camss_probe() does not free camss on error handling paths. The patch
introduces an additional error label for this purpose. Besides, it
removes call of v4l2_async_notifier_cleanup() from
camss_of_parse_ports() since its caller, camss_probe(), cleans up all
its resources itself.
Found by Linux Driver Verification project (linuxtesting.org).
Co-Developed-by: Anton Vasilyev <[email protected]>
Signed-off-by: Evgeny Novikov <[email protected]>
Signed-off-by: Anton Vasilyev <[email protected]>
---
drivers/media/platform/qcom/camss/camss.c | 30 ++++++++++++++++++++----------
1 file changed, 20 insertions(+), 10 deletions(-)
diff --git a/drivers/media/platform/qcom/camss/camss.c b/drivers/media/platform/qcom/camss/camss.c
index 3fdc9f964a3c..2483641799df 100644
--- a/drivers/media/platform/qcom/camss/camss.c
+++ b/drivers/media/platform/qcom/camss/camss.c
@@ -504,7 +504,6 @@ static int camss_of_parse_ports(struct camss *camss)
return num_subdevs;
err_cleanup:
- v4l2_async_notifier_cleanup(&camss->notifier);
of_node_put(node);
return ret;
}
@@ -835,29 +834,38 @@ static int camss_probe(struct platform_device *pdev)
camss->csid_num = 4;
camss->vfe_num = 2;
} else {
- return -EINVAL;
+ ret = -EINVAL;
+ goto err_free;
}
camss->csiphy = devm_kcalloc(dev, camss->csiphy_num,
sizeof(*camss->csiphy), GFP_KERNEL);
- if (!camss->csiphy)
- return -ENOMEM;
+ if (!camss->csiphy) {
+ ret = -ENOMEM;
+ goto err_free;
+ }
camss->csid = devm_kcalloc(dev, camss->csid_num, sizeof(*camss->csid),
GFP_KERNEL);
- if (!camss->csid)
- return -ENOMEM;
+ if (!camss->csid) {
+ ret = -ENOMEM;
+ goto err_free;
+ }
camss->vfe = devm_kcalloc(dev, camss->vfe_num, sizeof(*camss->vfe),
GFP_KERNEL);
- if (!camss->vfe)
- return -ENOMEM;
+ if (!camss->vfe) {
+ ret = -ENOMEM;
+ goto err_free;
+ }
v4l2_async_notifier_init(&camss->notifier);
num_subdevs = camss_of_parse_ports(camss);
- if (num_subdevs < 0)
- return num_subdevs;
+ if (num_subdevs < 0) {
+ ret = num_subdevs;
+ goto err_cleanup;
+ }
ret = camss_init_subdevices(camss);
if (ret < 0)
@@ -936,6 +944,8 @@ static int camss_probe(struct platform_device *pdev)
v4l2_device_unregister(&camss->v4l2_dev);
err_cleanup:
v4l2_async_notifier_cleanup(&camss->notifier);
+err_free:
+ kfree(camss);
return ret;
}
--
2.16.4
> camss_probe() does not free camss on error handling paths. The patch
> introduces an additional error label for this purpose.
* I suggest to use an imperative wording for the change description.
* Would you like to use also a jump target like the following
at the end of this function implementation?
+e_nomem:
+ ret = -ENOMEM;
+ goto err_free;
* Will the tag “Fixes” become helpful for the commit message?
> Besides, it
> removes call of v4l2_async_notifier_cleanup() from
> camss_of_parse_ports() since its caller, camss_probe(), cleans up all
> its resources itself.
I propose to offer such a change by a separate update step.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?id=d15be546031cf65a0fc34879beca02fd90fe7ac7#n138
Regards,
Markus