Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1113966pxj;
        Fri, 4 Jun 2021 06:26:36 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwvDzpoJF5dTzeU2o+6RcnKswVIgkBxlfNQiqJK259BcQJ+W52Sg1lGsc5iWCHxA019tYf9
X-Received: by 2002:a05:6402:1153:: with SMTP id g19mr4597250edw.179.1622813196046;
        Fri, 04 Jun 2021 06:26:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1622813196; cv=none;
        d=google.com; s=arc-20160816;
        b=V9OjlnrbW59dV6mZKGV3Bkr+ZXFEpOkM1p2Zfn3sjUL2zE9kHZefffHERafxtXCWsc
         LfJLCiEgLAwFlitWcosQhWSZeN+naeDaL3+aVTLEUtGQplYfkh+Dy/oCq9UTzZLo36n7
         0GLnXYVR3RaV6QZBa91pJGF3TYIz0wNX++MvDbfU5XlnohkLW9FbqkHsUiRQ1dgmPlQz
         T1d+Lt09vUgHzvPqs6zao/L9FKuwWRmhiKYSYU5A/lVgTuzZcJWT9oTtTC8ZZidKNslj
         XAYAScZ8E2VN+gGxpsxbgUqhs5ue32h2xMIccUmGOU6gcJmMDmi25BdM7wGSw8pbrvhl
         Tx4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=zkBSIBxz1VCwE1YcLws98sZW6KTlM9k/D/n2pv3kiPA=;
        b=kMk2KbDXlM7yB2H4YW/TKGTkwHQDYi8cOPUoc3N0ArbFqvNCeTM5GkSSap/EXJevIT
         XwBP6SQ4799G5JqCpYMe+/wXJLS7kdKlZAf7sGynv8FffaMPjw3mzpAaZ8Bkm9CL95aW
         Bk5PHbU7m301duYWaKIoCSiwl9xoZaogJU/9TOSe5+7J4uj+V0RhqlWUA0uWRC9lfilw
         sSbjLzhTEEPTbMP07JcXReYwFQvptDfGdp5f0rcylodq9kT7PC96zAQL/rXWEUX1M+ZU
         avV97rRq8Iv+Rx0uDBMMgP0YgpwdzuokDDHRPdSXqIfzxulJaFf144z/TlOWMe184amw
         5Nvg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=sj3BnbI4;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id eb13si5403860edb.312.2021.06.04.06.26.12;
        Fri, 04 Jun 2021 06:26:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=sj3BnbI4;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230400AbhFDNYr (ORCPT <rfc822;luming.yu@gmail.com> + 99 others);
        Fri, 4 Jun 2021 09:24:47 -0400
Received: from mail.kernel.org ([198.145.29.99]:53166 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230004AbhFDNYr (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 4 Jun 2021 09:24:47 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id AAAF0613F8;
        Fri,  4 Jun 2021 13:23:00 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1622812980;
        bh=CacgOeszuf1puG/c/mHimSF4x/m/bEXJkxl9WmnMoB0=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=sj3BnbI4EHX+6bgxdlb42T5rgwP/tLppFWYMMS7hj/18OxdcgT18WYPpeMYY9n5Fo
         wC7Y1soIZ7c/HbuCQqqc5xKErAaBCMMHbxnySKrUN9LMOMB+pN85PGVDTZFLTyxqFt
         v7W8TKWrpw5gnFa9hZw/wVlODMSihA2Xq8THa1OG5ENq3wGqEUy6nB+Gf7NZouenjQ
         CQI2ci9FC2at/9hf5HO0Bwb8b/RuiRYYqMiblwqpkxrqGTuSyqxzmmvrS2olyhV6OG
         FfpHaTh3y5H4OZcYJxqZsoWVtc1DI3kFyhzQfMZimnbGR13ppG+oAhdqU1+/x/oh/l
         U3oGmKhATzvTQ==
Received: by quaco.ghostprotocols.net (Postfix, from userid 1000)
        id 8D4A840EFC; Fri,  4 Jun 2021 10:22:56 -0300 (-03)
Date:   Fri, 4 Jun 2021 10:22:56 -0300
From:   Arnaldo Carvalho de Melo <acme@kernel.org>
To:     Ian Rogers <irogers@google.com>
Cc:     Riccardo Mancini <rickyman7@gmail.com>,
        Namhyung Kim <namhyung@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Ingo Molnar <mingo@redhat.com>,
        Mark Rutland <mark.rutland@arm.com>,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Jiri Olsa <jolsa@redhat.com>,
        Adrian Hunter <adrian.hunter@intel.com>,
        Andi Kleen <ak@linux.intel.com>,
        Tommi Rantala <tommi.t.rantala@nokia.com>,
        linux-perf-users <linux-perf-users@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] perf ksymbol: fix memory leak: decrease refcount of map
 and dso
Message-ID: <YLopMBgLWysdJbkm@kernel.org>
References: <20210602231052.317048-1-rickyman7@gmail.com>
 <CAP-5=fVxHUnwGoRypMjCsPSh_yo5PB8Hzbkx5ArA5b0=7S-67g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAP-5=fVxHUnwGoRypMjCsPSh_yo5PB8Hzbkx5ArA5b0=7S-67g@mail.gmail.com>
X-Url:  http://acmel.wordpress.com
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Em Thu, Jun 03, 2021 at 09:26:40PM -0700, Ian Rogers escreveu:
> On Wed, Jun 2, 2021 at 4:15 PM Riccardo Mancini <rickyman7@gmail.com> wrote:
> > +++ b/tools/perf/util/machine.c
> > @@ -776,6 +776,7 @@ static int machine__process_ksymbol_register(struct machine *machine,
> >                 if (dso) {
> >                         dso->kernel = DSO_SPACE__KERNEL;
> >                         map = map__new2(0, dso);
> > +                       dso__put(dso);

