Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1762266AbcLSQwx (ORCPT <rfc822;w@1wt.eu>);
        Mon, 19 Dec 2016 11:52:53 -0500
Received: from ud10.udmedia.de ([194.117.254.50]:34912 "EHLO
        mail.ud10.udmedia.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1757738AbcLSQwq (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 19 Dec 2016 11:52:46 -0500
Date: Mon, 19 Dec 2016 17:52:43 +0100
From: Markus Trippelsdorf <markus@trippelsdorf.de>
To: linux-kernel@vger.kernel.org
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>,
        Ingo Molnar <mingo@redhat.com>
Subject: Re: *** buffer overflow detected ***: /usr/src/linux/tools/perf/perf
 terminated
Message-ID: <20161219165243.GA289@x4>
References: <20161219161821.GA294@x4>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20161219161821.GA294@x4>
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 4130
Lines: 76

On 2016.12.19 at 17:18 +0100, Markus Trippelsdorf wrote:
> Running the latest kernel git tree, I get buffer overflow warnings when
> I try to run "perf top":
> 
> *** buffer overflow detected ***: /usr/src/linux/tools/perf/perf terminated        
> 
> __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
> 51      }
> (gdb) bt
> #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
> #1  0x00007ffff5f29cbb in __GI_abort () at abort.c:89
> #2  0x00007ffff5f6f553 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff6056455 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:175
> #3  0x00007ffff600d8c7 in __GI___fortify_fail (msg=msg@entry=0x7ffff60563ec "buffer overflow detected") at fortify_fail.c:30
> #4  0x00007ffff600b790 in __GI___chk_fail () at chk_fail.c:28
> #5  0x00007ffff600bc35 in __read_chk (fd=fd@entry=3, buf=buf@entry=0x7fffffff48f0, nbytes=nbytes@entry=1572864, buflen=buflen@entry=8192) at read_chk.c:30
> #6  0x00000000004fafc4 in read (__nbytes=1572864, __buf=0x7fffffff48f0, __fd=3) at /usr/include/bits/unistd.h:39
> #7  sysfs__read_build_id (filename=filename@entry=0x7fffffff6940 "/sys/kernel/notes", build_id=build_id@entry=0x1db5e34, size=size@entry=20) at util/symbol-elf.c:540
> #8  0x00000000004a8c22 in dso__read_running_kernel_build_id (dso=dso@entry=0x1db5d70, machine=machine@entry=0x1db5ab8) at util/dso.c:1152
> #9  0x00000000004b875a in machine__get_kernel (machine=machine@entry=0x1db5ab8) at util/machine.c:715
> #10 0x00000000004ba0ab in machine__create_kernel_maps (machine=machine@entry=0x1db5ab8) at util/machine.c:1127
> #11 0x00000000004bf169 in perf_session__create_kernel_maps (session=session@entry=0x1db59d0) at util/session.c:70
> #12 0x00000000004bf43b in perf_session__new (file=file@entry=0x0, repipe=repipe@entry=false, tool=tool@entry=0x0) at util/session.c:154
> #13 0x0000000000441eca in __cmd_top (top=0x7fffffff8a70) at builtin-top.c:925
> #14 cmd_top (argc=<optimized out>, argv=<optimized out>, prefix=<optimized out>) at builtin-top.c:1330
> #15 0x0000000000487481 in run_builtin (p=p@entry=0x679d78 <commands+312>, argc=argc@entry=2, argv=argv@entry=0x7fffffffe4c0) at perf.c:358
> #16 0x0000000000487722 in handle_internal_command (argc=2, argv=0x7fffffffe4c0) at perf.c:420
> #17 0x0000000000487982 in run_argv (argv=0x7fffffffe250, argcp=0x7fffffffe25c) at perf.c:466
> #18 main (argc=<optimized out>, argv=<optimized out>) at perf.c:610
> 
> (gdb) up
> #7  sysfs__read_build_id (filename=filename@entry=0x7fffffff6940 "/sys/kernel/notes", build_id=build_id@entry=0x1db5e34, size=size@entry=20) at util/symbol-elf.c:540
> 540                             if (read(fd, bf, n) != n)
> (gdb) l
> 535                                     }
> 536                             } else if (read(fd, bf, descsz) != (ssize_t)descsz)
> 537                                     break;
> 538                     } else {
> 539                             int n = namesz + descsz;
> 540                             if (read(fd, bf, n) != n)
> 541                                     break;
> 542                     }
> 543             }
> 544             close(fd);
> 
> (gdb) p n
> $4 = 1572864
> (gdb) p BUFSIZ
> $5 = 8192

It only happens when I link my kernel with gold.

(with ld.bfd)
markus@x4 linux % readelf -n vmlinux

Displaying notes found in: .notes
  Owner                 Data size       Description
  GNU                  0x00000014       NT_GNU_BUILD_ID (unique build ID bitstring)
    Build ID: 74b478c2194c0ba07481acf30f6f8781d4ffcdee

(with ld.gold)
markus@x4 linux % readelf -n vmlinux

Displaying notes found in: .note.gnu.build-id
  Owner                 Data size       Description
  GNU                  0x00000014       NT_GNU_BUILD_ID (unique build ID bitstring)
    Build ID: 017ef6e6f8ce3b44332d0baa0767526bb3a77bf8

Displaying notes found in: .note.gnu.gold-version
  Owner                 Data size       Description
  GNU                  0x00000009       NT_GNU_GOLD_VERSION (gold version)
    Version: gold 1.12

And perf than chokes when parsing /sys/kernel/notes.

-- 
Markus