In line 1767, sas_alloc_slow_task() allocates and initializes a sas_task structure. When some errors occur, line 1778 and line 1795 forget to free this structure, which will lead to a memory leak. There is a similar snippet of code in the same file (in function pm8001_send_read_log) as allocating and initializing in line 1812 as well as releasing the memory in line 1822 and line 1867. We can fix it by calling sas_free_task() when the res and ret is true and before the function returns. Signed-off-by: Jianglei Nie <niejianglei2021@xxxxxxx> --- drivers/scsi/pm8001/pm8001_hwi.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/pm8001/pm8001_hwi.c b/drivers/scsi/pm8001/pm8001_hwi.c index 124cb69740c6..25045a91620e 100644 --- a/drivers/scsi/pm8001/pm8001_hwi.c +++ b/drivers/scsi/pm8001/pm8001_hwi.c @@ -1774,8 +1774,10 @@ static void pm8001_send_abort_all(struct pm8001_hba_info *pm8001_ha, task->task_done = pm8001_task_done; res = pm8001_tag_alloc(pm8001_ha, &ccb_tag); - if (res) + if (res) { + sas_free_task(task); return; + } ccb = &pm8001_ha->ccb_info[ccb_tag]; ccb->device = pm8001_ha_dev; @@ -1791,8 +1793,10 @@ static void pm8001_send_abort_all(struct pm8001_hba_info *pm8001_ha, ret = pm8001_mpi_build_cmd(pm8001_ha, circularQ, opc, &task_abort, sizeof(task_abort), 0); - if (ret) + if (ret) { + sas_free_task(task); pm8001_tag_free(pm8001_ha, ccb_tag); + } } -- 2.25.1