1. Patchew
  2. linux
  3. View series

[PATCH] tracing: Fix error handling in event_hist_trigger_parse

Miaoqian Lin posted 1 patch 6 days, 22 hours ago 
kernel/trace/trace_events_hist.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] tracing: Fix error handling in event_hist_trigger_parse
Posted by Miaoqian Lin 6 days, 22 hours ago 
Memory allocated with trigger_data_alloc() require trigger_data_free()
for proper cleanup.

Replace kfree() with trigger_data_free() to fix this.

Found via static analysis and code review.

Fixes: e1f187d09e11 ("tracing: Have existing event_command.parse() implementations use helpers")
Cc: stable@vger.kernel.org
Signed-off-by: Miaoqian Lin <linmq006@gmail.com>
---
 kernel/trace/trace_events_hist.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c
index 5e6e70540eef..f9886fff7123 100644
--- a/kernel/trace/trace_events_hist.c
+++ b/kernel/trace/trace_events_hist.c
@@ -6902,7 +6902,7 @@ static int event_hist_trigger_parse(struct event_command *cmd_ops,
 
 	remove_hist_vars(hist_data);
 
-	kfree(trigger_data);
+	trigger_data_free(trigger_data);
 
 	destroy_hist_data(hist_data);
 	goto out;
-- 
2.25.1
Re: [PATCH] tracing: Fix error handling in event_hist_trigger_parse
Posted by Steven Rostedt 6 days, 6 hours ago 
On Thu, 11 Dec 2025 14:00:58 +0400
Miaoqian Lin <linmq006@gmail.com> wrote:

> @@ -6902,7 +6902,7 @@ static int event_hist_trigger_parse(struct event_command *cmd_ops,
>  
>  	remove_hist_vars(hist_data);
>  
> -	kfree(trigger_data);
> +	trigger_data_free(trigger_data);
>  
>  	destroy_hist_data(hist_data);
>  	goto out;

The above code has this:

 out_free:
	event_trigger_reset_filter(cmd_ops, trigger_data);

	remove_hist_vars(hist_data);

	kfree(trigger_data);

	destroy_hist_data(hist_data);
	goto out;

Where we have;

void event_trigger_reset_filter(struct event_command *cmd_ops,
				struct event_trigger_data *trigger_data)
{
	if (cmd_ops->set_filter)
		cmd_ops->set_filter(NULL, trigger_data, NULL);
}

And trigger_data_free() starts with:

void trigger_data_free(struct event_trigger_data *data)
{
	if (data->cmd_ops->set_filter)
		data->cmd_ops->set_filter(NULL, data, NULL);


thus it looks like the current code is an open coded version of
trigger_data_free() without synchronization (as it isn't needed here).

Thus, I believe this is more of a clean up and not a fix (something to
go into the next merge window and not the current -rc release).

And the code can be changed to also remove the event_trigger_reset_filter()
call.

-- Steve

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.