Re: [PATCH] wifi: rt2x00: Fix memory leak when handling surveys

From: Simon Horman
Date: Fri Mar 31 2023 - 11:18:20 EST


On Thu, Mar 30, 2023 at 11:56:37PM +0200, Armin Wolf wrote:
> When removing a rt2x00 device, its associated channel surveys
> are not freed, causing a memory leak observable with kmemleak:
>
> unreferenced object 0xffff9620f0881a00 (size 512):
> comm "systemd-udevd", pid 2290, jiffies 4294906974 (age 33.768s)
> hex dump (first 32 bytes):
> 70 44 12 00 00 00 00 00 92 8a 00 00 00 00 00 00 pD..............
> 00 00 00 00 00 00 00 00 ab 87 01 00 00 00 00 00 ................
> backtrace:
> [<ffffffffb0ed858b>] __kmalloc+0x4b/0x130
> [<ffffffffc1b0f29b>] rt2800_probe_hw+0xc2b/0x1380 [rt2800lib]
> [<ffffffffc1a9496e>] rt2800usb_probe_hw+0xe/0x60 [rt2800usb]
> [<ffffffffc1ae491a>] rt2x00lib_probe_dev+0x21a/0x7d0 [rt2x00lib]
> [<ffffffffc1b3b83e>] rt2x00usb_probe+0x1be/0x980 [rt2x00usb]
> [<ffffffffc05981e2>] usb_probe_interface+0xe2/0x310 [usbcore]
> [<ffffffffb13be2d5>] really_probe+0x1a5/0x410
> [<ffffffffb13be5c8>] __driver_probe_device+0x78/0x180
> [<ffffffffb13be6fe>] driver_probe_device+0x1e/0x90
> [<ffffffffb13be972>] __driver_attach+0xd2/0x1c0
> [<ffffffffb13bbc57>] bus_for_each_dev+0x77/0xd0
> [<ffffffffb13bd2a2>] bus_add_driver+0x112/0x210
> [<ffffffffb13bfc6c>] driver_register+0x5c/0x120
> [<ffffffffc0596ae8>] usb_register_driver+0x88/0x150 [usbcore]
> [<ffffffffb0c011c4>] do_one_initcall+0x44/0x220
> [<ffffffffb0d6134c>] do_init_module+0x4c/0x220
>
> Fix this by freeing the channel surveys on device removal.
>
> Tested with a RT3070 based USB wireless adapter.
>
> Fixes: 5447626910f5 ("rt2x00: save survey for every channel visited")
> Signed-off-by: Armin Wolf <W_Armin@xxxxxx>

Reviewed-by: Simon Horman <simon.horman@xxxxxxxxxxxx>