Bug#1043238: libpfm4: crashes on initialization on 32bit arm in autopkgtest CI
Package: libpfm4
Version: 4.13.0-1
Severity: important
Tags: patch
Hello,
We are seeing a crash at libpfm initialization in the starpu autopkgtest
CI testsuite. This can be easily reproduced in the autopkgtest CI
environment with:
#include <perfmon/pfmlib.h>
int main(void) {
pfm_initialize();
}
gcc test.c -o test -lpfm
(gdb) r
Starting program: /root/test
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabi/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0xf7f8f4e0 in pfmlib_getl (buffer=buffer@entry=0xfffefab0,
len=len@entry=0xfffefaac, fp=fp@entry=0x403190) at pfmlib_common.c:794
794 b[i] = '\0';
(gdb) bt
#0 0xf7f8f4e0 in pfmlib_getl (buffer=buffer@entry=0xfffefab0,
len=len@entry=0xfffefaac, fp=fp@entry=0x403190) at pfmlib_common.c:794
#1 0xf7f94124 in pfmlib_getcpuinfo_attr (attr=0xf7f977fc "CPU implementer",
ret_buf=0xf7f94124 <pfmlib_getcpuinfo_attr+120> "\020\260\235\345\001",
ret_buf@entry=0xfffefae4 "\304\373\376\367\001", maxlen=128)
at pfmlib_arm.c:78
#2 0xf7f94240 in pfm_arm_detect (this=<optimized out>) at pfmlib_arm.c:156
#3 0xf7f94980 in pfm_arm_detect_cortex_a7 (this=<optimized out>)
at pfmlib_arm_armv7_pmuv1.c:48
#4 0xf7f8fbf4 in pfmlib_init_pmus () at pfmlib_common.c:1139
#5 pfm_initialize () at pfmlib_common.c:1239
#6 0x00400588 in main ()
(gdb) bt full
#0 0xf7f8f4e0 in pfmlib_getl (buffer=buffer@entry=0xfffefac0,
len=len@entry=0xfffefabc, fp=fp@entry=0x403190) at pfmlib_common.c:794
b = 0x0
c = <optimized out>
maxsz = 0
maxi = 4294967294
d = <optimized out>
i = 0
#1 0xf7f94124 in pfmlib_getcpuinfo_attr (attr=0xf7f977fc "CPU implementer",
ret_buf=0xf7f94124 <pfmlib_getcpuinfo_attr+120> "\020\260\235\345\001",
ret_buf@entry=0xfffefaf4 "\304\373\376\367\001", maxlen=128)
at pfmlib_arm.c:78
fp = 0x403190
ret = -1
attr_len = 15
buf_len = 0
p = <optimized out>
value = <optimized out>
buffer = 0x0
#2 0xf7f94240 in pfm_arm_detect (this=<optimized out>) at pfmlib_arm.c:156
ret = <optimized out>
buffer = "\304\373\376\367\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\001\000\000\000X\372\376\367\000\000\000\000\360#\374\367(\374\376\3678\360\376\367", '\000' <repeats 28 times>, "\377\377\377\377HE\370\367\360#\374\367", '\000' <repeats 20 times>, "X\372\376\367\001\377\376\377p\375\376\377LI\000\000x\322\343\367\300\242\373", <incomplete sequence \367>
#3 0xf7f94980 in pfm_arm_detect_cortex_a7 (this=<optimized out>)
at pfmlib_arm_armv7_pmuv1.c:48
ret = <optimized out>
#4 0xf7f8fbf4 in pfmlib_init_pmus () at pfmlib_common.c:1139
p = 0xf7fb75a4 <arm_cortex_a7_support>
i = <optimized out>
ret = 0
nsuccess = -66220
p = <optimized out>
i = <optimized out>
ret = <optimized out>
nsuccess = <optimized out>
__func__ = "pfmlib_init_pmus"
#5 pfm_initialize () at pfmlib_common.c:1239
ret = <optimized out>
__func__ = <optimized out>
#6 0x00400588 in main ()
It seems that it is crashing because /proc/cpuinfo is empty, and thus
pfmlib_getl never allocates a buffer, and the trailing b[i] = '\0' thus
becomes bogus. The attached patch fixes this in my tests.
Samuel
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'oldstable-proposed-updates-debug'), (500, 'oldstable-proposed-updates'), (500, 'oldoldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64
Kernel: Linux 6.4.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libpfm4 depends on:
ii libc6 2.37-6
libpfm4 recommends no packages.
libpfm4 suggests no packages.
-- no debconf information
Cope with empty /proc/cpuinfo file
--- a/lib/pfmlib_common.c
+++ b/lib/pfmlib_common.c
@@ -791,7 +791,8 @@ pfmlib_getl(char **buffer, size_t *len,
if (c == '\n')
break;
}
- b[i] = '\0';
+ if (c != EOF)
+ b[i] = '\0';
return c != EOF ? 0 : -1;
}
--- a/lib/pfmlib_arm.c
+++ b/lib/pfmlib_arm.c
@@ -97,6 +97,8 @@ pfmlib_getcpuinfo_attr(const char *attr,
if (!strncmp(attr, buffer, attr_len))
break;
}
+ if (!value)
+ goto error;
strncpy(ret_buf, value, maxlen-1);
ret_buf[maxlen-1] = '\0';
ret = 0;
Reply to: