| Message ID | 20250106074743.313384-1-make24@iscas.ac.cn (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [v2,ARM] fix reference leak in locomo_init_one_child() | expand |
On Mon, Jan 06, 2025 at 03:47:43PM +0800, Ma Ke wrote: > Once device_register() failed, we should call put_device() to > decrement reference count for cleanup. Or it could cause memory leak. > > device_register() includes device_add(). As comment of device_add() > says, 'if device_add() succeeds, you should call device_del() when you > want to get rid of it. If device_add() has not succeeded, use only > put_device() to drop the reference count'. > > Found by code review. > > Cc: stable@vger.kernel.org > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > Signed-off-by: Ma Ke <make24@iscas.ac.cn> > --- > Changes in v2: > - modified the patch as suggestions. > --- > arch/arm/common/locomo.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/arch/arm/common/locomo.c b/arch/arm/common/locomo.c > index 309b74783468..9e48cbb2568e 100644 > --- a/arch/arm/common/locomo.c > +++ b/arch/arm/common/locomo.c > @@ -253,6 +253,8 @@ locomo_init_one_child(struct locomo *lchip, struct locomo_dev_info *info) > > ret = device_register(&dev->dev); > if (ret) { > + put_device(&dev->dev); > + return ret; > out: > kfree(dev); > } This makes the code layout quite horrible. Instead, I suggest: dev = kzalloc(sizeof(...)... - if (!dev) { - ret = -ENOMEM; - goto out; - } + if (!dev) + return -ENOMEM; ... ret = device_register(&dev->dev); - if (ret) { - out: - kfree(dev); - } + if (ret) + put_device(&dev->dev); Thanks.
diff --git a/arch/arm/common/locomo.c b/arch/arm/common/locomo.c index 309b74783468..9e48cbb2568e 100644 --- a/arch/arm/common/locomo.c +++ b/arch/arm/common/locomo.c @@ -253,6 +253,8 @@ locomo_init_one_child(struct locomo *lchip, struct locomo_dev_info *info) ret = device_register(&dev->dev); if (ret) { + put_device(&dev->dev); + return ret; out: kfree(dev); }
Once device_register() failed, we should call put_device() to decrement reference count for cleanup. Or it could cause memory leak. device_register() includes device_add(). As comment of device_add() says, 'if device_add() succeeds, you should call device_del() when you want to get rid of it. If device_add() has not succeeded, use only put_device() to drop the reference count'. Found by code review. Cc: stable@vger.kernel.org Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Ma Ke <make24@iscas.ac.cn> --- Changes in v2: - modified the patch as suggestions. --- arch/arm/common/locomo.c | 2 ++ 1 file changed, 2 insertions(+)