Re: [RFC] perf session: Fix compression processing

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alexey Budankov <alexey.budankov@linux.intel.com>
To: Jiri Olsa <jolsa@redhat.com>, Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>,
	Ingo Molnar <mingo@redhat.com>,
	Alexander Shishkin <alexander.shishkin@linux.intel.com>,
	Namhyung Kim <namhyung@kernel.org>,
	Andi Kleen <ak@linux.intel.com>,
	linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] perf session: Fix compression processing
Date: Mon, 11 Nov 2019 17:38:49 +0300	[thread overview]
Message-ID: <d57725e6-e62f-b37e-6cb4-28bf521faaea@linux.intel.com> (raw)
In-Reply-To: <20191103222441.GE8251@krava>


On 04.11.2019 1:24, Jiri Olsa wrote:
> hi,
<SNIP>
> ---
> The compressed data processing occasionally fails with:
>   $ perf report --stdio -vv
>   decomp (B): 44519 to 163000
>   decomp (B): 48119 to 174800
>   decomp (B): 65527 to 131072
>   fetch_mmaped_event: head=0x1ffe0 event->header_size=0x28, mmap_size=0x20000: fuzzed perf.data?
>   Error:
>   failed to process sample
>   ...
> 
> It's caused by recent fuzzer fix that does not take into account
> that compressed data do not need to by fully present in the buffer,
> so it's ok to just return NULL and not to fail.
> 
> Fixes: 57fc032ad643 ("perf session: Avoid infinite loop when seeing invalid header.size")
> Link: http://lkml.kernel.org/n/tip-q1biqscs4stcmc9bs1iokfro@git.kernel.org
> Signed-off-by: Jiri Olsa <jolsa@kernel.org>
> ---
>  tools/perf/util/session.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c
> index f07b8ecb91bc..3589ed14a629 100644
> --- a/tools/perf/util/session.c
> +++ b/tools/perf/util/session.c
> @@ -1959,7 +1959,7 @@ static int __perf_session__process_pipe_events(struct perf_session *session)
>  
>  static union perf_event *
>  fetch_mmaped_event(struct perf_session *session,
> -		   u64 head, size_t mmap_size, char *buf)
> +		   u64 head, size_t mmap_size, char *buf, bool decomp)

bools in interface make code less transparent.

>  {
>  	union perf_event *event;
>  
> @@ -1979,6 +1979,8 @@ fetch_mmaped_event(struct perf_session *session,
>  		/* We're not fetching the event so swap back again */
>  		if (session->header.needs_swap)
>  			perf_event_header__bswap(&event->header);
> +		if (decomp)
> +			return NULL;
>  		pr_debug("%s: head=%#" PRIx64 " event->header_size=%#x, mmap_size=%#zx: fuzzed perf.data?\n",
>  			 __func__, head, event->header.size, mmap_size);
>  		return ERR_PTR(-EINVAL);
> @@ -1997,7 +1999,7 @@ static int __perf_session__process_decomp_events(struct perf_session *session)
>  		return 0;
>  
>  	while (decomp->head < decomp->size && !session_done()) {
> -		union perf_event *event = fetch_mmaped_event(session, decomp->head, decomp->size, decomp->data);
> +		union perf_event *event = fetch_mmaped_event(session, decomp->head, decomp->size, decomp->data, true);

It looks like this call can be skipped, at all, in this case.

>  
>  		if (IS_ERR(event))
>  			return PTR_ERR(event);
> @@ -2100,7 +2102,7 @@ reader__process_events(struct reader *rd, struct perf_session *session,
>  	}
>  
>  more:
> -	event = fetch_mmaped_event(session, head, mmap_size, buf);
> +	event = fetch_mmaped_event(session, head, mmap_size, buf, false);
>  	if (IS_ERR(event))
>  		return PTR_ERR(event);
>  
> 

~Alexey

next prev parent reply	other threads:[~2019-11-11 14:39 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-03 22:24 [RFC] perf session: Fix compression processing Jiri Olsa
2019-11-06 16:50 ` Alexey Budankov
2019-11-11 14:38 ` Alexey Budankov [this message]
2019-11-11 14:56   ` Jiri Olsa
2019-11-11 15:41     ` Alexey Budankov
2019-11-11 15:46       ` Jiri Olsa
2019-11-11 15:53         ` Alexey Budankov
2019-11-11 16:07           ` Jiri Olsa

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d57725e6-e62f-b37e-6cb4-28bf521faaea@linux.intel.com \
    --to=alexey.budankov@linux.intel.com \
    --cc=acme@kernel.org \
    --cc=ak@linux.intel.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=jolsa@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=namhyung@kernel.org \
    --cc=peterz@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.