drm/nouveau: Fix memory leak in nvkm_ram_get()

Submitted by Liu, Yongxin on Aug. 23, 2019, 8:50 a.m.

Details

Message ID 20190823085042.37349-1-yongxin.liu@windriver.com
State New
Headers show
Series "drm/nouveau: Fix memory leak in nvkm_ram_get()" ( rev: 1 ) in Nouveau

Not browsing as part of any series.

Commit Message

Liu, Yongxin Aug. 23, 2019, 8:50 a.m.
When resuming from ACPI S3, memory leak happens in nvkm_ram_get().
This is because *pmemory points to newly allocated memory without
checking and freeing the old memory.

Here is the log showing this issue.

unreferenced object 0xffffa3b608c6d5c0 (size 64):
  comm "kworker/u32:30", pid 934, jiffies 4294823520 (age 5000.217s)
  hex dump (first 32 bytes):
    00 fc 4a c0 ff ff ff ff 00 00 00 00 00 00 00 00  ..J.............
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000e923bf81>] kmem_cache_alloc_trace+0x181/0x250
    [<00000000edb7beaa>] nvkm_ram_get+0xb0/0x1d0 [nouveau]
    [<000000004ecaa918>] gt215_ram_init+0xc5/0x2f0 [nouveau]
    [<00000000007ba1a0>] nvkm_ram_init+0x1a/0x20 [nouveau]
    [<0000000050abf84b>] nvkm_fb_init+0x27/0xe0 [nouveau]
    [<00000000fae7fedc>] nvkm_subdev_init+0xbc/0x210 [nouveau]
    [<00000000a67b86e4>] nvkm_device_init+0x12a/0x280 [nouveau]
    [<00000000c02ac03e>] nvkm_udevice_init+0x48/0x60 [nouveau]
    [<0000000048f35641>] nvkm_object_init+0x43/0x110 [nouveau]
    [<00000000c6f92dc0>] nvkm_object_init+0x74/0x110 [nouveau]
    [<00000000c6f92dc0>] nvkm_object_init+0x74/0x110 [nouveau]
    [<000000007416951c>] nvkm_client_resume+0xe/0x10 [nouveau]
    [<00000000c5d31dfd>] nvif_client_resume+0x1d/0x20 [nouveau]
    [<000000008f3a638f>] nouveau_do_resume+0x2d/0x150 [nouveau]
    [<00000000df2c2b85>] nouveau_pmops_resume+0x6b/0xa0 [nouveau]
    [<00000000f44c649d>] pci_pm_resume+0x71/0xb0

Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
---
 drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c | 3 +++
 1 file changed, 3 insertions(+)

Patch hide | download patch | download mbox

diff --git a/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c b/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c
index b11867f682cb..60be4d811187 100644
--- a/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c
+++ b/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c
@@ -124,6 +124,9 @@  nvkm_ram_get(struct nvkm_device *device, u8 heap, u8 type, u8 rpage, u64 size,
 	nvkm_memory_ctor(&nvkm_vram, &vram->memory);
 	vram->ram = ram;
 	vram->page = page;
+
+	if (*pmemory)
+		nvkm_memory_unref(pmemory);
 	*pmemory = &vram->memory;
 
 	mutex_lock(&ram->fb->subdev.mutex);

Comments

Hi Ben,

Any comments on this patch?


Thanks,
Yongxin


> -----Original Message-----

> From: Nouveau [mailto:nouveau-bounces@lists.freedesktop.org] On Behalf Of

> Yongxin Liu

> Sent: Friday, August 23, 2019 16:51

> To: bskeggs@redhat.com; dri-devel@lists.freedesktop.org

> Cc: nouveau@lists.freedesktop.org; Wei, Yunguo (Bryan); Gortmaker, Paul

> Subject: [Nouveau] [PATCH] drm/nouveau: Fix memory leak in nvkm_ram_get()

> 

> When resuming from ACPI S3, memory leak happens in nvkm_ram_get().

> This is because *pmemory points to newly allocated memory without

> checking and freeing the old memory.

> 

> Here is the log showing this issue.

> 

> unreferenced object 0xffffa3b608c6d5c0 (size 64):

>   comm "kworker/u32:30", pid 934, jiffies 4294823520 (age 5000.217s)

>   hex dump (first 32 bytes):

>     00 fc 4a c0 ff ff ff ff 00 00 00 00 00 00 00 00  ..J.............

>     01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

>   backtrace:

>     [<00000000e923bf81>] kmem_cache_alloc_trace+0x181/0x250

>     [<00000000edb7beaa>] nvkm_ram_get+0xb0/0x1d0 [nouveau]

>     [<000000004ecaa918>] gt215_ram_init+0xc5/0x2f0 [nouveau]

>     [<00000000007ba1a0>] nvkm_ram_init+0x1a/0x20 [nouveau]

>     [<0000000050abf84b>] nvkm_fb_init+0x27/0xe0 [nouveau]

>     [<00000000fae7fedc>] nvkm_subdev_init+0xbc/0x210 [nouveau]

>     [<00000000a67b86e4>] nvkm_device_init+0x12a/0x280 [nouveau]

>     [<00000000c02ac03e>] nvkm_udevice_init+0x48/0x60 [nouveau]

>     [<0000000048f35641>] nvkm_object_init+0x43/0x110 [nouveau]

>     [<00000000c6f92dc0>] nvkm_object_init+0x74/0x110 [nouveau]

>     [<00000000c6f92dc0>] nvkm_object_init+0x74/0x110 [nouveau]

>     [<000000007416951c>] nvkm_client_resume+0xe/0x10 [nouveau]

>     [<00000000c5d31dfd>] nvif_client_resume+0x1d/0x20 [nouveau]

>     [<000000008f3a638f>] nouveau_do_resume+0x2d/0x150 [nouveau]

>     [<00000000df2c2b85>] nouveau_pmops_resume+0x6b/0xa0 [nouveau]

>     [<00000000f44c649d>] pci_pm_resume+0x71/0xb0

> 

> Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>

> ---

>  drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c | 3 +++

>  1 file changed, 3 insertions(+)

> 

> diff --git a/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c

> b/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c

> index b11867f682cb..60be4d811187 100644

> --- a/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c

> +++ b/drivers/gpu/drm/nouveau/nvkm/subdev/fb/ram.c

> @@ -124,6 +124,9 @@ nvkm_ram_get(struct nvkm_device *device, u8 heap, u8

> type, u8 rpage, u64 size,

>  	nvkm_memory_ctor(&nvkm_vram, &vram->memory);

>  	vram->ram = ram;

>  	vram->page = page;

> +

> +	if (*pmemory)

> +		nvkm_memory_unref(pmemory);

>  	*pmemory = &vram->memory;

> 

>  	mutex_lock(&ram->fb->subdev.mutex);

> --

> 2.14.4

> 

> _______________________________________________

> Nouveau mailing list

> Nouveau@lists.freedesktop.org

> https://lists.freedesktop.org/mailman/listinfo/nouveau