Closed Math2 closed 1 year ago
Could be triggered when restoring a firefox session with A LOT of windows.
Patch is against 5.10-lts, but the same problem seems to exist on 5.15-lts/master as well.
diff --git a/drivers/dma-buf/dma-fence.c b/drivers/dma-buf/dma-fence.c index 6d8ade51ffa8..f2b9ae3914af 100644 --- a/drivers/dma-buf/dma-fence.c +++ b/drivers/dma-buf/dma-fence.c @@ -373,7 +373,7 @@ dma_fence_wait_any_timeout(struct dma_fence **fences, uint32_t count, return (0); } - cb = malloc(sizeof(*cb), M_DMABUF, M_WAITOK | M_ZERO); + cb = mallocarray(count, sizeof(*cb), M_DMABUF, M_WAITOK | M_ZERO); for (i = 0; i < count; i++) { struct dma_fence *fence = fences[i]; cb[i].task = current;
Could be triggered when restoring a firefox session with A LOT of windows.
Patch is against 5.10-lts, but the same problem seems to exist on 5.15-lts/master as well.