Google Git
Sign in
gem5 / arm / linux-arm64-legacy / 823d219f23b958292279cfdc8583dc4f1f91c2d5^! / .
commit823d219f23b958292279cfdc8583dc4f1f91c2d5[log] [tgz]
authorJulia Lawall <julia@diku.dk>Sun Aug 01 19:23:35 2010 +0200
committerJames Bottomley <James.Bottomley@suse.de>Fri Aug 06 12:06:08 2010 -0500
tree509a25fdb647ff5021b8ecad40d26898c59bee85
parente8ed741fcd521a25f1d983ec81f72ac823d8429a [diff]
[SCSI] pm8001: introduce missing kfree

Error handling code following a kmalloc should free the allocated data.

The semantic match that finds the problem is as follows:
(http://www.emn.fr/x-info/coccinelle/)

// <smpl>
@r exists@
local idexpression x;
expression E;
identifier f,f1;
position p1,p2;
@@

x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(...);
<... when != x
     when != if (...) { <+...x...+> }
     when != (x) == NULL
     when != (x) != NULL
     when != (x) == 0
     when != (x) != 0
(
x->f1 = E
|
 (x->f1 == NULL || ...)
|
 f(...,x->f1,...)
)
...>
(
 return <+...x...+>;
|
 return@p2 ...;
)

@script:python@
p1 << r.p1;
p2 << r.p2;
@@

print "* file: %s kmalloc %s return %s" % (p1[0].file,p1[0].line,p2[0].line)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Acked-by: jack wang <jack_wang@usish.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>

diff --git a/drivers/scsi/pm8001/pm8001_hwi.c b/drivers/scsi/pm8001/pm8001_hwi.c
index 58d1134..9793aa6 100644
--- a/drivers/scsi/pm8001/pm8001_hwi.c
+++ b/drivers/scsi/pm8001/pm8001_hwi.c

@@ -4199,8 +4199,10 @@
 	circularQ = &pm8001_ha->inbnd_q_tbl[0];
 	memset(&nvmd_req, 0, sizeof(nvmd_req));
 	rc = pm8001_tag_alloc(pm8001_ha, &tag);
-	if (rc)
+	if (rc) {
+		kfree(fw_control_context);
 		return rc;
+	}
 	ccb = &pm8001_ha->ccb_info[tag];
 	ccb->ccb_tag = tag;
 	ccb->fw_control_context = fw_control_context;
@@ -4276,8 +4278,10 @@
 		ioctl_payload->length);
 	memset(&nvmd_req, 0, sizeof(nvmd_req));
 	rc = pm8001_tag_alloc(pm8001_ha, &tag);
-	if (rc)
+	if (rc) {
+		kfree(fw_control_context);
 		return rc;
+	}
 	ccb = &pm8001_ha->ccb_info[tag];
 	ccb->fw_control_context = fw_control_context;
 	ccb->ccb_tag = tag;
@@ -4387,6 +4391,7 @@
 			fw_control->len, 0) != 0) {
 				PM8001_FAIL_DBG(pm8001_ha,
 					pm8001_printk("Mem alloc failure\n"));
+				kfree(fw_control_context);
 				return -ENOMEM;
 		}
 	}
@@ -4401,8 +4406,10 @@
 	fw_control_context->virtAddr = buffer;
 	fw_control_context->len = fw_control->len;
 	rc = pm8001_tag_alloc(pm8001_ha, &tag);
-	if (rc)
+	if (rc) {
+		kfree(fw_control_context);
 		return rc;
+	}
 	ccb = &pm8001_ha->ccb_info[tag];
 	ccb->fw_control_context = fw_control_context;
 	ccb->ccb_tag = tag;