1. Patchew
  2. linux
  3. View series

[GIT PULL] tracing: 1 crash fix and a few minor fixes

Steven Rostedt posted 1 patch 1 week, 6 days ago 
kernel/trace/trace.c                 | 8 ++++----
kernel/trace/trace_events_hist.c     | 9 +++++++++
kernel/trace/trace_events_synth.c    | 8 +++++++-
kernel/trace/trace_functions_graph.c | 2 +-
scripts/tracepoint-update.c          | 2 ++
5 files changed, 23 insertions(+), 6 deletions(-)
[GIT PULL] tracing: 1 crash fix and a few minor fixes
Posted by Steven Rostedt 1 week, 6 days ago 

Linus,

tracing fixes for v6.19:

- Fix a crash with passing a stacktrace between synthetic events

  A synthetic event is an event that combines two events into a single event
  that can display fields from both events as well as the time delta that
  took place between the events. It can also pass a stacktrace from the
  first event so that it can be displayed by the synthetic event (this is
  useful to get a stacktrace of a task scheduling out when blocked and
  recording the time it was blocked for).

  A synthetic event can also connect an existing synthetic event to another
  event. An issue was found that if the first synthetic event had a stacktrace
  as one of its fields, and that stacktrace field was passed to the new
  synthetic event to be displayed, it would crash the kernel. This was due to
  the stacktrace not being saved as a stacktrace but was still marked as one.
  When the stacktrace was read, it would try to read an array but instead read
  the integer metadata of the stacktrace and dereferenced a bad value.

  Fix this by saving the stacktrace field as a stracktrace.

- Fix possible overflow in cmp_mod_entry() compare function

  A binary search is used to find a module address and if the addresses are
  greater than 2GB apart it could lead to truncation and cause a bad search
  result. Use normal compares instead of a subtraction between addresses to
  calculate the compare value.

- Fix output of entry arguments in function graph tracer

  Depending on the configurations enabled, the entry can be two different
  types that hold the argument array. The macro FGRAPH_ENTRY_ARGS() is used
  to find the correct arguments from the given type. One location was missed
  and still referenced the arguments directly via entry->args and could
  produce the wrong value depending on how the kernel was configured.

- Fix memory leak in scripts/tracepoint-update build tool

  If the array fails to allocate, the memory for the values needs to be
  freed and was not. Free the allocated values if the array failed to
  allocate.


Please pull the latest trace-v6.19-rc6 tree, which can be found at:


  git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git
trace-v6.19-rc6

Tag SHA1: 61089d5e2a044cd468c5a375f02c2d4fa441d4c2
Head SHA1: 361eb853c655288f3b5c8020f6cd95d69ffe6479


Donglin Peng (1):
      function_graph: Fix args pointer mismatch in print_graph_retval()

Ian Rogers (1):
      tracing: Avoid possible signed 64-bit truncation

Steven Rostedt (1):
      tracing: Fix crash on synthetic stacktrace field usage

Weigang He (1):
      scripts/tracepoint-update: Fix memory leak in add_string() on failure

----
 kernel/trace/trace.c                 | 8 ++++----
 kernel/trace/trace_events_hist.c     | 9 +++++++++
 kernel/trace/trace_events_synth.c    | 8 +++++++-
 kernel/trace/trace_functions_graph.c | 2 +-
 scripts/tracepoint-update.c          | 2 ++
 5 files changed, 23 insertions(+), 6 deletions(-)
---------------------------
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index baec63134ab6..8bd4ec08fb36 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -6115,10 +6115,10 @@ static int cmp_mod_entry(const void *key, const void *pivot)
 	unsigned long addr = (unsigned long)key;
 	const struct trace_mod_entry *ent = pivot;
 
-	if (addr >= ent[0].mod_addr && addr < ent[1].mod_addr)
-		return 0;
-	else
-		return addr - ent->mod_addr;
+	if (addr < ent[0].mod_addr)
+		return -1;
+
+	return addr >= ent[1].mod_addr;
 }
 
