[PATCH 1/2] drm/udl: fix a NULL pointer reference in udl_gem_free_object().
Daniel Vetter
daniel at ffwll.ch
Wed Aug 31 07:55:51 UTC 2016
On Tue, Aug 30, 2016 at 02:50:20PM -0700, Haixia Shi wrote:
> Previously this function had a NULL pointer check for gem->map_list.map, but
> that line was refactored after commit 0de23977cfeb5b357ec884ba15417ae118ff9e9bb
> ("drm/gem: convert to new unified vma manager").
>
> After the refactor it is still necessasry to check that the vma manager is not
> NULL because udl_gem_free_object() may come in after the vma manager is destroyed.
When/how does this happen? Backtrace? Destroying the vma manager before
the objects are all gone sounds a bit fishy.
-Daniel
>
> Signed-off-by: Haixia Shi <hshi at chromium.org>
> Reviewed-by: Stéphane Marchesin <marcheu at chromium.org>
> ---
> drivers/gpu/drm/udl/udl_gem.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/udl/udl_gem.c b/drivers/gpu/drm/udl/udl_gem.c
> index 818e707..72e1bd4 100644
> --- a/drivers/gpu/drm/udl/udl_gem.c
> +++ b/drivers/gpu/drm/udl/udl_gem.c
> @@ -204,7 +204,8 @@ void udl_gem_free_object(struct drm_gem_object *gem_obj)
> if (obj->pages)
> udl_gem_put_pages(obj);
>
> - drm_gem_free_mmap_offset(gem_obj);
> + if (gem_obj->dev->vma_offset_manager)
> + drm_gem_free_mmap_offset(gem_obj);
> }
>
> /* the dumb interface doesn't work with the GEM straight MMAP
> --
> 2.8.0.rc3.226.g39d4020
>
> _______________________________________________
> dri-devel mailing list
> dri-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/dri-devel
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
More information about the dri-devel
mailing list