From 823d219f23b958292279cfdc8583dc4f1f91c2d5 Mon Sep 17 00:00:00 2001
From: Julia Lawall
Date: Sun, 1 Aug 2010 19:23:35 +0200
Subject: [SCSI] pm8001: introduce missing kfree
Error handling code following a kmalloc should free the allocated data.
The semantic match that finds the problem is as follows:
(http://www.emn.fr/x-info/coccinelle/)
//
@r exists@
local idexpression x;
expression E;
identifier f,f1;
position p1,p2;
@@
x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(...);
<... when != x
when != if (...) { <+...x...+> }
when != (x) == NULL
when != (x) != NULL
when != (x) == 0
when != (x) != 0
(
x->f1 = E
|
(x->f1 == NULL || ...)
|
f(...,x->f1,...)
)
...>
(
return <+...x...+>;
|
return@p2 ...;
)
@script:python@
p1 << r.p1;
p2 << r.p2;
@@
print "* file: %s kmalloc %s return %s" % (p1[0].file,p1[0].line,p2[0].line)
//
Signed-off-by: Julia Lawall
Acked-by: jack wang
Signed-off-by: James Bottomley
---
drivers/scsi/pm8001/pm8001_hwi.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
(limited to 'drivers/scsi')
diff --git a/drivers/scsi/pm8001/pm8001_hwi.c b/drivers/scsi/pm8001/pm8001_hwi.c
index 58d1134935ef..9793aa6afb10 100644
--- a/drivers/scsi/pm8001/pm8001_hwi.c
+++ b/drivers/scsi/pm8001/pm8001_hwi.c
@@ -4199,8 +4199,10 @@ static int pm8001_chip_get_nvmd_req(struct pm8001_hba_info *pm8001_ha,
circularQ = &pm8001_ha->inbnd_q_tbl[0];
memset(&nvmd_req, 0, sizeof(nvmd_req));
rc = pm8001_tag_alloc(pm8001_ha, &tag);
- if (rc)
+ if (rc) {
+ kfree(fw_control_context);
return rc;
+ }
ccb = &pm8001_ha->ccb_info[tag];
ccb->ccb_tag = tag;
ccb->fw_control_context = fw_control_context;
@@ -4276,8 +4278,10 @@ static int pm8001_chip_set_nvmd_req(struct pm8001_hba_info *pm8001_ha,
ioctl_payload->length);
memset(&nvmd_req, 0, sizeof(nvmd_req));
rc = pm8001_tag_alloc(pm8001_ha, &tag);
- if (rc)
+ if (rc) {
+ kfree(fw_control_context);
return rc;
+ }
ccb = &pm8001_ha->ccb_info[tag];
ccb->fw_control_context = fw_control_context;
ccb->ccb_tag = tag;
@@ -4387,6 +4391,7 @@ pm8001_chip_fw_flash_update_req(struct pm8001_hba_info *pm8001_ha,
fw_control->len, 0) != 0) {
PM8001_FAIL_DBG(pm8001_ha,
pm8001_printk("Mem alloc failure\n"));
+ kfree(fw_control_context);
return -ENOMEM;
}
}
@@ -4401,8 +4406,10 @@ pm8001_chip_fw_flash_update_req(struct pm8001_hba_info *pm8001_ha,
fw_control_context->virtAddr = buffer;
fw_control_context->len = fw_control->len;
rc = pm8001_tag_alloc(pm8001_ha, &tag);
- if (rc)
+ if (rc) {
+ kfree(fw_control_context);
return rc;
+ }
ccb = &pm8001_ha->ccb_info[tag];
ccb->fw_control_context = fw_control_context;
ccb->ccb_tag = tag;
--
cgit v1.2.3-55-g7522