December 2021 - Linux-stable-mirror

[PATCH] [BACKPORT v4.9 - v4.19] firmware: arm_scpi: Fix string overflow in SCPI genpd driver

by Sudeep Holla

commit 865ed67ab955428b9aa771d8b4f1e4fb7fd08945 upstream. Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name string is set at maximum size of 30. Let us fix it by using devm_kasprintf so that the string buffer is allocated dynamically. Fixes: 8bec4337ad40 ("firmware: scpi: add device power domain support using genpd") Reported-by: Pedro Batista <pedbap.g(a)gmail.com> Signed-off-by: Sudeep Holla <sudeep.holla(a)arm.com> Cc: stable(a)vger.kernel.org #v4.9, v4.14, v4.19 Cc: Cristian Marussi <cristian.marussi(a)arm.com> Link: https://lore.kernel.org/r/20211209120456.696879-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> --- drivers/firmware/scpi_pm_domain.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/scpi_pm_domain.c b/drivers/firmware/scpi_pm_domain.c index f395dec27113..a6e62a793fbe 100644 --- a/drivers/firmware/scpi_pm_domain.c +++ b/drivers/firmware/scpi_pm_domain.c @@ -27,7 +27,6 @@ struct scpi_pm_domain { struct generic_pm_domain genpd; struct scpi_ops *ops; u32 domain; - char name[30]; }; /* @@ -121,8 +120,13 @@ static int scpi_pm_domain_probe(struct platform_device *pdev) scpi_pd->domain = i; scpi_pd->ops = scpi_ops; - sprintf(scpi_pd->name, "%s.%d", np->name, i); - scpi_pd->genpd.name = scpi_pd->name; + scpi_pd->genpd.name = devm_kasprintf(dev, GFP_KERNEL, + "%s.%d", np->name, i); + if (!scpi_pd->genpd.name) { + dev_err(dev, "Failed to allocate genpd name:%s.%d\n", + np->name, i); + continue; + } scpi_pd->genpd.power_off = scpi_pd_power_off; scpi_pd->genpd.power_on = scpi_pd_power_on; -- 2.25.1

3 years

2
1
0 0

[PATCH v5.4] mac80211: validate extended element ID is present

by Johannes Berg

From: Johannes Berg <johannes.berg(a)intel.com> Commit 768c0b19b50665e337c96858aa2b7928d6dcf756 upstream. Before attempting to parse an extended element, verify that the extended element ID is present. Fixes: 41cbb0f5a295 ("mac80211: add support for HE") Reported-by: syzbot+59bdff68edce82e393b6(a)syzkaller.appspotmail.com Link: https://lore.kernel.org/r/20211211201023.f30a1b128c07.I5cacc176da94ba316877… Cc: stable(a)vger.kernel.org Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> --- net/mac80211/util.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/mac80211/util.c b/net/mac80211/util.c index decd46b38393..c1c117fdf318 100644 --- a/net/mac80211/util.c +++ b/net/mac80211/util.c @@ -1227,6 +1227,8 @@ _ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action, elems->max_idle_period_ie = (void *)pos; break; case WLAN_EID_EXTENSION: + if (!elen) + break; if (pos[0] == WLAN_EID_EXT_HE_MU_EDCA && elen >= (sizeof(*elems->mu_edca_param_set) + 1)) { elems->mu_edca_param_set = (void *)&pos[1]; -- 2.33.1

3 years

2
1
0 0

stable-rc/queue/5.10 baseline: 192 runs, 1 regressions (v5.10.87-66-g2eb0aa8b2e00)

by kernelci.org bot

stable-rc/queue/5.10 baseline: 192 runs, 1 regressions (v5.10.87-66-g2eb0aa8b2e00) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------+------------ minnowboard-turbot-E3826 | x86_64 | lab-collabora | gcc-10 | x86_64_defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/queue%2F5.10/kernel/v5.10.87… Test: baseline Tree: stable-rc Branch: queue/5.10 Describe: v5.10.87-66-g2eb0aa8b2e00 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 2eb0aa8b2e0023f1361c1e60c7b2e50d7cfbda9b Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------+------------ minnowboard-turbot-E3826 | x86_64 | lab-collabora | gcc-10 | x86_64_defconfig | 1 Details: https://kernelci.org/test/plan/id/61c026fc698b75a34239711e Results: 0 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/queue-5.10/v5.10.87-66-g2eb0aa8b2e0… HTML log: https://storage.kernelci.org//stable-rc/queue-5.10/v5.10.87-66-g2eb0aa8b2e0… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2021… * baseline.login: https://kernelci.org/test/case/id/61c026fc698b75a34239711f new failure (last pass: v5.10.87-63-g1b969379182f)

