Re: [PATCH] perf/x86/uncore: fix a potential double-free in uncore_type_init

From: dinghao . liu
Date: Tue Dec 05 2023 - 03:47:28 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v2 1/6] dt-bindings: interrupt-controller: Add support for Realtek DHC SoCs"
Previous message: Matti Vaittinen: "Re: [PATCH 3/4] overflow: Replace fake root_device with kunit_device"
In reply to: Zhenyu Wang: "Re: [PATCH] perf/x86/uncore: fix a potential double-free in uncore_type_init"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On 2023.12.05 11:27:09 +0800, Dinghao Liu wrote:
> > When kzalloc for pmus[i].boxes fails, we should clean up pmus
> > to prevent memleak. However, when kzalloc for attr_group fails,
> > pmus has been assigned to type->pmus, and freeing will be done
> > later on by the callers. The chain is: uncore_type_init ->
> > uncore_types_init -> uncore_pci_init -> uncore_types_exit ->
> > uncore_type_exit. Therefore, freeing pmus in uncore_type_init
> > may cause a double-free. Fix this by setting type->pmus to
> > NULL after kfree.
>
> Change is ok but the call trace you wrote here is reversed or malformed??
> With that fixed or cleared.
>

Thanks for your advice. I will fix it and resend a new patch soon.

Regards,
Dinghao

Next message: Krzysztof Kozlowski: "Re: [PATCH v2 1/6] dt-bindings: interrupt-controller: Add support for Realtek DHC SoCs"
Previous message: Matti Vaittinen: "Re: [PATCH 3/4] overflow: Replace fake root_device with kunit_device"
In reply to: Zhenyu Wang: "Re: [PATCH] perf/x86/uncore: fix a potential double-free in uncore_type_init"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]