Re: [PATCH 1/3] Fix backward-ring-buffer.c format-truncation error
Em Wed, Jul 24, 2019 at 11:45:10AM -0700, Numfor Mbiziwo-Tiapo escreveu:
> Perf does not build with the ubsan (undefined behavior sanitizer)
> and there is an error that says:
>
> tests/backward-ring-buffer.c:23:45: error: ‘%d’ directive output
> may be truncated writing between 1 and 10 bytes into a region of
> size 8 [-Werror=format-truncation=]
>snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
>
> This can be reproduced by running (from the tip directory):
> make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
>
> Th error occurs because they are writing to the 10 byte buffer - the
> index 'i' of the for loop and the 2 byte hardcoded string. If somehow 'i'
> was greater than 8 bytes (10 - 2), then the snprintf function would
> truncate the string. Increasing the size of the buffer fixes the error.
>
> Signed-off-by: Numfor Mbiziwo-Tiapo
> ---
> tools/perf/tests/backward-ring-buffer.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/tests/backward-ring-buffer.c
> b/tools/perf/tests/backward-ring-buffer.c
> index 6d598cc071ae..1a9c3becf5ff 100644
> --- a/tools/perf/tests/backward-ring-buffer.c
> +++ b/tools/perf/tests/backward-ring-buffer.c
> @@ -18,7 +18,7 @@ static void testcase(void)
> int i;
>
> for (i = 0; i < NR_ITERS; i++) {
> - char proc_name[10];
> + char proc_name[15];
>
> snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
> prctl(PR_SET_NAME, proc_name);
This was fixed already by:
commit 11c1ea6f1a9bc97bf857fd12f72eacb6c69794e2
Author: Changbin Du
Date: Sat Mar 16 16:05:43 2019 +0800
perf tools: Fix errors under optimization level '-Og'
Optimization level '-Og' offers a reasonable level of optimization while
maintaining fast compilation and a good debugging experience. This patch
tries to make it work.
$ make DEBUG=1 EXTRA_CFLAGS='-Og'
bench/epoll-ctl.c: In function ‘do_threads’:
bench/epoll-ctl.c:274:9: error: ‘ret’ may be used uninitialized in this
function [-Werror=maybe-uninitialized]
return ret;
^~~
...
Signed-off-by: Changbin Du
Reviewed-by: Jiri Olsa
RE: [PATCH 1/3] Fix backward-ring-buffer.c format-truncation error
From: Numfor Mbiziwo-Tiapo
> Sent: 24 July 2019 19:45
>
> Perf does not build with the ubsan (undefined behavior sanitizer)
> and there is an error that says:
>
> tests/backward-ring-buffer.c:23:45: error: ‘%d’ directive output
> may be truncated writing between 1 and 10 bytes into a region of
> size 8 [-Werror=format-truncation=]
>snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
>
> This can be reproduced by running (from the tip directory):
> make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
>
> Th error occurs because they are writing to the 10 byte buffer - the
> index 'i' of the for loop and the 2 byte hardcoded string. If somehow 'i'
> was greater than 8 bytes (10 - 2), then the snprintf function would
> truncate the string. Increasing the size of the buffer fixes the error.
Get the compiler fixed so that it knows the domain of the value can never
exceed the compile-time constant NR_ITERS.
> Signed-off-by: Numfor Mbiziwo-Tiapo
> ---
> tools/perf/tests/backward-ring-buffer.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/tests/backward-ring-buffer.c
> b/tools/perf/tests/backward-ring-buffer.c
> index 6d598cc071ae..1a9c3becf5ff 100644
> --- a/tools/perf/tests/backward-ring-buffer.c
> +++ b/tools/perf/tests/backward-ring-buffer.c
> @@ -18,7 +18,7 @@ static void testcase(void)
> int i;
>
> for (i = 0; i < NR_ITERS; i++) {
> - char proc_name[10];
> + char proc_name[15];
At least use [16]
>
> snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
> prctl(PR_SET_NAME, proc_name);
> --
> 2.22.0.657.g960e92d24f-goog
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT,
UK
Registration No: 1397386 (Wales)
[PATCH 1/3] Fix backward-ring-buffer.c format-truncation error
Perf does not build with the ubsan (undefined behavior sanitizer)
and there is an error that says:
tests/backward-ring-buffer.c:23:45: error: ‘%d’ directive output
may be truncated writing between 1 and 10 bytes into a region of
size 8 [-Werror=format-truncation=]
snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
This can be reproduced by running (from the tip directory):
make -C tools/perf USE_CLANG=1 EXTRA_CFLAGS="-fsanitize=undefined"
Th error occurs because they are writing to the 10 byte buffer - the
index 'i' of the for loop and the 2 byte hardcoded string. If somehow 'i'
was greater than 8 bytes (10 - 2), then the snprintf function would
truncate the string. Increasing the size of the buffer fixes the error.
Signed-off-by: Numfor Mbiziwo-Tiapo
---
tools/perf/tests/backward-ring-buffer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/tests/backward-ring-buffer.c
b/tools/perf/tests/backward-ring-buffer.c
index 6d598cc071ae..1a9c3becf5ff 100644
--- a/tools/perf/tests/backward-ring-buffer.c
+++ b/tools/perf/tests/backward-ring-buffer.c
@@ -18,7 +18,7 @@ static void testcase(void)
int i;
for (i = 0; i < NR_ITERS; i++) {
- char proc_name[10];
+ char proc_name[15];
snprintf(proc_name, sizeof(proc_name), "p:%d\n", i);
prctl(PR_SET_NAME, proc_name);
--
2.22.0.657.g960e92d24f-goog
