From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Athira Rajeev <atrajeev@linux.ibm.com>
Cc: Namhyung Kim <namhyung@kernel.org>, Jiri Olsa <jolsa@kernel.org>,
Adrian Hunter <adrian.hunter@intel.com>,
Ian Rogers <irogers@google.com>,
"open list:PERFORMANCE EVENTS SUBSYSTEM"
<linux-perf-users@vger.kernel.org>,
Likhitha Korrapati <likhitha@linux.ibm.com>,
linuxppc-dev <linuxppc-dev@lists.ozlabs.org>,
Venkat Rao Bagalkote <venkat88@linux.ibm.com>,
Madhavan Srinivasan <maddy@linux.ibm.com>
Subject: Re: [PATCH] tools/lib/perf: Fix -Werror=alloc-size-larger-than in cpumap.c
Date: Fri, 25 Apr 2025 14:46:43 -0300 [thread overview]
Message-ID: <aAvKg8K2fyrZ6zy4@x1> (raw)
In-Reply-To: <D1C1E5D6-085A-41D1-85AB-52809C956BFB@linux.ibm.com>
On Fri, Apr 25, 2025 at 08:19:02PM +0530, Athira Rajeev wrote:
> > On 14 Apr 2025, at 7:08 AM, Madhavan Srinivasan <maddy@linux.ibm.com> wrote:
> > On 4/7/25 5:38 PM, Venkat Rao Bagalkote wrote:
> >> On 07/04/25 12:10 am, Athira Rajeev wrote:
> >>>> On 6 Apr 2025, at 10:04 PM, Likhitha Korrapati <likhitha@linux.ibm.com> wrote:
> >>>> perf build break observed when using gcc 13-3 (FC39 ppc64le)
> >>>> with the following error.
> >>>> cpumap.c: In function 'perf_cpu_map__merge':
> >>>> cpumap.c:414:20: error: argument 1 range [18446744069414584320, 18446744073709551614] exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=]
> >>>> 414 | tmp_cpus = malloc(tmp_len * sizeof(struct perf_cpu));
> >>>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >>>> In file included from cpumap.c:4:
> >>>> /usr/include/stdlib.h:672:14: note: in a call to allocation function 'malloc' declared here
> >>>> 672 | extern void *malloc (size_t __size) __THROW __attribute_malloc__
> >>>> | ^~~~~~
> >>>> cc1: all warnings being treated as errors
> >>>> Error happens to be only in gcc13-3 and not in latest gcc 14.
> >>>> Even though git-bisect pointed bad commit as:
> >>>> 'commit f5b07010c13c ("libperf: Don't remove -g when EXTRA_CFLAGS are used")',
> >>>> issue is with tmp_len being "int". It holds number of cpus and making
> >>>> it "unsigned int" fixes the issues.
> >>>> After the fix:
> >>>> CC util/pmu-flex.o
> >>>> CC util/expr-flex.o
> >>>> LD util/perf-util-in.o
> >>>> LD perf-util-in.o
> >>>> AR libperf-util.a
> >>>> LINK perf
> >>>> GEN python/perf.cpython-312-powerpc64le-linux-gnu.so
> >>>> Signed-off-by: Likhitha Korrapati <likhitha@linux.ibm.com>
> >>> Looks good to me
> >>> Reviewed-by: Athira Rajeev <atrajeev@linux.ibm.com>
> >> Tested this patch on perf-tools-next repo, and this patch fixes the issue.
> >> Tested-by: Venkat Rao Bagalkote <venkat88@linux.ibm.com>
> > Arnaldo, Namhyung,
> > can you consider pulling this fix? since it is breaking the build in gcc13-3 or
> > if you have any comments do let us know.
