From mboxrd@z Thu Jan  1 00:00:00 1970
From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: drm/xe: use krealloc_array to prevent integer overflow
Date: Sun, 12 Apr 2026 11:54:39 +1000
Message-ID: <review-patch1-20260409012520.3531256-1-baoli.zhang@linux.intel.com>
In-Reply-To: <20260409012520.3531256-1-baoli.zhang@linux.intel.com>
References: <20260409012520.3531256-1-baoli.zhang@linux.intel.com> <20260409012520.3531256-1-baoli.zhang@linux.intel.com>
X-Mailer: Claude Code Patch Reviewer
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0

Patch Review

**xe_configfs.c change:**

```c
-	tmp =3D krealloc(wa_bb[0].cs, count * sizeof(u32), GFP_KERNEL);
+	tmp =3D krealloc_array(wa_bb[0].cs, count, sizeof(u32), GFP_KERNEL);
```

Correct transformation. `count` is `ssize_t` (line 755), so the original `c=
ount * sizeof(u32)` is a `size_t` multiplication that could theoretically w=
rap. `krealloc_array()` handles this safely. One observation: `count` can b=
e 0 here (there's an explicit `if (!count)` check at line 776 after the all=
ocation), and `krealloc_array` with count=3D0 will behave as `ZERO_SIZE_PTR=
` or free =E2=80=94 the existing code handles this path correctly since `!t=
mp` is checked and the `!count` case returns early anyway.

**xe_vm_madvise.c change:**

```c
-		__vmas =3D krealloc(madvise_range->vmas,
-				  max_vmas * sizeof(*madvise_range->vmas),
-				  GFP_KERNEL);
+		__vmas =3D krealloc_array(madvise_range->vmas,
+					max_vmas,
+					sizeof(*madvise_range->vmas),
+					GFP_KERNEL);
```

Correct transformation. `max_vmas` is `int` starting at 8 and doubling (`ma=
x_vmas <<=3D 1`). The overflow risk is theoretical (would need ~2^31 VMAs),=
 but using the safe API is the right pattern. The continuation-line alignme=
nt matches the opening parenthesis, which is the expected kernel style.

**Nit (non-blocking):** The Signed-off-by chain has `Junxiao.Chang` as a se=
cond signoff but there's no `Co-developed-by` tag, nor is there a `Reviewed=
-by` or `Suggested-by`. If Junxiao co-developed this, kernel convention req=
uires a `Co-developed-by` tag immediately before their `Signed-off-by`. If =
they only reviewed it, it should be `Reviewed-by` instead.

**Overall: Reviewed-by worthy.** Straightforward, correct, mechanical impro=
vement.

---
Generated by Claude Code Patch Reviewer