Hi, Many vhost drivers follow a common process to obtain and verify received buffers: head = vhost_get_vq_desc(vq, vq->iov, ARRAY_SIZE(vq->iov), &out, &in,...); if (head < 0) { return ret; } if (head == vq->num) { /* no buffer */ return 0; /* or -EAGAIN or whatever */ } if (out != EXPECTED_OUT_BUFFERS || in != EXPECTED_IN_BUFFERS) { return -EINVAL; } /* all good, use buffers */ vhost_add_used(...); Which seems to me to be leaking buffers in the last error case - if the buffer configuration was unexpected. Shouldn't drivers in such cases also use vhost_add_used() to return the buffer? Thanks Guennadi