_map == NULL) {
|
|
empty_cpu_map = perf_cpu_map__dummy_new();
|
|
if (empty_cpu_map == NULL)
|
|
return -ENOMEM;
|
|
}
|
|
|
|
cpus = empty_cpu_map;
|
|
}
|
|
|
|
if (threads == NULL) {
|
|
static struct perf_thread_map *empty_thread_map;
|
|
|
|
if (empty_thread_map == NULL) {
|
|
empty_thread_map = perf_thread_map__new_dummy();
|
|
if (empty_thread_map == NULL)
|
|
return -ENOMEM;
|
|
}
|
|
|
|
threads = empty_thread_map;
|
|
}
|
|
|
|
if (evsel->fd == NULL &&
|
|
perf_evsel__alloc_fd(evsel, cpus->nr, threads->nr) < 0)
|
|
return -ENOMEM;
|
|
|
|
for (cpu = 0; cpu < cpus->nr; cpu++) {
|
|
for (thread = 0; thread < threads->nr; thread++) {
|
|
int fd, group_fd, *evsel_fd;
|
|
|
|
evsel_fd = FD(evsel, cpu, thread);
|
|
if (evsel_fd == NULL)
|
|
return -EINVAL;
|
|
|
|
err = get_group_fd(evsel, cpu, thread, &group_fd);
|
|
if (err < 0)
|
|
return err;
|
|
|
|
fd = sys_perf_event_open(&evsel->attr,
|
|
threads->map[thread].pid,
|
|
cpus->map[cpu], group_fd, 0);
|
|
|
|
if (fd < 0)
|
|
return -errno;
|
|
|
|
*evsel_fd = fd;
|
|
}
|
|
}
|
|
|
|
return err;
|
|
}
|
|
|
|
static void perf_evsel__close_fd_cpu(struct perf_evsel *evsel, int cpu)
|
|
{
|
|
int thread;
|
|
|
|
for (thread = 0; thread < xyarray__max_y(evsel->fd); ++thread) {
|
|
int *fd = FD(evsel, cpu, thread);
|
|
|
|
if (fd && *fd >= 0) {
|
|
close(*fd);
|
|
*fd = -1;
|
|
}
|
|
}
|
|
}
|
|
|
|
void perf_evsel__close_fd(struct perf_evsel *evsel)
|
|
{
|
|
int cpu;
|
|
|
|
for (cpu = 0; cpu < xyarray__max_x(evsel->fd); cpu++)
|
|
perf_evsel__close_fd_cpu(evsel, cpu);
|
|
}
|
|
|
|
void perf_evsel__free_fd(struct perf_evsel *evsel)
|
|
{
|
|
xyarray__delete(evsel->fd);
|
|
evsel->fd = NULL;
|
|
}
|
|
|
|
void perf_evsel__close(struct perf_evsel *evsel)
|
|
{
|
|
if (evsel->fd == NULL)
|
|
return;
|
|
|
|
perf_evsel__close_fd(evsel);
|
|
perf_evsel__free_fd(evsel);
|
|
}
|
|
|
|
void perf_evsel__close_cpu(struct perf_evsel *evsel, int cpu)
|
|
{
|
|
if (evsel->fd == NULL)
|
|
return;
|
|
|
|
perf_evsel__close_fd_cpu(evsel, cpu);
|
|
}
|
|
|
|
void perf_evsel__munmap(struct perf_evsel *evsel)
|
|
{
|
|
int cpu, thread;
|
|
|
|
if (evsel->fd == NULL || evsel->mmap == NULL)
|
|
return;
|
|
|
|
for (cpu = 0; cpu < xyarray__max_x(evsel->fd); cpu++) {
|
|
for (thread = 0; thread < xyarray__max_y(evsel->fd); thread++) {
|
|
int *fd = FD(evsel, cpu, thread);
|
|
|
|
if (fd == NULL || *fd < 0)
|
|
continue;
|
|
|
|
perf_mmap__munmap(MMAP(evsel, cpu, thread));
|
|
}
|
|
}
|
|
|
|
xyarray__delete(evsel->mmap);
|
|
evsel->mmap = NULL;
|
|
}
|
|
|
|
int perf_evsel__mmap(struct perf_evsel *evsel, int pages)
|
|
{
|
|
int ret, cpu, thread;
|
|
struct perf_mmap_param mp = {
|
|
.prot = PROT_READ | PROT_WRITE,
|
|
.mask = (pages * page_size) - 1,
|
|
};
|
|
|
|
if (evsel->fd == NULL || evsel->mmap)
|
|
return -EINVAL;
|
|
|
|
if (perf_evsel__alloc_mmap(evsel, xyarray__max_x(evsel->fd), xyarray__max_y(evsel->fd)) < 0)
|
|
return -ENOMEM;
|
|
|
|
for (cpu = 0; cpu < xyarray__max_x(evsel->fd); cpu++) {
|
|
for (thread = 0; thread < xyarray__max_y(evsel->fd); thread++) {
|
|
int *fd = FD(evsel, cpu, thread);
|
|
struct perf_mmap *map;
|
|
|
|
if (fd == NULL || *fd < 0)
|
|
continue;
|
|
|
|
map = MMAP(evsel, cpu, thread);
|
|
perf_mmap__init(map, NULL, false, NULL);
|
|
|
|
ret = perf_mmap__mmap(map, &mp, *fd, cpu);
|
|
if (ret) {
|
|
perf_evsel__munmap(evsel);
|
|
return ret;
|
|
}
|
|
}
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
void *perf_evsel__mmap_base(struct perf_evsel *evsel, int cpu, int thread)
|
|
{
|
|
int *fd = FD(evsel, cpu, thread);
|
|
|
|
if (fd == NULL || *fd < 0 || MMAP(evsel, cpu, thread) == NULL)
|
|
return NULL;
|
|
|
|
return MMAP(evsel, cpu, thread)->base;
