Received: by 2002:a05:6358:53a8:b0:117:f937:c515 with SMTP id z40csp4696469rwe; Mon, 17 Apr 2023 17:30:28 -0700 (PDT) X-Google-Smtp-Source: AKy350Y/R3MUiBUWzunq86NLZXuIt6sVGi2FZgB1yxzZUjOAxmEcnJPzNdZyWymcVgrjQgdLFi5N X-Received: by 2002:a05:6a20:6a20:b0:ee:ce8e:4e9a with SMTP id p32-20020a056a206a2000b000eece8e4e9amr13531614pzk.5.1681777828483; Mon, 17 Apr 2023 17:30:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681777828; cv=none; d=google.com; s=arc-20160816; b=svcE5ye2lBP3QVOjqq5lB9cu0hdN9eyc1hYpOGVrdO3ZqWw+ZHCrCm7472jy9rkKNq qSa3JWraiH92DVkZO+M6YYh6TYOCcd9SIv4qlAP1Qm9VTnnioaHb4LeYZb2d/m2Eu9BB tCfHLKPPpFYD4UU5RWRZObT9MnBOckHaPJCzp444LUa+ql+/xAL3H8m+i+INLV2mdYRc SZh6hpX9lP1NKl1jkBISb3x8W0zhwB0OPidIXrlbFbVgODLY0EmqLlMmGEtblZMkQVC6 OboE/L7WorUT2LijbmYZPKr8bxHiuiXmTaInPl2pTuKmQIC0Ml94FkVydE6L+KXXjjmY SSRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :content-language:accept-language:in-reply-to:references:message-id :date:thread-index:thread-topic:subject:cc:to:from:authenticated-by; bh=NtkbIfD5udRhFcMONDpgQoC3vyjA1ByuR7B8OVqgo8E=; b=gSqMUgjUlwud5DxSRNYPGiuYgetSyfau77cQyt/WtRm3KtPvIUH9+YZ3FfWRGYZwsF 4d/xv+yti+35pUCYzDAgEJ/gYKOYV7zqu2p7kvkLlmWZOQu8zaGHb7O/jmZXJHiUTnmA Cg/VqlEQNi41E0i2SJSwXSAlTSyg8BIFQMbh3yS0dTOja2xKh1Qc+hjTklERbobNQlmm MKfckHEx4ld9q3blcm4JvXRAfYVo54eUG9lw9s/YllrALcy6PbLpSLLvmraYCqYnmTTs igN3e3JEcmPTNCbSpSCcTEnkk5oLzy2jo2bPVl4FCZyOUplVHqFcJNVAOTYo8G4UmnWn GprQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y20-20020a63e254000000b0050b8a7635dfsi13232150pgj.295.2023.04.17.17.30.14; Mon, 17 Apr 2023 17:30:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229542AbjDRALo convert rfc822-to-8bit (ORCPT + 63 others); Mon, 17 Apr 2023 20:11:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45262 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229479AbjDRALn (ORCPT ); Mon, 17 Apr 2023 20:11:43 -0400 Received: from rtits2.realtek.com.tw (rtits2.realtek.com [211.75.126.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0ECAD2D50 for ; Mon, 17 Apr 2023 17:11:39 -0700 (PDT) Authenticated-By: X-SpamFilter-By: ArmorX SpamTrap 5.77 with qID 33I0BCOF0025295, This message is accepted by code: ctloc85258 Received: from mail.realtek.com (rtexh36505.realtek.com.tw[172.21.6.25]) by rtits2.realtek.com.tw (8.15.2/2.81/5.90) with ESMTPS id 33I0BCOF0025295 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=OK); Tue, 18 Apr 2023 08:11:12 +0800 Received: from RTEXMBS04.realtek.com.tw (172.21.6.97) by RTEXH36505.realtek.com.tw (172.21.6.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.32; Tue, 18 Apr 2023 08:11:12 +0800 Received: from RTEXMBS04.realtek.com.tw (172.21.6.97) by RTEXMBS04.realtek.com.tw (172.21.6.