From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58480C2B9F4 for ; Fri, 25 Jun 2021 13:33:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4235D6197F for ; Fri, 25 Jun 2021 13:33:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229934AbhFYNgM (ORCPT ); Fri, 25 Jun 2021 09:36:12 -0400 Received: from mga09.intel.com ([134.134.136.24]:60695 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231405AbhFYNgL (ORCPT ); Fri, 25 Jun 2021 09:36:11 -0400 IronPort-SDR: Am3T49/h7rIhnOGgtdOhGsZ3bJMSJYibh3fqfGRZ39srSeAqX2FbEa/7WnTT7snEh+K395I6vF i2udpRoHzoig== X-IronPort-AV: E=McAfee;i="6200,9189,10025"; a="207604412" X-IronPort-AV: E=Sophos;i="5.83,298,1616482800"; d="scan'208";a="207604412" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jun 2021 06:33:43 -0700 IronPort-SDR: pztxzw/tCs55ZqO+mK7NNFEZa88UeagOOL+KYB7M7VWD5tFBDxDZofh9GSLXTr6wKIDGGifYKq Y1ExdhqKNxqg== X-IronPort-AV: E=Sophos;i="5.83,298,1616482800"; d="scan'208";a="488184911" Received: from aantonov-mobl.ccr.corp.intel.com (HELO [10.249.230.200]) ([10.249.230.200]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jun 2021 06:33:40 -0700 Subject: Re: [PATCH] x86: eas should not be NULL when it is referenced To: "Liang, Kan" , 13145886936@163.com, tglx@linutronix.de, bp@alien8.de, x86@kernel.org Cc: linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org, gushengxian , Peter Zijlstra References: <20210624070442.34291-1-13145886936@163.com> <40e66cf9-398b-20d7-ce4d-433be6e08921@linux.intel.com> From: Alexander Antonov Message-ID: Date: Fri, 25 Jun 2021 16:33:31 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: linux-perf-users@vger.kernel.org Hello Kan, > On 6/24/2021 3:03 PM, Liang, Kan wrote: >> I think the NULL pointer dereference of eas should not happen, >> because die is -1 if eas is NULL. But the whole error handling path >> looks fragile. >> >> We already fixed one issue caused by it in commit ID f797f05d917f >> ("perf/x86/intel/uncore: Fix for iio mapping on Skylake Server") >> https://lore.kernel.org/lkml/160149233331.7002.10919231011379055356.tip-bot2@tip-bot2/ >> >> >> Maybe something as below? >> >>  From 3de81ba3b04262ef3346297d82f6c4ffb4af7029 Mon Sep 17 00:00:00 2001 >> From: Kan Liang >> Date: Thu, 24 Jun 2021 11:17:57 -0700 >> Subject: [PATCH] perf/x86/intel/uncore: Clean up error handling path >> of iio mapping >> >> The error handling path of iio mapping looks fragile. We already fixed >> one issue caused by it, commit ID f797f05d917f ("perf/x86/intel/uncore: >> Fix for iio mapping on Skylake Server"). Clean up the error handling >> path and make the code robust. I didn't catch why does the current error handling path look fragile? Are there cases when it works incorrect? Thanks, Alexander >> >> Reported-by: gushengxian >> Signed-off-by: Kan Liang >> --- >>   arch/x86/events/intel/uncore_snbep.c | 6 ++++-- >>   1 file changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/arch/x86/events/intel/uncore_snbep.c >> b/arch/x86/events/intel/uncore_snbep.c >> index 7622762..6d4a5a9 100644 >> --- a/arch/x86/events/intel/uncore_snbep.c >> +++ b/arch/x86/events/intel/uncore_snbep.c >> @@ -3802,11 +3802,11 @@ pmu_iio_set_mapping(struct intel_uncore_type >> *type, struct attribute_group *ag) >>       /* One more for NULL. */ >>       attrs = kcalloc((uncore_max_dies() + 1), sizeof(*attrs), >> GFP_KERNEL); >>       if (!attrs) >> -        goto err; >> +        goto clear_topology; >> >>       eas = kcalloc(uncore_max_dies(), sizeof(*eas), GFP_KERNEL); >>       if (!eas) >> -        goto err; >> +        goto clear_attrs; >> >>       for (die = 0; die < uncore_max_dies(); die++) { >>           sprintf(buf, "die%ld", die); >> @@ -3827,7 +3827,9 @@ pmu_iio_set_mapping(struct intel_uncore_type >> *type, struct attribute_group *ag) >>       for (; die >= 0; die--) >>           kfree(eas[die].attr.attr.name); >>       kfree(eas); >> +clear_attrs: >>       kfree(attrs); >> +clear_topology: >>       kfree(type->topology); >>   clear_attr_update: >>       type->attr_update = NULL;