On Sat, 2015-05-16 at 13:21 +0530, Selvin Xavier wrote: > @@ -1468,10 +1471,8 @@ static int ocrdma_mbx_alloc_pd_range(struct ocrdma_dev *dev) > > cmd->pd_count = dev->attr.max_pd - dev->attr.max_dpp_pds; > status = ocrdma_mbx_cmd(dev, (struct ocrdma_mqe *)cmd); > - if (status) > - goto mbx_err; > rsp = (struct ocrdma_alloc_pd_range_rsp *)cmd; > - if (rsp->pd_count) { > + if (!status && rsp->pd_count) { > dev->pd_mgr->pd_norm_start = rsp->dpp_page_pdid & > OCRDMA_ALLOC_PD_RNG_RSP_START_PDID_MASK; > dev->pd_mgr->max_normal_pd = rsp->pd_count; > @@ -1486,7 +1487,6 @@ static int ocrdma_mbx_alloc_pd_range(struct ocrdma_dev *dev) > } else { > return -ENOMEM; > } > -mbx_err: > kfree(cmd); > return status; > } I didn't go into the file to make sure, but this looks like a memory leak (in fact, it looks like a leak that always existed, specifically if rsp->pd_count == 0 then the else causes you to leave before the kfree(cmd) and therefore you leak). It's now been made worse because it would now happen both when status != 0 and when pd_count == 0. -- Doug Ledford <dledford@xxxxxxxxxx> GPG KeyID: 0E572FDD
Attachment:
signature.asc
Description: This is a digitally signed message part