| Message ID | 20240614094318.11607-1-hejunhao3@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | perf pmus: Fixes always false when compare duplicates aliases | expand |
On Fri, 14 Jun 2024 17:43:18 +0800, Junhao He wrote: > In the previous loop, all the members in the aliases[j-1] have been freed > and set to NULL. But in this loop, the function pmu_alias_is_duplicate() > compares the aliases[j] with the aliases[j-1] that has already been > disposed, so the function will always return false and duplicate aliases > will never be discarded. > > If we find duplicate aliases, it skips the zfree aliases[j], which is > accompanied by a memory leak. > > [...] Applied to perf-tools-next, thanks! Best regards, Namhyung
diff --git a/tools/perf/util/pmus.c b/tools/perf/util/pmus.c index b9b4c5eb5002..6907e3e7fbd1 100644 --- a/tools/perf/util/pmus.c +++ b/tools/perf/util/pmus.c @@ -477,8 +477,8 @@ void perf_pmus__print_pmu_events(const struct print_callbacks *print_cb, void *p qsort(aliases, len, sizeof(struct sevent), cmp_sevent); for (int j = 0; j < len; j++) { /* Skip duplicates */ - if (j > 0 && pmu_alias_is_duplicate(&aliases[j], &aliases[j - 1])) - continue; + if (j < len - 1 && pmu_alias_is_duplicate(&aliases[j], &aliases[j + 1])) + goto free; print_cb->print_event(print_state, aliases[j].pmu_name, @@ -491,6 +491,7 @@ void perf_pmus__print_pmu_events(const struct print_callbacks *print_cb, void *p aliases[j].desc, aliases[j].long_desc, aliases[j].encoding_desc); +free: zfree(&aliases[j].name); zfree(&aliases[j].alias); zfree(&aliases[j].scale_unit);
In the previous loop, all the members in the aliases[j-1] have been freed and set to NULL. But in this loop, the function pmu_alias_is_duplicate() compares the aliases[j] with the aliases[j-1] that has already been disposed, so the function will always return false and duplicate aliases will never be discarded. If we find duplicate aliases, it skips the zfree aliases[j], which is accompanied by a memory leak. We can use the next aliases[j+1] to theck for duplicate aliases to fixes the aliases NULL pointer dereference, then goto zfree code snippet to release it. After patch testing: $ perf list --unit=hisi_sicl,cpa pmu uncore cpa: cpa_p0_rd_dat_32b [Number of read ops transmitted by the P0 port which size is 32 bytes. Unit: hisi_sicl,cpa] cpa_p0_rd_dat_64b [Number of read ops transmitted by the P0 port which size is 64 bytes. Unit: hisi_sicl,cpa] Fixes: c3245d2093c1 ("perf pmu: Abstract alias/event struct") Signed-off-by: Junhao He <hejunhao3@huawei.com> --- tools/perf/util/pmus.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)