diff options
author | Cong Wang <amwang@redhat.com> | 2011-11-22 09:32:57 +0800 |
---|---|---|
committer | Gustavo F. Padovan <padovan@profusion.mobi> | 2011-12-03 08:19:59 +0900 |
commit | 54a8a79c55ce283c94ce4c67a98d28c21830405a (patch) | |
tree | 198b812b19cc6948d6c4b90f7faad1b9ca86b4d7 | |
parent | 9b338c3dd12918f7f7df2b882f63f71e9efbcb41 (diff) | |
download | lwn-54a8a79c55ce283c94ce4c67a98d28c21830405a.tar.gz lwn-54a8a79c55ce283c94ce4c67a98d28c21830405a.zip |
btusb: fix a memory leak in btusb_send_frame()
This patch fixes the following memory leak reported by kmemleak:
unreferenced object 0xffff880060a53840 (size 192):
comm "softirq", pid 0, jiffies 4320571771 (age 1406.569s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff81138a1c>] create_object+0x187/0x28b
[<ffffffff814be12e>] kmemleak_alloc+0x73/0x98
[<ffffffff811289d3>] __kmalloc+0xfc/0x123
[<ffffffff81386546>] usb_alloc_urb+0x1e/0x48
[<ffffffffa0130274>] btusb_send_frame+0x86/0x385 [btusb]
[<ffffffffa02d8230>] hci_send_frame+0xa0/0xa5 [bluetooth]
[<ffffffffa02d8a4e>] hci_cmd_task+0xa0/0xfb [bluetooth]
[<ffffffff81058548>] tasklet_action+0x8f/0xef
[<ffffffff81058a4c>] __do_softirq+0xf4/0x1db
[<ffffffff81058bb7>] run_ksoftirqd+0x84/0x129
[<ffffffff8106f1c4>] kthread+0xa0/0xa8
[<ffffffff814dd144>] kernel_thread_helper+0x4/0x10
[<ffffffffffffffff>] 0xffffffffffffffff
The problem is that when inc_tx() returns non-zero, we forgot
to call usb_free_urb().
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: "Gustavo F. Padovan" <padovan@profusion.mobi>
Signed-off-by: WANG Cong <amwang@redhat.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
-rw-r--r-- | drivers/bluetooth/btusb.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index fe4ebc375b3d..eabc437ce500 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -777,9 +777,8 @@ skip_waking: usb_mark_last_busy(data->udev); } - usb_free_urb(urb); - done: + usb_free_urb(urb); return err; } |