On Mon, 2013-03-18 at 14:33 +0100, Stephane Eranian wrote: > This patch fixes a flaw in perf_output_space(). In case the size > of the space needed is bigger than the actual buffer size, there > may be situations where the function would return true (i.e., there > is space) when it should not. head > offset due to rounding of the > masking logic. > > The problem can be tested by activating BTS on Intel processors. > A BTS record can be as big as 16 pages. The following command > fails: > > $ perf record -m 4 -c 1 -e branches:u my_test_program > > You will get a buffer corruption with this. Perf report won't be > able to parse the perf.data. > > The fix is to first check that the requested space is smaller than the > buffer size. If so, then the masking logic will work fine. If not, > then > there is no chance the record can be saved and it will be gracefully > handled > by upper code layers. > > In v2, we also make the logic for the writable more explicit by > renaming it to rb->overwrite because it tells whether or not the > buffer can overwrite its tail (suggested by PeterZ). > > Signed-off-by: Stephane Eranian <eran...@google.com> > ---
Acked-by: Peter Zijlstra <a.p.zijls...@chello.nl> Thanks! -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
