Commit 4f3affe0 authored by Kan Liang's avatar Kan Liang Committed by Arnaldo Carvalho de Melo
Browse files

perf hist: Don't set hpp_fmt_value for members in --no-group 



Perf crashes as below when applying --no-group

  # perf record -e "{cache-misses,branches"} -b sleep 1
  # perf report --stdio --no-group
  free(): invalid next size (fast)
  Aborted (core dumped)
  #

In the __hpp__fmt(), only 1 hpp_fmt_value is allocated for the current
event when --no-group is applied.

However, the current implementation tries to assign the hists from all
members to the hpp_fmt_value, which exceeds the allocated memory.

Fixes: 8f6071a3 ("perf hist: Simplify __hpp_fmt() using hpp_fmt_data")
Signed-off-by: default avatarKan Liang <kan.liang@linux.intel.com>
Acked-by: default avatarNamhyung Kim <namhyung@kernel.org>
Cc: Ian Rogers <irogers@google.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: https://lore.kernel.org/r/20240820183202.3174323-1-kan.liang@linux.intel.com


Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
parent f133c764

tools/perf/ui/hist.c

+5 −5
Original line number Diff line number Diff line
@@ -62,7 +62,7 @@ static int __hpp__fmt(struct perf_hpp *hpp, struct hist_entry *he, 
	struct evsel *pos;

	char *buf = hpp->buf;

	size_t size = hpp->size;

	int i, nr_members = 1;

	int i = 0, nr_members = 1;

	struct hpp_fmt_value *values;



	if (evsel__is_group_event(evsel))
@@ -72,16 +72,16 @@ static int __hpp__fmt(struct perf_hpp *hpp, struct hist_entry *he, 
	if (values == NULL)

		return 0;



	i = 0;

	for_each_group_evsel(pos, evsel)

		values[i++].hists = evsel__hists(pos);



	values[0].hists = evsel__hists(evsel);

	values[0].val = get_field(he);

	values[0].samples = he->stat.nr_events;



	if (evsel__is_group_event(evsel)) {

		struct hist_entry *pair;



		for_each_group_member(pos, evsel)

			values[++i].hists = evsel__hists(pos);



		list_for_each_entry(pair, &he->pairs.head, pairs.node) {

			for (i = 0; i < nr_members; i++) {

				if (values[i].hists != pair->hists)