linux

mirror of https://github.com/torvalds/linux.git synced 2024-09-21 15:33:19 +00:00

History

Zheng Yejian 7edc3945bd tracing/histograms: Fix memory leak problem This reverts commit `46bbe5c671`. As commit `46bbe5c671` ("tracing: fix double free") said, the "double free" problem reported by clang static analyzer is: > In parse_var_defs() if there is a problem allocating > var_defs.expr, the earlier var_defs.name is freed. > This free is duplicated by free_var_defs() which frees > the rest of the list. However, if there is a problem allocating N-th var_defs.expr: + in parse_var_defs(), the freed 'earlier var_defs.name' is actually the N-th var_defs.name; + then in free_var_defs(), the names from 0th to (N-1)-th are freed; IF ALLOCATING PROBLEM HAPPENED HERE!!! -+ \ \| 0th 1th (N-1)-th N-th V +-------------+-------------+-----+-------------+----------- var_defs: \| name \| expr \| name \| expr \| ... \| name \| expr \| name \| /// +-------------+-------------+-----+-------------+----------- These two frees don't act on same name, so there was no "double free" problem before. Conversely, after that commit, we get a "memory leak" problem because the above "N-th var_defs.name" is not freed. If enable CONFIG_DEBUG_KMEMLEAK and inject a fault at where the N-th var_defs.expr allocated, then execute on shell like: $ echo 'hist:key=call_site:val=$v1,$v2:v1=bytes_req,v2=bytes_alloc' > \ /sys/kernel/debug/tracing/events/kmem/kmalloc/trigger Then kmemleak reports: unreferenced object 0xffff8fb100ef3518 (size 8): comm "bash", pid 196, jiffies 4295681690 (age 28.538s) hex dump (first 8 bytes): 76 31 00 00 b1 8f ff ff v1...... backtrace: [<0000000038fe4895>] kstrdup+0x2d/0x60 [<00000000c99c049a>] event_hist_trigger_parse+0x206f/0x20e0 [<00000000ae70d2cc>] trigger_process_regex+0xc0/0x110 [<0000000066737a4c>] event_trigger_write+0x75/0xd0 [<000000007341e40c>] vfs_write+0xbb/0x2a0 [<0000000087fde4c2>] ksys_write+0x59/0xd0 [<00000000581e9cdf>] do_syscall_64+0x3a/0x80 [<00000000cf3b065c>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 Link: https://lkml.kernel.org/r/20220711014731.69520-1-zhengyejian1@huawei.com Cc: stable@vger.kernel.org Fixes: `46bbe5c671` ("tracing: fix double free") Reported-by: Hulk Robot <hulkci@huawei.com> Suggested-by: Steven Rostedt <rostedt@goodmis.org> Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com> Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>		2022-07-12 16:35:42 -04:00
..
blktrace.c	block: serialize all debugfs operations using q->debugfs_mutex	2022-06-17 07:31:05 -06:00
bpf_trace.c	bpf: Force cookies array to follow symbols sorting	2022-06-16 19:42:21 -07:00
bpf_trace.h
error_report-traces.c	tracing: add error_report_end trace point	2021-02-26 09:41:02 -08:00
fgraph.c	arm64 fixes for 5.19-rc1:	2022-06-03 14:05:34 -07:00
fprobe.c	fprobe: Resolve symbols with ftrace_lookup_symbols	2022-05-10 14:42:06 -07:00
ftrace_internal.h
ftrace.c	ftrace: Keep address offset in ftrace_lookup_symbols	2022-06-16 19:42:21 -07:00
Kconfig	Objtool changes for this cycle were:	2022-05-24 10:36:38 -07:00
kprobe_event_gen_test.c
Makefile	tracing: Disable kcov on trace_preemptirq.c	2022-05-26 21:13:00 -04:00
pid_list.c	tracing: Cleanup double word in comment	2022-04-26 17:58:50 -04:00
pid_list.h	tracing: Create a sparse bitmask for pid filtering	2021-10-05 17:38:45 -04:00
power-traces.c
preemptirq_delay_test.c
rethook.c	rethook: Reject getting a rethook if RCU is not watching	2022-06-17 21:53:35 +02:00
ring_buffer_benchmark.c
ring_buffer.c	ring-buffer: Have 32 bit time stamps use all 64 bits	2022-04-27 17:19:30 -04:00
rpm-traces.c
synth_event_gen_test.c	tracing: Fix various typos in comments	2021-03-23 14:08:18 -04:00
trace_benchmark.c
trace_benchmark.h
trace_boot.c	tracing: Initialize integer variable to prevent garbage return value	2022-05-26 21:13:00 -04:00
trace_branch.c
