[PATCH] tracing: Fix memory leak in tracing_err_log_open()

[PATCH] tracing: Fix memory leak in tracing_err_log_open()

[Takeshi Misawa]

If tracing_err_log_open() call seq_open(), allocated memory is not freed.

kmemleak report:

unreferenced object 0xffff92c0781d1100 (size 128):
  comm "tail", pid 15116, jiffies 4295163855 (age 22.704s)
  hex dump (first 32 bytes):
    00 f0 08 e5 c0 92 ff ff 00 10 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000000d0687d5>] kmem_cache_alloc+0x11f/0x1e0
    [<000000003e3039a8>] seq_open+0x2f/0x90
    [<000000008dd36b7d>] tracing_err_log_open+0x67/0x140
    [<000000005a431ae2>] do_dentry_open+0x1df/0x3a0
    [<00000000a2910603>] vfs_open+0x2f/0x40
    [<0000000038b0a383>] path_openat+0x2e8/0x1690
    [<00000000fe025bda>] do_filp_open+0x9b/0x110
    [<00000000483a5091>] do_sys_open+0x1ba/0x260
    [<00000000c558b5fd>] __x64_sys_openat+0x20/0x30
    [<000000006881ec07>] do_syscall_64+0x5a/0x130
    [<00000000571c2e94>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

Fix this by calling seq_release() in tracing_err_log_fops.release().

Signed-off-by: Takeshi Misawa <jeliantsurux@gmail.com>
---
Dear Steven Rostedt

I found kmemleak in tracing subsystem, and try to create a patch.
Please consider this memory leak and patch.

Regards.
---
 kernel/trace/trace.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 83e08b78dbee..574648798978 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -7126,12 +7126,24 @@ static ssize_t tracing_err_log_write(struct file *file,
 	return count;
 }
 
+static int tracing_err_log_release(struct inode *inode, struct file *file)
+{
+	struct trace_array *tr = inode->i_private;
+
+	trace_array_put(tr);
+
+	if (file->private_data)
+		seq_release(inode, file);
+
+	return 0;
+}
+
 static const struct file_operations tracing_err_log_fops = {
 	.open           = tracing_err_log_open,
 	.write		= tracing_err_log_write,
 	.read           = seq_read,
 	.llseek         = seq_lseek,
-	.release	= tracing_release_generic_tr,
+	.release        = tracing_err_log_release,
 };
 
 static int tracing_buffers_open(struct inode *inode, struct file *filp)
-- 
2.17.1

Re: [PATCH] tracing: Fix memory leak in tracing_err_log_open()

[Steven Rostedt]

On Thu, 27 Jun 2019 20:41:16 +0900
Takeshi Misawa <jeliantsurux@gmail.com> wrote:

> If tracing_err_log_open() call seq_open(), allocated memory is not freed.
> 
> kmemleak report:
> 
> unreferenced object 0xffff92c0781d1100 (size 128):
>   comm "tail", pid 15116, jiffies 4295163855 (age 22.704s)
>   hex dump (first 32 bytes):
>     00 f0 08 e5 c0 92 ff ff 00 10 00 00 00 00 00 00  ................
>     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>   backtrace:
>     [<000000000d0687d5>] kmem_cache_alloc+0x11f/0x1e0
>     [<000000003e3039a8>] seq_open+0x2f/0x90
>     [<000000008dd36b7d>] tracing_err_log_open+0x67/0x140
>     [<000000005a431ae2>] do_dentry_open+0x1df/0x3a0
>     [<00000000a2910603>] vfs_open+0x2f/0x40
>     [<0000000038b0a383>] path_openat+0x2e8/0x1690
>     [<00000000fe025bda>] do_filp_open+0x9b/0x110
>     [<00000000483a5091>] do_sys_open+0x1ba/0x260
>     [<00000000c558b5fd>] __x64_sys_openat+0x20/0x30
>     [<000000006881ec07>] do_syscall_64+0x5a/0x130
>     [<00000000571c2e94>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> 
> Fix this by calling seq_release() in tracing_err_log_fops.release().

Tom,

Can you review this.

Thanks!

-- Steve

> 
> Signed-off-by: Takeshi Misawa <jeliantsurux@gmail.com>
> ---
> Dear Steven Rostedt
> 
> I found kmemleak in tracing subsystem, and try to create a patch.
> Please consider this memory leak and patch.
> 
> Regards.
> ---
>  kernel/trace/trace.c | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
> index 83e08b78dbee..574648798978 100644
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -7126,12 +7126,24 @@ static ssize_t tracing_err_log_write(struct file *file,
>  	return count;
>  }
>  
> +static int tracing_err_log_release(struct inode *inode, struct file *file)
> +{
> +	struct trace_array *tr = inode->i_private;
> +
> +	trace_array_put(tr);
> +
> +	if (file->private_data)
> +		seq_release(inode, file);
> +
> +	return 0;
> +}
> +
>  static const struct file_operations tracing_err_log_fops = {
>  	.open           = tracing_err_log_open,
>  	.write		= tracing_err_log_write,
>  	.read           = seq_read,
>  	.llseek         = seq_lseek,
> -	.release	= tracing_release_generic_tr,
> +	.release        = tracing_err_log_release,
>  };
>  
>  static int tracing_buffers_open(struct inode *inode, struct file *filp)

Re: [PATCH] tracing: Fix memory leak in tracing_err_log_open()

[Steven Rostedt]

On Thu, 27 Jun 2019 21:02:31 -0400
Steven Rostedt <rostedt@goodmis.org> wrote:

> > +++ b/kernel/trace/trace.c
> > @@ -7126,12 +7126,24 @@ static ssize_t tracing_err_log_write(struct file *file,
> >  	return count;
> >  }
> >  
> > +static int tracing_err_log_release(struct inode *inode, struct file *file)
> > +{
> > +	struct trace_array *tr = inode->i_private;
> > +
> > +	trace_array_put(tr);
> > +
> > +	if (file->private_data)

Actually, I think it is safer to have the condition be:

	if (file->f_mode & FMODE_READ)

As that would match the open.

Takeshi,

Can you send a v2?

Thanks!

-- Steve

> > +		seq_release(inode, file);
> > +
> > +	return 0;
> > +}
> > +