Re: [PATCH v4 1/4] drm/amdgpu/userq: initialize gobj_read/write in amdgpu_userq_signal_ioctl

[Khatri, Sunil]

On 24-02-2026 02:16 pm, Christian König wrote:
On 2/24/26 09:41, Khatri, Sunil wrote:
On 24-02-2026 02:09 pm, Christian König wrote:
On 2/24/26 09:24, Sunil Khatri wrote:
In case num_read_bo_handles or num_write_bo_handles is zero the ptrs
remain uninitialized and during free cause a fault. So to handle such
cases we better set the gobj_read and gobj_write to NULL.
Mhm, that doesn't sounds correct to me.
When count is zero drm_gem_objects_lookup() sets the resulting pointer to NULL:

int drm_gem_objects_lookup(struct drm_file *filp, void __user *bo_handles,
                             int count, struct drm_gem_object ***objs_out)
{
          struct drm_gem_object **objs;
          u32 *handles;
          int ret;

          *objs_out = NULL;

          if (!count)
                  return 0;


But could be that this was only added by Srinis patch and previously we didn't 
do that correctly.
For now i see the crash due to random ptr access. ASDN does not have the above 
code and we need to fix it for now.
Please ping Alex if cherry picking this one patch back into ASDN is ok.
Alex, can we cherry-pick one the change from drm-next for 
drm_gem_objects_lookup, but anyways even if we have an explicit setting 
to NULL it should be okish ? Atleast for now we can pull in to avoid any 
crashes right now and later revert the change of setting to NULL once we 
have drm_gem_objects_lookup fix added in ASDN.. Regards Sunil Khatri

Regards,
Christian.

Regards
Sunil Khatri

Regards,
Christian.

Fixes: 3cf117572294 ("drm/amdgpu/userq: Use drm_gem_objects_lookup in 
amdgpu_userq_signal_ioctl")
Signed-off-by: Sunil Khatri<sunil.kha...@amd.com>
---
   drivers/gpu/drm/amd/amdgpu/amdgpu_userq_fence.c | 2 +-
   1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_userq_fence.c 
b/drivers/gpu/drm/amd/amdgpu/amdgpu_userq_fence.c
index 18e77b61b201..e53e14e3bf2d 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_userq_fence.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_userq_fence.c
@@ -465,7 +465,7 @@ int amdgpu_userq_signal_ioctl(struct drm_device *dev, void 
*data,
       const unsigned int num_read_bo_handles = args->num_bo_read_handles;
       struct amdgpu_fpriv *fpriv = filp->driver_priv;
       struct amdgpu_userq_mgr *userq_mgr = &fpriv->userq_mgr;
-    struct drm_gem_object **gobj_write, **gobj_read;
+    struct drm_gem_object **gobj_write = NULL, **gobj_read = NULL;
       u32 *syncobj_handles, num_syncobj_handles;
       struct amdgpu_userq_fence *userq_fence;
       struct amdgpu_usermode_queue *queue;