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.7; Tue, 18 Apr 2023 08:11:11 +0800 Received: from RTEXMBS04.realtek.com.tw ([fe80::e138:e7f1:4709:ff4d]) by RTEXMBS04.realtek.com.tw ([fe80::e138:e7f1:4709:ff4d%5]) with mapi id 15.01.2375.007; Tue, 18 Apr 2023 08:11:11 +0800 From: Ping-Ke Shih To: Larry Finger , Kalle Valo CC: Johannes Berg , "linux-wireless@vger.kernel.org" , "Sascha Hauer" Subject: RE: [PATCH v2] wifi: rtw88: Fix memory leak in rtw88_usb Thread-Topic: [PATCH v2] wifi: rtw88: Fix memory leak in rtw88_usb Thread-Index: AQHZcUY4BS6B+c7TwUapGjuP05Ui0q8wMfAg Date: Tue, 18 Apr 2023 00:11:11 +0000 Message-ID: References: <20230417160331.23071-1-Larry.Finger@lwfinger.net> In-Reply-To: <20230417160331.23071-1-Larry.Finger@lwfinger.net> Accept-Language: en-US, zh-TW Content-Language: zh-TW X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [172.21.69.188] x-kse-serverinfo: RTEXMBS04.realtek.com.tw, 9 x-kse-antispam-interceptor-info: fallback x-kse-antivirus-interceptor-info: fallback Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8BIT MIME-Version: 1.0 X-KSE-AntiSpam-Interceptor-Info: fallback X-KSE-ServerInfo: RTEXH36505.realtek.com.tw, 9 X-KSE-AntiSpam-Interceptor-Info: fallback X-KSE-Antivirus-Interceptor-Info: fallback X-KSE-AntiSpam-Interceptor-Info: fallback X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org > -----Original Message----- > From: Larry Finger On Behalf Of Larry Finger > Sent: Tuesday, April 18, 2023 12:04 AM > To: Kalle Valo > Cc: Johannes Berg ; linux-wireless@vger.kernel.org; Larry Finger > ; Sascha Hauer ; Ping-Ke Shih > Subject: [PATCH v2] wifi: rtw88: Fix memory leak in rtw88_usb > > Kmemleak shows the following leak arising from routine in the usb > probe routine: > > unreferenced object 0xffff895cb29bba00 (size 512): > comm "(udev-worker)", pid 534, jiffies 4294903932 (age 102751.088s) > hex dump (first 32 bytes): > 77 30 30 30 00 00 00 00 02 2f 2d 2b 30 00 00 00 w000...../-+0... > 02 00 2a 28 00 00 00 00 ff 55 ff ff ff 00 00 00 ..*(.....U...... > backtrace: > [] kmalloc_trace+0x26/0x90 > [] rtw_usb_probe+0x2f1/0x680 [rtw_usb] > [] usb_probe_interface+0xdd/0x2e0 [usbcore] > [] really_probe+0x18e/0x3d0 > [] __driver_probe_device+0x78/0x160 > [] driver_probe_device+0x1f/0x90 > [] __driver_attach+0xbf/0x1b0 > [] bus_for_each_dev+0x70/0xc0 > [] bus_add_driver+0x10e/0x210 > [] driver_register+0x55/0xf0 > [] usb_register_driver+0x88/0x140 [usbcore] > [] do_one_initcall+0x43/0x210 > [] do_init_module+0x4a/0x200 > [] __do_sys_finit_module+0xac/0x120 > [] do_syscall_64+0x56/0x80 > [] entry_SYSCALL_64_after_hwframe+0x46/0xb0 > > The leak was verified to be real by unloading the driver, which resulted > in a dangling pointer to the allocation. > > The allocated memory is freed in rtw_usb_intf_deinit(). > > Signed-off-by: Larry Finger > Cc: Sascha Hauer > Cc: Ping-Ke Shih Reviewed-by: Ping-Ke Shih > --- > v2 - Moved the kfree call as suggested by Ping-Ke Shih, > --- > drivers/net/wireless/realtek/rtw88/usb.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/net/wireless/realtek/rtw88/usb.c b/drivers/net/wireless/realtek/rtw88/usb.c > index 68e1b782d199..05c732644361 100644 > --- a/drivers/net/wireless/realtek/rtw88/usb.c > +++ b/drivers/net/wireless/realtek/rtw88/usb.c > @@ -780,6 +780,7 @@ static void rtw_usb_intf_deinit(struct rtw_dev *rtwdev, > struct rtw_usb *rtwusb = rtw_get_usb_priv(rtwdev); > > usb_put_dev(rtwusb->udev); > + kfree(rtwusb->usb_data); > usb_set_intfdata(intf, NULL); > } > > -- > 2.40.0