• Stephane Eranian's avatar
    perf: Fix ring_buffer perf_output_space() boundary calculation · dd9c086d
    Stephane Eranian authored
    This patch fixes a flaw in perf_output_space(). In case the size
    of the space needed is bigger than the actual buffer size, there
    may be situations where the function would return true (i.e.,
    there is space) when it should not. head > offset due to
    rounding of the masking logic.
    
    The problem can be tested by activating BTS on Intel processors.
    A BTS record can be as big as 16 pages. The following command
    fails:
    
      $ perf record -m 4 -c 1 -e branches:u my_test_program
    
    You will get a buffer corruption with this. Perf report won't be
    able to parse the perf.data.
    
    The fix is to first check that the requested space is smaller
    than the buffer size. If so, then the masking logic will work
    fine. If not, then there is no chance the record can be saved
    and it will be gracefully handled by upper code layers.
    
    [ In v2, we also make the logic for the writable more explicit by
      renaming it to rb->overwrite because it tells whether or not the
      buffer can overwrite its tail (suggested by PeterZ). ]
    Signed-off-by: default avatarStephane Eranian <eranian@google.com>
    Acked-by: default avatarPeter Zijlstra <a.p.zijlstra@chello.nl>
    Cc: peterz@infradead.org
    Cc: jolsa@redhat.com
    Cc: fweisbec@gmail.com
    Link: http://lkml.kernel.org/r/20130318133327.GA3056@quadSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
    dd9c086d
internal.h 4.03 KB