Re: [PATCH next] drm/xe: Fix uninitialized variable in xe_vm_bind_ioctl()
From: Rodrigo Vivi
Date: Mon Mar 10 2025 - 12:57:23 EST
On Mon, Mar 10, 2025 at 01:48:00PM +0300, Dan Carpenter wrote:
> The error handling assumes that vm_bind_ioctl_check_args() will
> initialize "bind_ops" but there are a couple early returns where that's
> not true. Initialize "bind_ops" to NULL from the start.
It is not a couple, but only the one goto put_vm where this bind_ops
gets actually initialized, or not...
but perhaps the order in the exit is wrong and we should move the
kvfree(bind_ops) upper to the end of put_exec_queue?
Matt, thoughts on the order here?
Cc: Matthew Brost <matthew.brost@xxxxxxxxx>
>
> Fixes: b43e864af0d4 ("drm/xe/uapi: Add DRM_XE_VM_BIND_FLAG_CPU_ADDR_MIRROR")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> ---
> drivers/gpu/drm/xe/xe_vm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/xe/xe_vm.c b/drivers/gpu/drm/xe/xe_vm.c
> index 22a26aff3a6e..d85759b958d0 100644
> --- a/drivers/gpu/drm/xe/xe_vm.c
> +++ b/drivers/gpu/drm/xe/xe_vm.c
> @@ -3287,7 +3287,7 @@ int xe_vm_bind_ioctl(struct drm_device *dev, void *data, struct drm_file *file)
> struct xe_exec_queue *q = NULL;
> u32 num_syncs, num_ufence = 0;
> struct xe_sync_entry *syncs = NULL;
> - struct drm_xe_vm_bind_op *bind_ops;
> + struct drm_xe_vm_bind_op *bind_ops = NULL;
> struct xe_vma_ops vops;
> struct dma_fence *fence;
> int err;
> --
> 2.47.2
>