We recently ran into a corrupt perf data file which mostly looked okay
but the section size for data was set to 0. This caused perf report to
get into an infinite loop in __perf_session_process_events(). Let's
just avoid this by bailing early and reporting it if there's an
invalid header.
Signed-off-by: Sonny Rao <[email protected]>
---
tools/perf/util/header.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c
index 26441d0..085ef76 100644
--- a/tools/perf/util/header.c
+++ b/tools/perf/util/header.c
@@ -2582,6 +2582,10 @@ int perf_file_header__read(struct perf_file_header *header,
ph->data_offset = header->data.offset;
ph->data_size = header->data.size;
ph->feat_offset = header->data.offset + header->data.size;
+
+ if (!header->data.size)
+ die("corrupted header, invalid size 0 for data section\n");
+
return 0;
}
--
1.8.4
On 9/25/13 11:20 PM, Sonny Rao wrote:
> We recently ran into a corrupt perf data file which mostly looked okay
> but the section size for data was set to 0. This caused perf report to
> get into an infinite loop in __perf_session_process_events(). Let's
> just avoid this by bailing early and reporting it if there's an
> invalid header.
Been suggested before:
https://lkml.org/lkml/2013/5/9/405
Other changes went in around that time as well. Are you still seeing the
loop on latest source?
David
Em Thu, Sep 26, 2013 at 07:34:56AM -0600, David Ahern escreveu:
> On 9/25/13 11:20 PM, Sonny Rao wrote:
> >We recently ran into a corrupt perf data file which mostly looked okay
> >but the section size for data was set to 0. This caused perf report to
> >get into an infinite loop in __perf_session_process_events(). Let's
> >just avoid this by bailing early and reporting it if there's an
> >invalid header.
>
> Been suggested before:
> https://lkml.org/lkml/2013/5/9/405
Thanks for the pointer (and this latest patch as well), looking at it
now.
- Arnaldo
> Other changes went in around that time as well. Are you still seeing
> the loop on latest source?
>
> David
2013-09-26 (목), 10:46 -0300, Arnaldo Carvalho de Melo:
> Em Thu, Sep 26, 2013 at 07:34:56AM -0600, David Ahern escreveu:
> > On 9/25/13 11:20 PM, Sonny Rao wrote:
> > >We recently ran into a corrupt perf data file which mostly looked okay
> > >but the section size for data was set to 0. This caused perf report to
> > >get into an infinite loop in __perf_session_process_events(). Let's
> > >just avoid this by bailing early and reporting it if there's an
> > >invalid header.
> >
> > Been suggested before:
> > https://lkml.org/lkml/2013/5/9/405
>
> Thanks for the pointer (and this latest patch as well), looking at it
> now.
>
> - Arnaldo
>
> > Other changes went in around that time as well. Are you still seeing
> > the loop on latest source?
Did you mean this?
https://lkml.org/lkml/2013/5/9/670
Thanks,
Namhyung
Em Thu, Sep 26, 2013 at 10:59:37PM +0900, Namhyung Kim escreveu:
> 2013-09-26 (목), 10:46 -0300, Arnaldo Carvalho de Melo:
> > Em Thu, Sep 26, 2013 at 07:34:56AM -0600, David Ahern escreveu:
> > > On 9/25/13 11:20 PM, Sonny Rao wrote:
> > > >We recently ran into a corrupt perf data file which mostly looked okay
> > > >but the section size for data was set to 0. This caused perf report to
> > > >get into an infinite loop in __perf_session_process_events(). Let's
> > > >just avoid this by bailing early and reporting it if there's an
> > > >invalid header.
> > >
> > > Been suggested before:
> > > https://lkml.org/lkml/2013/5/9/405
> >
> > Thanks for the pointer (and this latest patch as well), looking at it
> > now.
> >
> > - Arnaldo
> >
> > > Other changes went in around that time as well. Are you still seeing
> > > the loop on latest source?
>
> Did you mean this?
Not at that moment, but yes, I looked up the discussion and found this,
which I think is sensible, would like just to do some testing, and if
you could submit a patch combining your change with David's, I think it
would be good.
Thanks,
- Arnaldo
> https://lkml.org/lkml/2013/5/9/670
>
>
> Thanks,
> Namhyung
>
On Thu, Sep 26, 2013 at 6:34 AM, David Ahern <[email protected]> wrote:
> On 9/25/13 11:20 PM, Sonny Rao wrote:
>>
>> We recently ran into a corrupt perf data file which mostly looked okay
>> but the section size for data was set to 0. This caused perf report to
>> get into an infinite loop in __perf_session_process_events(). Let's
>> just avoid this by bailing early and reporting it if there's an
>> invalid header.
>
>
> Been suggested before:
> https://lkml.org/lkml/2013/5/9/405
>
> Other changes went in around that time as well. Are you still seeing the
> loop on latest source?
I'm still seeing it on 3.12-rc1. I haven't tested anything newer or
in the perf git tree.
Thanks
>
> David
Hi,
On Thu, 26 Sep 2013 11:06:13 -0300, Arnaldo Carvalho de Melo wrote:
> Em Thu, Sep 26, 2013 at 10:59:37PM +0900, Namhyung Kim escreveu:
>> 2013-09-26 (목), 10:46 -0300, Arnaldo Carvalho de Melo:
>> > Em Thu, Sep 26, 2013 at 07:34:56AM -0600, David Ahern escreveu:
>> > > Other changes went in around that time as well. Are you still seeing
>> > > the loop on latest source?
>>
>> Did you mean this?
>
> Not at that moment, but yes, I looked up the discussion and found this,
> which I think is sensible, would like just to do some testing, and if
> you could submit a patch combining your change with David's, I think it
> would be good.
I'll resend it after some testing.
Thanks,
Namhyung