Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4397f045 authored by Steven Rostedt (VMware)'s avatar Steven Rostedt (VMware)
Browse files

tracing: Fix possible double free on failure of allocating trace buffer 

Jing Xia and Chunyan Zhang reported that on failing to allocate part of the
tracing buffer, memory is freed, but the pointers that point to them are not
initialized back to NULL, and later paths may try to free the freed memory
again. Jing and Chunyan fixed one of the locations that does this, but
missed a spot.

Link: http://lkml.kernel.org/r/20171226071253.8968-1-chunyan.zhang@spreadtrum.com



Cc: stable@vger.kernel.org
Fixes: 737223fb ("tracing: Consolidate buffer allocation code")
Reported-by: default avatarJing Xia <jing.xia@spreadtrum.com>
Reported-by: default avatarChunyan Zhang <chunyan.zhang@spreadtrum.com>
Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
parent 24f2aaf9

kernel/trace/trace.c

+1 −0
Original line number Diff line number Diff line
@@ -7580,6 +7580,7 @@ allocate_trace_buffer(struct trace_array *tr, struct trace_buffer *buf, int size 
	buf->data = alloc_percpu(struct trace_array_cpu);

	if (!buf->data) {

		ring_buffer_free(buf->buffer);

		buf->buffer = NULL;

		return -ENOMEM;

	}