3 years

1
0
0 0

[PATCH stable 4.19] net: systemport: Add global locking for descriptor lifecycle

by Florian Fainelli

commit 8b8e6e782456f1ce02a7ae914bbd5b1053f0b034 upstream The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit queue between the transmit and reclaiming. This creates an opportunity for the SYSTEMPORT hardware to work on corrupted descriptors if we have multiple producers at once which is the case when using multiple transmit queues. This was particularly noticeable when using multiple flows/transmit queues and it showed up in interesting ways in that UDP packets would get a correct UDP header checksum being calculated over an incorrect packet length. Similarly TCP packets would get an equally correct checksum computed by the hardware over an incorrect packet length. The SYSTEMPORT hardware maintains an internal descriptor list that it re-arranges when the driver produces a new descriptor anytime it writes to the WRITE_PORT_{HI,LO} registers, there is however some delay in the hardware to re-organize its descriptors and it is possible that concurrent TX queues eventually break this internal allocation scheme to the point where the length/status part of the descriptor gets used for an incorrect data buffer. The fix is to impose a global serialization for all TX queues in the short section where we are writing to the WRITE_PORT_{HI,LO} registers which solves the corruption even with multiple concurrent TX queues being used. Fixes: 80105befdb4b ("net: systemport: add Broadcom SYSTEMPORT Ethernet MAC driver") Signed-off-by: Florian Fainelli <f.fainelli(a)gmail.com> Link: https://lore.kernel.org/r/20211215202450.4086240-1-f.fainelli@gmail.com Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> --- drivers/net/ethernet/broadcom/bcmsysport.c | 5 +++++ drivers/net/ethernet/broadcom/bcmsysport.h | 1 + 2 files changed, 6 insertions(+) diff --git a/drivers/net/ethernet/broadcom/bcmsysport.c b/drivers/net/ethernet/broadcom/bcmsysport.c index 0c69becc3c17..b3fc8745b580 100644 --- a/drivers/net/ethernet/broadcom/bcmsysport.c +++ b/drivers/net/ethernet/broadcom/bcmsysport.c @@ -120,9 +120,13 @@ static inline void tdma_port_write_desc_addr(struct bcm_sysport_priv *priv, struct dma_desc *desc, unsigned int port) { + unsigned long desc_flags; + /* Ports are latched, so write upper address first */ + spin_lock_irqsave(&priv->desc_lock, desc_flags); tdma_writel(priv, desc->addr_status_len, TDMA_WRITE_PORT_HI(port)); tdma_writel(priv, desc->addr_lo, TDMA_WRITE_PORT_LO(port)); + spin_unlock_irqrestore(&priv->desc_lock, desc_flags); } /* Ethtool operations */ @@ -2003,6 +2007,7 @@ static int bcm_sysport_open(struct net_device *dev) } /* Initialize both hardware and software ring */ + spin_lock_init(&priv->desc_lock); for (i = 0; i < dev->num_tx_queues; i++) { ret = bcm_sysport_init_tx_ring(priv, i); if (ret) { diff --git a/drivers/net/ethernet/broadcom/bcmsysport.h b/drivers/net/ethernet/broadcom/bcmsysport.h index 36e0adf5c9b8..f438b818136a 100644 --- a/drivers/net/ethernet/broadcom/bcmsysport.h +++ b/drivers/net/ethernet/broadcom/bcmsysport.h @@ -751,6 +751,7 @@ struct bcm_sysport_priv { int wol_irq; /* Transmit rings */ + spinlock_t desc_lock; struct bcm_sysport_tx_ring *tx_rings; /* Receive queue */ -- 2.25.1

3 years

2
1
0 0

stable-rc/queue/4.9 baseline: 134 runs, 1 regressions (v4.9.293-15-g3fbbbaf0d213)

