[Patch] btusb: fix a memory leak in btusb_send_frame()
From: Cong Wang
Date: Mon Nov 21 2011 - 20:33:20 EST
This patch fixes the following memory leak reported by kmemleak:
unreferenced object 0xffff880060a53840 (size 192):
comm "softirq", pid 0, jiffies 4320571771 (age 1406.569s)
hex dump (first 32 bytes):
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff81138a1c>] create_object+0x187/0x28b
[<ffffffff814be12e>] kmemleak_alloc+0x73/0x98
[<ffffffff811289d3>] __kmalloc+0xfc/0x123
[<ffffffff81386546>] usb_alloc_urb+0x1e/0x48
[<ffffffffa0130274>] btusb_send_frame+0x86/0x385 [btusb]
[<ffffffffa02d8230>] hci_send_frame+0xa0/0xa5 [bluetooth]
[<ffffffffa02d8a4e>] hci_cmd_task+0xa0/0xfb [bluetooth]
[<ffffffff81058548>] tasklet_action+0x8f/0xef
[<ffffffff81058a4c>] __do_softirq+0xf4/0x1db
[<ffffffff81058bb7>] run_ksoftirqd+0x84/0x129
[<ffffffff8106f1c4>] kthread+0xa0/0xa8
[<ffffffff814dd144>] kernel_thread_helper+0x4/0x10
[<ffffffffffffffff>] 0xffffffffffffffff
The problem is that when inc_tx() returns non-zero, we forgot
to call usb_free_urb().
Cc: Marcel Holtmann <marcel@xxxxxxxxxxxx>
Cc: "Gustavo F. Padovan" <padovan@xxxxxxxxxxxxxx>
Signed-off-by: WANG Cong <amwang@xxxxxxxxxx>
---
diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
index fe4ebc3..eabc437 100644
--- a/drivers/bluetooth/btusb.c
+++ b/drivers/bluetooth/btusb.c
@@ -777,9 +777,8 @@ skip_waking:
usb_mark_last_busy(data->udev);
}
- usb_free_urb(urb);
-
done:
+ usb_free_urb(urb);
return err;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/