From mboxrd@z Thu Jan 1 00:00:00 1970 From: Claude Code Review Bot To: dri-devel-reviews@example.com Subject: Claude review: accel/habanalabs: fix refcount leak in hl_direct_io() Date: Thu, 04 Jun 2026 11:49:49 +1000 Message-ID: In-Reply-To: <20260603091055.3730941-1-vulab@iscas.ac.cn> References: <20260603091055.3730941-1-vulab@iscas.ac.cn> X-Mailer: Claude Code Patch Reviewer Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Overall Series Review Subject: accel/habanalabs: fix refcount leak in hl_direct_io() Author: Wentao Liang Patches: 1 Reviewed: 2026-06-04T11:49:49.715054 --- This is a single-patch series that fixes a refcount leak in the `hl_direct_= io()` function in the habanalabs NVMe Direct I/O path. The fix is **correct= and appropriate**. When `hl_dio_get_iopath()` succeeds (line 235), it acquires two resources: = it increments a per-CPU inflight I/O counter and takes a reference on the c= ontext via `hl_ctx_get()` (see `hl_dio_get_iopath()` at line 162). The corr= esponding cleanup function `hl_dio_put_iopath()` (line 170-176) releases bo= th: it calls `hl_ctx_put()` and decrements the per-CPU counter. Before this patch, if the `vzalloc()` at line 250 failed, the function retu= rned `-ENOMEM` directly without calling `hl_dio_put_iopath()`, leaking both= the context reference and the inflight I/O count. The existing `cleanup` l= abel at line 274 already calls both `vfree(io->bv)` and `hl_dio_put_iopath(= io->f.ctx)`, and `vfree(NULL)` is safe, so jumping there would have been an= alternative =E2=80=94 but the inline fix is equally correct and arguably c= learer since it matches the early-return style already in use at this point= in the function. The series is minimal, well-targeted, and appropriate for stable backport. --- Generated by Claude Code Patch Reviewer