diff mbox series

Bluetooth: add missing hci_codec_list_clear() back

Message ID 20230520055147.3212541-1-yongxin.liu@windriver.com
State New
Headers show
Series Bluetooth: add missing hci_codec_list_clear() back | expand

Commit Message

Yongxin Liu May 20, 2023, 5:51 a.m. UTC
hci_codec_list_clear() was missing in commit d0b137062b2d
("Bluetooth: hci_sync: Rework init stages"). Without it, there
are following kernel memory leaks.

  unreferenced object 0xffff9fe454c12ca0 (size 32):
    comm "kworker/u9:0", pid 82, jiffies 4294756186 (age 75.617s)
    hex dump (first 32 bytes):
      a8 93 7b 76 e4 9f ff ff e0 2d c1 54 e4 9f ff ff  ..{v.....-.T....
      00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    backtrace:
      [<ffffffff9add1386>] __kmem_cache_alloc_node+0x1e6/0x3d0
      [<ffffffff9ad47ea1>] __kmalloc+0x51/0x1a0
      [<ffffffff9bd01025>] hci_codec_list_add.isra.0+0x35/0xc0
      [<ffffffff9bd011e7>] hci_read_codec_capabilities+0x127/0x1f0
      [<ffffffff9bd01465>] hci_read_supported_codecs+0x115/0x1e0
      [<ffffffff9bd02658>] hci_read_local_codecs_sync+0x28/0x40
      [<ffffffff9bd06f5f>] hci_init_sync+0x14f/0x360
      [<ffffffff9bd096b8>] hci_dev_init_sync+0xf8/0x180
      [<ffffffff9bd0b67a>] hci_dev_open_sync+0x8a/0x2e0
      [<ffffffff9bcadbc0>] hci_power_on+0x60/0x220
      [<ffffffff9aad0a37>] process_one_work+0x257/0x580
      [<ffffffff9aad0dc8>] worker_thread+0x58/0x3c0
      [<ffffffff9aadb97b>] kthread+0x10b/0x140
      [<ffffffff9aa023f9>] ret_from_fork+0x29/0x50

Fixes: d0b137062b2d ("Bluetooth: hci_sync: Rework init stages")
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
---
 net/bluetooth/hci_sync.c | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/net/bluetooth/hci_sync.c b/net/bluetooth/hci_sync.c
index 647a8ce54062..e94a5648e08a 100644
--- a/net/bluetooth/hci_sync.c
+++ b/net/bluetooth/hci_sync.c
@@ -4994,6 +4994,7 @@  int hci_dev_close_sync(struct hci_dev *hdev)
 	memset(hdev->eir, 0, sizeof(hdev->eir));
 	memset(hdev->dev_class, 0, sizeof(hdev->dev_class));
 	bacpy(&hdev->random_addr, BDADDR_ANY);
+	hci_codec_list_clear(&hdev->local_codecs);
 
 	hci_dev_put(hdev);
 	return err;