* [PATCH 1/3] tracing: Fix memory leak in create_filter()
[not found] <20181211185456.070244180@goodmis.org>
@ 2018-12-11 18:54 ` Steven Rostedt
2018-12-11 18:54 ` [PATCH 2/3] tracing: Fix memory leak in set_trigger_filter() Steven Rostedt
2018-12-11 18:54 ` [PATCH 3/3] tracing: Fix memory leak of instance function hash filters Steven Rostedt
2 siblings, 0 replies; 3+ messages in thread
From: Steven Rostedt @ 2018-12-11 18:54 UTC (permalink / raw)
To: linux-kernel
Cc: Linus Torvalds, Ingo Molnar, Andrew Morton, stable, Tom Zanussi
From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>
The create_filter() calls create_filter_start() which allocates a
"parse_error" descriptor, but fails to call create_filter_finish() that
frees it.
The op_stack and inverts in predicate_parse() were also not freed.
Found by kmemleak detector.
Cc: stable@vger.kernel.org
Fixes: 80765597bc587 ("tracing: Rewrite filter logic to be simpler and faster")
Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
---
kernel/trace/trace_events_filter.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/kernel/trace/trace_events_filter.c b/kernel/trace/trace_events_filter.c
index 84a65173b1e9..5574e862de8d 100644
--- a/kernel/trace/trace_events_filter.c
+++ b/kernel/trace/trace_events_filter.c
@@ -570,11 +570,13 @@ predicate_parse(const char *str, int nr_parens, int nr_preds,
}
}
+ kfree(op_stack);
+ kfree(inverts);
return prog;
out_free:
kfree(op_stack);
- kfree(prog_stack);
kfree(inverts);
+ kfree(prog_stack);
return ERR_PTR(ret);
}
@@ -1718,6 +1720,7 @@ static int create_filter(struct trace_event_call *call,
err = process_preds(call, filter_string, *filterp, pe);
if (err && set_str)
append_filter_err(pe, *filterp);
+ create_filter_finish(pe);
return err;
}
--
2.19.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 2/3] tracing: Fix memory leak in set_trigger_filter()
[not found] <20181211185456.070244180@goodmis.org>
2018-12-11 18:54 ` [PATCH 1/3] tracing: Fix memory leak in create_filter() Steven Rostedt
@ 2018-12-11 18:54 ` Steven Rostedt
2018-12-11 18:54 ` [PATCH 3/3] tracing: Fix memory leak of instance function hash filters Steven Rostedt
2 siblings, 0 replies; 3+ messages in thread
From: Steven Rostedt @ 2018-12-11 18:54 UTC (permalink / raw)
To: linux-kernel
Cc: Linus Torvalds, Ingo Molnar, Andrew Morton, stable, Tom Zanussi
From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>
When create_event_filter() fails in set_trigger_filter(), the filter may
still be allocated and needs to be freed. The caller expects the
data->filter to be updated with the new filter, even if the new filter
failed (we could add an error message by setting set_str parameter of
create_event_filter(), but that's another update).
But because the error would just exit, filter was left hanging and
nothing could free it.
Found by kmemleak detector.
Cc: stable@vger.kernel.org
Fixes: bac5fb97a173a ("tracing: Add and use generic set_trigger_filter() implementation")
Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
---
kernel/trace/trace_events_trigger.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/kernel/trace/trace_events_trigger.c b/kernel/trace/trace_events_trigger.c
index 2152d1e530cb..cd12ecb66eb9 100644
--- a/kernel/trace/trace_events_trigger.c
+++ b/kernel/trace/trace_events_trigger.c
@@ -732,8 +732,10 @@ int set_trigger_filter(char *filter_str,
/* The filter is for the 'trigger' event, not the triggered event */
ret = create_event_filter(file->event_call, filter_str, false, &filter);
- if (ret)
- goto out;
+ /*
+ * If create_event_filter() fails, filter still needs to be freed.
+ * Which the calling code will do with data->filter.
+ */
assign:
tmp = rcu_access_pointer(data->filter);
--
2.19.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 3/3] tracing: Fix memory leak of instance function hash filters
[not found] <20181211185456.070244180@goodmis.org>
2018-12-11 18:54 ` [PATCH 1/3] tracing: Fix memory leak in create_filter() Steven Rostedt
2018-12-11 18:54 ` [PATCH 2/3] tracing: Fix memory leak in set_trigger_filter() Steven Rostedt
@ 2018-12-11 18:54 ` Steven Rostedt
2 siblings, 0 replies; 3+ messages in thread
From: Steven Rostedt @ 2018-12-11 18:54 UTC (permalink / raw)
To: linux-kernel; +Cc: Linus Torvalds, Ingo Molnar, Andrew Morton, stable
From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>
The following commands will cause a memory leak:
# cd /sys/kernel/tracing
# mkdir instances/foo
# echo schedule > instance/foo/set_ftrace_filter
# rmdir instances/foo
The reason is that the hashes that hold the filters to set_ftrace_filter and
set_ftrace_notrace are not freed if they contain any data on the instance
and the instance is removed.
Found by kmemleak detector.
Cc: stable@vger.kernel.org
Fixes: 591dffdade9f ("ftrace: Allow for function tracing instance to filter functions")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
---
kernel/trace/ftrace.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
index 77734451cb05..e23eb9fc77aa 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -5460,6 +5460,7 @@ void ftrace_destroy_filter_files(struct ftrace_ops *ops)
if (ops->flags & FTRACE_OPS_FL_ENABLED)
ftrace_shutdown(ops, 0);
ops->flags |= FTRACE_OPS_FL_DELETED;
+ ftrace_free_filter(ops);
mutex_unlock(&ftrace_lock);
}
--
2.19.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-12-11 18:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20181211185456.070244180@goodmis.org>
2018-12-11 18:54 ` [PATCH 1/3] tracing: Fix memory leak in create_filter() Steven Rostedt
2018-12-11 18:54 ` [PATCH 2/3] tracing: Fix memory leak in set_trigger_filter() Steven Rostedt
2018-12-11 18:54 ` [PATCH 3/3] tracing: Fix memory leak of instance function hash filters Steven Rostedt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).