by kernelci.org bot

stable-rc/queue/4.9 baseline: 134 runs, 1 regressions (v4.9.293-15-g3fbbbaf0d213) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------+------+---------------+----------+---------------------+------------ panda | arm | lab-collabora | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/queue%2F4.9/kernel/v4.9.293-… Test: baseline Tree: stable-rc Branch: queue/4.9 Describe: v4.9.293-15-g3fbbbaf0d213 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 3fbbbaf0d213fd1ae62e8c7dd54110cc0427e7c5 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------+------+---------------+----------+---------------------+------------ panda | arm | lab-collabora | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/61c023f77a21466339397126 Results: 4 PASS, 1 FAIL, 1 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.293-15-g3fbbbaf0d213… HTML log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.293-15-g3fbbbaf0d213… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2021… * baseline.dmesg.emerg: https://kernelci.org/test/case/id/61c023f77a21466339397129 failing since 3 days (last pass: v4.9.293-7-gd89b8545a1fa, first fail: v4.9.293-7-g534f383585ec) 2 lines 2021-12-20T06:34:13.976547 [ 20.230133] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=alert RESULT=pass UNITS=lines MEASUREMENT=0> 2021-12-20T06:34:14.019852 kern :emerg : BUG: spinlock bad magic on CPU#0, udevd/120 2021-12-20T06:34:14.029323 kern :emerg : lock: emif_lock+0x0/0xfffff230 [emif], .magic: dead4ead, .owner: <none>/-1, .owner_cpu: -1

3 years

1
0
0 0

[PATCH 1/3] ALSA: hda/tegra: Skip reset on BPMP devices

by Sameer Pujar

HDA regression is recently reported on Tegra194 based platforms. This happens because "hda2codec_2x" reset does not really exist in Tegra194 and it causes probe failure. All the HDA based audio tests fail at the moment. This underlying issue is exposed by commit c045ceb5a145 ("reset: tegra-bpmp: Handle errors in BPMP response") which now checks return code of BPMP command response. The failure can be fixed by avoiding above reset in the driver, but the explicit reset is not necessary for Tegra devices which depend on BPMP. On such devices, BPMP ensures reset application during unpowergate calls. Hence skip reset on these devices which is applicable for Tegra186 and later. Signed-off-by: Sameer Pujar <spujar(a)nvidia.com> Cc: stable(a)vger.kernel.org Depends-on: 87f0e46e7559 ("ALSA: hda/tegra: Reset hardware") --- sound/pci/hda/hda_tegra.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/sound/pci/hda/hda_tegra.c b/sound/pci/hda/hda_tegra.c index ea700395..862141e 100644 --- a/sound/pci/hda/hda_tegra.c +++ b/sound/pci/hda/hda_tegra.c @@ -68,6 +68,10 @@ */ #define TEGRA194_NUM_SDO_LINES 4 +struct hda_data { + unsigned int do_reset:1; +}; + struct hda_tegra { struct azx chip; struct device *dev; @@ -76,6 +80,7 @@ struct hda_tegra { unsigned int nclocks; void __iomem *regs; struct work_struct probe_work; + const struct hda_data *data; }; #ifdef CONFIG_PM @@ -427,8 +432,13 @@ static int hda_tegra_create(struct snd_card *card, return 0; } +static const struct hda_data tegra30_data = { + .do_reset = 1, +}; + static const struct of_device_id hda_tegra_match[] = { - { .compatible = "nvidia,tegra30-hda" }, + { .compatible = "nvidia,tegra30-hda", .data = &tegra30_data }, + { .compatible = "nvidia,tegra186-hda" }, { .compatible = "nvidia,tegra194-hda" }, {}, }; @@ -449,6 +459,8 @@ static int hda_tegra_probe(struct platform_device *pdev) hda->dev = &pdev->dev; chip = &hda->chip; + hda->data = of_device_get_match_data(&pdev->dev); + err = snd_card_new(&pdev->dev, SNDRV_DEFAULT_IDX1, SNDRV_DEFAULT_STR1, THIS_MODULE, 0, &card); if (err < 0) { @@ -456,10 +468,12 @@ static int hda_tegra_probe(struct platform_device *pdev) return err; } - hda->reset = devm_reset_control_array_get_exclusive(&pdev->dev); - if (IS_ERR(hda->reset)) { - err = PTR_ERR(hda->reset); - goto out_free; + if (hda->data && hda->data->do_reset) { + hda->reset = devm_reset_control_array_get_exclusive(&pdev->dev); + if (IS_ERR(hda->reset)) { + err = PTR_ERR(hda->reset); + goto out_free; + } } hda->clocks[hda->nclocks++].id = "hda"; -- 2.7.4

