From: tip-bot for Changbin Du <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: tglx@linutronix.de, daniel@iogearbox.net, changbin.du@gmail.com,
linux-kernel@vger.kernel.org, jolsa@kernel.org,
namhyung@kernel.org, rostedt@goodmis.org, ast@kernel.org,
hpa@zytor.com, mingo@kernel.org, peterz@infradead.org,
acme@redhat.com
Subject: [tip:perf/urgent] perf top: Fix global-buffer-overflow issue
Date: Fri, 22 Mar 2019 15:31:55 -0700 [thread overview]
Message-ID: <tip-1e5b0cf8672e622257df024074e6e09bfbcb7750@git.kernel.org> (raw)
In-Reply-To: <20190316080556.3075-13-changbin.du@gmail.com>
Commit-ID: 1e5b0cf8672e622257df024074e6e09bfbcb7750
Gitweb: https://git.kernel.org/tip/1e5b0cf8672e622257df024074e6e09bfbcb7750
Author: Changbin Du <changbin.du@gmail.com>
AuthorDate: Sat, 16 Mar 2019 16:05:52 +0800
Committer: Arnaldo Carvalho de Melo <acme@redhat.com>
CommitDate: Tue, 19 Mar 2019 16:52:05 -0300
perf top: Fix global-buffer-overflow issue
The array str[] should have six elements.
=================================================================
==4322==ERROR: AddressSanitizer: global-buffer-overflow on address 0x56463844e300 at pc 0x564637e7ad0d bp 0x7f30c8c89d10 sp 0x7f30c8c89d00
READ of size 8 at 0x56463844e300 thread T9
#0 0x564637e7ad0c in __ordered_events__flush util/ordered-events.c:316
#1 0x564637e7b0e4 in ordered_events__flush util/ordered-events.c:338
#2 0x564637c6a57d in process_thread /home/changbin/work/linux/tools/perf/builtin-top.c:1073
#3 0x7f30d173a163 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8163)
#4 0x7f30cfffbdee in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11adee)
0x56463844e300 is located 32 bytes to the left of global variable 'flags' defined in 'util/trace-event-parse.c:229:26' (0x56463844e320) of size 192
0x56463844e300 is located 0 bytes to the right of global variable 'str' defined in 'util/ordered-events.c:268:28' (0x56463844e2e0) of size 32
SUMMARY: AddressSanitizer: global-buffer-overflow util/ordered-events.c:316 in __ordered_events__flush
Shadow bytes around the buggy address:
0x0ac947081c10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081c20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081c30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081c40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081c50: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 00 00
=>0x0ac947081c60:[f9]f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081c70: 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 f9 f9
0x0ac947081c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081c90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081ca0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0ac947081cb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Thread T9 created by T0 here:
#0 0x7f30d179de5f in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x4ae5f)
#1 0x564637c6b954 in __cmd_top /home/changbin/work/linux/tools/perf/builtin-top.c:1253
#2 0x564637c7173c in cmd_top /home/changbin/work/linux/tools/perf/builtin-top.c:1642
#3 0x564637d85038 in run_builtin /home/changbin/work/linux/tools/perf/perf.c:302
#4 0x564637d85577 in handle_internal_command /home/changbin/work/linux/tools/perf/perf.c:354
#5 0x564637d8597b in run_argv /home/changbin/work/linux/tools/perf/perf.c:398
#6 0x564637d860e9 in main /home/changbin/work/linux/tools/perf/perf.c:520
#7 0x7f30cff0509a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
Signed-off-by: Changbin Du <changbin.du@gmail.com>
Reviewed-by: Jiri Olsa <jolsa@kernel.org>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Jiri Olsa <jolsa@kernel.org>
Fixes: 16c66bc167cc ("perf top: Add processing thread")
Fixes: 68ca5d07de20 ("perf ordered_events: Add ordered_events__flush_time interface")
Link: http://lkml.kernel.org/r/20190316080556.3075-13-changbin.du@gmail.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
tools/perf/util/ordered-events.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/perf/util/ordered-events.c b/tools/perf/util/ordered-events.c
index ea523d3b248f..989fed6f43b5 100644
--- a/tools/perf/util/ordered-events.c
