Bug 200485

Summary: Function nbd_init() in drivers\block\pktcdvd.c forgets to set error code when the call to alloc_disk() fails
Product: Drivers Reporter: Zuxing Gu (guzx14)
Component: OtherAssignee: drivers_other
Status: NEW ---    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: v4.18-rc4 Subsystem:
Regression: No Bisected commit-id:
Attachments: Function nbd_init() in drivers\block\pktcdvd.c forgets to set error code when the call to alloc_disk() fails

Description Zuxing Gu 2018-07-13 14:03:15 UTC 
Created attachment 277349 [details]
Function nbd_init() in drivers\block\pktcdvd.c forgets to set error code when the call to alloc_disk() fails

Function alloc_disk() returns a NULL pointer if there is not enough memory. In function nbd_init() in drivers\block\pktcdvd.c, when the call to alloc_disk() fails (at line 2718), the control flow jumps to label "out_mem", returns the error code (stored in variable ret, which is -ENOMEM).

However, the function mempool_init_kmalloc_pool has changed ret value in line 2698, which may result incorrect return value.

I think it's better to explicitly assign "-ENOMEM" to ret, which is used in many other places.
Comment 1 Zuxing Gu 2018-07-13 14:03:47 UTC 
Codes related to these bugs are summarised as follows.

2698	ret = mempool_init_kmalloc_pool(&pd->rb_pool, PKT_RB_POOL_SIZE,
					sizeof(struct pkt_rb_node));
	if (ret)
		goto out_mem;
...
2718	disk = alloc_disk(1);
	if (!disk)
                // add here: ret = -ENOMEM;
		goto out_mem;
...
out_mem:
	mempool_exit(&pd->rb_pool);
	kfree(pd);
out_mutex:
	mutex_unlock(&ctl_mutex);
	pr_err("setup of pktcdvd device failed\n");
        // 
	return ret;



Thanks very much!
ZG
IMChecker Group, THU