Patch "perf parse-events: Fix tracepoint name memory leak" has been added to the 6.5-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Fri, 10 Nov 2023 13:41:28 -0500

This is a note to let you know that I've just added the patch titled

    perf parse-events: Fix tracepoint name memory leak

to the 6.5-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     perf-parse-events-fix-tracepoint-name-memory-leak.patch
and it can be found in the queue-6.5 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 741be96f34dd5f7989a3e340753e69b276066e03
Author: Ian Rogers <irogers@xxxxxxxxxx>
Date:   Thu Sep 14 09:40:28 2023 -0700

    perf parse-events: Fix tracepoint name memory leak
    
    [ Upstream commit ede72dca45b1893f3e9236b6ad6c4e790db232f6 ]
    
    Fuzzing found that an invalid tracepoint name would create a memory
    leak with an address sanitizer build:
    ```
    $ perf stat -e '*:o/' true
    event syntax error: '*:o/'
                           \___ parser error
    Run 'perf list' for a list of valid events
    
     Usage: perf stat [<options>] [<command>]
    
        -e, --event <event>   event selector. use 'perf list' to list available events
    
    =================================================================
    ==59380==ERROR: LeakSanitizer: detected memory leaks
    
    Direct leak of 4 byte(s) in 2 object(s) allocated from:
        #0 0x7f38ac07077b in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:439
        #1 0x55f2f41be73b in str util/parse-events.l:49
        #2 0x55f2f41d08e8 in parse_events_lex util/parse-events.l:338
        #3 0x55f2f41dc3b1 in parse_events_parse util/parse-events-bison.c:1464
        #4 0x55f2f410b8b3 in parse_events__scanner util/parse-events.c:1822
        #5 0x55f2f410d1b9 in __parse_events util/parse-events.c:2094
        #6 0x55f2f410e57f in parse_events_option util/parse-events.c:2279
        #7 0x55f2f4427b56 in get_value tools/lib/subcmd/parse-options.c:251
        #8 0x55f2f4428d98 in parse_short_opt tools/lib/subcmd/parse-options.c:351
        #9 0x55f2f4429d80 in parse_options_step tools/lib/subcmd/parse-options.c:539
        #10 0x55f2f442acb9 in parse_options_subcommand tools/lib/subcmd/parse-options.c:654
        #11 0x55f2f3ec99fc in cmd_stat tools/perf/builtin-stat.c:2501
        #12 0x55f2f4093289 in run_builtin tools/perf/perf.c:322
        #13 0x55f2f40937f5 in handle_internal_command tools/perf/perf.c:375
        #14 0x55f2f4093bbd in run_argv tools/perf/perf.c:419
        #15 0x55f2f409412b in main tools/perf/perf.c:535
    
    SUMMARY: AddressSanitizer: 4 byte(s) leaked in 2 allocation(s).
    ```
    Fix by adding the missing destructor.
    
    Fixes: 865582c3f48e ("perf tools: Adds the tracepoint name parsing support")
    Signed-off-by: Ian Rogers <irogers@xxxxxxxxxx>
    Cc: He Kuang <hekuang@xxxxxxxxxx>
    Link: https://lore.kernel.org/r/20230914164028.363220-1-irogers@xxxxxxxxxx
    Signed-off-by: Namhyung Kim <namhyung@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/tools/perf/util/parse-events.y b/tools/perf/util/parse-events.y
index 8b25b964d6962..c4f675f15fa91 100644
--- a/tools/perf/util/parse-events.y
+++ b/tools/perf/util/parse-events.y
@@ -107,6 +107,7 @@ static void free_list_evsel(struct list_head* list_evsel)
 %type <list_evsel> groups
 %destructor { free_list_evsel ($$); } <list_evsel>
 %type <tracepoint_name> tracepoint_name
+%destructor { free ($$.sys); free ($$.event); } <tracepoint_name>
 %type <hardware_term> PE_TERM_HW
 %destructor { free ($$.str); } <hardware_term>
 






