[PATCH 1/5] drm/udl: Clear BO vmapping pointer after unmapping BO memory

Thu Oct 24 14:42:33 UTC 2019

Unmapping the BO memory with udl_gem_vunmap() creates a dangling pointer
in struct udl_gem_object.vmapping. This can crash udl_handle_damage(),
which check the pointer's value for NULL. Clear the pointer to NULL and
let udl_handle_damage() re-establish the mapping if necessary.

Signed-off-by: Thomas Zimmermann <tzimmermann at suse.de>
---
 drivers/gpu/drm/udl/udl_gem.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/gpu/drm/udl/udl_gem.c b/drivers/gpu/drm/udl/udl_gem.c
index b23a5c2fcd80..3ea0cd9ae2d6 100644
--- a/drivers/gpu/drm/udl/udl_gem.c
+++ b/drivers/gpu/drm/udl/udl_gem.c
@@ -174,6 +174,7 @@ void udl_gem_vunmap(struct udl_gem_object *obj)
 	}
 
 	vunmap(obj->vmapping);
+	obj->vmapping = NULL;
 
 	udl_gem_put_pages(obj);
 }
-- 
2.23.0