This isn't the only place in that file where this pattern exists:
⬢ [acme@toolbx perf-tools-next]$ grep malloc tools/lib/perf/cpumap.c
cpus = malloc(sizeof(*cpus) + sizeof(struct perf_cpu) * nr_cpus);
tmp_cpus = malloc(tmp_len * sizeof(struct perf_cpu));
tmp_cpus = malloc(tmp_len * sizeof(struct perf_cpu));
⬢ [acme@toolbx perf-tools-next]$
struct perf_cpu_map *perf_cpu_map__alloc(int nr_cpus)
{
RC_STRUCT(perf_cpu_map) *cpus;
struct perf_cpu_map *result;
if (nr_cpus == 0)
return NULL;
cpus = malloc(sizeof(*cpus) + sizeof(struct perf_cpu) * nr_cpus);
int perf_cpu_map__merge(struct perf_cpu_map **orig, struct perf_cpu_map *other)
{
struct perf_cpu *tmp_cpus;
int tmp_len;
int i, j, k;
struct perf_cpu_map *merged;
if (perf_cpu_map__is_subset(*orig, other))
return 0;
if (perf_cpu_map__is_subset(other, *orig)) {
perf_cpu_map__put(*orig);
*orig = perf_cpu_map__get(other);
return 0;
}
tmp_len = __perf_cpu_map__nr(*orig) + __perf_cpu_map__nr(other);
tmp_cpus = malloc(tmp_len * sizeof(struct perf_cpu));
struct perf_cpu_map *perf_cpu_map__intersect(struct perf_cpu_map *orig,
struct perf_cpu_map *other)
{
struct perf_cpu *tmp_cpus;
int tmp_len;
int i, j, k;
struct perf_cpu_map *merged = NULL;
if (perf_cpu_map__is_subset(other, orig))
return perf_cpu_map__get(orig);
if (perf_cpu_map__is_subset(orig, other))
return perf_cpu_map__get(other);
tmp_len = max(__perf_cpu_map__nr(orig), __perf_cpu_map__nr(other));
tmp_cpus = malloc(tmp_len * sizeof(struct perf_cpu));
I'm trying to figure out why its only in perf_cpu_map__merge() that this
triggers :-\
Maybe that max() call in perf_cpu_map__intersect() somehow makes the
compiler happy.
And in perf_cpu_map__alloc() all calls seems to validate it.
But wouldn't turning this into a calloc() be better?
Like:
diff --git a/tools/lib/perf/cpumap.c b/tools/lib/perf/cpumap.c
index 4454a5987570cfbc..99d21618a252ac0e 100644
--- a/tools/lib/perf/cpumap.c
+++ b/tools/lib/perf/cpumap.c
@@ -411,7 +411,7 @@ int perf_cpu_map__merge(struct perf_cpu_map **orig, struct perf_cpu_map *other)
}
tmp_len = __perf_cpu_map__nr(*orig) + __perf_cpu_map__nr(other);
- tmp_cpus = malloc(tmp_len * sizeof(struct perf_cpu));
+ tmp_cpus = calloc(tmp_len, sizeof(struct perf_cpu));
if (!tmp_cpus)
return -ENOMEM;
⬢ [acme@toolbx perf-tools-next]$
And better, do the max size that the compiler is trying to help us
catch?
- Arnaldo
next prev parent reply other threads:[~2025-04-25 17:46 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-06 16:34 [PATCH] tools/lib/perf: Fix -Werror=alloc-size-larger-than in cpumap.c Likhitha Korrapati
2025-04-06 18:40 ` Athira Rajeev
2025-04-07 12:08 ` Venkat Rao Bagalkote
2025-04-14 1:38 ` Madhavan Srinivasan
2025-04-25 14:49 ` Athira Rajeev
2025-04-25 17:46 ` Arnaldo Carvalho de Melo [this message]
2025-04-28 16:12 ` Likhitha Korrapati
2025-04-28 16:19 ` Likhitha Korrapati
2025-04-29 5:11 ` Likhitha Korrapati
2025-05-02 7:44 ` Mukesh Kumar Chaurasiya
2025-05-13 21:13 ` Arnaldo Carvalho de Melo
2025-05-13 22:12 ` Ian Rogers
2025-05-13 22:36 ` Ian Rogers
2025-05-21 13:03 ` Likhitha Korrapati
2025-05-21 15:45 ` Ian Rogers
2025-05-21 17:28 ` Likhitha Korrapati
2025-05-21 17:39 ` Ian Rogers
2025-05-02 9:05 ` Likhitha Korrapati
2025-04-07 5:39 ` Mukesh Kumar Chaurasiya
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aAvKg8K2fyrZ6zy4@x1 \
--to=acme@kernel.org \
--cc=adrian.hunter@intel.com \
--cc=atrajeev@linux.ibm.com \
--cc=irogers@google.com \
--cc=jolsa@kernel.org \
--cc=likhitha@linux.ibm.com \
--cc=linux-perf-users@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=maddy@linux.ibm.com \
--cc=namhyung@kernel.org \
--cc=venkat88@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).