On 29/06/2022 19:25, Jianglei Nie wrote:
q6apm_get_audioreach_graph() allocates a memory chunk for graph->graph with audioreach_alloc_graph_pkt(). When idr_alloc() fails, graph->graph is not released, which will lead to a memory leak.
We can release the graph->graph with kfree() when idr_alloc() fails to fix the memory leak.
thanks for catching this, wondering did you hit this bug while testing or was it a some tooling that discovered this bug?
Signed-off-by: Jianglei Nie niejianglei2021@163.com
Reviewed-by: Srinivas Kandagatla srinivas.kandagatla@linaro.org
sound/soc/qcom/qdsp6/q6apm.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/sound/soc/qcom/qdsp6/q6apm.c b/sound/soc/qcom/qdsp6/q6apm.c index f424d7aa389a..794019286c70 100644 --- a/sound/soc/qcom/qdsp6/q6apm.c +++ b/sound/soc/qcom/qdsp6/q6apm.c @@ -75,6 +75,7 @@ static struct audioreach_graph *q6apm_get_audioreach_graph(struct q6apm *apm, ui id = idr_alloc(&apm->graph_idr, graph, graph_id, graph_id + 1, GFP_KERNEL); if (id < 0) { dev_err(apm->dev, "Unable to allocate graph id (%d)\n", graph_id);
kfree(graph); mutex_unlock(&apm->lock); return ERR_PTR(id);kfree(graph->graph);