From ea67deb03cc0b3f6e00b4aab87732672d73295b5 Mon Sep 17 00:00:00 2001 From: Sunil Khatri Date: Tue, 2 Jul 2024 13:49:20 +0530 Subject: [PATCH] drm/amdgpu: fix out of bounds access in gfx11 during ip dump MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit During ip dump in gfx11 the index variable is reused but is not reinitialized to 0 and this causes the index calculation to be wrong and access out of bound access. Acked-by: Christian König Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher --- drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c b/drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c index 38150398a31b..6228dd0450a7 100644 --- a/drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c +++ b/drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c @@ -6411,6 +6411,7 @@ static void gfx_v11_ip_print(void *handle, struct drm_printer *p) if (!adev->gfx.ip_dump_gfx_queues) return; + index = 0; reg_count = ARRAY_SIZE(gc_gfx_queue_reg_list_11); drm_printf(p, "\nnum_me: %d num_pipe: %d num_queue: %d\n", adev->gfx.me.num_me, @@ -6475,6 +6476,7 @@ static void gfx_v11_ip_dump(void *handle) if (!adev->gfx.ip_dump_gfx_queues) return; + index = 0; reg_count = ARRAY_SIZE(gc_gfx_queue_reg_list_11); amdgpu_gfx_off_ctrl(adev, false); mutex_lock(&adev->srbm_mutex); -- 2.50.1