lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+G9fYteKZxdLVtQzXyh36hhaj6W5e17U_emsXwZdjPoeyj+OQ@mail.gmail.com>
Date:   Tue, 29 Sep 2020 01:24:32 +0530
From:   Naresh Kamboju <naresh.kamboju@...aro.org>
To:     Sasha Levin <sashal@...nel.org>,
        linux- stable <stable@...r.kernel.org>,
        Arnaldo Carvalho de Melo <acme@...hat.com>
Cc:     open list <linux-kernel@...r.kernel.org>,
        Ian Rogers <irogers@...gle.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Andi Kleen <ak@...ux.intel.com>,
        clang-built-linux@...glegroups.com, Jiri Olsa <jolsa@...nel.org>,
        Leo Yan <leo.yan@...aro.org>,
        Mark Rutland <mark.rutland@....com>,
        Namhyung Kim <namhyung@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Stephane Eranian <eranian@...gle.com>,
        lkft-triage@...ts.linaro.org
Subject: Re: [PATCH AUTOSEL 4.14 112/127] perf parse-events: Fix incorrect
 conversion of 'if () free()' to 'zfree()'

On Fri, 18 Sep 2020 at 08:00, Sasha Levin <sashal@...nel.org> wrote:
>
> From: Arnaldo Carvalho de Melo <acme@...hat.com>
>
> [ Upstream commit 7fcdccd4237724931d9773d1e3039bfe053a6f52 ]
>
> When applying a patch by Ian I incorrectly converted to zfree() an
> expression that involved testing some other struct member, not the one
> being freed, which lead to bugs reproduceable by:
>
>   $ perf stat -e i/bs,tsc,L2/o sleep 1
>   WARNING: multiple event parsing errors
>   Segmentation fault (core dumped)
>   $
>
> Fix it by restoring the test for pos->free_str before freeing
> pos->val.str, but continue using zfree(&pos->val.str) to set that member
> to NULL after freeing it.
>
> Reported-by: Ian Rogers <irogers@...gle.com>
> Fixes: e8dfb81838b1 ("perf parse-events: Fix memory leaks found on parse_events")
> Cc: Adrian Hunter <adrian.hunter@...el.com>
> Cc: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
> Cc: Andi Kleen <ak@...ux.intel.com>
> Cc: clang-built-linux@...glegroups.com
> Cc: Jiri Olsa <jolsa@...nel.org>
> Cc: Leo Yan <leo.yan@...aro.org>
> Cc: Mark Rutland <mark.rutland@....com>
> Cc: Namhyung Kim <namhyung@...nel.org>
> Cc: Peter Zijlstra <peterz@...radead.org>
> Cc: Stephane Eranian <eranian@...gle.com>
> Signed-off-by: Arnaldo Carvalho de Melo <acme@...hat.com>
> Signed-off-by: Sasha Levin <sashal@...nel.org>

stable rc 4.14 perf build broken.

> ---
>  tools/perf/util/parse-events.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c
> index 2733cdfdf04c6..ba973bdfaa657 100644
> --- a/tools/perf/util/parse-events.c
> +++ b/tools/perf/util/parse-events.c
> @@ -1258,7 +1258,8 @@ static int __parse_events_add_pmu(struct parse_events_state *parse_state,
>
>                 list_for_each_entry_safe(pos, tmp, &config_terms, list) {
>                         list_del_init(&pos->list);
> -                       zfree(&pos->val.str);
> +                       if (pos->free_str)
> +                               zfree(&pos->val.str);
>                         free(pos);
>                 }
>                 return -EINVAL;


util/parse-events.c: In function '__parse_events_add_pmu':
util/parse-events.c:1261:11: error: 'struct perf_evsel_config_term'
has no member named 'free_str'
    if (pos->free_str)
           ^~
In file included from util/evlist.h:14:0,
                 from util/parse-events.c:10:
util/parse-events.c:1262:20: error: 'union <anonymous>' has no member
named 'str'
     zfree(&pos->val.str);
                    ^
util/util.h:27:29: note: in definition of macro 'zfree'
 #define zfree(ptr) ({ free(*ptr); *ptr = NULL; })
                             ^~~
util/parse-events.c:1262:20: error: 'union <anonymous>' has no member
named 'str'
     zfree(&pos->val.str);
                    ^
util/util.h:27:36: note: in definition of macro 'zfree'
 #define zfree(ptr) ({ free(*ptr); *ptr = NULL; })
                                    ^~~

Reported-by: Naresh Kamboju <naresh.kamboju@...aro.org>

full build link,
https://ci.linaro.org/view/lkft/job/openembedded-lkft-linux-stable-rc-4.14/DISTRO=lkft,MACHINE=intel-corei7-64,label=docker-lkft/938/consoleText


-- 
Linaro LKFT
https://lkft.linaro.org

> --
> 2.25.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