[PATCH] drm/i915/gt: Protect against overflow in active_engine()
Krzysztof Karas
krzysztof.karas at intel.com
Mon Aug 4 07:57:08 UTC 2025
It is unlikely, but possible for the first call to
intel_context_create() to fail with -ENOMEM, which would result
in entering the following code block and decrementing "count",
when it is set to 0 (initial condition in the for loop).
Protect from overflowing the variable with additional count > 0
check.
Signed-off-by: Krzysztof Karas <krzysztof.karas at intel.com>
---
drivers/gpu/drm/i915/gt/selftest_hangcheck.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/i915/gt/selftest_hangcheck.c b/drivers/gpu/drm/i915/gt/selftest_hangcheck.c
index f057c16410e7..cc0798dd30d5 100644
--- a/drivers/gpu/drm/i915/gt/selftest_hangcheck.c
+++ b/drivers/gpu/drm/i915/gt/selftest_hangcheck.c
@@ -904,8 +904,10 @@ static void active_engine(struct kthread_work *work)
arg->result = PTR_ERR(ce[count]);
pr_err("[%s] Create context #%ld failed: %d!\n",
engine->name, count, arg->result);
- while (--count)
- intel_context_put(ce[count]);
+ if (likely(count > 0)) {
+ while (--count)
+ intel_context_put(ce[count]);
+ }
return;
}
}
--
2.34.1
--
Best Regards,
Krzysztof
More information about the Intel-gfx
mailing list