From e10e4ef63b54912feffb1dc48ff7d03d931b1647 Mon Sep 17 00:00:00 2001 From: Wang Nan Date: Wed, 25 May 2016 13:44:49 +0000 Subject: [PATCH] perf evlist: Check 'base' pointer before checking refcnt when put a mmap evlist->mmap[i]->refcnt could be 0 if an evlist has no evsel or if all evsels don't match the evlist during mmap. For example, when all evsels are overwritable but the evlist itself is normal. To avoid crashing, perf should check 'base' pointer before checking refcnt, and raise bug only when base is not NULL. Signed-off-by: Wang Nan Cc: He Kuang Cc: Jiri Olsa Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Zefan Li Cc: pi3orama@163.com Link: http://lkml.kernel.org/r/1464183898-174512-2-git-send-email-wangnan0@huawei.com [ Renamed 'mmap' variable, it is reserved in old distros such as Ubuntu 12.04, breaking the build ] Signed-off-by: Arnaldo Carvalho de Melo --- tools/perf/util/evlist.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tools/perf/util/evlist.c b/tools/perf/util/evlist.c index 50d7b80987c0..58ede3257c61 100644 --- a/tools/perf/util/evlist.c +++ b/tools/perf/util/evlist.c @@ -856,9 +856,11 @@ static void perf_evlist__mmap_get(struct perf_evlist *evlist, int idx) static void perf_evlist__mmap_put(struct perf_evlist *evlist, int idx) { - BUG_ON(atomic_read(&evlist->mmap[idx].refcnt) == 0); + struct perf_mmap *md = &evlist->mmap[idx]; + + BUG_ON(md->base && atomic_read(&md->refcnt) == 0); - if (atomic_dec_and_test(&evlist->mmap[idx].refcnt)) + if (atomic_dec_and_test(&md->refcnt)) __perf_evlist__munmap(evlist, idx); } -- 2.20.1