3 years

5
27
0 0

stable-rc/queue/4.4 baseline: 118 runs, 2 regressions (v4.4.295-12-gd8298cd08f0d)

by kernelci.org bot

stable-rc/queue/4.4 baseline: 118 runs, 2 regressions (v4.4.295-12-gd8298cd08f0d) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ minnowboard-turbot-E3826 | x86_64 | lab-collabora | gcc-10 | x86_64_defconfig | 1 minnowboard-turbot-E3826 | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/job/stable-rc/branch/queue%2F4.4/kernel/v4.4.295-… Test: baseline Tree: stable-rc Branch: queue/4.4 Describe: v4.4.295-12-gd8298cd08f0d URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: d8298cd08f0de279cd1522587dfb6047c7de00dc Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ minnowboard-turbot-E3826 | x86_64 | lab-collabora | gcc-10 | x86_64_defconfig | 1 Details: https://kernelci.org/test/plan/id/61c01f39efb3ef8a4b397127 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/queue-4.4/v4.4.295-12-gd8298cd08f0d… HTML log: https://storage.kernelci.org//stable-rc/queue-4.4/v4.4.295-12-gd8298cd08f0d… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2021… * baseline.login: https://kernelci.org/test/case/id/61c01f39efb3ef8a4b397128 failing since 1 day (last pass: v4.4.295-9-g7d306649b59e, first fail: v4.4.295-11-ga3118690cea0) platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ minnowboard-turbot-E3826 | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/61c020a8c947ae45df397122 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/queue-4.4/v4.4.295-12-gd8298cd08f0d… HTML log: https://storage.kernelci.org//stable-rc/queue-4.4/v4.4.295-12-gd8298cd08f0d… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2021… * baseline.login: https://kernelci.org/test/case/id/61c020a8c947ae45df397123 new failure (last pass: v4.4.295-11-g16c28781820e)

3 years

1
0
0 0

[PATCH for-stable] KVM: VMX: clear vmx_x86_ops.sync_pir_to_irr if APICv is disabled

by Paolo Bonzini

commit e90e51d5f01d2baae5dcce280866bbb96816e978 upstream. There is nothing to synchronize if APICv is disabled, since neither other vCPUs nor assigned devices can set PIR.ON. After the patch was committed to Linus's tree, it was observed that this fixes an issue with commit 7e1901f6c86c ("KVM: VMX: prepare sync_pir_to_irr for running with APICv disabled", backported to stable as e.g. commit 70a37e04c08a for the 5.15 tree). Without this patch, vmx_sync_pir_to_irr can be reached with enable_apicv == false, triggering if (KVM_BUG_ON(!enable_apicv, vcpu->kvm)) Fixes: 7e1901f6c86c ("KVM: VMX: prepare sync_pir_to_irr for running with APICv disabled") Cc: stable(a)vger.kernel.org Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> --- arch/x86/kvm/vmx/vmx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index dacdf2395f01..4e212f04268b 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7776,10 +7776,10 @@ static __init int hardware_setup(void) ple_window_shrink = 0; } - if (!cpu_has_vmx_apicv()) { + if (!cpu_has_vmx_apicv()) enable_apicv = 0; + if (!enable_apicv) vmx_x86_ops.sync_pir_to_irr = NULL; - } if (cpu_has_vmx_tsc_scaling()) { kvm_has_tsc_control = true; -- 2.33.1