trace_clock.c	tracing: Do no increment trace_clock_global() by one	2021-06-18 09:10:00 -04:00
trace_dynevent.c	tracing: Use trace_create_file() to simplify creation of tracefs entries	2022-05-26 21:12:52 -04:00
trace_dynevent.h	tracing: Add DYNAMIC flag for dynamic events	2021-08-18 18:10:32 -04:00
trace_entries.h	trace: Add timerlat tracer	2021-06-25 19:57:24 -04:00
trace_eprobe.c	tracing: Remove check of list iterator against head past the loop body	2022-04-27 17:19:31 -04:00
trace_event_perf.c	tracing: Show size of requested perf buffer	2021-10-27 12:25:09 -04:00
trace_events_filter_test.h
trace_events_filter.c	tracing: Fix comments of create_filter()	2022-05-26 21:13:01 -04:00
trace_events_hist.c	tracing/histograms: Fix memory leak problem	2022-07-12 16:35:42 -04:00
trace_events_inject.c	tracing: Support __rel_loc relative dynamic data location attribute	2021-12-06 15:37:21 -05:00
trace_events_synth.c	tracing: Fix strncpy warning in trace_events_synth.c	2022-03-11 11:49:24 -05:00
trace_events_trigger.c	tracing: Fix comments for event_trigger_separate_filter()	2022-05-26 22:03:52 -04:00
trace_events_user.c	tracing: mark user_events as BROKEN	2022-04-02 10:32:14 -07:00
trace_events.c	tracing updates for 5.19:	2022-05-29 10:31:36 -07:00
trace_export.c
trace_functions_graph.c	tracing: in_irq() cleanup	2021-10-13 18:19:41 -04:00
trace_functions.c	ftrace: disable preemption when recursion locked	2021-10-27 11:21:49 -04:00
trace_hwlat.c	trace/hwlat: make use of the helper function kthread_run_on_cpu()	2022-01-15 16:30:24 +02:00
trace_irqsoff.c
trace_kdb.c	kdb: Rename members of struct kdbtab_t	2021-07-27 17:05:06 +01:00
trace_kprobe_selftest.c
trace_kprobe_selftest.h
trace_kprobe.c	tracing/kprobes: Check whether get_kretprobe() returns NULL in kretprobe_dispatcher()	2022-06-17 17:40:06 -04:00
trace_mmiotrace.c
trace_nop.c
trace_osnoise.c	tracing updates for 5.19:	2022-05-29 10:31:36 -07:00
trace_output.c	tracing: Remove usage of list iterator after the loop body	2022-04-27 17:19:30 -04:00
trace_output.h
trace_preemptirq.c	lockdep: Fix -Wunused-parameter for _THIS_IP_	2022-04-05 10:24:34 +02:00
trace_printk.c	tracing: Disable "other" permission bits in the tracefs files	2021-10-08 18:08:43 -04:00
trace_probe_tmpl.h	tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs	2021-08-19 09:09:03 -04:00
trace_probe.c	eprobes: Remove redundant event type information	2022-02-25 12:07:01 -05:00
trace_probe.h	eprobes: Remove redundant event type information	2022-02-25 12:07:01 -05:00
trace_recursion_record.c	tracing: Use trace_create_file() to simplify creation of tracefs entries	2022-05-26 21:12:52 -04:00
trace_sched_switch.c	sched/tracing: Append prev_state to tp args instead	2022-05-12 00:37:11 +02:00
trace_sched_wakeup.c	sched/tracing: Append prev_state to tp args instead	2022-05-12 00:37:11 +02:00
trace_selftest_dynamic.c
trace_selftest.c	tracing: Reset the function filter after completing trampoline/graph selftest	2022-05-25 16:57:37 -04:00
trace_seq.c	tracing: Fix various typos in comments	2021-03-23 14:08:18 -04:00
trace_stack.c	tracing: Disable "other" permission bits in the tracefs files	2021-10-08 18:08:43 -04:00
trace_stat.c	tracing: Disable "other" permission bits in the tracefs files	2021-10-08 18:08:43 -04:00
trace_stat.h
trace_synth.h	tracing: synth events: increase max fields count	2021-09-08 15:29:16 -04:00
trace_syscalls.c	tracing: Make tp_printk work on syscall tracepoints	2022-04-26 17:58:52 -04:00
trace_uprobe.c	tracing/uprobes: Remove unwanted initialization in __trace_uprobe_create()	2022-06-17 19:12:07 -04:00
trace.c	tracing: Simplify conditional compilation code in tracing_set_tracer()	2022-06-17 18:42:17 -04:00
trace.h	tracing: Have existing event_command.parse() implementations use helpers	2022-04-26 17:58:50 -04:00
tracing_map.c	tracing: Fix tracing_map_sort_entries() kernel-doc comment	2022-04-26 17:58:51 -04:00
tracing_map.h