Hi, Static analysis with Coverity has detected a memory leak in the following commit: commit ec4b0925089826af45e99cdf78a8ac84c1d005f1 Author: Olga Kornievskaia <kolga@xxxxxxxxxx> Date: Tue Oct 8 16:33:53 2019 -0400 NFS: inter ssc open In function nfs42_ssc_open(), fs/nfs/nfs4file.c, analysis is as follows: 3. alloc_fn: Storage is returned from allocation function kzalloc. 4. var_assign: Assigning: read_name = storage returned from kzalloc(len, 3136U). 336 read_name = kzalloc(len, GFP_NOFS); 5. Condition read_name == NULL, taking false branch. 337 if (read_name == NULL) 338 goto out; 6. noescape: Resource read_name is not freed or pointed-to in snprintf. 339 snprintf(read_name, len, SSC_READ_NAME_BODY, read_name_gen++); 340 341 r_ino = nfs_fhget(ss_mnt->mnt_root->d_inode->i_sb, src_fh, &fattr, 342 NULL); 7. Condition IS_ERR(r_ino), taking true branch. 343 if (IS_ERR(r_ino)) { 344 res = ERR_CAST(r_ino); 8. Jumping to label out. 345 goto out; 346 } 347 348 filep = alloc_file_pseudo(r_ino, ss_mnt, read_name, FMODE_READ, 349 r_ino->i_fop); 350 if (IS_ERR(filep)) { 351 res = ERR_CAST(filep); 352 goto out; 353 } 354 filep->f_mode |= FMODE_READ; 355 356 ctx = alloc_nfs_open_context(filep->f_path.dentry, filep->f_mode, 357 filep); 358 if (IS_ERR(ctx)) { 359 res = ERR_CAST(ctx); 360 goto out_filep; 361 } 362 363 res = ERR_PTR(-EINVAL); 364 sp = nfs4_get_state_owner(server, ctx->cred, GFP_KERNEL); 365 if (sp == NULL) 366 goto out_ctx; 367 368 ctx->state = nfs4_get_open_state(r_ino, sp); 369 if (ctx->state == NULL) 370 goto out_stateowner; 371 372 set_bit(NFS_SRV_SSC_COPY_STATE, &ctx->state->flags); 373 set_bit(NFS_OPEN_STATE, &ctx->state->flags); 374 memcpy(&ctx->state->open_stateid.other, &stateid->other, 375 NFS4_STATEID_OTHER_SIZE); 376 update_open_stateid(ctx->state, stateid, NULL, filep->f_mode); 377 378 nfs_file_set_open_context(filep, ctx); 379 put_nfs_open_context(ctx); 380 381 file_ra_state_init(&filep->f_ra, filep->f_mapping->host->i_mapping); 382 res = filep; 383out: CID 91575 (#1-2 of 2): Resource leak (RESOURCE_LEAK) 9. leaked_storage: Variable read_name going out of scope leaks the storage it points to. 384 return res; Looks like there are several return paths to out: that leak the allocation of read_name.