[PATCH] drm/nouveau: fix memory leak by deallocating cli/drm

Emil Velikov emil.l.velikov at gmail.com
Fri Jun 12 08:40:43 PDT 2015


Hi Dongxing Zhang,

On 11 June 2015 at 09:14, Dongxing Zhang <dongxing.zhang at intel.com> wrote:
> unreferenced object 0xffff8800bd132fe8 (size 256):
>   comm "Xorg", pid 1260, jiffies 4294901661 (age 660.504s)
>   hex dump (first 32 bytes):
>     00 00 00 00 00 00 00 00 e8 2f 13 bd 00 88 ff ff  ........./......
>     01 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00  ................
>   backtrace:
>     [<ffffffff817b756e>] kmemleak_alloc+0x4e/0xb0
>     [<ffffffff811d52d4>] __kmalloc+0x204/0x2c0
>     [<ffffffffc03b633a>] nouveau_cli_create+0x2a/0xb0 [nouveau]
>     [<ffffffffc03b648b>] nouveau_drm_open+0xcb/0x220 [nouveau]
>     [<ffffffffc02146c2>] drm_open+0x1b2/0x4d0 [drm]
>     [<ffffffffc021b449>] drm_stub_open+0xa9/0x130 [drm]
>     [<ffffffff811f88cf>] chrdev_open+0x9f/0x1d0
>     [<ffffffff811f1937>] do_dentry_open+0x257/0x350
>     [<ffffffff811f1ac9>] vfs_open+0x49/0x50
>     [<ffffffff812025dc>] do_last+0x1ec/0x1200
>     [<ffffffff81203670>] path_openat+0x80/0x600
>     [<ffffffff8120512a>] do_filp_open+0x3a/0x90
>     [<ffffffff811f3138>] do_sys_open+0x128/0x220
>     [<ffffffff811f324e>] SyS_open+0x1e/0x20
>     [<ffffffff817ca2b2>] system_call_fastpath+0x16/0x75
>     [<ffffffffffffffff>] 0xffffffffffffffff
>
> Signed-off-by: Dongxing Zhang <dongxing.zhang at intel.com>
A similar patch has been picked up recently [1]

[1] http://lists.freedesktop.org/archives/dri-devel/2015-June/084249.html

> ---
>  drivers/gpu/drm/nouveau/nouveau_drm.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c
> index 8904933..2ead477 100644
> --- a/drivers/gpu/drm/nouveau/nouveau_drm.c
> +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c
> @@ -115,7 +115,8 @@ nouveau_cli_create(u64 name, const char *sname,
>                 if (ret == 0) {
>                         mutex_init(&cli->mutex);
>                         usif_client_init(cli);
> -               }
> +               } else
> +                       kfree(cli);
... although it's missing this hunk. Iirc at this level the destructor
is not implicitly called so this is required.

Cheers
Emil


More information about the dri-devel mailing list