drm/vc4: allocate enough memory in vc4_save_hang_state()

"state" is smaller than "kernel_state" so we end up corrupting memory.

Fixes: 214613656b51 ('drm/vc4: Add an interface for capturing the GPU state after a hang.')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Eric Anholt <eric@anholt.net>

diff --git a/drivers/gpu/drm/vc4/vc4_gem.c b/drivers/gpu/drm/vc4/vc4_gem.c
index 461a16ce26989b3622081fdea207dc5ebf590d25..1928c0a454bee5f48bc444b6a9d5846299cbf7ab 100644 (file)
--- a/drivers/gpu/drm/vc4/vc4_gem.c
+++ b/drivers/gpu/drm/vc4/vc4_gem.c
@@ -145,7 +145,7 @@ vc4_save_hang_state(struct drm_device *dev)
        unsigned long irqflags;
        unsigned int i, unref_list_count;
 
-       kernel_state = kcalloc(1, sizeof(*state), GFP_KERNEL);
+       kernel_state = kcalloc(1, sizeof(*kernel_state), GFP_KERNEL);
        if (!kernel_state)
                return;