Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp3853764ybi; Mon, 29 Jul 2019 13:59:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqwjd5Ude26V0i3FzOYfJk15LpZAmxamDDzV3U+yWaG69scXvoMipmXM9EMRUOiMxp3ns/JE X-Received: by 2002:a62:5253:: with SMTP id g80mr38245888pfb.179.1564433967396; Mon, 29 Jul 2019 13:59:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564433967; cv=none; d=google.com; s=arc-20160816; b=hOvww6rKD0WXX+SFD+29HuXyOp5Z2SHc18mCCARLs/irqQSv2+42nbarR9JSUocJCD c/6wnvpg1UJeA/G+oaG9hsXhoJzAMoEHTaijITm/gYNEIX/cvuxX7gQIo7UWeKKFp8Dk AiETHdtEIoRtajLug5v0W/twJVazuYzuqcjIksOFdICFABhM2pQ2MC/ZM147iCW85eoG kAr9n5tHaS7PhV2YrEB6BzXD/ARnMHAGCzipauWVBxwtEg4ym0MTURv5Rg/z+hCNNgRp OGGIwGMKY1oFEUfbvLDHJg+eDUGA5uqf0JPA8I1Yf6N05YBSdwCbksBGbODTLZ3OlTbe W3fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=BApBF9lDyDUHtKy92pMwude8bSQOUkXYIpIspp3IQpA=; b=sHfd5lD2Qj1K5qTthftUfkLNWfr710XnIXlMrEl69bS4q2kduHIzM6HvZtSnSk560v 9mlr3mzgvDaViFB851dtrG6xwK82Lvgkij/G6UXOI8TA4v08cGe1WjVKB85CjciQ3J+h g3bJqF55upMKLtBZFBmYG1BoPABXAvyki1jk3dqeiCsOtSMvj3rZ/MIMcL/UxjVyDzPd 8yiZ7FQ6uK5uFHb5bRVt1i1oXMOj1Q5i1M7SjRurxFqfGA+jdHXlhL5y22cQ44U2KxVB RFtsXz5zoNpMbzWc0FqVDd9+r4lW+qAJrO+OLGH2D+Jr6Ic/iuQrJ3+nsYrUZTQz4i4Q 9raA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=YBDPtnbL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x7si27827731plv.130.2019.07.29.13.59.12; Mon, 29 Jul 2019 13:59:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=YBDPtnbL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729848AbfG2U56 (ORCPT + 99 others); Mon, 29 Jul 2019 16:57:58 -0400 Received: from mail-pl1-f202.google.com ([209.85.214.202]:45284 "EHLO mail-pl1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727481AbfG2U54 (ORCPT ); Mon, 29 Jul 2019 16:57:56 -0400 Received: by mail-pl1-f202.google.com with SMTP id y9so33865104plp.12 for ; Mon, 29 Jul 2019 13:57:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=BApBF9lDyDUHtKy92pMwude8bSQOUkXYIpIspp3IQpA=; b=YBDPtnbLOaDIZ32zQrem6Tg6fvI9ktw3miPRNDTLwvUqYnnUr49flmT4t6947OxrnF 67rOusbkgcVLnWu+Zo3pyV+f56esS7HKcDhmtASU3kei4n7q4vAdAco6TYgjDU2lpgKV 18b6Or8UWO8gScO5qSzAPKiup/SzEeV5T8ENJXf6x/+oWa2zHJWiBjijX5LB3zx1W4k3 jv0TIW1SWLiX+XTErkt3L7VaFh8h12/cNcdHb5zqS5FpaeNsHoZ1GzmO2z3qPAdPRxAD JCI3qE3hALJoWmD64vskGSnYlmk6USzDTpxegiLgRapxdsqRStbgmGJKTBHj70icp04V J/UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=BApBF9lDyDUHtKy92pMwude8bSQOUkXYIpIspp3IQpA=; b=aRUB9DQmn8VBIOblk/byi3WDC2tf5AhMXnXV/wP0NufsPpbFNVPKTye4tWENiRPjNy YPCQhQ5EfDUzPIkPiy8/rGtkSx7Eag4HnSf9S9fH7yZgY0AfTv/WYqac29g2Vg9uvqin IB6ff50NoNXJtKv7GCYyPLPShGzsfWmvy6BSq+75nh70n0CU8CdTnuUid2x9tt+N7jhX 7LWhoCwxs/wuhzovmZi21x/+Gg8LvJbH11OQUn3zwEEPVLbI88kTYZDH3w97RfQquKaH 8B+kkFek+uNcwvfwwn4DJ47AQ9U3oF400vB9qi+expgqDz+I97YfH9CBgXYN0IVwU54R Eu+A== X-Gm-Message-State: APjAAAXPunMMUbxo2wM4Eb5Ylkq9b7Ug/qt21+Kx3BiV4h3NaDb2EZ/3 Y2P20VdvKSItKSsyLG+9bAM3VP7I X-Received: by 2002:a65:500a:: with SMTP id