Perf does not build with the ubsan (undefined behavior sanitizer)
and there is an error that says:
tools/perf/util/debug.h:38:2:
error: array subscript is above array bounds [-Werror=array-bounds]
eprintf_time(n, var, t, fmt, ##__VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tools/perf/util/debug.h:40:34:
note: in expansion of macro ‘pr_time_N’
#define pr_oe_time(t, fmt, ...) pr_time_N(1, debug_ordered_events,
t, pr_fmt(fmt), ##__VA_ARGS__)
util/ordered-events.c:329:2: note: in expansion of macro ‘pr_oe_time’
pr_oe_time(oe->next_flush, "next_flush - ordered_events__flush
POST %s, nr_events %u\n",
This can be reproduced by running (from the tip directory):
make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
The error stems from the 'str' array in the __ordered_events__flush
function in tools/perf/util/ordered-events.c. On line 319 of this
file, they use values of the variable 'how' (which has the type enum
oeflush - defined in ordered-events.h) as indices for the 'str' array.
Since 'how' has 5 values and the 'str' array only has 3, when the 4th
and 5th values of 'how' (OE_FLUSH__TOP and OE_FLUSH__TIME) are used as
indices, this will go out of the bounds of the 'str' array.
Adding the matching strings from the enum values into the 'str' array
fixes this.
Signed-off-by: Numfor Mbiziwo-Tiapo <[email protected]>
---
tools/perf/util/ordered-events.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/perf/util/ordered-events.c b/tools/perf/util/ordered-events.c
index 897589507d97..c092b0c39d2b 100644
--- a/tools/perf/util/ordered-events.c
+++ b/tools/perf/util/ordered-events.c
@@ -270,6 +270,8 @@ static int __ordered_events__flush(struct ordered_events *oe, enum oe_flush how,
"FINAL",
"ROUND",
"HALF ",
+ "TOP",
+ "TIME",
};
int err;
bool show_progress = false;
--
2.22.0.657.g960e92d24f-goog
Em Wed, Jul 24, 2019 at 11:45:11AM -0700, Numfor Mbiziwo-Tiapo escreveu:
> Perf does not build with the ubsan (undefined behavior sanitizer)
> and there is an error that says:
>
> tools/perf/util/debug.h:38:2:
> error: array subscript is above array bounds [-Werror=array-bounds]
> eprintf_time(n, var, t, fmt, ##__VA_ARGS__)
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> tools/perf/util/debug.h:40:34:
> note: in expansion of macro ‘pr_time_N’
> #define pr_oe_time(t, fmt, ...) pr_time_N(1, debug_ordered_events,
> t, pr_fmt(fmt), ##__VA_ARGS__)
>
> util/ordered-events.c:329:2: note: in expansion of macro ‘pr_oe_time’
> pr_oe_time(oe->next_flush, "next_flush - ordered_events__flush
> POST %s, nr_events %u\n",
>
> This can be reproduced by running (from the tip directory):
> make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
>
> The error stems from the 'str' array in the __ordered_events__flush
> function in tools/perf/util/ordered-events.c. On line 319 of this
> file, they use values of the variable 'how' (which has the type enum
> oeflush - defined in ordered-events.h) as indices for the 'str' array.
> Since 'how' has 5 values and the 'str' array only has 3, when the 4th
> and 5th values of 'how' (OE_FLUSH__TOP and OE_FLUSH__TIME) are used as
> indices, this will go out of the bounds of the 'str' array.
> Adding the matching strings from the enum values into the 'str' array
> fixes this.
^[[acme@quaco perf]$ patch -p1 < /wb/1.patch
patching file tools/perf/util/ordered-events.c
patch: **** malformed patch at line 146: s *oe, enum oe_flush how,
[acme@quaco perf]$ git dif
Applying by hand
> Signed-off-by: Numfor Mbiziwo-Tiapo <[email protected]>
> ---
> tools/perf/util/ordered-events.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/tools/perf/util/ordered-events.c b/tools/perf/util/ordered-events.c
> index 897589507d97..c092b0c39d2b 100644
> --- a/tools/perf/util/ordered-events.c
> +++ b/tools/perf/util/ordered-events.c
> @@ -270,6 +270,8 @@ static int __ordered_events__flush(struct ordered_events *oe, enum oe_flush how,
> "FINAL",
> "ROUND",
> "HALF ",
> + "TOP",
> + "TIME",
> };
> int err;
> bool show_progress = false;
> --
> 2.22.0.657.g960e92d24f-goog
--
- Arnaldo
Em Wed, Jul 24, 2019 at 11:45:11AM -0700, Numfor Mbiziwo-Tiapo escreveu:
> Perf does not build with the ubsan (undefined behavior sanitizer)
> and there is an error that says:
>
> tools/perf/util/debug.h:38:2:
> error: array subscript is above array bounds [-Werror=array-bounds]
> eprintf_time(n, var, t, fmt, ##__VA_ARGS__)
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> tools/perf/util/debug.h:40:34:
> note: in expansion of macro ‘pr_time_N’
> #define pr_oe_time(t, fmt, ...) pr_time_N(1, debug_ordered_events,
> t, pr_fmt(fmt), ##__VA_ARGS__)
>
> util/ordered-events.c:329:2: note: in expansion of macro ‘pr_oe_time’
> pr_oe_time(oe->next_flush, "next_flush - ordered_events__flush
> POST %s, nr_events %u\n",
>
> This can be reproduced by running (from the tip directory):
> make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
>
> The error stems from the 'str' array in the __ordered_events__flush
> function in tools/perf/util/ordered-events.c. On line 319 of this
> file, they use values of the variable 'how' (which has the type enum
> oeflush - defined in ordered-events.h) as indices for the 'str' array.
> Since 'how' has 5 values and the 'str' array only has 3, when the 4th
> and 5th values of 'how' (OE_FLUSH__TOP and OE_FLUSH__TIME) are used as
> indices, this will go out of the bounds of the 'str' array.
> Adding the matching strings from the enum values into the 'str' array
> fixes this.
>
> Signed-off-by: Numfor Mbiziwo-Tiapo <[email protected]>
> ---
> tools/perf/util/ordered-events.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/tools/perf/util/ordered-events.c b/tools/perf/util/ordered-events.c
> index 897589507d97..c092b0c39d2b 100644
> --- a/tools/perf/util/ordered-events.c
> +++ b/tools/perf/util/ordered-events.c
> @@ -270,6 +270,8 @@ static int __ordered_events__flush(struct ordered_events *oe, enum oe_flush how,
> "FINAL",
> "ROUND",
> "HALF ",
> + "TOP",
> + "TIME",
> };
> int err;
> bool show_progress = false;
Humm, this was fixed already by:
commit 1e5b0cf8672e622257df024074e6e09bfbcb7750
Author: Changbin Du <[email protected]>
Date: Sat Mar 16 16:05:52 2019 +0800
perf top: Fix global-buffer-overflow issue
The array str[] should have six elements.
=================================================================
==4322==ERROR: AddressSanitizer: global-buffer-overflow on address 0x56463844e300 at pc 0x564637e7ad0d bp 0x7f30c8c89d10 sp 0x7f30c8c89d00
READ of size 8 at 0x56463844e300 thread T9
#0 0x564637e7ad0c in __ordered_events__flush util/ordered-events.c:316
#1 0x564637e7b0e4 in ordered_events__flush util/ordered-events.c:338
#2 0x564637c6a57d in process_thread /home/changbin/work/linux/tools/perf/builtin-top.c:1073
#3 0x7f30d173a163 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8163)
#4 0x7f30cfffbdee in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11adee)