Patch "perf symbols: Fix ownership of string in dso__load_vmlinux()" has been added to the 6.6-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    perf symbols: Fix ownership of string in dso__load_vmlinux()

to the 6.6-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     perf-symbols-fix-ownership-of-string-in-dso__load_vm.patch
and it can be found in the queue-6.6 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 7fdeee90fbe6bc54656a6872f20dba60d87507d9
Author: James Clark <james.clark@xxxxxxx>
Date:   Tue May 7 15:12:08 2024 +0100

    perf symbols: Fix ownership of string in dso__load_vmlinux()
    
    [ Upstream commit 25626e19ae6df34f336f235b6b3dbd1b566d2738 ]
    
    The linked commit updated dso__load_vmlinux() to call
    dso__set_long_name() before loading the symbols. Loading the symbols may
    not succeed but dso__set_long_name() takes ownership of the string. The
    two callers of this function free the string themselves on failure
    cases, resulting in the following error:
    
      $ perf record -- ls
      $ perf report
    
      free(): double free detected in tcache 2
    
    Fix it by always taking ownership of the string, even on failure. This
    means the string is either freed at the very first early exit condition,
    or later when the dso is deleted or the long name is replaced. Now no
    special return value is needed to signify that the caller needs to
    free the string.
    
    Fixes: e59fea47f83e8a9a ("perf symbols: Fix DSO kernel load and symbol process to correctly map DSO to its long_name, type and adjust_symbols")
    Reviewed-by: Ian Rogers <irogers@xxxxxxxxxx>
    Signed-off-by: James Clark <james.clark@xxxxxxx>
    Cc: Adrian Hunter <adrian.hunter@xxxxxxxxx>
    Cc: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx>
    Cc: Athira Rajeev <atrajeev@xxxxxxxxxxxxxxxxxx>
    Cc: Ingo Molnar <mingo@xxxxxxxxxx>
    Cc: Jiri Olsa <jolsa@xxxxxxxxxx>
    Cc: Mark Rutland <mark.rutland@xxxxxxx>
    Cc: Namhyung Kim <namhyung@xxxxxxxxxx>
    Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
    Link: https://lore.kernel.org/r/20240507141210.195939-5-james.clark@xxxxxxx
    Signed-off-by: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
index 1976af974a371..ea24f21aafc3e 100644
--- a/tools/perf/util/symbol.c
+++ b/tools/perf/util/symbol.c
@@ -1935,6 +1935,10 @@ int dso__load(struct dso *dso, struct map *map)
 	return ret;
 }
 
+/*
+ * Always takes ownership of vmlinux when vmlinux_allocated == true, even if
+ * it returns an error.
+ */
 int dso__load_vmlinux(struct dso *dso, struct map *map,
 		      const char *vmlinux, bool vmlinux_allocated)
 {
@@ -1953,8 +1957,11 @@ int dso__load_vmlinux(struct dso *dso, struct map *map,
 	else
 		symtab_type = DSO_BINARY_TYPE__VMLINUX;
 
-	if (symsrc__init(&ss, dso, symfs_vmlinux, symtab_type))
+	if (symsrc__init(&ss, dso, symfs_vmlinux, symtab_type)) {
+		if (vmlinux_allocated)
+			free((char *) vmlinux);
 		return -1;
+	}
 
 	/*
 	 * dso__load_sym() may copy 'dso' which will result in the copies having
@@ -1997,7 +2004,6 @@ int dso__load_vmlinux_path(struct dso *dso, struct map *map)
 		err = dso__load_vmlinux(dso, map, filename, true);
 		if (err > 0)
 			goto out;
-		free(filename);
 	}
 out:
 	return err;
@@ -2149,7 +2155,6 @@ static int dso__load_kernel_sym(struct dso *dso, struct map *map)
 		err = dso__load_vmlinux(dso, map, filename, true);
 		if (err > 0)
 			return err;
-		free(filename);
 	}
 
 	if (!symbol_conf.ignore_vmlinux && vmlinux_path != NULL) {




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux