summaryrefslogtreecommitdiff
path: root/tools/perf/scripts/python/bin/flamegraph-record
diff options
context:
space:
mode:
authorArnaldo Carvalho de Melo <acme@redhat.com>2026-06-06 11:03:29 -0300
committerArnaldo Carvalho de Melo <acme@redhat.com>2026-06-06 11:03:29 -0300
commit25627346b10e6a564610ea2c49dc6dd54812226d (patch)
tree9d87db2287a8aac2728b38b62c6b9db5066a3625 /tools/perf/scripts/python/bin/flamegraph-record
parent75eafe4a3a93a0143a20c0cc286bfb9008ac1478 (diff)
perf mmap: Fix NULL deref in aio cleanup on alloc failure
perf_mmap__aio_mmap() sets map->aio.nr_cblocks before allocating the data array. If calloc() for aiocb or cblocks fails before the data array is allocated, the return -1 path leads to perf_mmap__aio_munmap() which loops nr_cblocks times calling perf_mmap__aio_free(). Both versions of perf_mmap__aio_free() (NUMA and non-NUMA) dereference map->aio.data[idx] without checking if data is NULL, causing a NULL pointer dereference. Add NULL checks for map->aio.data at the top of both perf_mmap__aio_free() variants so the cleanup path is safe when allocation fails partway through perf_mmap__aio_mmap(). Fixes: d3d1af6f011a553a ("perf record: Enable asynchronous trace writing") Reported-by: sashiko-bot <sashiko-bot@kernel.org> Cc: Alexey Budankov <alexey.budankov@linux.intel.com> Assisted-by: Claude:claude-opus-4.6 Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Diffstat (limited to 'tools/perf/scripts/python/bin/flamegraph-record')
0 files changed, 0 insertions, 0 deletions