This is a note to let you know that I've just added the patch titled tracing: fix double free to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: tracing-fix-double-free.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 46bbe5c671e06f070428b9be142cc4ee5cedebac Mon Sep 17 00:00:00 2001 From: Tom Rix <trix@xxxxxxxxxx> Date: Mon, 7 Sep 2020 06:58:45 -0700 Subject: tracing: fix double free From: Tom Rix <trix@xxxxxxxxxx> commit 46bbe5c671e06f070428b9be142cc4ee5cedebac upstream. clang static analyzer reports this problem trace_events_hist.c:3824:3: warning: Attempt to free released memory kfree(hist_data->attrs->var_defs.name[i]); In parse_var_defs() if there is a problem allocating var_defs.expr, the earlier var_defs.name is freed. This free is duplicated by free_var_defs() which frees the rest of the list. Because free_var_defs() has to run anyway, remove the second free fom parse_var_defs(). Link: https://lkml.kernel.org/r/20200907135845.15804-1-trix@xxxxxxxxxx Cc: stable@xxxxxxxxxxxxxxx Fixes: 30350d65ac56 ("tracing: Add variable support to hist triggers") Reviewed-by: Tom Zanussi <tom.zanussi@xxxxxxxxxxxxxxx> Signed-off-by: Tom Rix <trix@xxxxxxxxxx> Signed-off-by: Steven Rostedt (VMware) <rostedt@xxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- kernel/trace/trace_events_hist.c | 1 - 1 file changed, 1 deletion(-) --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -4225,7 +4225,6 @@ static int parse_var_defs(struct hist_tr s = kstrdup(field_str, GFP_KERNEL); if (!s) { - kfree(hist_data->attrs->var_defs.name[n_vars]); ret = -ENOMEM; goto free; } Patches currently in stable-queue which might be from trix@xxxxxxxxxx are queue-4.19/ieee802154-adf7242-check-status-of-adf7242_read_reg.patch queue-4.19/tracing-fix-double-free.patch queue-4.19/alsa-asihpi-fix-iounmap-in-error-handler.patch