From 54a8a79c55ce283c94ce4c67a98d28c21830405a Mon Sep 17 00:00:00 2001 From: Cong Wang Date: Tue, 22 Nov 2011 09:32:57 +0800 Subject: [PATCH] btusb: fix a memory leak in btusb_send_frame() This patch fixes the following memory leak reported by kmemleak: unreferenced object 0xffff880060a53840 (size 192): comm "softirq", pid 0, jiffies 4320571771 (age 1406.569s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] create_object+0x187/0x28b [] kmemleak_alloc+0x73/0x98 [] __kmalloc+0xfc/0x123 [] usb_alloc_urb+0x1e/0x48 [] btusb_send_frame+0x86/0x385 [btusb] [] hci_send_frame+0xa0/0xa5 [bluetooth] [] hci_cmd_task+0xa0/0xfb [bluetooth] [] tasklet_action+0x8f/0xef [] __do_softirq+0xf4/0x1db [] run_ksoftirqd+0x84/0x129 [] kthread+0xa0/0xa8 [] kernel_thread_helper+0x4/0x10 [] 0xffffffffffffffff The problem is that when inc_tx() returns non-zero, we forgot to call usb_free_urb(). Cc: Marcel Holtmann Cc: "Gustavo F. Padovan" Signed-off-by: WANG Cong Acked-by: Marcel Holtmann Signed-off-by: Gustavo F. Padovan --- drivers/bluetooth/btusb.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index fe4ebc375b3d..eabc437ce500 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -777,9 +777,8 @@ skip_waking: usb_mark_last_busy(data->udev); } - usb_free_urb(urb); - done: + usb_free_urb(urb); return err; }