1. Patchew
  2. linux
  3. View series

[PATCH v2] iio: trigger: fix memory leak in viio_trigger_alloc()

Ashwin Gundarapu posted 1 patch 2 days, 6 hours ago 
drivers/iio/industrialio-trigger.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
[PATCH v2] iio: trigger: fix memory leak in viio_trigger_alloc()
Posted by Ashwin Gundarapu 2 days, 6 hours ago 

From: Ashwin Gundarapu <linuxuser509@zohomail.in>
Date: Fri, 22 May 2026 17:11:00 +0530
Subject: [PATCH] iio: trigger: fix memory leak in viio_trigger_alloc()

Separate error paths for before/after device_initialize().

The free_trig label was used for both early errors (before
device_initialize) and late errors (after device_initialize).

Replace the unified kfree() with:
- kfree() for early errors (free_trig)
- put_device() for late errors (free_descs)

This prevents put_device() on an uninitialized device and
ensures proper reference counting cleanup.

Signed-off-by: Ashwin Gundarapu <linuxuser509@zohomail.in>
---
 drivers/iio/industrialio-trigger.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/iio/industrialio-trigger.c b/drivers/iio/industrialio-trigger.c
index 9c72e7ae996c..39208c65e6c1 100644
--- a/drivers/iio/industrialio-trigger.c
+++ b/drivers/iio/industrialio-trigger.c
@@ -597,9 +597,11 @@ struct iio_trigger *viio_trigger_alloc(struct device *parent,
 
 free_descs:
 	irq_free_descs(trig->subirq_base, CONFIG_IIO_CONSUMERS_PER_TRIGGER);
-free_trig:
 	put_device(&trig->dev);
 	return NULL;
+free_trig:
+	kfree(trig);
+	return NULL;
 }
 
 /**
--
2.43.0
Re: [PATCH v2] iio: trigger: fix memory leak in viio_trigger_alloc()
Posted by Joshua Crofts 2 days, 5 hours ago 
On Fri, 22 May 2026 at 13:53, Ashwin Gundarapu <linuxuser509@zohomail.in> wrote:
>
>
> From: Ashwin Gundarapu <linuxuser509@zohomail.in>
> Date: Fri, 22 May 2026 17:11:00 +0530
> Subject: [PATCH] iio: trigger: fix memory leak in viio_trigger_alloc()
>
> Separate error paths for before/after device_initialize().
>
> The free_trig label was used for both early errors (before
> device_initialize) and late errors (after device_initialize).
>
> Replace the unified kfree() with:
> - kfree() for early errors (free_trig)
> - put_device() for late errors (free_descs)
>
> This prevents put_device() on an uninitialized device and
> ensures proper reference counting cleanup.
>
> Signed-off-by: Ashwin Gundarapu <linuxuser509@zohomail.in>
> ---
>  drivers/iio/industrialio-trigger.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/iio/industrialio-trigger.c b/drivers/iio/industrialio-trigger.c
> index 9c72e7ae996c..39208c65e6c1 100644
> --- a/drivers/iio/industrialio-trigger.c
> +++ b/drivers/iio/industrialio-trigger.c
> @@ -597,9 +597,11 @@ struct iio_trigger *viio_trigger_alloc(struct device *parent,
>
>  free_descs:
>         irq_free_descs(trig->subirq_base, CONFIG_IIO_CONSUMERS_PER_TRIGGER);
> -free_trig:
>         put_device(&trig->dev);
>         return NULL;

NACK, this is still introducing the same bug, device_initialize() still hasn't
been called if the code jumps to free_descs.

You're trying to fix something that has already been addressed, see
Jonathan's response to your v1.

Please note - wait at least 24 hours before sending a new version of
your patch, the more reviews you get the better.

--
Kind regards

CJD
Re: [PATCH v2] iio: trigger: fix memory leak in viio_trigger_alloc()
Posted by Jonathan Cameron 2 days, 5 hours ago 
On Fri, 22 May 2026 17:15:55 +0530
Ashwin Gundarapu <linuxuser509@zohomail.in> wrote:

> From: Ashwin Gundarapu <linuxuser509@zohomail.in>
> Date: Fri, 22 May 2026 17:11:00 +0530
> Subject: [PATCH] iio: trigger: fix memory leak in viio_trigger_alloc()
> 
> Separate error paths for before/after device_initialize().
> 
> The free_trig label was used for both early errors (before
> device_initialize) and late errors (after device_initialize).
> 
> Replace the unified kfree() with:
> - kfree() for early errors (free_trig)
> - put_device() for late errors (free_descs)
> 
> This prevents put_device() on an uninitialized device and
> ensures proper reference counting cleanup.
> 
> Signed-off-by: Ashwin Gundarapu <linuxuser509@zohomail.in>
Even for a simple fix, wait longer between iterations.

As I just replied to v1, your tree is old. This won't even apply
and the bug has been correctly fixed in upstream.

> ---
>  drivers/iio/industrialio-trigger.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/iio/industrialio-trigger.c b/drivers/iio/industrialio-trigger.c
> index 9c72e7ae996c..39208c65e6c1 100644
> --- a/drivers/iio/industrialio-trigger.c
> +++ b/drivers/iio/industrialio-trigger.c
> @@ -597,9 +597,11 @@ struct iio_trigger *viio_trigger_alloc(struct device *parent,
>  
>  free_descs:
>  	irq_free_descs(trig->subirq_base, CONFIG_IIO_CONSUMERS_PER_TRIGGER);
> -free_trig:
>  	put_device(&trig->dev);
>  	return NULL;
> +free_trig:
> +	kfree(trig);
> +	return NULL;
>  }
>  
>  /**
> --
> 2.43.0
> 
> 
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.