Received: by 2002:a25:b794:0:0:0:0:0 with SMTP id n20csp3960403ybh; Tue, 6 Aug 2019 04:13:07 -0700 (PDT) X-Google-Smtp-Source: APXvYqzwzW8SbhQGSdmGqzWei3kcy3W8sWmA9kcWQdu8ssYktRmJReDOSP4wDjNTyR2mY2pf1f2r X-Received: by 2002:a17:902:2ec5:: with SMTP id r63mr2645235plb.21.1565089987329; Tue, 06 Aug 2019 04:13:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565089987; cv=none; d=google.com; s=arc-20160816; b=tVpES5a8zlxPq9WZUVN/K5QhWYX8pBbSZLdjOXpOHV3lxFTIF0S4JIdzXIQ6GPQzSf nu91wJJ5H0xr/bAZrHp9uXisJZZNPxp6ejBe3eUE6U+bOge7rdWC0ignguHeiYzzEeHL 6fPqAKK/+BESk5cTPPH/NyEjxe08HlDSCCiNbKLeAZ4ezufV2ZTJvEhFo9WM/suZx8qT 39AfaF8qsBr/f3sU3KYwLwswe/dzVFCmc7NP7PAUGdL0fjHvluh8DN5z//KNe1846xw6 6am6UVav29VBePpTWB2wMZXFFu+CyR0eq3oR8J4WaqI+WElsQkAfQIHUeIl6S622djyB qZqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:message-id:references :in-reply-to:subject:cc:to:from:date:content-transfer-encoding :mime-version:dkim-signature:dkim-signature; bh=wDV4qgI8gY09z1WfRCKx/gnOOo2XcKItJGIcpLiA2JQ=; b=dVLpvQSYv/vBikSwtE+Sn8EcIG23EcLX2couRaKLXQAmXOfk6Zn6Y/kfKbGJQDo0Ot tfbM7FbA3PIX3fQfeR/NR4xRWpPjwoPdAdOR94PzVwOL+Ht84z4gSybjVWSsD/wD4ONk cVAlTR4olynwz7YkuxXrXbtOva9jHRlC3nu6RhiH5SwbwqgM7uRVjXvSV50/q3IsF8X7 ntmYQfODgPE6UI2ANBI9GE1lRnsGtSq0SrkwrIy0V7/XwqSj1hqNwEm9vQhsPhel/i/9 5SC0H7t54xFUAs8Hl3GzWYlpgqFEKaXYHSU9KZpZPsnfOGwPhM+KbflmOFC5SIt1dwJ1 5hDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=LiYPummN; dkim=pass header.i=@codeaurora.org header.s=default header.b=ESZqsS8V; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c127si49323654pfc.191.2019.08.06.04.12.51; Tue, 06 Aug 2019 04:13:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=LiYPummN; dkim=pass header.i=@codeaurora.org header.s=default header.b=ESZqsS8V; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732713AbfHFLMO (ORCPT + 99 others); Tue, 6 Aug 2019 07:12:14 -0400 Received: from smtp.codeaurora.org ([198.145.29.96]:41756 "EHLO smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731309AbfHFLMO (ORCPT ); Tue, 6 Aug 2019 07:12:14 -0400 Received: by smtp.codeaurora.org (Postfix, from userid 1000) id 411E2607DE; Tue, 6 Aug 2019 11:12:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1565089933; bh=PXqe5y9a718vUQSQUOxmfZGDIqCtip464Gcvxtjj4zo=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=LiYPummNg1KAHClUPC5DEMTpP4DOooxFBDHNhSucbNmUnY1KGXXfEKgVdw4d0O6Fx 5TdizQ2A4EnvZ/ca/Gs0Diqe+AgvBBRGRTwGCQ7xBqDdGdz3RsXlaMj4DobPFcPk3B 84+t4EnMIfPNzH4rMEcESDA1HZsOat8I4eONCCdI= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pdx-caf-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=2.0 tests=ALL_TRUSTED,BAYES_00, DKIM_INVALID,DKIM_SIGNED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.codeaurora.org (Postfix) with ESMTP id 307746053B; Tue, 6 Aug 2019 11:12:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1565089932; bh=PXqe5y9a718vUQSQUOxmfZGDIqCtip464Gcvxtjj4zo=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=ESZqsS8VblOMAJdQViDaUiA4jfHfE0FXzpZjnWRi9/Fapc2wPyLYgn66ReFe8k7y9 Aau3PopZGRte19uvjXU0Mznhk32zMVPlsduCv2NbFBvaK+gp2HwHV+bO+U8bVjaCN+ DjeNHnPLCjgKOjOCy3jf0i33qWgCB6j799dxZZa4= MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 06 Aug 2019 16:42:12 +0530 From: Balakrishna Godavarthi To: Claire Chang Cc: marcel@holtmann.org, johan.hedberg@gmail.com, johan@kernel.org, linux-bluetooth@vger.kernel.org, linux-kernel@vger.kernel.org, hemantg@codeaurora.org, rjliao@codeaurora.org Subject: Re: [PATCH] Bluetooth: btqca: release_firmware after qca_inject_cmd_complete_event In-Reply-To: <20190806095629.88769-1-tientzu@chromium.org> References: <20190806095629.88769-1-tientzu@chromium.org> Message-ID: X-Sender: bgodavar@codeaurora.org User-Agent: Roundcube Webmail/1.2.5 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On 2019-08-06 15:26, Claire Chang wrote: > commit 32646db8cc28 ("Bluetooth: btqca: inject command complete event > during fw download") added qca_inject_cmd_complete_event() for certain > qualcomm chips. However, qca_download_firmware() will return without > calling release_firmware() in this case. > > This leads to a memory leak like the following found by kmemleak: > > unreferenced object 0xfffffff3868a5880 (size 128): > comm "kworker/u17:5", pid 347, jiffies 4294676481 (age 312.157s) > hex dump (first 32 bytes): > ac fd 00 00 00 00 00 00 00 d0 7e 17 80 ff ff ff ..........~..... > 00 00 00 00 00 00 00 00 00 59 8a 86 f3 ff ff ff .........Y...... > backtrace: > [<00000000978ce31d>] kmem_cache_alloc_trace+0x194/0x298 > [<000000006ea0398c>] _request_firmware+0x74/0x4e4 > [<000000004da31ca0>] request_firmware+0x44/0x64 > [<0000000094572996>] qca_download_firmware+0x74/0x6e4 [btqca] > [<00000000b24d615a>] qca_uart_setup+0xc0/0x2b0 [btqca] > [<00000000364a6d5a>] qca_setup+0x204/0x570 [hci_uart] > [<000000006be1a544>] hci_uart_setup+0xa8/0x148 [hci_uart] > [<00000000d64c0f4f>] hci_dev_do_open+0x144/0x530 [bluetooth] > [<00000000f69f5110>] hci_power_on+0x84/0x288 [bluetooth] > [<00000000d4151583>] process_one_work+0x210/0x420 > [<000000003cf3dcfb>] worker_thread+0x2c4/0x3e4 > [<000000007ccaf055>] kthread+0x124/0x134 > [<00000000bef1f723>] ret_from_fork+0x10/0x18 > [<00000000c36ee3dd>] 0xffffffffffffffff > unreferenced object 0xfffffff37b16de00 (size 128): > comm "kworker/u17:5", pid 347, jiffies 4294676873 (age 311.766s) > hex dump (first 32 bytes): > da 07 00 00 00 00 00 00 00 50 ff 0b 80 ff ff ff .........P...... > 00 00 00 00 00 00 00 00 00 dd 16 7b f3 ff ff ff ...........{.... > backtrace: > [<00000000978ce31d>] kmem_cache_alloc_trace+0x194/0x298 > [<000000006ea0398c>] _request_firmware+0x74/0x4e4 > [<000000004da31ca0>] request_firmware+0x44/0x64 > [<0000000094572996>] qca_download_firmware+0x74/0x6e4 [btqca] > [<000000000cde20a9>] qca_uart_setup+0x144/0x2b0 [btqca] > [<00000000364a6d5a>] qca_setup+0x204/0x570 [hci_uart] > [<000000006be1a544>] hci_uart_setup+0xa8/0x148 [hci_uart] > [<00000000d64c0f4f>] hci_dev_do_open+0x144/0x530 [bluetooth] > [<00000000f69f5110>] hci_power_on+0x84/0x288 [bluetooth] > [<00000000d4151583>] process_one_work+0x210/0x420 > [<000000003cf3dcfb>] worker_thread+0x2c4/0x3e4 > [<000000007ccaf055>] kthread+0x124/0x134 > [<00000000bef1f723>] ret_from_fork+0x10/0x18 > [<00000000c36ee3dd>] 0xffffffffffffffff > > Make sure release_firmware() is called aftre > qca_inject_cmd_complete_event() to avoid the memory leak. > > Fixes: 32646db8cc28 ("Bluetooth: btqca: inject command complete event > during fw download") > Signed-off-by: Claire Chang > --- > drivers/bluetooth/btqca.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c > index 2221935fac7e..8f0fec5acade 100644 > --- a/drivers/bluetooth/btqca.c > +++ b/drivers/bluetooth/btqca.c > @@ -344,7 +344,7 @@ static int qca_download_firmware(struct hci_dev > *hdev, > */ > if (config->dnld_type == ROME_SKIP_EVT_VSE_CC || > config->dnld_type == ROME_SKIP_EVT_VSE) > - return qca_inject_cmd_complete_event(hdev); > + ret = qca_inject_cmd_complete_event(hdev); > > out: > release_firmware(fw); Change look fine to me. Reviewed-by: Balakrishna Godavarthi -- Regards Balakrishna.