1. Patchew
  2. linux
  3. View series

[PATCH] scsi: qedf: Fix a possible memory leak in qedf_prepare_sb()

jackysliu posted 1 patch 3 months, 3 weeks ago 
drivers/scsi/qedf/qedf_main.c | 12 +++++++++++-
1 files changed, 11 insertions(+), 1 deletions(-)
[PATCH] scsi: qedf: Fix a possible memory leak in qedf_prepare_sb()
Posted by jackysliu 3 months, 3 weeks ago 
A memory leak vulnerability found in
linux/drivers/scsi/qedf/qedf_main.c , qedf_prepare_sb Function Due to
Missing Resource Cleanup in Error Path.

The qedf_prepare_sb function allocates resources in a loop for
multiple queues. If an allocation fails mid-loop (e.g., kcalloc for
fp->sb_info or qedf_alloc_and_init_sb fails), the error path (goto
err) returns without freeing resources allocated in previous
iterations

Signed-off-by: jackysliu <1972843537@qq.com>
---
 drivers/scsi/qedf/qedf_main.c | 12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c
index 6b1ebab36fa3..8767d9de819f 100644
--- a/drivers/scsi/qedf/qedf_main.c
+++ b/drivers/scsi/qedf/qedf_main.c
@@ -2809,7 +2809,17 @@ static int qedf_prepare_sb(struct qedf_ctx *qedf)
 		    sizeof(struct fcoe_cqe);
 	}
 err:
-	return 0;
+for (int i = 0; i < id; i++) {
+	fp = &qedf->fp_array[i];
+if (fp->sb_info) {
+	qedf_free_sb(qedf, fp->sb_info);
+kfree(fp->sb_info);
+fp->sb_info = NULL;
+}
+}
+kfree(qedf->fp_array);
+qedf->fp_array = NULL;
+return -ENOMEM;
 }
 
 void qedf_process_cqe(struct qedf_ctx *qedf, struct fcoe_cqe *cqe)
Re: [PATCH] scsi: qedf: Fix a possible memory leak in qedf_prepare_sb()
Posted by kernel test robot 3 months, 2 weeks ago 
Hi jackysliu,

kernel test robot noticed the following build warnings:

[auto build test WARNING on jejb-scsi/for-next]
[also build test WARNING on mkp-scsi/for-next linus/master v6.16-rc3 next-20250623]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/jackysliu/scsi-qedf-Fix-a-possible-memory-leak-in-qedf_prepare_sb/20250617-180032
base:   https://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi.git for-next
patch link:    https://lore.kernel.org/r/tencent_3C5078D216712F6F21FC8792FADED59A3D09%40qq.com
patch subject: [PATCH] scsi: qedf: Fix a possible memory leak in qedf_prepare_sb()
config: i386-randconfig-141-20250623 (https://download.01.org/0day-ci/archive/20250624/202506240340.fv6cXpyc-lkp@intel.com/config)
compiler: gcc-12 (Debian 12.2.0-14) 12.2.0

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202506240340.fv6cXpyc-lkp@intel.com/

New smatch warnings:
drivers/scsi/qedf/qedf_main.c:2814 qedf_prepare_sb() warn: inconsistent indenting

Old smatch warnings:
drivers/scsi/qedf/qedf_main.c:2816 qedf_prepare_sb() warn: inconsistent indenting

