dma_trace: Add missing initialization check

andyross · lgirdwood · commit 572a08ea2cfd · 2022-12-07T17:25:39.000Z
It's possible to reach dma_trace_on() from IPC handlers based on host
state before DMA trace has been initialized (found this via fuzzing,
so the precise circumstances are a little opaque).  When that happens,
the schedule_task() call ends up putting a delayed work queue item
into the Zephyr queue which has a NULL callback.  This eventually
blows up later when the timeout expires.

Check for initialization state before doing anything.

Signed-off-by: Andy Ross &lt;andyross@google.com&gt;
diff --git a/src/trace/dma-trace.c b/src/trace/dma-trace.c
@@ -582,6 +582,9 @@ void dma_trace_flush(void *t)
 
 void dma_trace_on(void)
 {
+	if (!dma_trace_initialized(sof_get()->dmat))
+		return;
+
 	struct dma_trace_data *trace_data = dma_trace_data_get();
 
 	if (trace_data->enabled) {

Original file line number	Diff line number	Diff line change
`@@ -582,6 +582,9 @@ void dma_trace_flush(void *t)`
`582`	`582`
`583`	`583`	`void dma_trace_on(void)`
`584`	`584`	`{`
	`585`	`+ if (!dma_trace_initialized(sof_get()->dmat))`
	`586`	`+ return;`
	`587`	`+`
`585`	`588`	`struct dma_trace_data *trace_data = dma_trace_data_get();`
`586`	`589`
`587`	`590`	`if (trace_data->enabled) {`