lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241104112736.28554-2-xueshuai@linux.alibaba.com>
Date: Mon,  4 Nov 2024 19:27:35 +0800
From: Shuai Xue <xueshuai@...ux.alibaba.com>
To: stable@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-perf-users@...r.kernel.org,
	acme@...nel.org,
	gregkh@...uxfoundation.org
Cc: adrian.hunter@...el.com,
	alexander.shishkin@...ux.intel.com,
	irogers@...gle.com,
	mark.rutland@....com,
	namhyung@...nel.org,
	peterz@...radead.org,
	acme@...hat.com,
	kprateek.nayak@....com,
	ravi.bangoria@....com,
	sandipan.das@....com,
	anshuman.khandual@....com,
	german.gomez@....com,
	james.clark@....com,
	terrelln@...com,
	seanjc@...gle.com,
	changbin.du@...wei.com,
	liuwenyu7@...wei.com,
	yangjihong1@...wei.com,
	mhiramat@...nel.org,
	ojeda@...nel.org,
	song@...nel.org,
	leo.yan@...aro.org,
	kjain@...ux.ibm.com,
	ak@...ux.intel.com,
	kan.liang@...ux.intel.com,
	atrajeev@...ux.vnet.ibm.com,
	siyanteng@...ngson.cn,
	liam.howlett@...cle.com,
	pbonzini@...hat.com,
	jolsa@...nel.org
Subject: [PATCH 5.10.y 1/2] Revert "perf hist: Add missing puts to hist__account_cycles"

Revert "perf hist: Add missing puts to hist__account_cycles"

This reverts commit a83fc293acd5c5050a4828eced4a71d2b2fffdd3.

On x86 platform, kernel v5.10.228, perf-report command aborts due to "free():
invalid pointer" when perf-record command is run with taken branch stack
sampling enabled. This regression can be reproduced with the following steps:

	- sudo perf record -b
	- sudo perf report

The root cause is that bi[i].to.ms.maps does not always point to thread->maps,
which is a buffer dynamically allocated by maps_new(). Instead, it may point to
&machine->kmaps, while kmaps is not a pointer but a variable. The original
upstream commit c1149037f65b ("perf hist: Add missing puts to
hist__account_cycles") worked well because machine->kmaps had been refactored to
a pointer by the previous commit 1a97cee604dc ("perf maps: Use a pointer for
kmaps").

To this end, just revert commit a83fc293acd5c5050a4828eced4a71d2b2fffdd3.

It is worth noting that the memory leak issue, which the reverted patch intended
to fix, has been solved by commit cf96b8e45a9b ("perf session: Add missing
evlist__delete when deleting a session"). The root cause is that the evlist is
not being deleted on exit in perf-report, perf-script, and perf-data.
Consequently, the reference count of the thread increased by thread__get() in
hist_entry__init() is not decremented in hist_entry__delete(). As a result,
thread->maps is not properly freed.

Cc: Adrian Hunter <adrian.hunter@...el.com>
Cc: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
Cc: Ian Rogers <irogers@...gle.com>
Cc: Mark Rutland <mark.rutland@....com>
Cc: Namhyung Kim <namhyung@...nel.org>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Arnaldo Carvalho de Melo <acme@...hat.com>
Cc: K Prateek Nayak <kprateek.nayak@....com>
Cc: Ravi Bangoria <ravi.bangoria@....com>
Cc: Sandipan Das <sandipan.das@....com>
Cc: Anshuman Khandual <anshuman.khandual@....com>
Cc: German Gomez <german.gomez@....com>
Cc: James Clark <james.clark@....com>
Cc: Nick Terrell <terrelln@...com>
Cc: Sean Christopherson <seanjc@...gle.com>
Cc: Changbin Du <changbin.du@...wei.com>
Cc: liuwenyu <liuwenyu7@...wei.com>
Cc: Yang Jihong <yangjihong1@...wei.com>
Cc: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Miguel Ojeda <ojeda@...nel.org>
Cc: Song Liu <song@...nel.org>
Cc: Leo Yan <leo.yan@...aro.org>
Cc: Kajol Jain <kjain@...ux.ibm.com>
Cc: Andi Kleen <ak@...ux.intel.com>
Cc: Kan Liang <kan.liang@...ux.intel.com>
Cc: Athira Rajeev <atrajeev@...ux.vnet.ibm.com>
Cc: Yanteng Si <siyanteng@...ngson.cn>
Cc: Liam Howlett <liam.howlett@...cle.com>
Cc: Paolo Bonzini <pbonzini@...hat.com>
Cc: stable@...r.kernel.org # 5.10.228
Signed-off-by: Shuai Xue <xueshuai@...ux.alibaba.com>
---
 tools/perf/util/hist.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/tools/perf/util/hist.c b/tools/perf/util/hist.c
index c78d8813811c..8a793e4c9400 100644
--- a/tools/perf/util/hist.c
+++ b/tools/perf/util/hist.c
@@ -2624,6 +2624,8 @@ void hist__account_cycles(struct branch_stack *bs, struct addr_location *al,
 
 	/* If we have branch cycles always annotate them. */
 	if (bs && bs->nr && entries[0].flags.cycles) {
+		int i;
+
 		bi = sample__resolve_bstack(sample, al);
 		if (bi) {
 			struct addr_map_symbol *prev = NULL;
@@ -2638,7 +2640,7 @@ void hist__account_cycles(struct branch_stack *bs, struct addr_location *al,
 			 * Note that perf stores branches reversed from
 			 * program order!
 			 */
-			for (int i = bs->nr - 1; i >= 0; i--) {
+			for (i = bs->nr - 1; i >= 0; i--) {
 				addr_map_symbol__account_cycles(&bi[i].from,
 					nonany_branch_mode ? NULL : prev,
 					bi[i].flags.cycles);
@@ -2647,12 +2649,6 @@ void hist__account_cycles(struct branch_stack *bs, struct addr_location *al,
 				if (total_cycles)
 					*total_cycles += bi[i].flags.cycles;
 			}
-			for (unsigned int i = 0; i < bs->nr; i++) {
-				map__put(bi[i].to.ms.map);
-				maps__put(bi[i].to.ms.maps);
-				map__put(bi[i].from.ms.map);
-				maps__put(bi[i].from.ms.maps);
-			}
 			free(bi);
 		}
 	}
-- 
2.39.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