Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp2054909ybe; Thu, 12 Sep 2019 03:55:12 -0700 (PDT) X-Google-Smtp-Source: APXvYqzQ+v8GstgNbQS+z1KIe+n2fIrBa+McJ4NTUKuQCi1UiKs2+qN+lvIvL92djBHMAYzv7doD X-Received: by 2002:a17:906:4890:: with SMTP id v16mr34328556ejq.3.1568285712324; Thu, 12 Sep 2019 03:55:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568285712; cv=none; d=google.com; s=arc-20160816; b=WOE6UBWlk1huWyAxbE+JgZllK/9Ka9ZP/SOYhnXjibJBjYyH07iA1kJc5rKXBUmLeD 8fNH9l8Xc6adoZesTx+4VJFvhqSSfK34eya1yrWxnYmiGZKsy+qVGDsoXH18sPLGdpKQ JQ9QOuQv2NvPsyWm9+vicfPD+yvsms/Av9LStqdOHxKj332O80qwKiOw+kBlN+fGdqYp uwFMFSLQqGnmm2sSOeYZtKT09O7/qilnwdQwGZjKgIvioJMCBRBKSFx/LEfQj+qbAGQ7 0r+WZks6f+gyZzixNt69JyRuYwF/BrFMSQ/wYYxT+c2uBGrR40ZuDsQGbZ4bPNqi2j0K RReQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=s/20YhoCrNU7MvdqR48rASCR05umdlYRIBU5zQzctqw=; b=P3XR9bsNutl+Bz+zzW+ZBzavxydho69YSipAjARe2NvFodpKI+dmgcPB54znNtauV5 2kdeDruWXQI1j7P79XKdnGoiAquvjEveegsS0wuqDJ30OJhCl7betbaHHl9d5T0nnw6K 9AkQvDQ4VArJkXxn+UCTXuiWTD8M6C6bM94nhtSmlidItWZ1dM4Hnw5BKxrNkWAk1kvy EnAhe31X8n/9Zsnb71x2IdV9vTe9EbAa7PrMBHgXz6YHjxvHDsHk03E8RvnlUxjgmmqY 0hJpPwQVFnyIbGYnX4RE7dfdIA1p0wd4HgielJFso7homuv/wvNE4X5tfW9LWXaRueez HTHA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w26si7030658eda.438.2019.09.12.03.54.48; Thu, 12 Sep 2019 03:55:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731250AbfILKwj (ORCPT + 99 others); Thu, 12 Sep 2019 06:52:39 -0400 Received: from mx1.redhat.com ([209.132.183.28]:37498 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730023AbfILKwi (ORCPT ); Thu, 12 Sep 2019 06:52:38 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4A58E36955; Thu, 12 Sep 2019 10:52:38 +0000 (UTC) Received: from krava.brq.redhat.com (unknown [10.43.17.36]) by smtp.corp.redhat.com (Postfix) with ESMTP id 243DF194B9; Thu, 12 Sep 2019 10:52:35 +0000 (UTC) From: Jiri Olsa To: Arnaldo Carvalho de Melo Cc: lkml , Ingo Molnar , Namhyung Kim , Alexander Shishkin , Peter Zijlstra , Michael Petlan Subject: [PATCH] perf tools: Fix segfault in cpu_cache_level__read Date: Thu, 12 Sep 2019 12:52:35 +0200 Message-Id: <20190912105235.10689-1-jolsa@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 12 Sep 2019 10:52:38 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org We release wrong pointer on error path in cpu_cache_level__read function, leading to segfault: (gdb) r record ls Starting program: /root/perf/tools/perf/perf record ls ... [ perf record: Woken up 1 times to write data ] double free or corruption (out) Thread 1 "perf" received signal SIGABRT, Aborted. 0x00007ffff7463798 in raise () from /lib64/power9/libc.so.6 (gdb) bt #0 0x00007ffff7463798 in raise () from /lib64/power9/libc.so.6 #1 0x00007ffff7443bac in abort () from /lib64/power9/libc.so.6 #2 0x00007ffff74af8bc in __libc_message () from /lib64/power9/libc.so.6 #3 0x00007ffff74b92b8 in malloc_printerr () from /lib64/power9/libc.so.6 #4 0x00007ffff74bb874 in _int_free () from /lib64/power9/libc.so.6 #5 0x0000000010271260 in __zfree (ptr=0x7fffffffa0b0) at ../../lib/zalloc.. #6 0x0000000010139340 in cpu_cache_level__read (cache=0x7fffffffa090, cac.. #7 0x0000000010143c90 in build_caches (cntp=0x7fffffffa118, size= --- tools/perf/util/header.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c index b0c34dda30a0..3527b9897b6f 100644 --- a/tools/perf/util/header.c +++ b/tools/perf/util/header.c @@ -1081,7 +1081,7 @@ static int cpu_cache_level__read(struct cpu_cache_level *cache, u32 cpu, u16 lev scnprintf(file, PATH_MAX, "%s/shared_cpu_list", path); if (sysfs__read_str(file, &cache->map, &len)) { - zfree(&cache->map); + zfree(&cache->size); zfree(&cache->type); return -1; } -- 2.21.0