> Will this cause 2 puts if the map allocation fails? Perhaps this
> should be "if (map) dso__put(dso);".

I think its just a matter of removing the put in the error path, i.e.
the patch becomes what is at the end of this message.

I.e. if map__new2() fails, we want to drop the dso reference, and if it
works, we already have a reference to it, obtained in map__new2().

But looking at this code now I realize that maps__find() should grab a
refcount for the map it returns, because in this
machine__process_ksymbol_register() function we use reference that 'map'
after the if block, i.e. we use it if it came from maps__find() or if we
created it machine__process_ksymbol_register, so there is a possible
race where other thread removes it from the list and map__put()s it
ending up in map__delete() while we still use it in
machine__process_ksymbol_register(), right?

- Arnaldo

> >                 }

> >                 if (!dso || !map) {
> > @@ -792,6 +793,7 @@ static int machine__process_ksymbol_register(struct machine *machine,
> >                 map->start = event->ksymbol.addr;
> >                 map->end = map->start + event->ksymbol.len;
> >                 maps__insert(&machine->kmaps, map);
> > +               map__put(map);
> >                 dso__set_loaded(dso);

> >                 if (is_bpf_image(event->ksymbol.name)) {

diff --git a/tools/perf/util/machine.c b/tools/perf/util/machine.c
index 3ff4936a15a42f74..da19be7da284c250 100644
--- a/tools/perf/util/machine.c
+++ b/tools/perf/util/machine.c
@@ -776,10 +776,10 @@ static int machine__process_ksymbol_register(struct machine *machine,
 		if (dso) {
 			dso->kernel = DSO_SPACE__KERNEL;
 			map = map__new2(0, dso);
+			dso__put(dso);
 		}
 
 		if (!dso || !map) {
-			dso__put(dso);
 			return -ENOMEM;
 		}
 
@@ -792,6 +792,7 @@ static int machine__process_ksymbol_register(struct machine *machine,
 		map->start = event->ksymbol.addr;
 		map->end = map->start + event->ksymbol.len;
 		maps__insert(&machine->kmaps, map);
+		map__put(map);
 		dso__set_loaded(dso);
 
 		if (is_bpf_image(event->ksymbol.name)) {