Package: libpfm4 Version: 4.13.0-1 Severity: important Tags: patch Hello,
We are seeing a crash at libpfm initialization in the starpu autopkgtest CI testsuite. This can be easily reproduced in the autopkgtest CI environment with: #include <perfmon/pfmlib.h> int main(void) { pfm_initialize(); } gcc test.c -o test -lpfm (gdb) r Starting program: /root/test [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/arm-linux-gnueabi/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0xf7f8f4e0 in pfmlib_getl (buffer=buffer@entry=0xfffefab0, len=len@entry=0xfffefaac, fp=fp@entry=0x403190) at pfmlib_common.c:794 794 b[i] = '\0'; (gdb) bt #0 0xf7f8f4e0 in pfmlib_getl (buffer=buffer@entry=0xfffefab0, len=len@entry=0xfffefaac, fp=fp@entry=0x403190) at pfmlib_common.c:794 #1 0xf7f94124 in pfmlib_getcpuinfo_attr (attr=0xf7f977fc "CPU implementer", ret_buf=0xf7f94124 <pfmlib_getcpuinfo_attr+120> "\020\260\235\345\001", ret_buf@entry=0xfffefae4 "\304\373\376\367\001", maxlen=128) at pfmlib_arm.c:78 #2 0xf7f94240 in pfm_arm_detect (this=<optimized out>) at pfmlib_arm.c:156 #3 0xf7f94980 in pfm_arm_detect_cortex_a7 (this=<optimized out>) at pfmlib_arm_armv7_pmuv1.c:48 #4 0xf7f8fbf4 in pfmlib_init_pmus () at pfmlib_common.c:1139 #5 pfm_initialize () at pfmlib_common.c:1239 #6 0x00400588 in main () (gdb) bt full #0 0xf7f8f4e0 in pfmlib_getl (buffer=buffer@entry=0xfffefac0, len=len@entry=0xfffefabc, fp=fp@entry=0x403190) at pfmlib_common.c:794 b = 0x0 c = <optimized out> maxsz = 0 maxi = 4294967294 d = <optimized out> i = 0 #1 0xf7f94124 in pfmlib_getcpuinfo_attr (attr=0xf7f977fc "CPU implementer", ret_buf=0xf7f94124 <pfmlib_getcpuinfo_attr+120> "\020\260\235\345\001", ret_buf@entry=0xfffefaf4 "\304\373\376\367\001", maxlen=128) at pfmlib_arm.c:78 fp = 0x403190 ret = -1 attr_len = 15 buf_len = 0 p = <optimized out> value = <optimized out> buffer = 0x0 #2 0xf7f94240 in pfm_arm_detect (this=<optimized out>) at pfmlib_arm.c:156 ret = <optimized out> buffer = "\304\373\376\367\001\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\001\000\000\000X\372\376\367\000\000\000\000\360#\374\367(\374\376\3678\360\376\367", '\000' <repeats 28 times>, "\377\377\377\377HE\370\367\360#\374\367", '\000' <repeats 20 times>, "X\372\376\367\001\377\376\377p\375\376\377LI\000\000x\322\343\367\300\242\373", <incomplete sequence \367> #3 0xf7f94980 in pfm_arm_detect_cortex_a7 (this=<optimized out>) at pfmlib_arm_armv7_pmuv1.c:48 ret = <optimized out> #4 0xf7f8fbf4 in pfmlib_init_pmus () at pfmlib_common.c:1139 p = 0xf7fb75a4 <arm_cortex_a7_support> i = <optimized out> ret = 0 nsuccess = -66220 p = <optimized out> i = <optimized out> ret = <optimized out> nsuccess = <optimized out> __func__ = "pfmlib_init_pmus" #5 pfm_initialize () at pfmlib_common.c:1239 ret = <optimized out> __func__ = <optimized out> #6 0x00400588 in main () It seems that it is crashing because /proc/cpuinfo is empty, and thus pfmlib_getl never allocates a buffer, and the trailing b[i] = '\0' thus becomes bogus. The attached patch fixes this in my tests. Samuel -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'oldstable-proposed-updates-debug'), (500, 'oldstable-proposed-updates'), (500, 'oldoldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 6.4.0-1-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libpfm4 depends on: ii libc6 2.37-6 libpfm4 recommends no packages. libpfm4 suggests no packages. -- no debconf information
Cope with empty /proc/cpuinfo file --- a/lib/pfmlib_common.c +++ b/lib/pfmlib_common.c @@ -791,7 +791,8 @@ pfmlib_getl(char **buffer, size_t *len, if (c == '\n') break; } - b[i] = '\0'; + if (c != EOF) + b[i] = '\0'; return c != EOF ? 0 : -1; } --- a/lib/pfmlib_arm.c +++ b/lib/pfmlib_arm.c @@ -97,6 +97,8 @@ pfmlib_getcpuinfo_attr(const char *attr, if (!strncmp(attr, buffer, attr_len)) break; } + if (!value) + goto error; strncpy(ret_buf, value, maxlen-1); ret_buf[maxlen-1] = '\0'; ret = 0;