Re: [PATCH v2] perf: fix ring_buffer perf_output_space() boundarycalculation

From: Peter Zijlstra
Date: Tue Mar 19 2013 - 08:35:21 EST

On Mon, 2013-03-18 at 14:33 +0100, Stephane Eranian wrote:
> This patch fixes a flaw in perf_output_space(). In case the size
> of the space needed is bigger than the actual buffer size, there
> may be situations where the function would return true (i.e., there
> is space) when it should not. head > offset due to rounding of the
> masking logic.
> The problem can be tested by activating BTS on Intel processors.
> A BTS record can be as big as 16 pages. The following command
> fails:
> $ perf record -m 4 -c 1 -e branches:u my_test_program
> You will get a buffer corruption with this. Perf report won't be
> able to parse the
> The fix is to first check that the requested space is smaller than the
> buffer size. If so, then the masking logic will work fine. If not,
> then
> there is no chance the record can be saved and it will be gracefully
> handled
> by upper code layers.
> In v2, we also make the logic for the writable more explicit by
> renaming it to rb->overwrite because it tells whether or not the
> buffer can overwrite its tail (suggested by PeterZ).
> Signed-off-by: Stephane Eranian <eranian@xxxxxxxxxx>
> ---

Acked-by: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at