From: James Clark Date: Mon, 12 Jun 2023 15:04:24 +0000 (+0100) Subject: perf map: Fix double 'struct map' reference free found with -DREFCNT_CHECKING=1 X-Git-Tag: v6.5-rc1~18^2~126 X-Git-Url: https://git.kernel.dk/?a=commitdiff_plain;h=0d98a7af4b12ae7ea78075240a66c21e5d3d9325;p=linux-2.6-block.git perf map: Fix double 'struct map' reference free found with -DREFCNT_CHECKING=1 When quitting after running a 'perf report', the refcount checker finds some double frees. The issue is that map__put() is called on a function argument so it removes the refcount wrapper that someone else was using. Fix it by only calling map__put() on a reference that is owned by this function. Committer notes: Narrowed the map_ref scope as suggested by Ian, removed the symbol-elf part as it was already fixed by another patch, from Ian. Signed-off-by: James Clark Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20230612150424.198914-1-james.clark@arm.com Signed-off-by: Arnaldo Carvalho de Melo --- diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c index 6b9c55784b56..d275d3bef7d5 100644 --- a/tools/perf/util/symbol.c +++ b/tools/perf/util/symbol.c @@ -1458,16 +1458,18 @@ static int dso__load_kcore(struct dso *dso, struct map *map, list_del_init(&new_node->node); if (RC_CHK_ACCESS(new_map) == RC_CHK_ACCESS(replacement_map)) { + struct map *map_ref; + map__set_start(map, map__start(new_map)); map__set_end(map, map__end(new_map)); map__set_pgoff(map, map__pgoff(new_map)); map__set_map_ip(map, map__map_ip_ptr(new_map)); map__set_unmap_ip(map, map__unmap_ip_ptr(new_map)); /* Ensure maps are correctly ordered */ - map__get(map); - maps__remove(kmaps, map); - err = maps__insert(kmaps, map); - map__put(map); + map_ref = map__get(map); + maps__remove(kmaps, map_ref); + err = maps__insert(kmaps, map_ref); + map__put(map_ref); map__put(new_map); if (err) goto out_err;