drivers/pci/msi/api.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
In the INTx fallback path of pci_alloc_irq_vectors_affinity(),
affinity masks are created and never freed.
Signed-off-by: neilfsun <neilfsun@tencent.com>
Signed-off-by: Sun Feng <loyou85@gmail.com>
Reviewed-by: Hans Zhang <18255117159@163.com>
---
v2: use __free to auto-release pointers
---
drivers/pci/msi/api.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/pci/msi/api.c b/drivers/pci/msi/api.c
index c18559b6272c..994f12813ce3 100644
--- a/drivers/pci/msi/api.c
+++ b/drivers/pci/msi/api.c
@@ -285,8 +285,10 @@ int pci_alloc_irq_vectors_affinity(struct pci_dev *dev, unsigned int min_vecs,
* the device driver can adjust queue configuration
* for the single interrupt case.
*/
- if (affd)
- irq_create_affinity_masks(1, affd);
+ if (affd) {
+ struct irq_affinity_desc *masks __free(kfree) =
+ irq_create_affinity_masks(1, affd);
+ }
pci_intx(dev, 1);
return 1;
}
--
2.52.0On Tue, Apr 21 2026 at 11:20, neilfsun wrote:
Please use function() notation in the subject as well.
> In the INTx fallback path of pci_alloc_irq_vectors_affinity(),
> affinity masks are created and never freed.
And then?
https://www.kernel.org/doc/html/latest/process/maintainer-tip.html#changelog
This also lacks a Fixes: tag to identify the commit which introduced the
problem. Hint: It was not commit beddb5efb43ee.
> Signed-off-by: neilfsun <neilfsun@tencent.com>
^^^^^^^^
Please provide your real name and not your nickname. See
Documentation/process/...
> Signed-off-by: Sun Feng <loyou85@gmail.com>
This Signed-off-by chain is broken. See Documentation/process/...
> Reviewed-by: Hans Zhang <18255117159@163.com>
Hans did not provide you a Reviewed-by tag. The fact that he reviewed V1
and made suggestions how to improve does not imply that.
> @@ -285,8 +285,10 @@ int pci_alloc_irq_vectors_affinity(struct pci_dev *dev, unsigned int min_vecs,
> * the device driver can adjust queue configuration
> * for the single interrupt case.
> */
> - if (affd)
> - irq_create_affinity_masks(1, affd);
> + if (affd) {
> + struct irq_affinity_desc *masks __free(kfree) =
> + irq_create_affinity_masks(1, affd);
There is no point to use __free() here. The only reason why this is
invoked for the INTX case is to ensure that the affinity descriptor is
updated and an eventually provided calc_sets() callback is invoked. The
returned mask is not used at all, so this can be simplified to:
kfree(affd ? irq_create_affinity_masks(1, affd) : NULL);
Along with a proper comment.
Thanks,
tglx
On 2026/04/21 Tuesday 11:20, neilfsun Wrote:
> In the INTx fallback path of pci_alloc_irq_vectors_affinity(),
> affinity masks are created and never freed.
>
> Signed-off-by: neilfsun <neilfsun@tencent.com>
> Signed-off-by: Sun Feng <loyou85@gmail.com>
> Reviewed-by: Hans Zhang <18255117159@163.com>
I don't see when Hans provided his tag in v1.
> ---
> v2: use __free to auto-release pointers
> ---
> drivers/pci/msi/api.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/pci/msi/api.c b/drivers/pci/msi/api.c
> index c18559b6272c..994f12813ce3 100644
> --- a/drivers/pci/msi/api.c
> +++ b/drivers/pci/msi/api.c
> @@ -285,8 +285,10 @@ int pci_alloc_irq_vectors_affinity(struct pci_dev *dev, unsigned int min_vecs,
> * the device driver can adjust queue configuration
> * for the single interrupt case.
> */
> - if (affd)
> - irq_create_affinity_masks(1, affd);
> + if (affd) {
> + struct irq_affinity_desc *masks __free(kfree) =
> + irq_create_affinity_masks(1, affd);
The __free() attribute is typically used for ensuring cleanup across
multiple exit paths within a function. In this case, the allocated masks
is not used and its scope ends immediately after creation. Why can't
we simply kfree(irq_create_affinity_masks(1, affd))...
> + }
> pci_intx(dev, 1);
> return 1;
> }
© 2016 - 2026 Red Hat, Inc.