[PATCH] drm/xe: Do not dereference NULL job->fence in trace points
Matthew Brost
matthew.brost at intel.com
Thu Jun 6 02:55:23 UTC 2024
On Wed, Jun 05, 2024 at 06:13:42PM -0500, Lucas De Marchi wrote:
> On Tue, Jun 04, 2024 at 10:50:41PM GMT, Matthew Brost wrote:
> > job->fence is not assigned until xe_sched_job_arm(), check for
> > job->fence in xe_sched_job_seqno() so any usage of this function (trace
> > points) do not result in NULL ptr dereference. Also check job->fence
> > before assigning error in job trace points.
> >
> > Fixes: 0ac7a2c745e8 drm/xe: ("Don't initialize fences at xe_sched_job_create()")
> > Cc: Thomas Hellström <thomas.hellstrom at linux.intel.com>
> > Signed-off-by: Matthew Brost <matthew.brost at intel.com>
> > ---
> > drivers/gpu/drm/xe/xe_sched_job.h | 2 +-
> > drivers/gpu/drm/xe/xe_trace.h | 2 +-
> > 2 files changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/gpu/drm/xe/xe_sched_job.h b/drivers/gpu/drm/xe/xe_sched_job.h
> > index 002c3b5c0a5c..f362e28455db 100644
> > --- a/drivers/gpu/drm/xe/xe_sched_job.h
> > +++ b/drivers/gpu/drm/xe/xe_sched_job.h
> > @@ -70,7 +70,7 @@ to_xe_sched_job(struct drm_sched_job *drm)
> >
> > static inline u32 xe_sched_job_seqno(struct xe_sched_job *job)
> > {
> > - return job->fence->seqno;
> > + return job->fence ? job->fence->seqno : 0;
> > }
> >
> > static inline u32 xe_sched_job_lrc_seqno(struct xe_sched_job *job)
> > diff --git a/drivers/gpu/drm/xe/xe_trace.h b/drivers/gpu/drm/xe/xe_trace.h
> > index 450f407c66e8..e4cba64474e6 100644
> > --- a/drivers/gpu/drm/xe/xe_trace.h
> > +++ b/drivers/gpu/drm/xe/xe_trace.h
> > @@ -270,7 +270,7 @@ DECLARE_EVENT_CLASS(xe_sched_job,
> > __entry->guc_state =
> > atomic_read(&job->q->guc->state);
> > __entry->flags = job->q->flags;
> > - __entry->error = job->fence->error;
> > + __entry->error = job->fence ? job->fence->error : 0;
>
> we already include xe_sched_job.h in this file and even call
> xe_sched_job_lrc_seqno() a few lines above this. Why can't we call the
> function you just fixed? With that changed,
We do call that function above, it just is not in the diff.
We don't have a helper to go from job -> job->fence->error hence the
open coding here. I could add a helper if you like.
Matt
>
> Reviewed-by: Lucas De Marchi <lucas.demarchi at intel.com>
>
>
> Lucas De Marchi
>
> > __entry->fence = job->fence;
> > __entry->batch_addr = (u64)job->ptrs[0].batch_addr;
> > ),
> > --
> > 2.34.1
> >
More information about the Intel-xe
mailing list