Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4250301imw; Tue, 12 Jul 2022 04:53:31 -0700 (PDT) X-Google-Smtp-Source: AGRyM1teX0J1WLsI6K58EzyrL57Lqwo+g/g6KuExnUuBao2gkCUY0Bd875qzSF21LkYlceNvF/+s X-Received: by 2002:a17:906:6a0a:b0:72b:60b8:d2e7 with SMTP id qw10-20020a1709066a0a00b0072b60b8d2e7mr7417679ejc.607.1657626811664; Tue, 12 Jul 2022 04:53:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657626811; cv=none; d=google.com; s=arc-20160816; b=k4hkLJzBlapddO5+K9c8t+JvpvVpQ1IkomsAIRt8pc54V3WBZ/miFRhfI5LpoiMcTm UVcVXD3DMrbREEi39Wq5muf1iiD067UjT+0/gMq0qMHq/+o8o5BAxN/LqCvRs/cCtsyJ TYqXSiKNRy67olZ9vHO68oxw0vl1NQdMZPD8ckrYZDnzxL7/aWpl/K7aME6wqwDwOb2j QUHUbFx44p7AM7TFX9vo+NV84j33RwQLD5oWmH97WWRRLAqI9Z6IgGIHvCgafi2TCHHM IC8+1yx+RENDbYaIYTje2sqMJOZhqczWW7v9rXb1vuH9tXzPvP9Jm8eShBhkzWHr03OH ceUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=DVvQQtZVNOWK1/wBgRXFDysr0BswXk2MDwxzwq3f8HE=; b=bez+BEL0viDIOxO02jKwiCYavA0CMFuRHnHhWLund0ijR6M/RuVq7zgph1MS6PTCjF 5mUnbQAJGQXzI2+K33QTjPyXNs7lpcMy2wZUb46Lg5HX7k2wBXzi98KPJ1wqEvjZVX1k LmTBO7TzqJXBpKmbF/EelcWT/Xl7B/gRnijQrybQT1FOO/WaaaHsNgP8Vn4ep0fa51h/ 2SkXl/Ol7qdo2qhNAFlQR9j47ciGFFzLp5nuVHDtCLdfFogN4yR2bZ8g56mRdd4afoyK c5CbzVNq9BiJm7NCf7XH+FUwnBfmzDXVR0KP2XuUmp2UzHJaUju5LXdU0PA3SzH5pEx3 t84Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l22-20020a1709060e1600b00726abda6121si12267924eji.533.2022.07.12.04.53.06; Tue, 12 Jul 2022 04:53:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232437AbiGLLvT (ORCPT + 99 others); Tue, 12 Jul 2022 07:51:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34420 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229634AbiGLLvQ (ORCPT ); Tue, 12 Jul 2022 07:51:16 -0400 Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 907E3B31F6; Tue, 12 Jul 2022 04:51:14 -0700 (PDT) Received: from dggpeml500023.china.huawei.com (unknown [172.30.72.54]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4LhzZ95CjvzlVxf; Tue, 12 Jul 2022 19:49:37 +0800 (CST) Received: from dggpeml100012.china.huawei.com (7.185.36.121) by dggpeml500023.china.huawei.com (7.185.36.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 12 Jul 2022 19:51:11 +0800 Received: from ubuntu1804.huawei.com (10.67.174.66) by dggpeml100012.china.huawei.com (7.185.36.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Tue, 12 Jul 2022 19:51:11 +0800 From: Zheng Yejian To: CC: , , , , , , Subject: Re: [PATCH v2] tracing/histograms: Fix memory leak problem Date: Tue, 12 Jul 2022 19:48:44 +0800 Message-ID: <20220712114844.158722-1-zhengyejian1@huawei.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20220711115211.4f613cbe@gandalf.local.home> References: <20220711115211.4f613cbe@gandalf.local.home> MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII X-Originating-IP: [10.67.174.66] X-ClientProxiedBy: dggems706-chm.china.huawei.com (10.3.19.183) To dggpeml100012.china.huawei.com (7.185.36.121) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 11 Jul 2022 11:52:11 -0400 Steven Rostedt wrote: > On Mon, 11 Jul 2022 09:27:44 -0500 > "Zanussi, Tom" wrote: > > > So I'm wondering if this means that that the original unnecessary bugfix > > was based on a bug in the clang static analyzer or if that would just be > > considered a false positive... > > Good question. I'd like to know this, as if it is the case, I want to > report that in my pull request to Linus. > > -- Steve I didn't use clang static analyzer before, but from its home page, 'False Positives' seems to exist, see https://clang-analyzer.llvm.org/: > Static analysis is not perfect. It can falsely flag bugs in a program > where the code behaves correctly. Because some code checks require more > analysis precision than others, the frequency of false positives can > vary widely between different checks. Our long-term goal is to have the > analyzer have a low false positive rate for most code on all checks. So I try the clang-14 which comes from https://github.com/llvm/llvm-project/releases/tag/llvmorg-14.0.0, then execute like: $ scan-build make -j16 Then I take a rough look at following warnings related to 'trace_events_hist.c' (serial number is manually added, no double free warning, maybe due to clang version): 1. kernel/trace/trace_events_hist.c:1540:6: warning: Branch condition evaluates to a garbage value [core.uninitialized.Branch] if (!attrs->keys_str) { ^~~~~~~~~~~~~~~~ 2. kernel/trace/trace_events_hist.c:1580:9: warning: Array access (via field 'field_var_str') results in a null pointer dereference [core.NullDereference] kfree(elt_data->field_var_str[i]); ^~~~~~~~~~~~~~~~~~~~~~~~~~ 3. kernel/trace/trace_events_hist.c:1898:3: warning: 1st function call argument is an uninitialized value [core.CallAndMessage] destroy_hist_field(hist_field->operands[i], level + 1); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4. kernel/trace/trace_events_hist.c:2095:2: warning: 1st function call argument is an uninitialized value [core.CallAndMessage] kfree(ref_field->system); ^~~~~~~~~~~~~~~~~~~~~~~~ 5. kernel/trace/trace_events_hist.c:2099:2: warning: 1st function call argument is an uninitialized value [core.CallAndMessage] kfree(ref_field->name); ^~~~~~~~~~~~~~~~~~~~~~ 6. kernel/trace/trace_events_hist.c:2158:4: warning: Potential leak of memory pointed to by 'ref_field' [unix.Malloc] return NULL; Since I'm not very familiar with trace_events_hist.c, I roughly conclude that: 1. warning 1/3/6 are plausible but false-positive; 2. warning 2/4/5 seems positive although they don't cause practical problems because elt_data->field_var_str[i] / ref_field->system / ref_field->name can be 'NULL' on 'kfree'. Do we need to explicitly check 'NULL' there?