Re: [PATCH] perf mmap: Fix accessing unmapped mmap in perf_mmap__read_done()

[Arnaldo Carvalho de Melo]

Em Mon, Mar 26, 2018 at 09:42:09AM -0400, kan.liang@xxxxxxxxxxxxxxx escreveu:
> From: Kan Liang <kan.liang@xxxxxxxxxxxxxxx>
> 
> There is segmentation fault when running perf trace. For example,
>   [root@jouet e]# perf trace -e *chdir -o /tmp/bla perf report
>   --ignore-vmlinux -i ../perf.data
> 
> The perf_mmap__consume() could unmap the mmap. It needs to check the
> refcnt in perf_mmap__read_done().
> 
> Fixes: ee023de05f35 ("perf mmap: Introduce perf_mmap__read_done()")
> Reported-by: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
> Signed-off-by: Kan Liang <kan.liang@xxxxxxxxxxxxxxx>

Seems insuficient:

[root@jouet ~]# perf trace -e *chdir -o /tmp/bla perf report --ignore-vmlinux
perf: Segmentation fault
Obtained 9 stack frames.
perf(sighandler_dump_stack+0x3e) [0x4fe31e]
/lib64/libc.so.6(+0x346df) [0x7fc0c3ced6df]
perf(perf_mmap__read_init+0x26) [0x4ccd06]
perf(cmd_trace+0x1bf6) [0x47bb76]
perf() [0x4a824e]
perf() [0x4a8550]
perf(main+0x331) [0x42bef1]
/lib64/libc.so.6(__libc_start_main+0xe9) [0x7fc0c3cd9f29]
perf(_start+0x29) [0x42c319]
Segmentation fault (core dumped)
[root@jouet ~]#

- Arnaldo