 /**
diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c
index 5e6e70540eef..c97bb2fda5c0 100644
--- a/kernel/trace/trace_events_hist.c
+++ b/kernel/trace/trace_events_hist.c
@@ -2057,6 +2057,15 @@ static struct hist_field *create_hist_field(struct hist_trigger_data *hist_data,
 			hist_field->fn_num = HIST_FIELD_FN_RELDYNSTRING;
 		else
 			hist_field->fn_num = HIST_FIELD_FN_PSTRING;
+	} else if (field->filter_type == FILTER_STACKTRACE) {
+		flags |= HIST_FIELD_FL_STACKTRACE;
+
+		hist_field->size = MAX_FILTER_STR_VAL;
+		hist_field->type = kstrdup_const(field->type, GFP_KERNEL);
+		if (!hist_field->type)
+			goto free;
+
+		hist_field->fn_num = HIST_FIELD_FN_STACK;
 	} else {
 		hist_field->size = field->size;
 		hist_field->is_signed = field->is_signed;
diff --git a/kernel/trace/trace_events_synth.c b/kernel/trace/trace_events_synth.c
index 4554c458b78c..45c187e77e21 100644
--- a/kernel/trace/trace_events_synth.c
+++ b/kernel/trace/trace_events_synth.c
@@ -130,7 +130,9 @@ static int synth_event_define_fields(struct trace_event_call *call)
 	struct synth_event *event = call->data;
 	unsigned int i, size, n_u64;
 	char *name, *type;
+	int filter_type;
 	bool is_signed;
+	bool is_stack;
 	int ret = 0;
 
 	for (i = 0, n_u64 = 0; i < event->n_fields; i++) {
@@ -138,8 +140,12 @@ static int synth_event_define_fields(struct trace_event_call *call)
 		is_signed = event->fields[i]->is_signed;
 		type = event->fields[i]->type;
 		name = event->fields[i]->name;
+		is_stack = event->fields[i]->is_stack;
+
+		filter_type = is_stack ? FILTER_STACKTRACE : FILTER_OTHER;
+
 		ret = trace_define_field(call, type, name, offset, size,
-					 is_signed, FILTER_OTHER);
+					 is_signed, filter_type);
 		if (ret)
 			break;
 
diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c
index b1e9c9913309..1de6f1573621 100644
--- a/kernel/trace/trace_functions_graph.c
+++ b/kernel/trace/trace_functions_graph.c
@@ -901,7 +901,7 @@ static void print_graph_retval(struct trace_seq *s, struct ftrace_graph_ent_entr
 		trace_seq_printf(s, "%ps", func);
 
 		if (args_size >= FTRACE_REGS_MAX_ARGS * sizeof(long)) {
-			print_function_args(s, entry->args, (unsigned long)func);
+			print_function_args(s, FGRAPH_ENTRY_ARGS(entry), (unsigned long)func);
 			trace_seq_putc(s, ';');
 		} else
 			trace_seq_puts(s, "();");
diff --git a/scripts/tracepoint-update.c b/scripts/tracepoint-update.c
index 90046aedc97b..5cf43c0aac89 100644
--- a/scripts/tracepoint-update.c
+++ b/scripts/tracepoint-update.c
@@ -49,6 +49,8 @@ static int add_string(const char *str, const char ***vals, int *count)
 		array = realloc(array, sizeof(char *) * size);
 		if (!array) {
 			fprintf(stderr, "Failed memory allocation\n");
+			free(*vals);
+			*vals = NULL;
 			return -1;
 		}
 		*vals = array;
Re: [GIT PULL] tracing: 1 crash fix and a few minor fixes
Posted by pr-tracker-bot@kernel.org 1 week, 6 days ago 
The pull request you sent on Sat, 24 Jan 2026 15:14:56 -0500:

> git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git trace-v6.19-rc6

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/b83a8ff87a0c10c1d86eb7f96e14009d91fae024

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html
Re: [GIT PULL] tracing: 1 crash fix and a few minor fixes
Posted by pr-tracker-bot@kernel.org 1 week, 6 days ago 
The pull request you sent on Sat, 24 Jan 2026 15:14:56 -0500:

> git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git trace-v6.19-rc6

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/b83a8ff87a0c10c1d86eb7f96e14009d91fae024

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.