Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
Pre-existing issues: - [High] Device memory mappings are leaked in the error path of drm_gpusvm_get_pages() because device_unmap is skipped. -- commit 25e4cbe499297aaf84b70f35d35aa1d25e43829b Author: Honglei Huang <[email protected]> drm/xe: have xe_svm_range embed one drm_gpusvm_pages With drm_gpusvm_pages now self contained, make xe stop relying on the drm_gpusvm_range pages and take responsibility for the page lifecycle on the driver side. > diff --git a/drivers/gpu/drm/drm_gpusvm.c b/drivers/gpu/drm/drm_gpusvm.c > index d6407c94cdda3..7af535853c380 100644 > --- a/drivers/gpu/drm/drm_gpusvm.c > +++ b/drivers/gpu/drm/drm_gpusvm.c [ ... ] > @@ -1245,8 +1248,6 @@ void drm_gpusvm_range_remove(struct drm_gpusvm *gpusvm, > return; > > drm_gpusvm_notifier_lock(gpusvm); > - __drm_gpusvm_unmap_pages(gpusvm, &range->pages, npages); > - __drm_gpusvm_free_pages(gpusvm, &range->pages); [Severity: High] This isn't a bug introduced by this patch, but does the error path in drm_gpusvm_get_pages() leak device memory mappings? In drm_gpusvm_get_pages(), if a device page is successfully mapped via dpagemap->ops->device_map(), but a subsequent page mapping fails, the code jumps to the err_unmap label and calls __drm_gpusvm_unmap_pages() to clean up: err_unmap: svm_pages->flags.has_dma_mapping = true; __drm_gpusvm_unmap_pages(gpusvm, svm_pages, num_dma_mapped); Inside __drm_gpusvm_unmap_pages(), the loop uses the dpagemap loaded from svm_pages->dpagemap to resolve the callback: else if (dpagemap && dpagemap->ops->device_unmap) dpagemap->ops->device_unmap(dpagemap, dev, addr); Since svm_pages->dpagemap isn't updated until the end of drm_gpusvm_get_pages() upon complete success, it remains NULL (or holds a stale reference) during err_unmap. Will this evaluate to false and skip the required device_unmap operations for the newly mapped device pages? -- Sashiko AI review ยท https://sashiko.dev/#/patchset/[email protected]?part=3
