This is a note to let you know that I've just added the patch titled perf parse-events: Fix incorrect conversion of 'if () free()' to 'zfree()' to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: perf-parse-events-fix-incorrect-conversion-of-if-fre.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. commit c9afe7992d1925265f5b454d09df79bfdf2b98b1 Author: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx> Date: Wed May 13 10:20:26 2020 -0300 perf parse-events: Fix incorrect conversion of 'if () free()' to 'zfree()' [ Upstream commit 7fcdccd4237724931d9773d1e3039bfe053a6f52 ] When applying a patch by Ian I incorrectly converted to zfree() an expression that involved testing some other struct member, not the one being freed, which lead to bugs reproduceable by: $ perf stat -e i/bs,tsc,L2/o sleep 1 WARNING: multiple event parsing errors Segmentation fault (core dumped) $ Fix it by restoring the test for pos->free_str before freeing pos->val.str, but continue using zfree(&pos->val.str) to set that member to NULL after freeing it. Reported-by: Ian Rogers <irogers@xxxxxxxxxx> Fixes: e8dfb81838b1 ("perf parse-events: Fix memory leaks found on parse_events") Cc: Adrian Hunter <adrian.hunter@xxxxxxxxx> Cc: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx> Cc: Andi Kleen <ak@xxxxxxxxxxxxxxx> Cc: clang-built-linux@xxxxxxxxxxxxxxxx Cc: Jiri Olsa <jolsa@xxxxxxxxxx> Cc: Leo Yan <leo.yan@xxxxxxxxxx> Cc: Mark Rutland <mark.rutland@xxxxxxx> Cc: Namhyung Kim <namhyung@xxxxxxxxxx> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx> Cc: Stephane Eranian <eranian@xxxxxxxxxx> Signed-off-by: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c index cce96b05d24c9..426f1984c143e 100644 --- a/tools/perf/util/parse-events.c +++ b/tools/perf/util/parse-events.c @@ -1287,7 +1287,8 @@ int parse_events_add_pmu(struct parse_events_state *parse_state, list_for_each_entry_safe(pos, tmp, &config_terms, list) { list_del_init(&pos->list); - zfree(&pos->val.str); + if (pos->free_str) + zfree(&pos->val.str); free(pos); } return -EINVAL;