3 years

2
1
0 0

FAILED: patch "[PATCH] perf inject: Fix segfault due to close without open" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0c8e32fe48f549eef27c8c6b0a63530f83c3a643 Mon Sep 17 00:00:00 2001 From: Adrian Hunter <adrian.hunter(a)intel.com> Date: Mon, 13 Dec 2021 10:48:28 +0200 Subject: [PATCH] perf inject: Fix segfault due to close without open The fixed commit attempts to close inject.output even if it was never opened e.g. $ perf record uname Linux [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.002 MB perf.data (7 samples) ] $ perf inject -i perf.data --vm-time-correlation=dry-run Segmentation fault (core dumped) $ gdb --quiet perf Reading symbols from perf... (gdb) r inject -i perf.data --vm-time-correlation=dry-run Starting program: /home/ahunter/bin/perf inject -i perf.data --vm-time-correlation=dry-run [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x00007eff8afeef5b in _IO_new_fclose (fp=0x0) at iofclose.c:48 48 iofclose.c: No such file or directory. (gdb) bt #0 0x00007eff8afeef5b in _IO_new_fclose (fp=0x0) at iofclose.c:48 #1 0x0000557fc7b74f92 in perf_data__close (data=data@entry=0x7ffcdafa6578) at util/data.c:376 #2 0x0000557fc7a6b807 in cmd_inject (argc=<optimized out>, argv=<optimized out>) at builtin-inject.c:1085 #3 0x0000557fc7ac4783 in run_builtin (p=0x557fc8074878 <commands+600>, argc=4, argv=0x7ffcdafb6a60) at perf.c:313 #4 0x0000557fc7a25d5c in handle_internal_command (argv=<optimized out>, argc=<optimized out>) at perf.c:365 #5 run_argv (argcp=<optimized out>, argv=<optimized out>) at perf.c:409 #6 main (argc=4, argv=0x7ffcdafb6a60) at perf.c:539 (gdb) Fixes: 02e6246f5364d526 ("perf inject: Close inject.output on exit") Signed-off-by: Adrian Hunter <adrian.hunter(a)intel.com> Tested-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: Namhyung Kim <namhyung(a)kernel.org> Cc: Riccardo Mancini <rickyman7(a)gmail.com> Cc: stable(a)vger.kernel.org Link: http://lore.kernel.org/lkml/20211213084829.114772-2-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> diff --git a/tools/perf/builtin-inject.c b/tools/perf/builtin-inject.c index b9d6306cc14e..af70f1c72052 100644 --- a/tools/perf/builtin-inject.c +++ b/tools/perf/builtin-inject.c @@ -1078,7 +1078,8 @@ int cmd_inject(int argc, const char **argv) zstd_fini(&(inject.session->zstd_data)); perf_session__delete(inject.session); out_close_output: - perf_data__close(&inject.output); + if (!inject.in_place_update) + perf_data__close(&inject.output); free(inject.itrace_synth_opts.vm_tm_corr_args); return ret; }

3 years

1
0
0 0

FAILED: patch "[PATCH] perf inject: Fix segfault due to close without open" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0c8e32fe48f549eef27c8c6b0a63530f83c3a643 Mon Sep 17 00:00:00 2001 From: Adrian Hunter <adrian.hunter(a)intel.com> Date: Mon, 13 Dec 2021 10:48:28 +0200 Subject: [PATCH] perf inject: Fix segfault due to close without open The fixed commit attempts to close inject.output even if it was never opened e.g. $ perf record uname Linux [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.002 MB perf.data (7 samples) ] $ perf inject -i perf.data --vm-time-correlation=dry-run Segmentation fault (core dumped) $ gdb --quiet perf Reading symbols from perf... (gdb) r inject -i perf.data --vm-time-correlation=dry-run Starting program: /home/ahunter/bin/perf inject -i perf.data --vm-time-correlation=dry-run [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x00007eff8afeef5b in _IO_new_fclose (fp=0x0) at iofclose.c:48 48 iofclose.c: No such file or directory. (gdb) bt #0 0x00007eff8afeef5b in _IO_new_fclose (fp=0x0) at iofclose.c:48 #1 0x0000557fc7b74f92 in perf_data__close (data=data@entry=0x7ffcdafa6578) at util/data.c:376 #2 0x0000557fc7a6b807 in cmd_inject (argc=<optimized out>, argv=<optimized out>) at builtin-inject.c:1085 #3 0x0000557fc7ac4783 in run_builtin (p=0x557fc8074878 <commands+600>, argc=4, argv=0x7ffcdafb6a60) at perf.c:313 #4 0x0000557fc7a25d5c in handle_internal_command (argv=<optimized out>, argc=<optimized out>) at perf.c:365 #5 run_argv (argcp=<optimized out>, argv=<optimized out>) at perf.c:409 #6 main (argc=4, argv=0x7ffcdafb6a60) at perf.c:539 (gdb) Fixes: 02e6246f5364d526 ("perf inject: Close inject.output on exit") Signed-off-by: Adrian Hunter <adrian.hunter(a)intel.com> Tested-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: Namhyung Kim <namhyung(a)kernel.org> Cc: Riccardo Mancini <rickyman7(a)gmail.com> Cc: stable(a)vger.kernel.org Link: http://lore.kernel.org/lkml/20211213084829.114772-2-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> diff --git a/tools/perf/builtin-inject.c b/tools/perf/builtin-inject.c index b9d6306cc14e..af70f1c72052 100644 --- a/tools/perf/builtin-inject.c +++ b/tools/perf/builtin-inject.c @@ -1078,7 +1078,8 @@ int cmd_inject(int argc, const char **argv) zstd_fini(&(inject.session->zstd_data)); perf_session__delete(inject.session); out_close_output: - perf_data__close(&inject.output); + if (!inject.in_place_update) + perf_data__close(&inject.output); free(inject.itrace_synth_opts.vm_tm_corr_args); return ret; }

3 years

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror December 2021