[PATCH 1/2] perf tools: Fix crash in perf_hpp__reset_output_field
From: Jiri Olsa
Date: Thu Jun 01 2017 - 07:17:53 EST
Du Changbin reported crash [1] when calling perf_hpp__reset_output_field
after unregistering field via perf_hpp__column_unregister.
This ends up in calling following list_del* sequence on
the same format:
perf_hpp__column_unregister:
list_del(&format->list);
perf_hpp__reset_output_field:
list_del_init(&fmt->list);
where the later list_del_init might touch already
freed formats.
Fixing this by replacing list_del with list_del_init
in perf_hpp__column_unregister.
[1] http://marc.info/?l=linux-kernel&m=149059595826019&w=2
Reported-by: "Du, Changbin" <changbin.du@xxxxxxxxx>
Link: http://lkml.kernel.org/n/tip-8umo89ntt3kawmfwsivav43t@xxxxxxxxxxxxxx
Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx>
---
tools/perf/ui/hist.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/ui/hist.c b/tools/perf/ui/hist.c
index 59addd52d9cd..feb2174ddd1f 100644
--- a/tools/perf/ui/hist.c
+++ b/tools/perf/ui/hist.c
@@ -530,7 +530,7 @@ void perf_hpp_list__prepend_sort_field(struct perf_hpp_list *list,
void perf_hpp__column_unregister(struct perf_hpp_fmt *format)
{
- list_del(&format->list);
+ list_del_init(&format->list);
}
void perf_hpp__cancel_cumulate(void)
--
2.9.4