+++ b/tools/perf/util/ordered-events.c
@@ -270,6 +270,8 @@ static int __ordered_events__flush(struct ordered_events *oe, enum oe_flush how,
"FINAL",
"ROUND",
"HALF ",
+ "TOP ",
+ "TIME ",
};
int err;
bool show_progress = false;
next prev parent reply other threads:[~2019-03-22 22:32 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-16 8:05 [PATCH 00/16] fix some perf issues detected by ASan Changbin Du
2019-03-16 8:05 ` [PATCH 01/16] perf: add doc for how to build perf with Asan and UBSan Changbin Du
2019-03-18 10:07 ` Jiri Olsa
2019-03-18 20:08 ` Arnaldo Carvalho de Melo
2019-03-20 12:00 ` Changbin Du
2019-03-20 11:58 ` Changbin Du
2019-03-22 22:24 ` [tip:perf/urgent] perf tools: Add doc about " tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 02/16] perf: list: fix memory leak in function is_event_supported Changbin Du
2019-03-22 22:25 ` [tip:perf/urgent] perf list: Don't forget to drop the reference to the allocated thread_map tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 03/16] perf: fix errors under optimization level '-Og' Changbin Du
2019-03-22 22:26 ` [tip:perf/urgent] perf tools: Fix " tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 04/16] perf: fix an error in config template Changbin Du
2019-03-22 22:26 ` [tip:perf/urgent] perf config: Fix an error in the config template documentation tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 05/16] perf: fix a memory leak in collect_config Changbin Du
2019-03-22 22:27 ` [tip:perf/urgent] perf config: Fix a memory leak in collect_config() tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 06/16] perf: fix memory leak in print_sdt_events() Changbin Du
2019-03-22 22:27 ` [tip:perf/urgent] perf build-id: Fix " tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 07/16] perf: top: fix heap-use-after-free issue Changbin Du
2019-03-18 10:08 ` Jiri Olsa
2019-03-22 22:28 ` [tip:perf/urgent] perf top: Delete the evlist before perf_session, fixing " tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 08/16] perf: top: fix error handing in cmd_top() Changbin Du
2019-03-22 22:29 ` [tip:perf/urgent] perf top: Fix error handling " tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 09/16] perf: missed a map__put() in error case Changbin Du
2019-03-22 22:29 ` [tip:perf/urgent] perf hist: Add missing " tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 10/16] perf: remove map from names tree in __maps__remove Changbin Du
2019-03-22 22:30 ` [tip:perf/urgent] perf map: Remove map from 'names' tree in __maps__remove() tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 11/16] perf: purge all maps from the names tree Changbin Du
2019-03-22 22:31 ` [tip:perf/urgent] perf maps: Purge all maps from the 'names' tree tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 12/16] perf: top: fix global-buffer-overflow issue Changbin Du
2019-03-22 22:31 ` tip-bot for Changbin Du [this message]
2019-03-16 8:05 ` [PATCH 13/16] perf: free all counts in perf_evsel__exit Changbin Du
2019-03-18 19:39 ` Arnaldo Carvalho de Melo
2019-03-16 8:05 ` [PATCH 14/16] perf: fix a memory leak of cpu_map object Changbin Du
2019-03-22 22:33 ` [tip:perf/urgent] perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 15/16] perf: fix memory leak by expr__find_other Changbin Du
2019-03-22 22:33 ` [tip:perf/urgent] perf tests: Fix memory leak by expr__find_other() in test__expr() tip-bot for Changbin Du
2019-03-16 8:05 ` [PATCH 16/16] perf: fix a memory leak in test__perf_evsel__tp_sched_test Changbin Du
2019-03-22 22:34 ` [tip:perf/urgent] perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() tip-bot for Changbin Du
2019-03-18 10:08 ` [PATCH 00/16] fix some perf issues detected by ASan Jiri Olsa
2019-03-18 16:16 ` Arnaldo Carvalho de Melo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-1e5b0cf8672e622257df024074e6e09bfbcb7750@git.kernel.org \
--to=tipbot@zytor.com \
--cc=acme@redhat.com \
--cc=ast@kernel.org \
--cc=changbin.du@gmail.com \
--cc=daniel@iogearbox.net \
--cc=hpa@zytor.com \
--cc=jolsa@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=namhyung@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.