If write_driver_ver_to_cfgtable() fails, add iounmap() to
release the memory allocated by remap_pci_mem().

Fixes: 580ada3c1e2f ("[SCSI] hpsa: do a better job of detecting controller reset failure")
Cc: stable@vger.kernel.org
Signed-off-by: Haoxiang Li <lihaoxiang@isrc.iscas.ac.cn>
---
 drivers/scsi/hpsa.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
index 3654b12c5d5a..4cc129d2d6f2 100644
--- a/drivers/scsi/hpsa.c
+++ b/drivers/scsi/hpsa.c
@@ -7646,8 +7646,11 @@ static int hpsa_find_cfgtables(struct ctlr_info *h)
 		return -ENOMEM;
 	}
 	rc = write_driver_ver_to_cfgtable(h->cfgtable);
-	if (rc)
+	if (rc) {
+		iounmap(h->cfgtable);
+		h->cfgtable = NULL;
 		return rc;
+	}
 	/* Find performant mode table. */
 	trans_offset = readl(&h->cfgtable->TransMethodOffset);
 	h->transtable = remap_pci_mem(pci_resource_start(h->pdev,
-- 
2.25.1

On Wed, Jan 07, 2026 at 04:56:17PM +0800, Haoxiang Li wrote:
> If write_driver_ver_to_cfgtable() fails, add iounmap() to
> release the memory allocated by remap_pci_mem().

How did you find this bug?  You always need to document the tool you are
using.

> 
> Fixes: 580ada3c1e2f ("[SCSI] hpsa: do a better job of detecting controller reset failure")
> Cc: stable@vger.kernel.org
> Signed-off-by: Haoxiang Li <lihaoxiang@isrc.iscas.ac.cn>
> ---
>  drivers/scsi/hpsa.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
> index 3654b12c5d5a..4cc129d2d6f2 100644
> --- a/drivers/scsi/hpsa.c
> +++ b/drivers/scsi/hpsa.c
> @@ -7646,8 +7646,11 @@ static int hpsa_find_cfgtables(struct ctlr_info *h)
>  		return -ENOMEM;
>  	}
>  	rc = write_driver_ver_to_cfgtable(h->cfgtable);
> -	if (rc)
> +	if (rc) {
> +		iounmap(h->cfgtable);
> +		h->cfgtable = NULL;

Shouldn't you just call hpsa_free_cfgtables() instead?

thanks,

greg k-h