Received: by 2002:ac0:aa62:0:0:0:0:0 with SMTP id w31-v6csp1950521ima;
        Thu, 25 Oct 2018 07:28:05 -0700 (PDT)
X-Google-Smtp-Source: AJdET5fKJ0JcEAE2GlmLPYem4aSbDY/Zee1t5qsIvNX67yEX8B/KPgi0uVsHkWVxaXYs8H01JgTz
X-Received: by 2002:a63:24c2:: with SMTP id k185mr1642787pgk.406.1540477685345;
        Thu, 25 Oct 2018 07:28:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1540477685; cv=none;
        d=google.com; s=arc-20160816;
        b=KKubIcNjyKU+DcO6A6J7SXCn2s52DB5ziA6BdjkIxyk6v0jftdYx2k8yizBq3QmOIz
         bXfK07iNlFNa87gq8chcGbkLQBerne1XclEWSXQl2PHYfoye6AktZVkveoXCCVlafuAY
         B1LASDHuiASqpy0Q6amNsPgzSW25e8OLABaYqMWYfGzhGRvtpe0v/DG/mt+V1eIiAZIP
         +IWeJAP2sMQgHqL4i8BDly8mIqfIIaRBjViq9pn9iYBV087claWFkF66Q/F5Ynno/ztB
         SoQc2ugghoemBy4gvsqr0U0eURrNj3iVWDW7wrvFJQnrZsf1jnEF67BFFHTWCCEb15lN
         oWSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature;
        bh=LtWZQz5xJNPP2dPv3y8a+06XDdlUkqqUmgYzR0cCCEU=;
        b=qekr63eWwznz/oLohoYSlGvIkmUbs0zYqtPPN3H60bGAEed88t16OboWR2Ir6lrbxc
         UWysvZjhULzJQGSN4IZZPY43jtn3N45a1Z9KCyr6MF/SL4rX/AapRe2984ARsWM6Enf7
         cus65HCTzCUrR0gTJdBndnmivJDMaFwZKB8Z6ngDXX2nLe7axhzXPli21nWgqFObPSEa
         Ffa6XwdTO0hWMwJIuFtpani5FDUoi6FDwATegqWiFprk8ReS9rcKPUsO9WFl1umv+C2p
         8rPjX+tDnce1kS0u6+qZoFWrmrJOuFidUYqW793+6/VV/PUlCEulZj3TBPsOXRnqjBhB
         2k2w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=laNglynV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a12-v6si7596341pls.391.2018.10.25.07.27.06;
        Thu, 25 Oct 2018 07:28:05 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=laNglynV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730868AbeJYWxG (ORCPT <rfc822;morganleezd2003@gmail.com>
        + 99 others); Thu, 25 Oct 2018 18:53:06 -0400
Received: from mail.kernel.org ([198.145.29.99]:35464 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1730254AbeJYWxG (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Oct 2018 18:53:06 -0400
Received: from sasha-vm.mshome.net (unknown [167.98.65.38])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 98EEA20883;
        Thu, 25 Oct 2018 14:20:06 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1540477208;
        bh=iQjQNNIs9vsB+VPE1SKiWWp25NvEEILcCig6mdIzkl4=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=laNglynVbdRblHrmErEBq7+L8gD7mj7dyH4DHBHhGmOvGfEaFr7FgoFmUxyHI5Jfd
         Cz2VgOArrvaOVSOUds/tw27cCp85H9crUAgcDj+oGxbpVxA1UXPkOU97/f+RzIVlUH
         nalJ+nOYvZwerMTzXoVVBjb7iLxyFsbX8LN11d9o=
From:   Sasha Levin <sashal@kernel.org>
To:     stable@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     Namhyung Kim <namhyung@kernel.org>,
        David Ahern <dsahern@gmail.com>,
        Ingo Molnar <mingo@kernel.org>, Jiri Olsa <jolsa@redhat.com>,
        Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>,
        Peter Zijlstra <a.p.zijlstra@chello.nl>,
        Arnaldo Carvalho de Melo <acme@redhat.com>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 3.18 48/98] perf tools: Fix segfault for symbol annotation on TUI
Date:   Thu, 25 Oct 2018 10:18:03 -0400
Message-Id: <20181025141853.214051-48-sashal@kernel.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20181025141853.214051-1-sashal@kernel.org>
References: <20181025141853.214051-1-sashal@kernel.org>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Namhyung Kim <namhyung@kernel.org>

[ Upstream commit 813ccd15452ed34e97aa526ffc70d6d8e6c466c5 ]

Currently the symbol structure is allocated with symbol_conf.priv_size
to carry sideband information like annotation, map browser on TUI and
sort-by-name tree node.  So retrieving these information from symbol
needs to care about the details of such placement.

However the annotation code just assumes that the symbol is placed after
the struct annotation.  But actually there's other info between them.
So accessing those struct will lead to an undefined behavior (usually a
crash) after they write their info to the same location.

To reproduce the problem, please follow the steps below:

  1. run perf report (TUI of course) with -v option
  2. open map browser (by pressing right arrow key for any entry)
  3. search any function (by pressing '/' key and input whatever..)
  4. return to the hist browser (by pressing 'q' or left arrow key)
  5. open annotation window for the same entry (by pressing 'a' key)

Signed-off-by: Namhyung Kim <namhyung@kernel.org>
Cc: David Ahern <dsahern@gmail.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Link: http://lkml.kernel.org/r/1421234288-22758-1-git-send-email-namhyung@kernel.org
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 tools/perf/util/annotate.h | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/tools/perf/util/annotate.h b/tools/perf/util/annotate.h
index 112d6e268150..dfa6c4c36b3e 100644
--- a/tools/perf/util/annotate.h
+++ b/tools/perf/util/annotate.h
@@ -115,11 +115,6 @@ struct annotation {
 	struct annotated_source *src;
 };
 
-struct sannotation {
-	struct annotation annotation;
-	struct symbol	  symbol;
-};
-
 static inline struct sym_hist *annotation__histogram(struct annotation *notes, int idx)
 {
 	return (((void *)&notes->src->histograms) +
@@ -128,8 +123,7 @@ static inline struct sym_hist *annotation__histogram(struct annotation *notes, i
 
 static inline struct annotation *symbol__annotation(struct symbol *sym)
 {
-	struct sannotation *a = container_of(sym, struct sannotation, symbol);
-	return &a->annotation;
+	return (void *)sym - symbol_conf.priv_size;
 }
 
 int addr_map_symbol__inc_samples(struct addr_map_symbol *ams, int evidx);
-- 
2.17.1