Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp1678605rdb; Thu, 7 Dec 2023 06:09:49 -0800 (PST) X-Google-Smtp-Source: AGHT+IE0+mmFkmfX7yCSFd2CkaJsr3JZbu1xsc6oyQ0uwWIM/2hXhvTvG/nTiZlh2DyurA62NEUd X-Received: by 2002:a05:6a00:3287:b0:6ce:4052:7569 with SMTP id ck7-20020a056a00328700b006ce40527569mr2148067pfb.48.1701958189439; Thu, 07 Dec 2023 06:09:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701958189; cv=none; d=google.com; s=arc-20160816; b=GeMzcU9tDowZ52DX9fCudWHWBiIm/Ry6Cdk0gItqLmibNgCFkbk+/1gBTaLawiEBS+ dtAjhWCXBFMGan1B8oQNK1vgXNu88C1Q8KniRyFzOZexrA7vCIIgT7HxxFNorE2LnZjT 5Hp55M9pRRY8V2YShJrhSB/m3szulcbvYntfGFvbgJpebSYmBBNXRKYyiRH/DygM/mcU N/ACRC539VnNT79HVF5Dq1en5ZUfeO0Rs7HH0Iryj0JMsi5dfXbnGTGfxpQKuZ8EZ6nV aRACGM0gJ/DsAmOq1ropryIxrBrnHoY9ho6OYim3FaZmCh5TWfvlyoh9LTs3v4drtfPH ow9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=aoaU6WQ8q44Ca3MbNZYz/evSVaw7HZm0p6kfEItmgyI=; fh=5B4VHTfBpS73VUCHPeppcDmZ0Wbr+Xr89EldrXw+lcs=; b=VXeDBn1EnQ1WKFvbvJvqvGgCfM4Mxl8uFJGud6YxLGVIEYwlANBVi7yKllgUjnz/Bu OOGdwQJDXnB8ZB1Ux7wNW8HLhgdMjq7zSpUETOZdR6gs6v/ELxtc7bJKkHxu420ma9Ey Rc+OcgmzQBP6gArWOTjQaZgX6AF1uMroBpzld1JPR1i8ZZTF57hXhRvQwjVa2xvNUht/ I4BkHy0cTmJS5xDBhCfidhkjAcd537yWN4gE2n0pUcMbJm2MMHgHby2sYvoUsGm3PReP Eew5uTncV7mBspwLiV/22iq7Q9hoKU2fNTIwnMDjUWldKPXdDEXHDJ9pXoZAcT6j2G3W 3u2g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id l5-20020a056a00140500b006ce96e33e9esi1274773pfu.317.2023.12.07.06.09.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 Dec 2023 06:09:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id D40F680ABDDC; Thu, 7 Dec 2023 06:09:46 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1442978AbjLGOJb (ORCPT + 99 others); Thu, 7 Dec 2023 09:09:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49380 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1442831AbjLGOJ3 (ORCPT ); Thu, 7 Dec 2023 09:09:29 -0500 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 529E610C2; Thu, 7 Dec 2023 06:09:34 -0800 (PST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 407A412FC; Thu, 7 Dec 2023 06:10:20 -0800 (PST) Received: from e126817.. (e126817.cambridge.arm.com [10.2.3.5]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id A71BB3F6C4; Thu, 7 Dec 2023 06:09:32 -0800 (PST) From: Ben Gainey To: linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org Cc: peterz@infradead.org, mingo@redhat.com, acme@kernel.org, mark.rutland@arm.com, alexander.shishkin@linux.intel.com, jolsa@kernel.org, namhyung@kernel.org, irogers@google.com, adrian.hunter@intel.com, Ben Gainey Subject: [PATCH] tools/perf: Fix missing reference count get in call_path_from_sample Date: Thu, 7 Dec 2023 14:09:11 +0000 Message-ID: <20231207140911.3240408-1-ben.gainey@arm.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Thu, 07 Dec 2023 06:09:47 -0800 (PST) The addr_location map and maps fields in the inner loop were missing calls to map__get/maps__get. The subsequent addr_location__exit call in each loop puts the map/maps fields causing use-after-free aborts. This issue reproduces on at least arm64 and x86_64 with something simple like `perf record -g ls` followed by `perf script -s script.py` with the following script: perf_db_export_mode = True perf_db_export_calls = False perf_db_export_callchains = True def sample_table(*args): print(f'sample_table({args})') def call_path_table(*args): print(f'call_path_table({args}') Fixes: 0dd5041c9a0ea ("perf addr_location: Add init/exit/copy functions") Signed-off-by: Ben Gainey --- tools/perf/util/db-export.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/perf/util/db-export.c b/tools/perf/util/db-export.c index b9fb71ab7a73..106429155c2e 100644 --- a/tools/perf/util/db-export.c +++ b/tools/perf/util/db-export.c @@ -253,8 +253,8 @@ static struct call_path *call_path_from_sample(struct db_export *dbe, */ addr_location__init(&al); al.sym = node->ms.sym; - al.map = node->ms.map; - al.maps = thread__maps(thread); + al.map = map__get(node->ms.map); + al.maps = maps__get(thread__maps(thread)); al.addr = node->ip; if (al.map && !al.sym) -- 2.43.0