blkparse: Fix a potential coredump issue
Executing "blkparse -t" may cause coredump due to
accessing uninitialized memory.
8,16 0 6092 1.
436280373 20685 Q W
15356912 + 4096 [kworker/u256:2]
8,16 0 6093 1.
436282093 20685 X W
15356912 /
15357936 [kworker/u256:2]
8,16 0 6094 1.
436282735 20685 G W
15356912 + 1024 [kworker/u256:2]
8,16 0 6099 1.
436358617 20685 X W
15357936 /
15358960 [kworker/u256:2]
8,16 0 6100 1.
436359418 20685 G W
15357936 + 1024 [kworker/u256:2]
8,16 0 6102 1.
436359931 20685 I W
15356912 + 1024 [kworker/u256:2]
8,16 0 6103 1.
436360874 20685 D W
15356912 + 1024 [kworker/u256:2]
8,16 0 6105 1.
436436572 20685 X W
15358960 /
15359984 [kworker/u256:2]
8,16 0 6106 1.
436437679 20685 G W
15358960 + 1024 [kworker/u256:2]
8,16 0 6108 1.
436438205 20685 I W
15357936 + 1024 [kworker/u256:2]
8,16 0 6109 1.
436439368 20685 D W
15357936 + 1024 [kworker/u256:2]
8,16 0 6111 1.
436530404 20685 G W
15359984 + 1024 [kworker/u256:2]
8,16 0 6113 1.
436530842 20685 I W
15358960 + 1024 [kworker/u256:2]
8,16 0 6114 1.
436531748 20685 D W
15358960 + 1024 [kworker/u256:2]
8,16 0 6120 1.
436755261 20685 I W
15359984 + 1024 [kworker/u256:2]
8,16 0 6121 1.
436756476 20685 D W
15359984 + 1024 [kworker/u256:2]
8,16 0 6128 1.
437120354 0 C W
15356912 + 1024 [0]
8,16 0 6129 1.
437121875 0 C W
15356912 + 2048 [0]
Breakpoint 3, log_track_split (pdi=0x430260, t=0x711990) at blkparse.c:1076
1076 iot = find_track(pdi, t->pid, t->sector);
(gdb) n
1077 split = malloc(sizeof(*iot));
(gdb)
1078 split->req = iot->req;
(gdb) p split
$1 = (struct io_track *) 0x69bdd0
(gdb) p *split
$2 = {rb_node = {rb_parent_color =
6929360, rb_right = 0x0, rb_left = 0xe81bf0}, req = 0x2000d00080000, next = 0x800010000050cd, sector =
2251799813685248}
Program received signal SIGSEGV, Segmentation fault.
0x000000000040bcbc in rb_set_parent (rb=0xe81bf0, p=0x69bbd0) at rbtree.h:133
133 rb->rb_parent_color = (rb->rb_parent_color & 3) | (unsigned long)p;
(gdb) bt
#0 0x000000000040bcbc in rb_set_parent (rb=0xe81bf0, p=0x69bbd0) at rbtree.h:133
#1 0x000000000040c724 in rb_erase (node=0x69bdd0, root=0x430418) at rbtree.c:273
#2 0x0000000000404810 in log_track_complete (pdi=0x430260, t=0x712810) at blkparse.c:1223
#3 0x00000000004055e4 in log_complete (pdi=0x430260, pci=0x4bc100, t=0x712810, act=0x40cf60 "C") at blkparse.c:1518
#4 0x0000000000405ea0 in dump_trace_fs (t=0x712810, pdi=0x430260, pci=0x4bc100) at blkparse.c:1680
#5 0x000000000040604c in dump_trace (t=0x712810, pci=0x4bc100, pdi=0x430260) at blkparse.c:1722
#6 0x00000000004090e8 in handle (msp=0x433cf0) at blkparse.c:2639
#7 0x000000000040931c in do_file () at blkparse.c:2712
#8 0x000000000040a0cc in main (argc=4, argv=0xfffffffff438) at blkparse.c:3045
(gdb) p rb
$3 = (struct rb_node *) 0xe81bf0
(gdb) p *rb
Cannot access memory at address 0xe81bf0
(gdb) up
273 rb_set_parent(child, parent);
(gdb) p child
$4 = (struct rb_node *) 0xe81bf0
(gdb) p node
$5 = (struct rb_node *) 0x69bdd0
(gdb) p *node
$6 = {rb_parent_color =
6929360, rb_right = 0x0, rb_left = 0xe81bf0}
Signed-off-by: Kou Wenqi <kouwenqi@kylinos.cn>
Link: https://lore.kernel.org/r/tencent_DE806EEE1852F9E79115172254B8A2789207@qq.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
projects / blktrace.git / commit