@@ -293,8 +293,10 @@ i915_buddy_alloc(struct i915_buddy_mm *mm, unsigned int order)
return block;
out_free:
- if (i != order)
+ if (i != order) {
+ list_del(&block->link);
__i915_buddy_free(mm, block);
+ }
return ERR_PTR(err);
}
@@ -401,8 +403,10 @@ int i915_buddy_alloc_range(struct i915_buddy_mm *mm,
buddy = get_buddy(block);
if (buddy &&
(i915_buddy_block_is_free(block) &&
- i915_buddy_block_is_free(buddy)))
+ i915_buddy_block_is_free(buddy))) {
+ list_del(&block->link);
__i915_buddy_free(mm, block);
+ }
err_free:
i915_buddy_free_list(mm, &allocated);
If we are unlucky and can't allocate enough memory when splitting blocks, where we temporarily end up with the given block and its buddy on the respective free list, then we need to ensure we delete both blocks, and no just the buddy, before potentially freeing them. Fixes: 14d1b9a6247c ("drm/i915: buddy allocator") Signed-off-by: Matthew Auld <matthew.auld@intel.com> Cc: Arunpravin <Arunpravin.PaneerSelvam@amd.com> Cc: Christian König <christian.koenig@amd.com> --- drivers/gpu/drm/i915/i915_buddy.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)