f10mr75139654pgo.105.1564433874773; Mon, 29 Jul 2019 13:57:54 -0700 (PDT) Date: Mon, 29 Jul 2019 13:57:50 -0700 In-Reply-To: <20190726194044.GC24867@kernel.org> Message-Id: <20190729205750.193289-1-nums@google.com> Mime-Version: 1.0 References: <20190726194044.GC24867@kernel.org> X-Mailer: git-send-email 2.22.0.709.g102302147b-goog Subject: [PATCH v2] Fix annotate.c use of uninitialized value error From: Numfor Mbiziwo-Tiapo To: peterz@infradead.org, mingo@redhat.com, acme@kernel.org, alexander.shishkin@linux.intel.com, jolsa@redhat.com, namhyung@kernel.org, songliubraving@fb.com, mbd@fb.com Cc: linux-kernel@vger.kernel.org, irogers@google.com, eranian@google.com, Numfor Mbiziwo-Tiapo Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Our local MSAN (Memory Sanitizer) build of perf throws a warning that comes from the "dso__disassemble_filename" function in "tools/perf/util/annotate.c" when running perf record. The warning stems from the call to readlink, in which "build_id_path" was being read into "linkname". Since readlink does not null terminate, an uninitialized memory access would later occur when "linkname" is passed into the strstr function. This is simply fixed by null-terminating "linkname" after the call to readlink. To reproduce this warning, build perf by running: make -C tools/perf CLANG=1 CC=clang EXTRA_CFLAGS="-fsanitize=memory\ -fsanitize-memory-track-origins" (Additionally, llvm might have to be installed and clang might have to be specified as the compiler - export CC=/usr/bin/clang) then running: tools/perf/perf record -o - ls / | tools/perf/perf --no-pager annotate\ -i - --stdio Please see the cover letter for why false positive warnings may be generated. Signed-off-by: Numfor Mbiziwo-Tiapo --- tools/perf/util/annotate.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/tools/perf/util/annotate.c b/tools/perf/util/annotate.c index 70de8f6b3aee..e1b075b52dce 100644 --- a/tools/perf/util/annotate.c +++ b/tools/perf/util/annotate.c @@ -1627,6 +1627,7 @@ static int dso__disassemble_filename(struct dso *dso, char *filename, size_t fil char *build_id_filename; char *build_id_path = NULL; char *pos; + int len; if (dso->symtab_type == DSO_BINARY_TYPE__KALLSYMS && !dso__is_kcore(dso)) @@ -1655,10 +1656,16 @@ static int dso__disassemble_filename(struct dso *dso, char *filename, size_t fil if (pos && strlen(pos) < SBUILD_ID_SIZE - 2) dirname(build_id_path); - if (dso__is_kcore(dso) || - readlink(build_id_path, linkname, sizeof(linkname)) < 0 || - strstr(linkname, DSO__NAME_KALLSYMS) || - access(filename, R_OK)) { + if (dso__is_kcore(dso)) + goto fallback; + + len = readlink(build_id_path, linkname, sizeof(linkname) - 1); + if (len < 0) + goto fallback; + + linkname[len] = '\0'; + if (strstr(linkname, DSO__NAME_KALLSYMS) || + access(filename, R_OK)) { fallback: /* * If we don't have build-ids or the build-id file isn't in the -- 2.22.0.709.g102302147b-goog