[PATCH] amba: fix refcount underflow if amba_device_add() fails

Kefeng Wang wangkefeng.wang at huawei.com
Mon May 23 20:15:44 PDT 2022


On 2022/5/24 11:09, Guenter Roeck wrote:
> On Tue, May 24, 2022 at 10:51:39AM +0800, Kefeng Wang wrote:
>> "ARM: 9192/1: amba: fix memory leak in amba_device_try_add()" leads
>> to a refcount underflow if amba_device_add() fails, which called by
>> of_amba_device_create(), the of_amba_device_create() already exists
>> the error handling, so amba_put_device() only need to be added into
>> amba_deferred_retry().
>>
>> Reported-by: Guenter Roeck <linux at roeck-us.net>
>> Signed-off-by: Kefeng Wang <wangkefeng.wang at huawei.com>
> Tested-by: Guenter Roeck <linux at roeck-us.net>

Thanks.

PS: I also test with kmemleak, this could also fix previous memory leak 
issue.

>
> Thanks,
> Guenter
>
>> ---
>>   drivers/amba/bus.c | 8 ++------
>>   1 file changed, 2 insertions(+), 6 deletions(-)
>>
>> diff --git a/drivers/amba/bus.c b/drivers/amba/bus.c
>> index 0e3ed5eb367b..0cb20324da16 100644
>> --- a/drivers/amba/bus.c
>> +++ b/drivers/amba/bus.c
>> @@ -493,13 +493,8 @@ static int amba_device_try_add(struct amba_device *dev, struct resource *parent)
>>   		goto skip_probe;
>>   
>>   	ret = amba_read_periphid(dev);
>> -	if (ret) {
>> -		if (ret != -EPROBE_DEFER) {
>> -			amba_device_put(dev);
>> -			goto err_out;
>> -		}
>> +	if (ret)
>>   		goto err_release;
>> -	}
>>   
>>   skip_probe:
>>   	ret = device_add(&dev->dev);
>> @@ -546,6 +541,7 @@ static int amba_deferred_retry(void)
>>   			continue;
>>   
>>   		list_del_init(&ddev->node);
>> +		amba_device_put(ddev->dev);
>>   		kfree(ddev);
>>   	}
>>   
>> -- 
>> 2.35.3
>>
> .



More information about the linux-arm-kernel mailing list