linux/tools/perf
Arnaldo Carvalho de Melo c53412ee8c perf evsel: Do not access outside hw cache name arrays
We have to check if the values are >= *_MAX, not just >, fix it.

From the bugzilla report:

''In file /tools/perf/util/evsel.c  function __perf_evsel__hw_cache_name
it appears that there is a bug that reads beyond the end of the buffer.
The statement "if (type > PERF_COUNT_HW_CACHE_MAX)" allows type to be
equal to the maximum value. Later, when statement "if
(!perf_evsel__is_cache_op_valid(type, op))" is executed, the function
can access array perf_evsel__hw_cache_stat[type] beyond the end of the
buffer.

It appears to me that the statement "if (type > PERF_COUNT_HW_CACHE_MAX)"
should be "if (type >= PERF_COUNT_HW_CACHE_MAX)"

Bug found with Coverity and manual code review. No attempts were made to
execute the code with a maximum type value.''

Committer note:

Testing it:

  $ perf record -e $(echo $(perf list cache | cut -d \[ -f1) | sed 's/ /,/g') usleep 1
  [ perf record: Woken up 16 times to write data ]
  [ perf record: Captured and wrote 0.023 MB perf.data (34 samples) ]
  $ perf evlist
  L1-dcache-load-misses
  L1-dcache-loads
  L1-dcache-stores
  L1-icache-load-misses
  LLC-load-misses
  LLC-loads
  LLC-store-misses
  LLC-stores
  branch-load-misses
  branch-loads
  dTLB-load-misses
  dTLB-loads
  dTLB-store-misses
  dTLB-stores
  iTLB-load-misses
  iTLB-loads
  node-load-misses
  node-loads
  node-store-misses
  node-stores
  $ perf list cache

  List of pre-defined events (to be used in -e):

    L1-dcache-load-misses        [Hardware cache event]
    L1-dcache-loads              [Hardware cache event]
    L1-dcache-stores             [Hardware cache event]
    L1-icache-load-misses        [Hardware cache event]
    LLC-load-misses              [Hardware cache event]
    LLC-loads                    [Hardware cache event]
    LLC-store-misses             [Hardware cache event]
    LLC-stores                   [Hardware cache event]
    branch-load-misses           [Hardware cache event]
    branch-loads                 [Hardware cache event]
    dTLB-load-misses             [Hardware cache event]
    dTLB-loads                   [Hardware cache event]
    dTLB-store-misses            [Hardware cache event]
    dTLB-stores                  [Hardware cache event]
    iTLB-load-misses             [Hardware cache event]
    iTLB-loads                   [Hardware cache event]
    node-load-misses             [Hardware cache event]
    node-loads                   [Hardware cache event]
    node-store-misses            [Hardware cache event]
    node-stores                  [Hardware cache event]
  $

Reported-by: Brian Sweeney <bsweeney@lgsinnovations.com>
Tested-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=153351
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
2016-08-18 16:39:46 -03:00
..
arch perf intel-pt: Fix occasional decoding errors when tracing system-wide 2016-08-15 18:11:18 -03:00
bench perf bench: Copy kernel files needed to build mem{cpy,set} x86_64 benchmarks 2016-07-12 15:20:32 -03:00
Documentation perf probe: Support signedness casting 2016-08-09 10:52:22 -03:00
jvmti perf jit: Remove some no-op error handling 2016-07-18 12:20:00 -03:00
python perf python: Add tracepoint example 2016-07-12 16:23:35 -03:00
scripts perf/core improvements and fixes: 2016-08-04 11:02:38 +02:00
tests perf tests bpf: Use SyS_epoll_wait alias 2016-08-03 19:40:48 -03:00
trace perf trace beauty seccomp: Remove seccomp.h include 2016-07-12 15:20:38 -03:00
ui perf annotate: Introduce strerror for handling symbol__disassemble() errors 2016-08-01 18:18:16 -03:00
util perf evsel: Do not access outside hw cache name arrays 2016-08-18 16:39:46 -03:00
.gitignore
Build
builtin-annotate.c perf annotate: Introduce --stdio-color to setup the color output mode selection 2016-07-12 00:00:39 -03:00
builtin-bench.c
builtin-buildid-cache.c tools: Introduce str_error_r() 2016-07-12 15:19:47 -03:00
builtin-buildid-list.c
builtin-config.c
builtin-data.c
builtin-diff.c
builtin-evlist.c
builtin-help.c tools: Introduce str_error_r() 2016-07-12 15:19:47 -03:00
builtin-inject.c
builtin-kmem.c mm, thp: remove __GFP_NORETRY from khugepaged and madvised allocations 2016-07-28 16:07:41 -07:00
builtin-kvm.c tools: Introduce str_error_r() 2016-07-12 15:19:47 -03:00
builtin-list.c perf list: Show SDT and pre-cached events 2016-07-13 23:09:07 -03:00
builtin-lock.c
builtin-mem.c perf tools mem: Fix -t store option for record command 2016-08-12 14:39:48 -03:00
builtin-probe.c perf probe: Make --list show only available cached events 2016-07-13 23:09:05 -03:00
builtin-record.c perf record: Add --sample-cpu option 2016-08-02 16:33:29 -03:00
builtin-report.c perf report: Introduce --stdio-color to setup the color output mode selection 2016-07-12 00:00:39 -03:00
builtin-sched.c tools: Introduce str_error_r() 2016-07-12 15:19:47 -03:00
builtin-script.c perf script: Don't disable use_callchain if input is pipe 2016-08-15 13:23:49 -03:00
builtin-stat.c perf stat: Avoid skew when reading events 2016-08-09 10:48:32 -03:00
builtin-timechart.c
builtin-top.c perf annotate: Introduce strerror for handling symbol__disassemble() errors 2016-08-01 18:18:16 -03:00
builtin-trace.c perf trace: Remove unused sys/ptrace.h include 2016-07-12 15:20:35 -03:00
builtin-version.c
builtin.h
command-list.txt
CREDITS
design.txt
Makefile
Makefile.config perf tools: Move config/Makefile into Makefile.config 2016-08-02 16:33:28 -03:00
Makefile.perf perf tools: Move config/Makefile into Makefile.config 2016-08-02 16:33:28 -03:00
MANIFEST tools: Copy linux/{hash,poison}.h and check for drift 2016-07-18 18:41:50 -03:00
perf-archive.sh
perf-completion.sh
perf-read-vdso.c
perf-sys.h perf tools: Add missing linux/compiler.h include to perf-sys.h 2016-07-18 17:40:49 -03:00
perf-with-kcore.sh
perf.c perf tools: Just pr_debug() about not being able to read cacheline_size 2016-07-15 10:08:29 -03:00
perf.h perf record: Add --sample-cpu option 2016-08-02 16:33:29 -03:00