[Intel-gfx] [PATCH] drm/i915/region: don't leak the object on error

Chris Wilson chris at chris-wilson.co.uk
Wed Jan 20 10:51:56 UTC 2021


Quoting Matthew Auld (2021-01-20 10:47:14)
> Sanity check the object size before allocating a new gem object.
> 
> Fixes: 97d553963250 ("drm/i915/region: convert object_create into object_init")
> Signed-off-by: Matthew Auld <matthew.auld at intel.com>
> ---
>  drivers/gpu/drm/i915/gem/i915_gem_region.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_region.c b/drivers/gpu/drm/i915/gem/i915_gem_region.c
> index 4834a0b272f4..3e3dad22a683 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_region.c
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_region.c
> @@ -161,10 +161,6 @@ i915_gem_object_create_region(struct intel_memory_region *mem,
>         GEM_BUG_ON(!size);
>         GEM_BUG_ON(!IS_ALIGNED(size, I915_GTT_MIN_ALIGNMENT));
>  
> -       obj = i915_gem_object_alloc();
> -       if (!obj)
> -               return ERR_PTR(-ENOMEM);
> -
>         /*
>          * XXX: There is a prevalence of the assumption that we fit the
>          * object's page count inside a 32bit _signed_ variable. Let's document
> @@ -178,6 +174,10 @@ i915_gem_object_create_region(struct intel_memory_region *mem,
>         if (overflows_type(size, obj->base.size))
>                 return ERR_PTR(-E2BIG);
>  
> +       obj = i915_gem_object_alloc();
> +       if (!obj)
> +               return ERR_PTR(-ENOMEM);

My bad, I should have checked. It does remind me we really should drop
the INT_MAX << PAGE_SHIFT rejection at some point.

Ok, that was the only slip all the others have their parameter checking
before the alloc, with the few error paths that are after the alloc
doing cleanup.

Reviewed-by: Chris Wilson <chris at chris-wilson.co.uk>
-Chris


More information about the Intel-gfx mailing list