From: Peter Zijlstra Date: Tue, 15 Apr 2025 10:12:52 +0000 (+0200) Subject: perf/core: Fix event->parent life-time issue X-Git-Tag: v6.16-rc1~196^2~43 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=162c9e3faf58eef653c74d0c774e6583d9225467;p=thirdparty%2Flinux.git perf/core: Fix event->parent life-time issue Due to an oversight in merging: da916e96e2de ("perf: Make perf_pmu_unregister() useable") on top of: 56799bc03565 ("perf: Fix hang while freeing sigtrap event") .. it is now possible to hit put_event(EVENT_TOMBSTONE), which makes the computer sad. This also means that for the event->parent == EVENT_TOMBSTONE, the put_event() matching inherit_event() has gone missing. Previously this was done in perf_event_release_kernel() after calling perf_remove_from_context(), but with it delegated to put_event(), this case is now entirely missed, leading to leaks. Fixes: da916e96e2de ("perf: Make perf_pmu_unregister() useable") Reported-by: kernel test robot Tested-by: kernel test robot Tested-by: James Clark Tested-by: Venkat Rao Bagalkote Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: Ingo Molnar Closes: https://lore.kernel.org/oe-lkp/202504131701.941039cd-lkp@intel.com Link: https://lkml.kernel.org/r/20250415131446.GN5600@noisy.programming.kicks-ass.net --- diff --git a/kernel/events/core.c b/kernel/events/core.c index 1a19df9d54fdb..43d87de3d4f24 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -2343,6 +2343,7 @@ static void perf_child_detach(struct perf_event *event) * not being a child event. See for example unaccount_event(). */ event->parent = EVENT_TOMBSTONE; + put_event(parent_event); } static bool is_orphaned_event(struct perf_event *event) @@ -5688,7 +5689,7 @@ static void put_event(struct perf_event *event) _free_event(event); /* Matches the refcount bump in inherit_event() */ - if (parent) + if (parent && parent != EVENT_TOMBSTONE) put_event(parent); }