* [PATCH] phy: qcom-qusb2: Fix a memory leak on probe
@ 2021-09-22 22:16 Vladimir Zapolskiy
2021-09-22 22:56 ` Bjorn Andersson
0 siblings, 1 reply; 3+ messages in thread
From: Vladimir Zapolskiy @ 2021-09-22 22:16 UTC (permalink / raw)
To: Bjorn Andersson, Andy Gross, Kishon Vijay Abraham I, Vinod Koul,
Vivek Gautam
Cc: linux-arm-msm, linux-phy
On success nvmem_cell_read() returns a pointer to a dynamically allocated
buffer, and therefore it shall be freed after usage.
The issue is reported by kmemleak:
# cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff3b3803e4b280 (size 128):
comm "kworker/u16:1", pid 107, jiffies 4294892861 (age 94.120s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<000000007739afdc>] __kmalloc+0x27c/0x41c
[<0000000071c0fbf8>] nvmem_cell_read+0x40/0xe0
[<00000000e803ef1f>] qusb2_phy_init+0x258/0x5bc
[<00000000fc81fcfa>] phy_init+0x70/0x110
[<00000000e3d48a57>] dwc3_core_soft_reset+0x4c/0x234
[<0000000027d1dbd4>] dwc3_core_init+0x68/0x990
[<000000001965faf9>] dwc3_probe+0x4f4/0x730
[<000000002f7617ca>] platform_probe+0x74/0xf0
[<00000000a2576cac>] really_probe+0xc4/0x470
[<00000000bc77f2c5>] __driver_probe_device+0x11c/0x190
[<00000000130db71f>] driver_probe_device+0x48/0x110
[<0000000019f36c2b>] __device_attach_driver+0xa4/0x140
[<00000000e5812ff7>] bus_for_each_drv+0x84/0xe0
[<00000000f4bac574>] __device_attach+0xe4/0x1c0
[<00000000d3beb631>] device_initial_probe+0x20/0x30
[<000000008019b9db>] bus_probe_device+0xa4/0xb0
Fixes: 0b56e9a7e835 ("phy: Group vendor specific phy drivers")
Signed-off-by: Vladimir Zapolskiy <vladimir.zapolskiy@linaro.org>
---
drivers/phy/qualcomm/phy-qcom-qusb2.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c
index 3c1d3b71c825..061665ba8ef7 100644
--- a/drivers/phy/qualcomm/phy-qcom-qusb2.c
+++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c
@@ -589,6 +589,8 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy)
qusb2_write_mask(qphy->base, cfg->regs[QUSB2PHY_PORT_TUNE2],
val[0] << HSTX_TRIM_SHIFT,
HSTX_TRIM_MASK);
+
+ kfree(val);
}
static int qusb2_phy_set_mode(struct phy *phy,
--
2.33.0
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] phy: qcom-qusb2: Fix a memory leak on probe
2021-09-22 22:16 [PATCH] phy: qcom-qusb2: Fix a memory leak on probe Vladimir Zapolskiy
@ 2021-09-22 22:56 ` Bjorn Andersson
2021-09-22 23:46 ` Vladimir Zapolskiy
0 siblings, 1 reply; 3+ messages in thread
From: Bjorn Andersson @ 2021-09-22 22:56 UTC (permalink / raw)
To: Vladimir Zapolskiy
Cc: Andy Gross, Kishon Vijay Abraham I, Vinod Koul, Vivek Gautam,
linux-arm-msm, linux-phy
On Wed 22 Sep 15:16 PDT 2021, Vladimir Zapolskiy wrote:
> On success nvmem_cell_read() returns a pointer to a dynamically allocated
> buffer, and therefore it shall be freed after usage.
>
> The issue is reported by kmemleak:
>
> # cat /sys/kernel/debug/kmemleak
> unreferenced object 0xffff3b3803e4b280 (size 128):
> comm "kworker/u16:1", pid 107, jiffies 4294892861 (age 94.120s)
> hex dump (first 32 bytes):
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<000000007739afdc>] __kmalloc+0x27c/0x41c
> [<0000000071c0fbf8>] nvmem_cell_read+0x40/0xe0
> [<00000000e803ef1f>] qusb2_phy_init+0x258/0x5bc
> [<00000000fc81fcfa>] phy_init+0x70/0x110
> [<00000000e3d48a57>] dwc3_core_soft_reset+0x4c/0x234
> [<0000000027d1dbd4>] dwc3_core_init+0x68/0x990
> [<000000001965faf9>] dwc3_probe+0x4f4/0x730
> [<000000002f7617ca>] platform_probe+0x74/0xf0
> [<00000000a2576cac>] really_probe+0xc4/0x470
> [<00000000bc77f2c5>] __driver_probe_device+0x11c/0x190
> [<00000000130db71f>] driver_probe_device+0x48/0x110
> [<0000000019f36c2b>] __device_attach_driver+0xa4/0x140
> [<00000000e5812ff7>] bus_for_each_drv+0x84/0xe0
> [<00000000f4bac574>] __device_attach+0xe4/0x1c0
> [<00000000d3beb631>] device_initial_probe+0x20/0x30
> [<000000008019b9db>] bus_probe_device+0xa4/0xb0
>
> Fixes: 0b56e9a7e835 ("phy: Group vendor specific phy drivers")
> Signed-off-by: Vladimir Zapolskiy <vladimir.zapolskiy@linaro.org>
> ---
> drivers/phy/qualcomm/phy-qcom-qusb2.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c
> index 3c1d3b71c825..061665ba8ef7 100644
> --- a/drivers/phy/qualcomm/phy-qcom-qusb2.c
> +++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c
> @@ -589,6 +589,8 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy)
> qusb2_write_mask(qphy->base, cfg->regs[QUSB2PHY_PORT_TUNE2],
> val[0] << HSTX_TRIM_SHIFT,
> HSTX_TRIM_MASK);
> +
> + kfree(val);
Nice catch, here's my:
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
That said, do you think we could replace the nvmem_cell_read() with a
call to nvmem_cell_read_u8() to avoid the need to clean it up instead?
