From: Shuai Xue <xueshuai@xxxxxxxxxxxxxxxxx> Revert "perf hist: Add missing puts to hist__account_cycles" This reverts commit a83fc293acd5c5050a4828eced4a71d2b2fffdd3. On x86 platform, kernel v5.10.228, perf-report command aborts due to "free(): invalid pointer" when perf-record command is run with taken branch stack sampling enabled. This regression can be reproduced with the following steps: - sudo perf record -b - sudo perf report The root cause is that bi[i].to.ms.maps does not always point to thread->maps, which is a buffer dynamically allocated by maps_new(). Instead, it may point to &machine->kmaps, while kmaps is not a pointer but a variable. The original upstream commit c1149037f65b ("perf hist: Add missing puts to hist__account_cycles") worked well because machine->kmaps had been refactored to a pointer by the previous commit 1a97cee604dc ("perf maps: Use a pointer for kmaps"). To this end, just revert commit a83fc293acd5c5050a4828eced4a71d2b2fffdd3. It is worth noting that the memory leak issue, which the reverted patch intended to fix, has been solved by commit cf96b8e45a9b ("perf session: Add missing evlist__delete when deleting a session"). The root cause is that the evlist is not being deleted on exit in perf-report, perf-script, and perf-data. Consequently, the reference count of the thread increased by thread__get() in hist_entry__init() is not decremented in hist_entry__delete(). As a result, thread->maps is not properly freed. Cc: Adrian Hunter <adrian.hunter@xxxxxxxxx> Cc: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx> Cc: Ian Rogers <irogers@xxxxxxxxxx> Cc: Mark Rutland <mark.rutland@xxxxxxx> Cc: Namhyung Kim <namhyung@xxxxxxxxxx> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx> Cc: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx> Cc: K Prateek Nayak <kprateek.nayak@xxxxxxx> Cc: Ravi Bangoria <ravi.bangoria@xxxxxxx> Cc: Sandipan Das <sandipan.das@xxxxxxx> Cc: Anshuman Khandual <anshuman.khandual@xxxxxxx> Cc: German Gomez <german.gomez@xxxxxxx> Cc: James Clark <james.clark@xxxxxxx> Cc: Nick Terrell <terrelln@xxxxxx> Cc: Sean Christopherson <seanjc@xxxxxxxxxx> Cc: Changbin Du <changbin.du@xxxxxxxxxx> Cc: liuwenyu <liuwenyu7@xxxxxxxxxx> Cc: Yang Jihong <yangjihong1@xxxxxxxxxx> Cc: Masami Hiramatsu <mhiramat@xxxxxxxxxx> Cc: Miguel Ojeda <ojeda@xxxxxxxxxx> Cc: Song Liu <song@xxxxxxxxxx> Cc: Leo Yan <leo.yan@xxxxxxxxxx> Cc: Kajol Jain <kjain@xxxxxxxxxxxxx> Cc: Andi Kleen <ak@xxxxxxxxxxxxxxx> Cc: Kan Liang <kan.liang@xxxxxxxxxxxxxxx> Cc: Athira Rajeev <atrajeev@xxxxxxxxxxxxxxxxxx> Cc: Yanteng Si <siyanteng@xxxxxxxxxxx> Cc: Liam Howlett <liam.howlett@xxxxxxxxxx> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> Cc: stable@xxxxxxxxxxxxxxx # 5.10.228 Signed-off-by: Shuai Xue <xueshuai@xxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- tools/perf/util/hist.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) --- a/tools/perf/util/hist.c +++ b/tools/perf/util/hist.c @@ -2624,6 +2624,8 @@ void hist__account_cycles(struct branch_ /* If we have branch cycles always annotate them. */ if (bs && bs->nr && entries[0].flags.cycles) { + int i; + bi = sample__resolve_bstack(sample, al); if (bi) { struct addr_map_symbol *prev = NULL; @@ -2638,7 +2640,7 @@ void hist__account_cycles(struct branch_ * Note that perf stores branches reversed from * program order! */ - for (int i = bs->nr - 1; i >= 0; i--) { + for (i = bs->nr - 1; i >= 0; i--) { addr_map_symbol__account_cycles(&bi[i].from, nonany_branch_mode ? NULL : prev, bi[i].flags.cycles); @@ -2647,12 +2649,6 @@ void hist__account_cycles(struct branch_ if (total_cycles) *total_cycles += bi[i].flags.cycles; } - for (unsigned int i = 0; i < bs->nr; i++) { - map__put(bi[i].to.ms.map); - maps__put(bi[i].to.ms.maps); - map__put(bi[i].from.ms.map); - maps__put(bi[i].from.ms.maps); - } free(bi); } } Patches currently in stable-queue which might be from xueshuai@xxxxxxxxxxxxxxxxx are queue-5.10/revert-perf-hist-add-missing-puts-to-hist__account_cycles.patch queue-5.10/perf-session-add-missing-evlist__delete-when-deleting-a-session.patch