* [PATCH] tracing: fix memory leaks in __create_synth_event()
@ 2021-03-04 9:45 Vamshi K Sthambamkadi
2021-03-04 14:40 ` Steven Rostedt
0 siblings, 1 reply; 3+ messages in thread
From: Vamshi K Sthambamkadi @ 2021-03-04 9:45 UTC (permalink / raw)
To: rostedt, mingo; +Cc: linux-kernel
kmemleak report:
unreferenced object 0xc5a6f708 (size 8):
comm "ftracetest", pid 1209, jiffies 4294911500 (age 6.816s)
hex dump (first 8 bytes):
00 c1 3d 60 14 83 1f 8a ..=`....
backtrace:
[<f0aa4ac4>] __kmalloc_track_caller+0x2a6/0x460
[<7d3d60a6>] kstrndup+0x37/0x70
[<45a0e739>] argv_split+0x1c/0x120
[<c17982f8>] __create_synth_event+0x192/0xb00
[<0708b8a3>] create_synth_event+0xbb/0x150
[<3d1941e1>] create_dyn_event+0x5c/0xb0
[<5cf8b9e3>] trace_parse_run_command+0xa7/0x140
[<04deb2ef>] dyn_event_write+0x10/0x20
[<8779ac95>] vfs_write+0xa9/0x3c0
[<ed93722a>] ksys_write+0x89/0xc0
[<b9ca0507>] __ia32_sys_write+0x15/0x20
[<7ce02d85>] __do_fast_syscall_32+0x45/0x80
[<cb0ecb35>] do_fast_syscall_32+0x29/0x60
[<2467454a>] do_SYSENTER_32+0x15/0x20
[<9beaa61d>] entry_SYSENTER_32+0xa9/0xfc
unreferenced object 0xc5a6f078 (size 8):
comm "ftracetest", pid 1209, jiffies 4294911500 (age 6.816s)
hex dump (first 8 bytes):
08 f7 a6 c5 00 00 00 00 ........
backtrace:
[<bbac096a>] __kmalloc+0x2b6/0x470
[<aa2624b4>] argv_split+0x82/0x120
[<c17982f8>] __create_synth_event+0x192/0xb00
[<0708b8a3>] create_synth_event+0xbb/0x150
[<3d1941e1>] create_dyn_event+0x5c/0xb0
[<5cf8b9e3>] trace_parse_run_command+0xa7/0x140
[<04deb2ef>] dyn_event_write+0x10/0x20
[<8779ac95>] vfs_write+0xa9/0x3c0
[<ed93722a>] ksys_write+0x89/0xc0
[<b9ca0507>] __ia32_sys_write+0x15/0x20
[<7ce02d85>] __do_fast_syscall_32+0x45/0x80
[<cb0ecb35>] do_fast_syscall_32+0x29/0x60
[<2467454a>] do_SYSENTER_32+0x15/0x20
[<9beaa61d>] entry_SYSENTER_32+0xa9/0xfc
In __create_synth_event(),while iterating field/type arguments, the
argv_split() will return array of atleast 2 elements even when zero
arguments(argc=0) are passed. for e.g. when there is double delimiter
or string ends with delimiter
To fix call argv_free() even when argc=0.
Signed-off-by: Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com>
---
kernel/trace/trace_events_synth.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/kernel/trace/trace_events_synth.c b/kernel/trace/trace_events_synth.c
index 2979a96595b4..8d71e6c83f10 100644
--- a/kernel/trace/trace_events_synth.c
+++ b/kernel/trace/trace_events_synth.c
@@ -1225,8 +1225,10 @@ static int __create_synth_event(const char *name, const char *raw_fields)
goto err;
}
- if (!argc)
+ if (!argc) {
+ argv_free(argv);
continue;
+ }
n_fields_this_loop = 0;
consumed = 0;
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] tracing: fix memory leaks in __create_synth_event()
2021-03-04 9:45 [PATCH] tracing: fix memory leaks in __create_synth_event() Vamshi K Sthambamkadi
@ 2021-03-04 14:40 ` Steven Rostedt
2021-03-05 5:40 ` Vamshi K Sthambamkadi
0 siblings, 1 reply; 3+ messages in thread
From: Steven Rostedt @ 2021-03-04 14:40 UTC (permalink / raw)
To: Vamshi K Sthambamkadi; +Cc: mingo, linux-kernel
On Thu, 4 Mar 2021 15:15:24 +0530
Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com> wrote:
> To fix call argv_free() even when argc=0.
I want to cry :'-(
Not anything to do with you. I have a set of fixes that I have queued that
requires a ~13 hour test to run before I push off to Linus. When it was
almost done, I discovered another bug. Fixed it. Killed the almost completed
running test, and restarted it for another 13 hour run. I woke up this
morning happy to see that it passed, but then found your patch.
Wash, rinse, repeat! :-p
Thanks, looks good and I'll apply it. (and start up my 13 hour test again!)
-- Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] tracing: fix memory leaks in __create_synth_event()
2021-03-04 14:40 ` Steven Rostedt
@ 2021-03-05 5:40 ` Vamshi K Sthambamkadi
0 siblings, 0 replies; 3+ messages in thread
From: Vamshi K Sthambamkadi @ 2021-03-05 5:40 UTC (permalink / raw)
To: Steven Rostedt; +Cc: mingo, linux-kernel
On Thu, Mar 04, 2021 at 09:40:49AM -0500, Steven Rostedt wrote:
> On Thu, 4 Mar 2021 15:15:24 +0530
> Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@gmail.com> wrote:
>
> Not anything to do with you. I have a set of fixes that I have queued that
> requires a ~13 hour test to run before I push off to Linus. When it was
> almost done, I discovered another bug. Fixed it. Killed the almost completed
> running test, and restarted it for another 13 hour run. I woke up this
> morning happy to see that it passed, but then found your patch.
>
> Wash, rinse, repeat! :-p
Sorry for wrong timing of sending this patch :)
Thanks for looking into it, and applying it.
Regards,
Vamshi
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-03-05 5:40 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-04 9:45 [PATCH] tracing: fix memory leaks in __create_synth_event() Vamshi K Sthambamkadi
2021-03-04 14:40 ` Steven Rostedt
2021-03-05 5:40 ` Vamshi K Sthambamkadi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).