tracing: Do not free iter->trace in fail path of tracing_open_pipe()

BugLink: https://bugs.launchpad.net/bugs/1837952
commit e7f0c424d0806b05d6f47be9f202b037eb701707 upstream.

Commit d716ff71dd12 ("tracing: Remove taking of trace_types_lock in
pipe files") use the current tracer instead of the copy in
tracing_open_pipe(), but it forget to remove the freeing sentence in
the error path.

There's an error path that can call kfree(iter->trace) after the iter->trace
was assigned to tr->current_trace, which would be bad to free.

Link: http://lkml.kernel.org/r/1550060946-45984-1-git-send-email-yi.zhang@huawei.com
Cc: stable@vger.kernel.org
Fixes: d716ff71dd12 ("tracing: Remove taking of trace_types_lock in pipe files")
Signed-off-by: zhangyi (F) <yi.zhang@huawei.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index a5332e6900056c07acd6074e170e751363b778fd..3bca6faa1f971b7249c3db99e3a67c18020432ff 100644 (file)
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -5610,7 +5610,6 @@ out:
        return ret;
 
 fail:
-       kfree(iter->trace);
        kfree(iter);
        __trace_array_put(tr);
        mutex_unlock(&trace_types_lock);