Regards,
Bjorn
> }
>
> static int qusb2_phy_set_mode(struct phy *phy,
> --
> 2.33.0
>
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] phy: qcom-qusb2: Fix a memory leak on probe
2021-09-22 22:56 ` Bjorn Andersson
@ 2021-09-22 23:46 ` Vladimir Zapolskiy
0 siblings, 0 replies; 3+ messages in thread
From: Vladimir Zapolskiy @ 2021-09-22 23:46 UTC (permalink / raw)
To: Bjorn Andersson
Cc: Andy Gross, Kishon Vijay Abraham I, Vinod Koul, Vivek Gautam,
linux-arm-msm, linux-phy
Hi Bjorn,
On 9/23/21 1:56 AM, Bjorn Andersson wrote:
> On Wed 22 Sep 15:16 PDT 2021, Vladimir Zapolskiy wrote:
>
>> On success nvmem_cell_read() returns a pointer to a dynamically allocated
>> buffer, and therefore it shall be freed after usage.
>>
>> The issue is reported by kmemleak:
>>
>> # cat /sys/kernel/debug/kmemleak
>> unreferenced object 0xffff3b3803e4b280 (size 128):
>> comm "kworker/u16:1", pid 107, jiffies 4294892861 (age 94.120s)
>> hex dump (first 32 bytes):
>> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
>> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
>> backtrace:
>> [<000000007739afdc>] __kmalloc+0x27c/0x41c
>> [<0000000071c0fbf8>] nvmem_cell_read+0x40/0xe0
>> [<00000000e803ef1f>] qusb2_phy_init+0x258/0x5bc
>> [<00000000fc81fcfa>] phy_init+0x70/0x110
>> [<00000000e3d48a57>] dwc3_core_soft_reset+0x4c/0x234
>> [<0000000027d1dbd4>] dwc3_core_init+0x68/0x990
>> [<000000001965faf9>] dwc3_probe+0x4f4/0x730
>> [<000000002f7617ca>] platform_probe+0x74/0xf0
>> [<00000000a2576cac>] really_probe+0xc4/0x470
>> [<00000000bc77f2c5>] __driver_probe_device+0x11c/0x190
>> [<00000000130db71f>] driver_probe_device+0x48/0x110
>> [<0000000019f36c2b>] __device_attach_driver+0xa4/0x140
>> [<00000000e5812ff7>] bus_for_each_drv+0x84/0xe0
>> [<00000000f4bac574>] __device_attach+0xe4/0x1c0
>> [<00000000d3beb631>] device_initial_probe+0x20/0x30
>> [<000000008019b9db>] bus_probe_device+0xa4/0xb0
>>
>> Fixes: 0b56e9a7e835 ("phy: Group vendor specific phy drivers")
>> Signed-off-by: Vladimir Zapolskiy <vladimir.zapolskiy@linaro.org>
>> ---
>> drivers/phy/qualcomm/phy-qcom-qusb2.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c
>> index 3c1d3b71c825..061665ba8ef7 100644
>> --- a/drivers/phy/qualcomm/phy-qcom-qusb2.c
>> +++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c
>> @@ -589,6 +589,8 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy)
>> qusb2_write_mask(qphy->base, cfg->regs[QUSB2PHY_PORT_TUNE2],
>> val[0] << HSTX_TRIM_SHIFT,
>> HSTX_TRIM_MASK);
>> +
>> + kfree(val);
>
> Nice catch, here's my:
>
> Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Thank you for the review, however I have just found a still unresolved
memleak when zeroes are returned, so there is v2.
>
> That said, do you think we could replace the nvmem_cell_read() with a
> call to nvmem_cell_read_u8() to avoid the need to clean it up instead?
It might be a good idea to do it in a separate change, nvmem_cell_read_u8()
is found in v5.9 and later versions, so its usage prevents a probable
backport to stable branches, because the original problem comes in v4.12.
FWIW the sent fix should be clearly applicable to v4.20 and later versions
only, if it's needed, separate changes are required to cover v4.12-v4.20
range.
--
Best wishes,
Vladimir
--
linux-phy mailing list
linux-phy@lists.infradead.org
https://lists.infradead.org/mailman/listinfo/linux-phy
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-09-22 23:47 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-22 22:16 [PATCH] phy: qcom-qusb2: Fix a memory leak on probe Vladimir Zapolskiy
2021-09-22 22:56 ` Bjorn Andersson
2021-09-22 23:46 ` Vladimir Zapolskiy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).