[PATCH v2] phy: qcom-qusb2: Fix a memory leak on probe

Vinod Koul vkoul at kernel.org
Tue Oct 5 03:37:43 PDT 2021


On 01-10-21, 14:04, Vladimir Zapolskiy wrote:
> On 10/1/21 12:42 PM, Vinod Koul wrote:
> > On 23-09-21, 02:35, Vladimir Zapolskiy wrote:
> > > On success nvmem_cell_read() returns a pointer to a dynamically allocated
> > > buffer, and therefore it shall be freed after usage.
> > > 
> > > The issue is reported by kmemleak:
> > > 
> > >    # cat /sys/kernel/debug/kmemleak
> > >    unreferenced object 0xffff3b3803e4b280 (size 128):
> > >      comm "kworker/u16:1", pid 107, jiffies 4294892861 (age 94.120s)
> > >      hex dump (first 32 bytes):
> > >        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> > >        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
> > >      backtrace:
> > >        [<000000007739afdc>] __kmalloc+0x27c/0x41c
> > >        [<0000000071c0fbf8>] nvmem_cell_read+0x40/0xe0
> > >        [<00000000e803ef1f>] qusb2_phy_init+0x258/0x5bc
> > >        [<00000000fc81fcfa>] phy_init+0x70/0x110
> > >        [<00000000e3d48a57>] dwc3_core_soft_reset+0x4c/0x234
> > >        [<0000000027d1dbd4>] dwc3_core_init+0x68/0x990
> > >        [<000000001965faf9>] dwc3_probe+0x4f4/0x730
> > >        [<000000002f7617ca>] platform_probe+0x74/0xf0
> > >        [<00000000a2576cac>] really_probe+0xc4/0x470
> > >        [<00000000bc77f2c5>] __driver_probe_device+0x11c/0x190
> > >        [<00000000130db71f>] driver_probe_device+0x48/0x110
> > >        [<0000000019f36c2b>] __device_attach_driver+0xa4/0x140
> > >        [<00000000e5812ff7>]  bus_for_each_drv+0x84/0xe0
> > >        [<00000000f4bac574>] __device_attach+0xe4/0x1c0
> > >        [<00000000d3beb631>] device_initial_probe+0x20/0x30
> > >        [<000000008019b9db>] bus_probe_device+0xa4/0xb0
> > > 
> > > Fixes: ca04d9d3e1b1 ("phy: qcom-qusb2: New driver for QUSB2 PHY on Qcom chips")
> > > Signed-off-by: Vladimir Zapolskiy <vladimir.zapolskiy at linaro.org>
> > > ---
> > > Changes from v1 to v2:
> > > * fixed a memory leak in case of reading a zero value and return,
> > > * corrected the fixed commit, the memory leak is present before a rename.
> > > 
> > >   drivers/phy/qualcomm/phy-qcom-qusb2.c | 16 ++++++++++------
> > >   1 file changed, 10 insertions(+), 6 deletions(-)
> > > 
> > > diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c
> > > index 3c1d3b71c825..f1d97fbd1331 100644
> > > --- a/drivers/phy/qualcomm/phy-qcom-qusb2.c
> > > +++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c
> > > @@ -561,7 +561,7 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy)
> > >   {
> > >   	struct device *dev = &qphy->phy->dev;
> > >   	const struct qusb2_phy_cfg *cfg = qphy->cfg;
> > > -	u8 *val;
> > > +	u8 *val, hstx_trim;
> > >   	/* efuse register is optional */
> > >   	if (!qphy->cell)
> > > @@ -575,7 +575,13 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy)
> > >   	 * set while configuring the phy.
> > >   	 */
> > >   	val = nvmem_cell_read(qphy->cell, NULL);
> > > -	if (IS_ERR(val) || !val[0]) {
> > > +	if (IS_ERR(val)) {
> > > +		dev_dbg(dev, "failed to read a valid hs-tx trim value\n");
> > 
> > not an error log..?
> > 
> 
> It's a copy from the existing code, no changes on error but the memory leak fix.
> 
> If CONFIG_NVMEM is not set, then nvmem_cell_read() returns ERR_PTR(-EOPNOTSUPP),
> still it allows to build/run the phy driver, so it seems to be a valid option,
> please correct me.

Yes it is not relevant to the leak fix here, so I will apply it

-- 
~Vinod



More information about the linux-phy mailing list