drm/i915/region: don't leak the object on error

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Sanity check the object size before allocating a new gem object.

Fixes: 97d553963250 ("drm/i915/region: convert object_create into object_init")
Testcase: igt/gem_create/create-massive
Signed-off-by: Matthew Auld <matthew.auld@intel.com>
Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Link: https://patchwork.freedesktop.org/patch/msgid/20210120104714.112812-1-matthew.auld@intel.com

authored by

Matthew Auld and committed by

Chris Wilson 5 years ago 95b98f00 1e58215f

+4 -4

1 changed file

expand all

drivers

gpu

drm

i915

gem

i915_gem_region.c

+4 -4

drivers/gpu/drm/i915/gem/i915_gem_region.c

··· 161 161 GEM_BUG_ON(!size); 162 162 GEM_BUG_ON(!IS_ALIGNED(size, I915_GTT_MIN_ALIGNMENT)); 163 163 164 - obj = i915_gem_object_alloc(); 165 - if (!obj) 166 - return ERR_PTR(-ENOMEM); 167 - 168 164 /* 169 165 * XXX: There is a prevalence of the assumption that we fit the 170 166 * object's page count inside a 32bit _signed_ variable. Let's document ··· 173 177 174 178 if (overflows_type(size, obj->base.size)) 175 179 return ERR_PTR(-E2BIG); 180 + 181 + obj = i915_gem_object_alloc(); 182 + if (!obj) 183 + return ERR_PTR(-ENOMEM); 176 184 177 185 err = mem->ops->init_object(mem, obj, size, flags); 178 186 if (err)