From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Zumeng Chen <zumeng.chen@gmail.com>,
Kalle Valo <kvalo@codeaurora.org>,
Sasha Levin <sashal@kernel.org>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 3.18 38/41] wlcore: Fix memory leak in case wl12xx_fetch_firmware failure
Date: Wed, 27 Mar 2019 14:25:15 -0400 [thread overview]
Message-ID: <20190327182518.19394-38-sashal@kernel.org> (raw)
In-Reply-To: <20190327182518.19394-1-sashal@kernel.org>
From: Zumeng Chen <zumeng.chen@gmail.com>
[ Upstream commit ba2ffc96321c8433606ceeb85c9e722b8113e5a7 ]
Release fw_status, raw_fw_status, and tx_res_if when wl12xx_fetch_firmware
failed instead of meaningless goto out to avoid the following memory leak
reports(Only the last one listed):
unreferenced object 0xc28a9a00 (size 512):
comm "kworker/0:4", pid 31298, jiffies 2783204 (age 203.290s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<6624adab>] kmemleak_alloc+0x40/0x74
[<500ddb31>] kmem_cache_alloc_trace+0x1ac/0x270
[<db4d731d>] wl12xx_chip_wakeup+0xc4/0x1fc [wlcore]
[<76c5db53>] wl1271_op_add_interface+0x4a4/0x8f4 [wlcore]
[<cbf30777>] drv_add_interface+0xa4/0x1a0 [mac80211]
[<65bac325>] ieee80211_reconfig+0x9c0/0x1644 [mac80211]
[<2817c80e>] ieee80211_restart_work+0x90/0xc8 [mac80211]
[<7e1d425a>] process_one_work+0x284/0x42c
[<55f9432e>] worker_thread+0x2fc/0x48c
[<abb582c6>] kthread+0x148/0x160
[<63144b13>] ret_from_fork+0x14/0x2c
[< (null)>] (null)
[<1f6e7715>] 0xffffffff
Signed-off-by: Zumeng Chen <zumeng.chen@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/wireless/ti/wlcore/main.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/net/wireless/ti/wlcore/main.c b/drivers/net/wireless/ti/wlcore/main.c
index 575c8f6d4009..16b69b026f8f 100644
--- a/drivers/net/wireless/ti/wlcore/main.c
+++ b/drivers/net/wireless/ti/wlcore/main.c
@@ -1110,8 +1110,11 @@ static int wl12xx_chip_wakeup(struct wl1271 *wl, bool plt)
goto out;
ret = wl12xx_fetch_firmware(wl, plt);
- if (ret < 0)
- goto out;
+ if (ret < 0) {
+ kfree(wl->fw_status);
+ kfree(wl->raw_fw_status);
+ kfree(wl->tx_res_if);
+ }
out:
return ret;
--
2.19.1
next prev parent reply other threads:[~2019-03-27 18:27 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-27 18:24 [PATCH AUTOSEL 3.18 01/41] i2c: sis630: correct format strings Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 02/41] tracing: kdb: Fix ftdump to not sleep Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 03/41] sysctl: handle overflow for file-max Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 04/41] mm/cma.c: cma_declare_contiguous: correct err handling Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 05/41] mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 06/41] mm/slab.c: kmemleak no scan alien caches Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 07/41] ocfs2: fix a panic problem caused by o2cb_ctl Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 08/41] cifs: use correct format characters Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 09/41] dm thin: add sanity checks to thin-pool and external snapshot creation Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 10/41] cifs: Fix NULL pointer dereference of devname Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 11/41] fs: fix guard_bio_eod to check for real EOD errors Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 12/41] tools lib traceevent: Fix buffer overflow in arg_eval Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 13/41] scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 14/41] ARM: 8840/1: use a raw_spinlock_t in unwind Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 15/41] mmc: omap: fix the maximum timeout setting Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 16/41] e1000e: Fix -Wformat-truncation warnings Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 17/41] IB/mlx4: Increase the timeout for CM cache Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 18/41] scsi: megaraid_sas: return error when create DMA pool failed Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 19/41] SoC: imx-sgtl5000: add missing put_device() Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 20/41] leds: lp55xx: fix null deref on firmware load failure Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 21/41] kprobes: Prohibit probing on bsearch() Sasha Levin
2019-03-27 18:24 ` [PATCH AUTOSEL 3.18 22/41] ARM: 8833/1: Ensure that NEON code always compiles with Clang Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 23/41] ALSA: PCM: check if ops are defined before suspending PCM Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 24/41] bcache: fix input overflow to cache set sysfs file io_error_halflife Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 25/41] bcache: fix input overflow to sequential_cutoff Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 26/41] bcache: improve sysfs_strtoul_clamp() Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 27/41] fbdev: fbmem: fix memory access if logo is bigger than the screen Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 28/41] cdrom: Fix race condition in cdrom_sysctl_register Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 29/41] e1000e: fix cyclic resets at link up with active tx Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 30/41] locking/lockdep: Add debug_locks check in __lock_downgrade() Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 31/41] tty: increase the default flip buffer limit to 2*640K Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 32/41] media: mt9m111: set initial frame size other than 0x0 Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 33/41] hwrng: virtio - Avoid repeated init of completion Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 34/41] Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 35/41] hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 36/41] dmaengine: imx-dma: fix warning comparison of distinct pointer types Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 37/41] media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration Sasha Levin
2019-03-27 18:25 ` Sasha Levin [this message]
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 39/41] x86/build: Mark per-CPU symbols as absolute explicitly for LLD Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 40/41] dmaengine: tegra: avoid overflow of byte tracking Sasha Levin
2019-03-27 18:25 ` [PATCH AUTOSEL 3.18 41/41] drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190327182518.19394-38-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=kvalo@codeaurora.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=zumeng.chen@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox