Created attachment 277349 [details] Function nbd_init() in drivers\block\pktcdvd.c forgets to set error code when the call to alloc_disk() fails Function alloc_disk() returns a NULL pointer if there is not enough memory. In function nbd_init() in drivers\block\pktcdvd.c, when the call to alloc_disk() fails (at line 2718), the control flow jumps to label "out_mem", returns the error code (stored in variable ret, which is -ENOMEM). However, the function mempool_init_kmalloc_pool has changed ret value in line 2698, which may result incorrect return value. I think it's better to explicitly assign "-ENOMEM" to ret, which is used in many other places.
Codes related to these bugs are summarised as follows. 2698 ret = mempool_init_kmalloc_pool(&pd->rb_pool, PKT_RB_POOL_SIZE, sizeof(struct pkt_rb_node)); if (ret) goto out_mem; ... 2718 disk = alloc_disk(1); if (!disk) // add here: ret = -ENOMEM; goto out_mem; ... out_mem: mempool_exit(&pd->rb_pool); kfree(pd); out_mutex: mutex_unlock(&ctl_mutex); pr_err("setup of pktcdvd device failed\n"); // return ret; Thanks very much! ZG IMChecker Group, THU