Re: [PATCH v2] perf tools: Fix a problem when opening old perf.data with different byte order

[Jiri Olsa]

On Wed, Jun 17, 2015 at 09:56:39AM +0000, Wang Nan wrote:
> Following error occurs when trying to use 'perf report' on x86_64 to
> cross analysis a perf.data generated by an old perf on a big-endian
> machine:
> 
>  # perf report
>  *** Error in `/home/w00229757/perf': free(): invalid next size (fast): 0x00000000032c99f0 ***
>  ======= Backtrace: =========
>  /lib64/libc.so.6(+0x6eeef)[0x7ff6ff7e2eef]
>  /lib64/libc.so.6(+0x78cae)[0x7ff6ff7eccae]
>  /lib64/libc.so.6(+0x79987)[0x7ff6ff7ed987]
>  /path/to/perf[0x4ac734]
>  /path/to/perf[0x4ac829]
>  /path/to/perf(perf_header__process_sections+0x129)[0x4ad2c9]
>  /path/to/perf(perf_session__read_header+0x2e1)[0x4ad9e1]
>  /path/to/perf(perf_session__new+0x168)[0x4bd458]
>  /path/to/perf(cmd_report+0xfa0)[0x43eb70]
>  /path/to/perf[0x47adc3]
>  /path/to/perf(main+0x5f6)[0x42fd06]
>  /lib64/libc.so.6(__libc_start_main+0xf5)[0x7ff6ff795bd5]
>  /path/to/perf[0x42fe35]
>  ======= Memory map: ========
>  [SNIP]
> 
> The bug is in perf_event__attr_swap(). It swaps all fields in
> 'struct perf_event_attr' without checking whether the swapped field
> exist or not. In addition, in read_event_desc() allocs memory for attr
> according to size read from perf.data. Therefore, if the perf.data is
> collected by an old perf (without aux_watermark, for example),
> when perf_event__attr_swap() swaping attr->aux_watermark it destroy
> malloc's metadata.
> 
> This patch introduces boundary checking in perf_event__attr_swap(). It
> adds macros bswap_field_64 and bswap_field_32 into
> perf_event__attr_swap() to make it only swap exist fields.
> 
> Signed-off-by: Wang Nan <wangnan0@xxxxxxxxxx>

Acked-by: Jiri Olsa <jolsa@xxxxxxxxxx>

thanks,
jirka
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/