Re: [PATCH] amba: fix refcount underflow if amba_device_add() fails
From: Guenter Roeck
Date: Mon May 23 2022 - 23:09:49 EST
On Tue, May 24, 2022 at 10:51:39AM +0800, Kefeng Wang wrote:
> "ARM: 9192/1: amba: fix memory leak in amba_device_try_add()" leads
> to a refcount underflow if amba_device_add() fails, which called by
> of_amba_device_create(), the of_amba_device_create() already exists
> the error handling, so amba_put_device() only need to be added into
> amba_deferred_retry().
>
> Reported-by: Guenter Roeck <linux@xxxxxxxxxxxx>
> Signed-off-by: Kefeng Wang <wangkefeng.wang@xxxxxxxxxx>
Tested-by: Guenter Roeck <linux@xxxxxxxxxxxx>
Thanks,
Guenter
> ---
> drivers/amba/bus.c | 8 ++------
> 1 file changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/amba/bus.c b/drivers/amba/bus.c
> index 0e3ed5eb367b..0cb20324da16 100644
> --- a/drivers/amba/bus.c
> +++ b/drivers/amba/bus.c
> @@ -493,13 +493,8 @@ static int amba_device_try_add(struct amba_device *dev, struct resource *parent)
> goto skip_probe;
>
> ret = amba_read_periphid(dev);
> - if (ret) {
> - if (ret != -EPROBE_DEFER) {
> - amba_device_put(dev);
> - goto err_out;
> - }
> + if (ret)
> goto err_release;
> - }
>
> skip_probe:
> ret = device_add(&dev->dev);
> @@ -546,6 +541,7 @@ static int amba_deferred_retry(void)
> continue;
>
> list_del_init(&ddev->node);
> + amba_device_put(ddev->dev);
> kfree(ddev);
> }
>
> --
> 2.35.3
>