[PATCH] drm/xe: Fix uninitialized variable in xe_vm_bind_ioctl()

[Ghimiray, Himal Prasad]

On 12-03-2025 08:08, Matthew Brost wrote:
> The error handling assumes that vm_bind_ioctl_check_args() will
> initialize "bind_ops" but there are a couple early returns where that's
> not true.  Initialize "bind_ops" to NULL from the start.
> 
> Also if vm_bind_ioctl_check_args, fails set bind_ops to NULL after
> freeing.
> 
> Fixes: b43e864af0d4 ("drm/xe/uapi: Add DRM_XE_VM_BIND_FLAG_CPU_ADDR_MIRROR")
> Reported-by: Dan Carpenter <dan.carpenter at linaro.org>
> Signed-off-by: Dan Carpenter <dan.carpenter at linaro.org>
> Signed-off-by: Matthew Brost <matthew.brost at intel.com>

LGTM
Reviewed-by: Himal Prasad Ghimiray <himal.prasad.ghimiray at intel.com>

> ---
>   drivers/gpu/drm/xe/xe_vm.c | 6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/gpu/drm/xe/xe_vm.c b/drivers/gpu/drm/xe/xe_vm.c
> index 60303998bd61..2e6db5759d26 100644
> --- a/drivers/gpu/drm/xe/xe_vm.c
> +++ b/drivers/gpu/drm/xe/xe_vm.c
> @@ -3177,8 +3177,10 @@ static int vm_bind_ioctl_check_args(struct xe_device *xe, struct xe_vm *vm,
>   	return 0;
>   
>   free_bind_ops:
> -	if (args->num_binds > 1)
> +	if (args->num_binds > 1) {
>   		kvfree(*bind_ops);
> +		*bind_ops = NULL;
> +	}
>   	return err;
>   }
>   
> @@ -3284,7 +3286,7 @@ int xe_vm_bind_ioctl(struct drm_device *dev, void *data, struct drm_file *file)
>   	struct xe_exec_queue *q = NULL;
>   	u32 num_syncs, num_ufence = 0;
>   	struct xe_sync_entry *syncs = NULL;
> -	struct drm_xe_vm_bind_op *bind_ops;
> +	struct drm_xe_vm_bind_op *bind_ops = NULL;
>   	struct xe_vma_ops vops;
>   	struct dma_fence *fence;
>   	int err;