vim +2814 drivers/scsi/qedf/qedf_main.c

  2773	
  2774	static int qedf_prepare_sb(struct qedf_ctx *qedf)
  2775	{
  2776		int id;
  2777		struct qedf_fastpath *fp;
  2778		int ret;
  2779	
  2780		qedf->fp_array =
  2781		    kcalloc(qedf->num_queues, sizeof(struct qedf_fastpath),
  2782			GFP_KERNEL);
  2783	
  2784		if (!qedf->fp_array) {
  2785			QEDF_ERR(&(qedf->dbg_ctx), "fastpath array allocation "
  2786				  "failed.\n");
  2787			return -ENOMEM;
  2788		}
  2789	
  2790		for (id = 0; id < qedf->num_queues; id++) {
  2791			fp = &(qedf->fp_array[id]);
  2792			fp->sb_id = QEDF_SB_ID_NULL;
  2793			fp->sb_info = kcalloc(1, sizeof(*fp->sb_info), GFP_KERNEL);
  2794			if (!fp->sb_info) {
  2795				QEDF_ERR(&(qedf->dbg_ctx), "SB info struct "
  2796					  "allocation failed.\n");
  2797				goto err;
  2798			}
  2799			ret = qedf_alloc_and_init_sb(qedf, fp->sb_info, id);
  2800			if (ret) {
  2801				QEDF_ERR(&(qedf->dbg_ctx), "SB allocation and "
  2802					  "initialization failed.\n");
  2803				goto err;
  2804			}
  2805			fp->sb_id = id;
  2806			fp->qedf = qedf;
  2807			fp->cq_num_entries =
  2808			    qedf->global_queues[id]->cq_mem_size /
  2809			    sizeof(struct fcoe_cqe);
  2810		}
  2811	err:
  2812	for (int i = 0; i < id; i++) {
  2813		fp = &qedf->fp_array[i];
> 2814	if (fp->sb_info) {
  2815		qedf_free_sb(qedf, fp->sb_info);
  2816	kfree(fp->sb_info);
  2817	fp->sb_info = NULL;
  2818	}
  2819	}
  2820	kfree(qedf->fp_array);
  2821	qedf->fp_array = NULL;
  2822	return -ENOMEM;
  2823	}
  2824	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
[PATCH] [PATCH] scsi: qedf: fix inconsistent indenting warning Fix below inconsistent indenting smatch warning. New smatch warnings: drivers/scsi/qedf/qedf_main.c:2814 qedf_prepare_sb() warn: inconsistent indenting
Posted by jackysliu 3 months, 2 weeks ago 
Old smatch warnings:
drivers/scsi/qedf/qedf_main.c:2816 qedf_prepare_sb() warn: inconsistent indenting

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202506240340.fv6cXpyc-lkp@intel.com/

Signed-off-by: jackysliu <1972843537@qq.com>
---
 drivers/scsi/qedf/qedf_main.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c
index 8767d9de819f..b46fc510557b 100644
--- a/drivers/scsi/qedf/qedf_main.c
+++ b/drivers/scsi/qedf/qedf_main.c
@@ -2810,11 +2810,11 @@ static int qedf_prepare_sb(struct qedf_ctx *qedf)
 	}
 err:
 for (int i = 0; i < id; i++) {
-fp = &qedf->fp_array[i];
-if (fp->sb_info) {
-qedf_free_sb(qedf, fp->sb_info);
-kfree(fp->sb_info);
-fp->sb_info = NULL;
+	fp = &qedf->fp_array[i];
+	if (fp->sb_info) {
+		qedf_free_sb(qedf, fp->sb_info);
+		kfree(fp->sb_info);
+	fp->sb_info = NULL;
 }
 }
 kfree(qedf->fp_array);
-- 
2.43.5
[PATCH] scsi: qedf: fix inconsistent indenting warning
Posted by jackysliu 3 months, 2 weeks ago 
Fix below inconsistent indenting smatch warning.

New smatch warnings:
drivers/scsi/qedf/qedf_main.c:2814 qedf_prepare_sb() warn: inconsistent
indenting

Old smatch warnings:
drivers/scsi/qedf/qedf_main.c:2816 qedf_prepare_sb() warn: inconsistent indenting

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202506240340.fv6cXpyc-lkp@intel.com/

Signed-off-by: jackysliu <1972843537@qq.com>
---
 drivers/scsi/qedf/qedf_main.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c
index 8767d9de819f..b46fc510557b 100644
--- a/drivers/scsi/qedf/qedf_main.c
+++ b/drivers/scsi/qedf/qedf_main.c
@@ -2810,11 +2810,11 @@ static int qedf_prepare_sb(struct qedf_ctx *qedf)
 	}
 err:
 for (int i = 0; i < id; i++) {
-fp = &qedf->fp_array[i];
-if (fp->sb_info) {
-qedf_free_sb(qedf, fp->sb_info);
-kfree(fp->sb_info);
-fp->sb_info = NULL;
+	fp = &qedf->fp_array[i];
+	if (fp->sb_info) {
+		qedf_free_sb(qedf, fp->sb_info);
+		kfree(fp->sb_info);
+	fp->sb_info = NULL;
 }
 }
 kfree(qedf->fp_array);
-- 
2.43.5

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.