From nobody Wed Jun 07 14:26:56 2023 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QbqRP3JvQz4Zrpc for ; Wed, 7 Jun 2023 14:26:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QbqRP0dFgz4N7F for ; Wed, 7 Jun 2023 14:26:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1686148017; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=i1rmPjkiOEdor7ZuV+YEpBOHU5FUcMdM6yjmPcfxCtU=; b=PcYRcwLXz1DOutbzw54bheOPqslGSsC+xS9QG9o3V2W7WeNPG3WLOZhNu+4GVGs4ZeCBPS Pqp3y7TjCgHU6u6XIQgfiSFVAdhx2HXQWj4oTx9Q56/JXGvykzPW9/CEo4G4KSq/SVWnCQ kelo59T23w8f1uExxQEvVLKjx+N9QK+5AyjJ/JzCtcO9ApICuv+ZihRVOMRmFiR/mr+X/J 8TTcjDKQh93yg9lGUB8j88KK+2iZaPYeQi4DpGSYdHFe09yDI4Hl2LYs2x2SK40p9FH/gE ALTUKtpowAyhZSrWO0W5C97MtNXgToiKyXTmzXKMQ0Giyz9SoIFVtCpBCyc+nw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1686148017; a=rsa-sha256; cv=none; b=hUS37xC0PpKipRF3Vz08o6qXN1w1KG/LcCgfSLuYQk2G8cOMF3OOkOgm2AoT4IDVbkkFol 4vUyzDk9cOnA+tFImB0ATPI7RDLnjA+L0LzUKDgCBV9QMa/on77ow3wtC/Idpz/AcbOYBu ISf3mMND/hmKwjNs1PckClKJBmRZEfdaNU5UST4OFPRfZYXKO4gJCTMhI48dzL/lLLpzsF VnfVwtRdsn6oK3buvCanjxDT/kybvegL0O/IxzAosesAaYzFM8yhpSbcMCJJss0jayWAnD nQ1UnE9G1ZjNlX8cVqTvc3ETe6toT/UEVpbfJVM78Vy54g8Bcrt7MH7iUzvJ9A== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QbqRN6r48zFk8 for ; Wed, 7 Jun 2023 14:26:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 357EQuJV058746 for ; Wed, 7 Jun 2023 14:26:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 357EQuQU058745 for bugs@FreeBSD.org; Wed, 7 Jun 2023 14:26:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 268857] pmcstat crashes on particular event/CPU combination Date: Wed, 07 Jun 2023 14:26:56 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 13.1-STABLE X-Bugzilla-Keywords: crash X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D268857 --- Comment #1 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D21f7397a61f7bff61a1221cc6340cd980= a922540 commit 21f7397a61f7bff61a1221cc6340cd980a922540 Author: Jessica Clarke AuthorDate: 2023-06-07 14:21:18 +0000 Commit: Jessica Clarke CommitDate: 2023-06-07 14:24:29 +0000 libpmc: Handle PMCALLOCATE log with PMC code on PMU event system On an arm64 system that reports as a Cortex A72 r0p3, running pmcstat -P CPU_CYCLES command works, but pmcstat -P cpu-cycles command does not. This is because the former uses the PMU event from the JSON source, resulting in pl_event in the log event being a small index (here, 5) into the generated events table, whilst the latter does not match any of the JSON events and falls back on PMC's own tables, mapping it to the PMC event 0x14111, i.e. PMC_EV_ARMV8_EVENT_11H. Then, when libpmc gets the PMCALLOCATE event, it tries to use the event as an index into the JSON-derived table, but doing so only makes sense for the former, whilst for the latter it will go way out of bounds and either read junk (which may trigger the !=3D NULL assertion) or segfault. As f= ar as I can tell we don't have anything lying around to tell us which of the two cases we're in, but we can exploit the fact that the first 0x1000 PMC event codes are reserved, and that none of our PMU events tables reach that number of entries yet. PR: 268857 Reviewed by: mhorne MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D39592 lib/libpmc/libpmc.c | 9 ++++++++- lib/libpmc/pmclog.c | 27 +++++++++++++++++++++------ 2 files changed, 29 insertions(+), 7 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=