The driver may sleep with holding a spinlock. The function call paths (from bottom to top) in Linux-4.16 are: [FUNC] kmalloc(GFP_KERNEL) drivers/gpu/drm/drm_mm.c, 130: kmalloc in show_leaks drivers/gpu/drm/drm_mm.c, 913: show_leaks in drm_mm_takedown drivers/gpu/drm/drm_vma_manager.c, 107: drm_mm_takedown in drm_vma_offset_manager_destroy drivers/gpu/drm/drm_vma_manager.c, 106: _raw_write_lock in drm_vma_offset_manager_destroy [FUNC] kmalloc(GFP_KERNEL) drivers/gpu/drm/drm_mm.c, 130: kmalloc in show_leaks drivers/gpu/drm/drm_mm.c, 913: show_leaks in drm_mm_takedown drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c, 71: drm_mm_takedown in amdgpu_vram_mgr_fini drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c, 70: spin_lock in amdgpu_vram_mgr_fini [FUNC] kmalloc(GFP_KERNEL) drivers/gpu/drm/drm_mm.c, 130: kmalloc in show_leaks drivers/gpu/drm/drm_mm.c, 913: show_leaks in drm_mm_takedown drivers/gpu/drm/ttm/ttm_bo_manager.c, 128: drm_mm_takedown in ttm_bo_man_takedown drivers/gpu/drm/ttm/ttm_bo_manager.c, 126: spin_lock in ttm_bo_man_takedown To fix this bug, GFP_KERNEL is replaced with GFP_ATOMIC. This bug is found by my static analysis tool DSAC. Signed-off-by: Jia-Ju Bai <baijiaju1990@xxxxxxxxx> --- drivers/gpu/drm/drm_mm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/drm_mm.c b/drivers/gpu/drm/drm_mm.c index 3166026a1874..2486121a78d4 100644 --- a/drivers/gpu/drm/drm_mm.c +++ b/drivers/gpu/drm/drm_mm.c @@ -127,7 +127,7 @@ static void show_leaks(struct drm_mm *mm) unsigned long entries[STACKDEPTH]; char *buf; - buf = kmalloc(BUFSZ, GFP_KERNEL); + buf = kmalloc(BUFSZ, GFP_ATOMIC); if (!buf) return; -- 2.17.0 _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/dri-devel
