Hi Maarten,
W dniu 3.03.2024 o 16:09, Maarten Vanraes pisze:
From: Dave Stevenson <dave.stevenson@xxxxxxxxxxxxxxx>
On error, vchiq_mmal_component_init could leave the
event context allocated for ports.
Clean them up in the error path.
Signed-off-by: Dave Stevenson <dave.stevenson@xxxxxxxxxxxxxxx>
staging: mmal-vchiq: Free the event context for control ports
vchiq_mmal_component_init calls init_event_context for the
control port, but vchiq_mmal_component_finalise didn't free
it, causing a memory leak..
Add the free call.
Signed-off-by: Dave Stevenson <dave.stevenson@xxxxxxxxxxxxxxx>
Signed-off-by: Maarten Vanraes <maarten@xxxxxxxx>
---
.../vc04_services/vchiq-mmal/mmal-vchiq.c | 29 ++++++++++++++-----
1 file changed, 22 insertions(+), 7 deletions(-)
diff --git a/drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c b/drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c
index 2e616604943d..1209b7db8f30 100644
--- a/drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c
+++ b/drivers/staging/vc04_services/vchiq-mmal/mmal-vchiq.c
@@ -1825,9 +1825,26 @@ static void free_event_context(struct vchiq_mmal_port *port)
{
struct mmal_msg_context *ctx = port->event_context;
+ if (!ctx)
+ return;
+
kfree(ctx->u.bulk.buffer->buffer);
kfree(ctx->u.bulk.buffer);
release_msg_context(ctx);
+ port->event_context = NULL;
+}
+
+static void release_all_event_contexts(struct vchiq_mmal_component *component)
+{
+ int idx;
+
+ for (idx = 0; idx < component->inputs; idx++)
+ free_event_context(&component->input[idx]);
+ for (idx = 0; idx < component->outputs; idx++)
+ free_event_context(&component->output[idx]);
+ for (idx = 0; idx < component->clocks; idx++)
+ free_event_context(&component->clock[idx]);
+ free_event_context(&component->control);
}
/* Initialise a mmal component and its ports
@@ -1925,6 +1942,7 @@ int vchiq_mmal_component_init(struct vchiq_mmal_instance *instance,
release_component:
destroy_component(instance, component);
+ release_all_event_contexts(component);
unlock:
if (component)
component->in_use = false;
@@ -1940,7 +1958,7 @@ EXPORT_SYMBOL_GPL(vchiq_mmal_component_init);
int vchiq_mmal_component_finalise(struct vchiq_mmal_instance *instance,
struct vchiq_mmal_component *component)
{
- int ret, idx;
+ int ret;
if (mutex_lock_interruptible(&instance->vchiq_mutex))
return -EINTR;
@@ -1952,12 +1970,9 @@ int vchiq_mmal_component_finalise(struct vchiq_mmal_instance *instance,
component->in_use = false;
- for (idx = 0; idx < component->inputs; idx++)
- free_event_context(&component->input[idx]);
- for (idx = 0; idx < component->outputs; idx++)
- free_event_context(&component->output[idx]);
- for (idx = 0; idx < component->clocks; idx++)
- free_event_context(&component->clock[idx]);
+ release_all_event_contexts(component);
The way I understand this chunk is that you factor out the 3 "for" loops into
the new function "release_all_event_contexts()", because it is then reused
elsewhere. "release_all_event_contexts()" already contains invocation of
"free_event_context(&component->control)"...
+
+ free_event_context(&component->control);
... but it is repeated here. Why?
Regards,
Andrzej
mutex_unlock(&instance->vchiq_mutex);
