Re: [PATCH v4 03/53] libperf: Lazily allocate mmap event copy

From: Guilherme Amadio
Date: Fri Nov 03 2023 - 04:33:13 EST

Next message: Conor Dooley: "Re: [PATCH] RISC-V: Probe misaligned access speed in parallel"
Previous message: AngeloGioacchino Del Regno: "Re: [PATCH] ASoC: SOF: sof-client: trivial: fix comment typo"
In reply to: Ian Rogers: "[PATCH v4 03/53] libperf: Lazily allocate mmap event copy"
Next in thread: Ian Rogers: "Re: [PATCH v4 03/53] libperf: Lazily allocate mmap event copy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Thu, Nov 02, 2023 at 10:56:45AM -0700, Ian Rogers wrote:
> The event copy in the mmap is used to have storage to a read
> event. Not all users of mmaps read the events, such as perf record, so
> switch the allocation to being on first read rather than being
> embedded within the perf_mmap.
>
> Signed-off-by: Ian Rogers <irogers@xxxxxxxxxx>
> ---
> tools/lib/perf/include/internal/mmap.h | 2 +-
> tools/lib/perf/mmap.c | 9 +++++++++
> 2 files changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/tools/lib/perf/include/internal/mmap.h b/tools/lib/perf/include/internal/mmap.h
> index 5a062af8e9d8..b11aaf5ed645 100644
> --- a/tools/lib/perf/include/internal/mmap.h
> +++ b/tools/lib/perf/include/internal/mmap.h
> @@ -33,7 +33,7 @@ struct perf_mmap {
> bool overwrite;
> u64 flush;
> libperf_unmap_cb_t unmap_cb;
> - char event_copy[PERF_SAMPLE_MAX_SIZE] __aligned(8);
> + void *event_copy;
> struct perf_mmap *next;
> };
>
> diff --git a/tools/lib/perf/mmap.c b/tools/lib/perf/mmap.c
> index 2184814b37dd..91ae46aac378 100644
> --- a/tools/lib/perf/mmap.c
> +++ b/tools/lib/perf/mmap.c
> @@ -51,6 +51,8 @@ int perf_mmap__mmap(struct perf_mmap *map, struct perf_mmap_param *mp,
>
> void perf_mmap__munmap(struct perf_mmap *map)
> {
> + free(map->event_copy);
> + map->event_copy = NULL;
> if (map && map->base != NULL) {

If map can be NULL as the if statement above suggests, then there is a
potential a null pointer dereference bug here. Suggestion:

if (!map)
return;

free(map->event_copy);
map->event_copy = NULL;
if (map->base != NULL) {

...

Cheers,
-Guilherme

> munmap(map->base, perf_mmap__mmap_len(map));
> map->base = NULL;
> @@ -226,6 +228,13 @@ static union perf_event *perf_mmap__read(struct perf_mmap *map,
> unsigned int len = min(sizeof(*event), size), cpy;
> void *dst = map->event_copy;
>
> + if (!dst) {
> + dst = malloc(PERF_SAMPLE_MAX_SIZE);
> + if (!dst)
> + return NULL;
> + map->event_copy = dst;
> + }
> +
> do {
> cpy = min(map->mask + 1 - (offset & map->mask), len);
> memcpy(dst, &data[offset & map->mask], cpy);
> --
> 2.42.0.869.gea05f2083d-goog
>
>

Next message: Conor Dooley: "Re: [PATCH] RISC-V: Probe misaligned access speed in parallel"
Previous message: AngeloGioacchino Del Regno: "Re: [PATCH] ASoC: SOF: sof-client: trivial: fix comment typo"
In reply to: Ian Rogers: "[PATCH v4 03/53] libperf: Lazily allocate mmap event copy"
Next in thread: Ian Rogers: "Re: [PATCH v4 03/53] libperf: Lazily allocate mmap event copy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]