Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752419AbdDECrU (ORCPT ); Tue, 4 Apr 2017 22:47:20 -0400 Received: from mga05.intel.com ([192.55.52.43]:7632 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751209AbdDECrT (ORCPT ); Tue, 4 Apr 2017 22:47:19 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.36,276,1486454400"; d="asc'?scan'208";a="951963757" Date: Wed, 5 Apr 2017 10:44:22 +0800 From: "Du, Changbin" To: Arnaldo Carvalho de Melo Cc: Namhyung Kim , Jiri Olsa , changbin.du@intel.com, Peter Zijlstra , Ingo Molnar , "linux-kernel@vger.kernel.org" Subject: Re: [PATCH v2] perf: fix double free at function perf_hpp__reset_output_field Message-ID: <20170405024422.GA4361@intel.com> References: <20170315021631.31980-1-changbin.du@intel.com> <20170327062255.27309-1-changbin.du@intel.com> <20170404151940.GD12903@kernel.org> <20170404155103.GF12903@kernel.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0OAP2g/MAC+5xKAE" Content-Disposition: inline In-Reply-To: <20170404155103.GF12903@kernel.org> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2518 Lines: 78 --0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 04, 2017 at 12:51:03PM -0300, Arnaldo Carvalho de Melo wrote: > Em Wed, Apr 05, 2017 at 12:34:59AM +0900, Namhyung Kim escreveu: > > Hi Arnaldo, > >=20 > > On Wed, Apr 5, 2017 at 12:19 AM, Arnaldo Carvalho de Melo > > wrote: > > > Em Mon, Mar 27, 2017 at 02:22:55PM +0800, changbin.du@intel.com escre= veu: > > >> From: Changbin Du > > >> > > >> Some perf_hpp_fmt both registered at field and sort list. For such > > >> instance, we only can free it when removed from the both lists. This > > >> function currently only used by self-test code, but still should fix > > >> it. > > > > > > Looks sane, applying, > > > > > > Jiri, Namhyung, please holler (or ack) if needed, > >=20 > > Did you actually see the double free problem? AFAICS the old code >=20 > I assumed that he had seen it, in some self-test code, Changbin, can you > please show command output or further describe when this patch would be > necessary? >=20 Arnaldo, I did observe this issue but not in self-test code. The self-test = code uses that function but does not have a case that a fmt linked to two both l= ist.=20 I found this issue when I try to add 'dynamic sort' feature to perf, which I use this function to reset out fields. Anyway, it is clear that this is a real bug, a potential issue need to fix. > - Arnaldo >=20 > > removed a fmt from both list before free it. In the first loop, fmt th= at > > was linked to both output list and sort list will be remove. And the > > second loop frees fmt that was linked only to the sort list (IOW, it > > frees fmt that was not freed in the first loop). > > This is right. It is to handle the fmts that linked to both two lists. > > Thanks, > > Namhyung > >=20 > >=20 > > > > > > - Arnaldo > > > --=20 Thanks, Changbin Du --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJY5FoGAAoJEAanuZwLnPNUL5gH/2745i4c95m0pQ9lQHIkBycD BtJnD0DgY+9BeRDSiUlXVS4s+F+9+TIgE5od8b8LsZB4p+xxLj23iHOEuTRQmpKv unirmAYWhb8dZYdfPiWf+UbHeEQEvAXGWwuSIusE0y/GoKCjd9JQxxPf0vUSWpC/ QkcxQVq5LoIYaZQ4zLKEXxVQW+EIAqYq2VBXiVNTkLSzDNitF9S+7eSfeDUG42bF +2FupQx/XicsG3+isIW+wT2BA5zLcOXMA7wy3cfP2Xt4t5uis+sGR/taf+g219yH fBKML2k4UTuU4swWRvzvRuOeylVAPj9HG5d/vMcsrYu3juJ3zmbYWcby73jfOCo= =fCEP -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE--