Am 30.05.24 um 05:48 schrieb Jesse Zhang:
If the svm migration copy memory gart fails or the dma mapping page fails for the first time.
But the variable i is still 0, and executing i-- will overflow.
Signed-off-by: Jesse Zhang <Jesse.Zhang@xxxxxxx>
---
drivers/gpu/drm/amd/amdkfd/kfd_migrate.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_migrate.c b/drivers/gpu/drm/amd/amdkfd/kfd_migrate.c
index 8ee3d07ffbdf..3620eabf13c7 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_migrate.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_migrate.c
@@ -650,9 +650,10 @@ svm_migrate_copy_to_ram(struct amdgpu_device *adev, struct svm_range *prange,
out_oom:
if (r) {
pr_debug("failed %d copy to ram\n", r);
- while (i--) {
+ while (i) {
svm_migrate_put_sys_page(dst[i]);
migrate->dst[i] = 0;
+ i--;
That looks incorrect to me.
"i" is usually the entry which failed and doesn't need to cleanup. So
using "while (i---) ...." is a very common and correct way to clean
things up.
With the code changed as above 0 for example would never be cleaned up.
Christian.
}
}
