[PATCH][GIT PULL] tracing: Fix double free when function profileinit failed

From: Steven Rostedt
Date: Wed Apr 10 2013 - 18:26:21 EST



Linus,

Namhyung Kim fixed a long standing bug that can cause a kernel panic.
If the function profiler fails to allocate memory for everything,
it will do a double free on the same pointer which can cause a panic.

Please pull the latest trace-fixes-3.9-rc-v2 tree, which can be found at:

git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace.git
trace-fixes-3.9-rc-v2

Head SHA1: 19d9c3b1c660a157c6c8b352793497cc67f7321e


Namhyung Kim (1):
tracing: Fix double free when function profile init failed

----
kernel/trace/ftrace.c | 1 -
1 file changed, 1 deletion(-)
---------------------------
commit 83e03b3fe4daffdebbb42151d5410d730ae50bd1
Author: Namhyung Kim <namhyung.kim@xxxxxxx>
Date: Mon Apr 1 21:46:23 2013 +0900

tracing: Fix double free when function profile init failed

On the failure path, stat->start and stat->pages will refer same page.
So it'll attempt to free the same page again and get kernel panic.

Link: http://lkml.kernel.org/r/1364820385-32027-1-git-send-email-namhyung@xxxxxxxxxx

Cc: Frederic Weisbecker <fweisbec@xxxxxxxxx>
Cc: Namhyung Kim <namhyung.kim@xxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Namhyung Kim <namhyung@xxxxxxxxxx>
Signed-off-by: Steven Rostedt <rostedt@xxxxxxxxxxx>

diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c
index 7e89710..926ebfb 100644
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -694,7 +694,6 @@ int ftrace_profile_pages_init(struct ftrace_profile_stat *stat)
free_page(tmp);
}

- free_page((unsigned long)stat->pages);
stat->pages = NULL;
stat->start = NULL;



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/