lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 24 Jun 2016 08:43:45 +0200
From:	Jiri Olsa <jolsa@...hat.com>
To:	Marc Kleine-Budde <mkl@...gutronix.de>
Cc:	Peter Zijlstra <peterz@...radead.org>,
	Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
	Jiri Olsa <jolsa@...nel.org>
Subject: Re: [PATCH] perf: symbols: dso__load(): remove check of file on
 uninitialized memory

On Thu, Jun 23, 2016 at 04:20:21PM +0200, Marc Kleine-Budde wrote:
> In commit "403567217d3f perf symbols: Do not read symbols/data from
> device files" a check to uninitialzied memory was added. This leads to
> the following valgrind output:
> 
> ==24515== Syscall param stat(file_name) points to uninitialised byte(s)
> ==24515==    at 0x75B26D5: _xstat (in /lib/x86_64-linux-gnu/libc-2.22.so)
> ==24515==    by 0x4E548D: stat (stat.h:454)
> ==24515==    by 0x4E548D: is_regular_file (util.c:687)
> ==24515==    by 0x4A5BEE: dso__load (symbol.c:1435)
> ==24515==    by 0x4BB1AE: map__load (map.c:289)
> ==24515==    by 0x4BB1AE: map__find_symbol (map.c:333)
> ==24515==    by 0x4835B3: thread__find_addr_location (event.c:1300)
> ==24515==    by 0x4B5342: add_callchain_ip (machine.c:1652)
> ==24515==    by 0x4B5342: thread__resolve_callchain_sample (machine.c:1906)
> ==24515==    by 0x4B9E7D: thread__resolve_callchain (machine.c:1958)
> ==24515==    by 0x441B3E: process_event (builtin-script.c:795)
> ==24515==    by 0x441B3E: process_sample_event (builtin-script.c:920)
> ==24515==    by 0x4BEE29: perf_evlist__deliver_sample (session.c:1192)
> ==24515==    by 0x4BEE29: machines__deliver_event (session.c:1229)
> ==24515==    by 0x4BF770: perf_session__deliver_event (session.c:1286)
> ==24515==    by 0x4BF770: ordered_events__deliver_event (session.c:114)
> ==24515==    by 0x4C1D17: __ordered_events__flush (ordered-events.c:207)
> ==24515==    by 0x4C1D17: ordered_events__flush.part.3 (ordered-events.c:274)
> ==24515==    by 0x4BF44C: perf_session__process_user_event (session.c:1325)
> ==24515==    by 0x4BF44C: perf_session__process_event (session.c:1451)
> ==24515==  Address 0x807c6a0 is 0 bytes inside a block of size 4,096 alloc'd
> ==24515==    at 0x4C29C0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==24515==    by 0x4A5BCB: dso__load (symbol.c:1421)
> ==24515==    by 0x4BB1AE: map__load (map.c:289)
> ==24515==    by 0x4BB1AE: map__find_symbol (map.c:333)
> ==24515==    by 0x4835B3: thread__find_addr_location (event.c:1300)
> ==24515==    by 0x4B5342: add_callchain_ip (machine.c:1652)
> ==24515==    by 0x4B5342: thread__resolve_callchain_sample (machine.c:1906)
> ==24515==    by 0x4B9E7D: thread__resolve_callchain (machine.c:1958)
> ==24515==    by 0x441B3E: process_event (builtin-script.c:795)
> ==24515==    by 0x441B3E: process_sample_event (builtin-script.c:920)
> ==24515==    by 0x4BEE29: perf_evlist__deliver_sample (session.c:1192)
> ==24515==    by 0x4BEE29: machines__deliver_event (session.c:1229)
> ==24515==    by 0x4BF770: perf_session__deliver_event (session.c:1286)
> ==24515==    by 0x4BF770: ordered_events__deliver_event (session.c:114)
> ==24515==    by 0x4C1D17: __ordered_events__flush (ordered-events.c:207)
> ==24515==    by 0x4C1D17: ordered_events__flush.part.3 (ordered-events.c:274)
> ==24515==    by 0x4BF44C: perf_session__process_user_event (session.c:1325)
> ==24515==    by 0x4BF44C: perf_session__process_event (session.c:1451)
> ==24515==    by 0x4C0EAC: __perf_session__process_events (session.c:1804)
> ==24515==    by 0x4C0EAC: perf_session__process_events (session.c:1858)
> 
> This patch fixes the problem by removing the check.
> 
> Fixes: 403567217d3f perf symbols: Do not read symbols/data from device files
> Signed-off-by: Marc Kleine-Budde <mkl@...gutronix.de>
> ---
>  tools/perf/util/symbol.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
> index 8a747dc6cf86..b4070daeb17f 100644
> --- a/tools/perf/util/symbol.c
> +++ b/tools/perf/util/symbol.c
> @@ -1432,8 +1432,7 @@ int dso__load(struct dso *dso, struct map *map, symbol_filter_t filter)
>  	 * Read the build id if possible. This is required for
>  	 * DSO_BINARY_TYPE__BUILDID_DEBUGINFO to work
>  	 */
> -	if (is_regular_file(name) &&
> -	    filename__read_build_id(dso->long_name, build_id, BUILD_ID_SIZE) > 0)
> +	if (filename__read_build_id(dso->long_name, build_id, BUILD_ID_SIZE) > 0)
>  		dso__set_build_id(dso, build_id);

ouch copy&paste error.. we better fix it properly,
could you please check attached patch?

thanks,
jirka


---
diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
index b044f1a32d16..37e8d20ae03e 100644
--- a/tools/perf/util/symbol.c
+++ b/tools/perf/util/symbol.c
@@ -1430,7 +1430,7 @@ int dso__load(struct dso *dso, struct map *map, symbol_filter_t filter)
 	 * Read the build id if possible. This is required for
 	 * DSO_BINARY_TYPE__BUILDID_DEBUGINFO to work
 	 */
-	if (is_regular_file(name) &&
+	if (is_regular_file(dso->long_name) &&
 	    filename__read_build_id(dso->long_name, build_id, BUILD_ID_SIZE) > 0)
 		dso__set_build_id(dso, build_id);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