登录 注册
开源 企业版 高校版 私有云 模力方舟 模力方舟
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 18

kouwq/blktrace

forked from src-openEuler/blktrace 
代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
0007-blkparse-Fix-a-potential-coredump-issue.patch 4.40 KB
一键复制 编辑 原始数据 按行查看 历史
kouwq 提交于 2025-03-20 18:45 +08:00 . blkparse: Fix a potential coredump issue
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596
From f9bd00dfbd67ce62ca6df6f55d6275b523cd0b39 Mon Sep 17 00:00:00 2001

From: Kou Wenqi <kouwenqi@kylinos.cn>

Date: Wed, 19 Mar 2025 21:02:49 +0800

Subject: [PATCH] blkparse: Fix a potential coredump issue



Executing "blkparse -t" may cause coredump due to

accessing uninitialized memory.



8,16   0     6092     1.436280373 20685  Q   W 15356912 + 4096 [kworker/u256:2]

8,16   0     6093     1.436282093 20685  X   W 15356912 / 15357936 [kworker/u256:2]

8,16   0     6094     1.436282735 20685  G   W 15356912 + 1024 [kworker/u256:2]

8,16   0     6099     1.436358617 20685  X   W 15357936 / 15358960 [kworker/u256:2]

8,16   0     6100     1.436359418 20685  G   W 15357936 + 1024 [kworker/u256:2]

8,16   0     6102     1.436359931 20685  I   W 15356912 + 1024 [kworker/u256:2]

8,16   0     6103     1.436360874 20685  D   W 15356912 + 1024 [kworker/u256:2]

8,16   0     6105     1.436436572 20685  X   W 15358960 / 15359984 [kworker/u256:2]

8,16   0     6106     1.436437679 20685  G   W 15358960 + 1024 [kworker/u256:2]

8,16   0     6108     1.436438205 20685  I   W 15357936 + 1024 [kworker/u256:2]

8,16   0     6109     1.436439368 20685  D   W 15357936 + 1024 [kworker/u256:2]

8,16   0     6111     1.436530404 20685  G   W 15359984 + 1024 [kworker/u256:2]

8,16   0     6113     1.436530842 20685  I   W 15358960 + 1024 [kworker/u256:2]

8,16   0     6114     1.436531748 20685  D   W 15358960 + 1024 [kworker/u256:2]

8,16   0     6120     1.436755261 20685  I   W 15359984 + 1024 [kworker/u256:2]

8,16   0     6121     1.436756476 20685  D   W 15359984 + 1024 [kworker/u256:2]

8,16   0     6128     1.437120354     0  C   W 15356912 + 1024 [0]

8,16   0     6129     1.437121875     0  C   W 15356912 + 2048 [0]



Breakpoint 3, log_track_split (pdi=0x430260, t=0x711990) at blkparse.c:1076

1076            iot = find_track(pdi, t->pid, t->sector);

(gdb) n

1077            split = malloc(sizeof(*iot));

(gdb)

1078            split->req = iot->req;

(gdb) p split

$1 = (struct io_track *) 0x69bdd0

(gdb) p *split

$2 = {rb_node = {rb_parent_color = 6929360, rb_right = 0x0, rb_left = 0xe81bf0}, req = 0x2000d00080000, next = 0x800010000050cd, sector = 2251799813685248}



Program received signal SIGSEGV, Segmentation fault.

0x000000000040bcbc in rb_set_parent (rb=0xe81bf0, p=0x69bbd0) at rbtree.h:133

133             rb->rb_parent_color = (rb->rb_parent_color & 3) | (unsigned long)p;

(gdb) bt

 #0  0x000000000040bcbc in rb_set_parent (rb=0xe81bf0, p=0x69bbd0) at rbtree.h:133

 #1  0x000000000040c724 in rb_erase (node=0x69bdd0, root=0x430418) at rbtree.c:273

 #2  0x0000000000404810 in log_track_complete (pdi=0x430260, t=0x712810) at blkparse.c:1223

 #3  0x00000000004055e4 in log_complete (pdi=0x430260, pci=0x4bc100, t=0x712810, act=0x40cf60 "C") at blkparse.c:1518

 #4  0x0000000000405ea0 in dump_trace_fs (t=0x712810, pdi=0x430260, pci=0x4bc100) at blkparse.c:1680

 #5  0x000000000040604c in dump_trace (t=0x712810, pci=0x4bc100, pdi=0x430260) at blkparse.c:1722

 #6  0x00000000004090e8 in handle (msp=0x433cf0) at blkparse.c:2639

 #7  0x000000000040931c in do_file () at blkparse.c:2712

 #8  0x000000000040a0cc in main (argc=4, argv=0xfffffffff438) at blkparse.c:3045

(gdb) p rb

$3 = (struct rb_node *) 0xe81bf0

(gdb) p *rb

Cannot access memory at address 0xe81bf0

(gdb) up

273                     rb_set_parent(child, parent);

(gdb) p child

$4 = (struct rb_node *) 0xe81bf0

(gdb) p node

$5 = (struct rb_node *) 0x69bdd0

(gdb) p *node

$6 = {rb_parent_color = 6929360, rb_right = 0x0, rb_left = 0xe81bf0}



Signed-off-by: Kou Wenqi <kouwenqi@kylinos.cn>

Link: https://lore.kernel.org/r/tencent_DE806EEE1852F9E79115172254B8A2789207@qq.com

Signed-off-by: Jens Axboe <axboe@kernel.dk>

---

 blkparse.c | 4 ++--

 1 file changed, 2 insertions(+), 2 deletions(-)



diff --git a/blkparse.c b/blkparse.c

index 9d2029a..d6aaa8b 100644

--- a/blkparse.c

+++ b/blkparse.c

@@ -1022,7 +1022,7 @@ static struct io_track *find_track(struct per_dev_info *pdi, pid_t pid,

 	if (!iot) {

 		struct io_track_req *req;

 

-		req = malloc(sizeof(*req) + sizeof(*iot));

+		req = calloc(1, sizeof(*req) + sizeof(*iot));

 		req->ppm = find_ppm(pid);

 		if (!req->ppm)

 			req->ppm = add_ppm_hash(pid, "unknown");

@@ -1106,7 +1106,7 @@ static void log_track_split(struct per_dev_info *pdi, struct blk_io_trace *t)

 	 * parts.

 	 */

 	iot = find_track(pdi, t->pid, t->sector);

-	split = malloc(sizeof(*iot));

+	split = calloc(1, sizeof(*iot));

 	split->req = iot->req;

 	split->next = iot->next;

 	iot->next = split;

-- 

2.43.0
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/kouwq/blktrace.git
git@gitee.com:kouwq/blktrace.git
kouwq
blktrace
blktrace
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
仓库举报
回到顶部