From: Rodrigo Vivi <rodrigo.vivi@intel.com>
To: Jonathan Cavitt <jonathan.cavitt@intel.com>
Cc: <intel-xe@lists.freedesktop.org>, <saurabhg.gupta@intel.com>,
<alex.zuo@intel.com>, <michal.wajdeczko@intel.com>,
<matthew.d.roper@intel.com>
Subject: Re: [PATCH v2 1/5] drm/xe: Guard against NULL GT in xe_sriov_vf.c
Date: Mon, 13 Oct 2025 17:13:20 -0400 [thread overview]
Message-ID: <aO1rcAl90ikT7nbu@intel.com> (raw)
In-Reply-To: <20250926200917.164618-8-jonathan.cavitt@intel.com>
On Fri, Sep 26, 2025 at 08:09:19PM +0000, Jonathan Cavitt wrote:
> Static analysis reveals the following issue:
> xe_device_get_gt is theoretically able to return NULL in some cases, but
> several use cases don't check the return value before performing a
> dereference, resulting in a NULL pointer dereference.
>
> Add guards against this in xe_sriov_vf.c:
> - Use xe_root_mmio_gt instead of xe_device_get_gt for the gt id 0 case.
> - Assert the return value of xe_device_get_gt when this is not possible.
>
> v2: Use xe_assert in vf_post_migration_recovery (Michal)
>
> Signed-off-by: Jonathan Cavitt <jonathan.cavitt@intel.com>
> Cc: Michal Wajdeczko <michal.wajdeczko@intel.com>
> ---
> drivers/gpu/drm/xe/xe_sriov_vf.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/xe/xe_sriov_vf.c b/drivers/gpu/drm/xe/xe_sriov_vf.c
> index cdd9f8e78b2a..2c9cef191826 100644
> --- a/drivers/gpu/drm/xe/xe_sriov_vf.c
> +++ b/drivers/gpu/drm/xe/xe_sriov_vf.c
> @@ -178,7 +178,7 @@ static void vf_migration_init_early(struct xe_device *xe)
> if (!IS_DGFX(xe)) {
> struct xe_uc_fw_version guc_version;
>
> - xe_gt_sriov_vf_guc_versions(xe_device_get_gt(xe, 0), NULL, &guc_version);
> + xe_gt_sriov_vf_guc_versions(xe_root_mmio_gt(xe), NULL, &guc_version);
> if (MAKE_GUC_VER_STRUCT(guc_version) < MAKE_GUC_VER(1, 23, 0))
> return vf_disable_migration(xe,
> "CCS migration requires GuC ABI >= 1.23 but only %u.%u found",
> @@ -361,6 +361,8 @@ static void vf_post_migration_recovery(struct xe_device *xe)
> while (id = vf_get_next_migrated_gt_id(xe), id >= 0) {
> struct xe_gt *gt = xe_device_get_gt(xe, id);
>
> + xe_assert(xe, gt);
I really have my doubts if the tool will understand this or you will end up
anyway having to mark that as false positive.
Let's just mark as false positive in the tool and move on.
> +
> err = gt_vf_post_migration_fixups(gt);
> if (err)
> goto fail;
> --
> 2.43.0
>
next prev parent reply other threads:[~2025-10-13 21:13 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-26 20:09 [PATCH v2 0/5] drm/xe: Guard against NULL return for xe_device_get_gt Jonathan Cavitt
2025-09-26 20:09 ` [PATCH v2 1/5] drm/xe: Guard against NULL GT in xe_sriov_vf.c Jonathan Cavitt
2025-10-13 21:13 ` Rodrigo Vivi [this message]
2025-09-26 20:09 ` [PATCH v2 2/5] drm/xe: Guard against NULL GT in xe_pmu.c Jonathan Cavitt
2025-10-13 21:19 ` Rodrigo Vivi
2025-09-26 20:09 ` [PATCH v2 3/5] drm/xe: Don't call xe_device_get_gt twice in xe_hw_engine_lookup Jonathan Cavitt
2025-09-29 10:25 ` Upadhyay, Tejas
2025-09-26 20:09 ` [PATCH v2 4/5] drm/xe: Guard against NULL GT in xe_guc.c Jonathan Cavitt
2025-10-13 21:14 ` Rodrigo Vivi
2025-09-26 20:09 ` [PATCH v2 5/5] drm/xe/tests: Use xe_root_mmio_gt instead of xe_device_get_gt Jonathan Cavitt
2025-09-26 20:16 ` ✓ CI.KUnit: success for drm/xe: Guard against NULL return for xe_device_get_gt Patchwork
2025-09-26 20:52 ` ✓ Xe.CI.BAT: " Patchwork
2025-09-27 3:59 ` ✗ Xe.CI.Full: failure " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aO1rcAl90ikT7nbu@intel.com \
--to=rodrigo.vivi@intel.com \
--cc=alex.zuo@intel.com \
--cc=intel-xe@lists.freedesktop.org \
--cc=jonathan.cavitt@intel.com \
--cc=matthew.d.roper@intel.com \
--cc=michal.wajdeczko@intel.com \
--cc=saurabhg.gupta@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox