From: "xinhui.pan" <xinhuix.pan@intel.com>
To: Jiri Slaby <jslaby@suse.cz>, Greg KH <gregkh@linuxfoundation.org>
Cc: "Zhang, Yanmin" <yanmin_zhang@linux.intel.com>,
Peter Hurley <peter@hurleysoftware.com>,
mnipxh <mnipxh@gmail.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] tty/n_gsm.c: fix a memory leak in gsmld_open
Date: Mon, 28 Jul 2014 19:32:11 +0800 [thread overview]
Message-ID: <53D634BB.3060306@intel.com> (raw)
In-Reply-To: <53D611EC.2000907@intel.com>
于 2014年07月28日 17:03, xinhui.pan 写道:
> Hi, Jiri
>
> 于 2014年07月28日 16:49, Jiri Slaby 写道:
>> On 07/28/2014 10:14 AM, xinhui.pan wrote:
>>> If gsmld_attach_gsm fails, the gsm is not used anymore.
>>> tty core will not call gsmld_close to do the cleanup work.
>>> tty core just restore to the tty old ldisc.
>>> That always causes memory leak.
>>
>> Nice catch!
>>
>>> --- a/drivers/tty/n_gsm.c
>>> +++ b/drivers/tty/n_gsm.c
>>> @@ -2382,7 +2383,13 @@ static int gsmld_open(struct tty_struct *tty)
>>>
>>> /* Attach the initial passive connection */
>>> gsm->encoding = 1;
>>> - return gsmld_attach_gsm(tty, gsm);
>>> +
>>> + ret = gsmld_attach_gsm(tty, gsm);
>>> + if (ret != 0) {
>>> + gsm_cleanup_mux(gsm);
>>> + mux_put(gsm);
>>
>> It is quite illogical to put the mux here. It should be in gsmld_open.
>> I.e. gsm_cleanup_mux here, mux_put there.
>>
>
> Thanks for your reply :)
> But I am a little confused with your comments, could you explain it when you are free?
> Sorry for my poor English.
>
hi, Jiri
I guess you want gsm_cleanup_mux() called in gsmld_attach_gsm(), just after gsm_activate_mux() fails?
Yes, that seems really make sence. :)
Thanks for pointing out it.
Let me explain my opinion. :)
Actually gsmld_attach_gsm results in two different effects when it fails.
(a)gsmld_attach_gsm -> gsm_activate_mux(gsm_mux[] is full,-EBUSY), then gsm_mux[] did not change, and gsm->num is invaild;
(b)gsmld_attach_gsm -> gsm_activate_mux(return -ENOMEM), then gsm_mux[] changes, and gsm->num is vaild.
To be honest, I am not very clear about this. I even suspect this is done in such way on purpose.
So I just keep the code what it is now. Let's handle the error in gsmld_open().
We can make sure that gsm is not used here and it's safe to cleanup and put it.
thanks,
xinhui
> thanks,
>
> xinhui
>
>> thanks,
>>
next prev parent reply other threads:[~2014-07-28 11:32 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-28 8:14 [PATCH] tty/n_gsm.c: fix a memory leak in gsmld_open xinhui.pan
2014-07-28 8:23 ` xinhui.pan
2014-07-28 8:49 ` Jiri Slaby
2014-07-28 9:03 ` xinhui.pan
2014-07-28 11:32 ` xinhui.pan [this message]
2014-07-28 12:11 ` Jiri Slaby
2014-07-28 19:30 ` Peter Hurley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53D634BB.3060306@intel.com \
--to=xinhuix.pan@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=jslaby@suse.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mnipxh@gmail.com \
--cc=peter@hurleysoftware.com \
--cc=yanmin_zhang@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.