drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 ++ 1 file changed, 2 insertions(+)
As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference.
Therefore, it is better to check the return value of kmalloc_array() to avoid this confusion.
Signed-off-by: QintaoShen <unSimple1993@163.com>
---
drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_events.c b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
index deeccce..64f4a51 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_events.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
@@ -749,6 +749,8 @@ static struct kfd_event_waiter *alloc_event_waiters(uint32_t num_events)
event_waiters = kmalloc_array(num_events,
sizeof(struct kfd_event_waiter),
GFP_KERNEL);
+ if (!event_waiters)
+ return NULL;
for (i = 0; (event_waiters) && (i < num_events) ; i++) {
init_wait(&event_waiters[i].wait);
--
2.7.4Applied. Thanks!
Alex
On Thu, Mar 24, 2022 at 9:46 AM QintaoShen <unSimple1993@163.com> wrote:
>
> As the kmalloc_array() may return null, the 'event_waiters[i].wait' would lead to null-pointer dereference.
> Therefore, it is better to check the return value of kmalloc_array() to avoid this confusion.
>
> Signed-off-by: QintaoShen <unSimple1993@163.com>
> ---
> drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_events.c b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
> index deeccce..64f4a51 100644
> --- a/drivers/gpu/drm/amd/amdkfd/kfd_events.c
> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
> @@ -749,6 +749,8 @@ static struct kfd_event_waiter *alloc_event_waiters(uint32_t num_events)
> event_waiters = kmalloc_array(num_events,
> sizeof(struct kfd_event_waiter),
> GFP_KERNEL);
> + if (!event_waiters)
> + return NULL;
>
> for (i = 0; (event_waiters) && (i < num_events) ; i++) {
> init_wait(&event_waiters[i].wait);
> --
> 2.7.4
>
© 2016 - 2026 Red Hat, Inc.