|
|
}
|
|
|
|
int perf_evsel__read_size(struct perf_evsel *evsel)
|
|
{
|
|
u64 read_format = evsel->attr.read_format;
|
|
int entry = sizeof(u64); /* value */
|
|
int size = 0;
|
|
int nr = 1;
|
|
|
|
if (read_format & PERF_FORMAT_TOTAL_TIME_ENABLED)
|
|
size += sizeof(u64);
|
|
|
|
if (read_format & PERF_FORMAT_TOTAL_TIME_RUNNING)
|
|
size += sizeof(u64);
|
|
|
|
if (read_format & PERF_FORMAT_ID)
|
|
entry += sizeof(u64);
|
|
|
|
if (read_format & PERF_FORMAT_GROUP) {
|
|
nr = evsel->nr_members;
|
|
size += sizeof(u64);
|
|
}
|
|
|
|
size += entry * nr;
|
|
return size;
|
|
}
|
|
|
|
int perf_evsel__read(struct perf_evsel *evsel, int cpu, int thread,
|
|
struct perf_counts_values *count)
|
|
{
|
|
size_t size = perf_evsel__read_size(evsel);
|
|
int *fd = FD(evsel, cpu, thread);
|
|
|
|
memset(count, 0, sizeof(*count));
|
|
|
|
if (fd == NULL || *fd < 0)
|
|
return -EINVAL;
|
|
|
|
if (MMAP(evsel, cpu, thread) &&
|
|
!perf_mmap__read_self(MMAP(evsel, cpu, thread), count))
|
|
return 0;
|
|
|
|
if (readn(*fd, count->values, size) <= 0)
|
|
return -errno;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int perf_evsel__run_ioctl(struct perf_evsel *evsel,
|
|
int ioc, void *arg,
|
|
int cpu)
|
|
{
|
|
int thread;
|
|
|
|
for (thread = 0; thread < xyarray__max_y(evsel->fd); thread++) {
|
|
int err;
|
|
int *fd = FD(evsel, cpu, thread);
|
|
|
|
if (fd == NULL || *fd < 0)
|
|
return -1;
|
|
|
|
err = ioctl(*fd, ioc, arg);
|
|
|
|
if (err)
|
|
return err;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
int perf_evsel__enable_cpu(struct perf_evsel *evsel, int cpu)
|
|
{
|
|
return perf_evsel__run_ioctl(evsel, PERF_EVENT_IOC_ENABLE, NULL, cpu);
|
|
}
|
|
|
|
int perf_evsel__enable(struct perf_evsel *evsel)
|
|
{
|
|
int i;
|
|
int err = 0;
|
|
|
|
for (i = 0; i < xyarray__max_x(evsel->fd) && !err; i++)
|
|
err = perf_evsel__run_ioctl(evsel, PERF_EVENT_IOC_ENABLE, NULL, i);
|
|
return err;
|
|
}
|
|
|
|
int perf_evsel__disable_cpu(struct perf_evsel *evsel, int cpu)
|
|
{
|
|
return perf_evsel__run_ioctl(evsel, PERF_EVENT_IOC_DISABLE, NULL, cpu);
|
|
}
|
|
|
|
int perf_evsel__disable(struct perf_evsel *evsel)
|
|
{
|
|
int i;
|
|
int err = 0;
|
|
|
|
for (i = 0; i < xyarray__max_x(evsel->fd) && !err; i++)
|
|
err = perf_evsel__run_ioctl(evsel, PERF_EVENT_IOC_DISABLE, NULL, i);
|
|
return err;
|
|
}
|
|
|
|
int perf_evsel__apply_filter(struct perf_evsel *evsel, const char *filter)
|
|
{
|
|
int err = 0, i;
|
|
|
|
for (i = 0; i < evsel->cpus->nr && !err; i++)
|
|
err = perf_evsel__run_ioctl(evsel,
|
|
PERF_EVENT_IOC_SET_FILTER,
|
|
(void *)filter, i);
|
|
return err;
|
|
}
|
|
|
|
struct perf_cpu_map *perf_evsel__cpus(struct perf_evsel *evsel)
|
|
{
|
|
return evsel->cpus;
|
|
}
|
|
|
|
struct perf_thread_map *perf_evsel__threads(struct perf_evsel *evsel)
|
|
{
|
|
return evsel->threads;
|
|
}
|
|
|
|
struct perf_event_attr *perf_evsel__attr(struct perf_evsel *evsel)
|
|
{
|
|
return &evsel->attr;
|
|
}
|
|
|
|
int perf_evsel__alloc_id(struct perf_evsel *evsel, int ncpus, int nthreads)
|
|
{
|
|
if (ncpus == 0 || nthreads == 0)
|
|
return 0;
|
|
|
|
if (evsel->system_wide)
|
|
nthreads = 1;
|
|
|
|
evsel->sample_id = xyarray__new(ncpus, nthreads, sizeof(struct perf_sample_id));
|
|
if (evsel->sample_id == NULL)
|
|
return -ENOMEM;
|
|
|
|
evsel->id = zalloc(ncpus * nthreads * sizeof(u64));
|
|
if (evsel->id == NULL) {
|
|
xyarray__delete(evsel->sample_id);
|
|
evsel->sample_id = NULL;
|
|
return -ENOMEM;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
void perf_evsel__free_id(struct perf_evsel *evsel)
|
|
{
|
|
xyarray__delete(evsel->sample_id);
|
|
evsel->sample_id = NULL;
|
|
zfree(&evsel->id);
|
|
evsel->ids = 0;
|
|
}
|