[PATCH] drm/xe: Fix uninitialized variable in xe_vm_bind_ioctl()

[Matthew Brost]

The error handling assumes that vm_bind_ioctl_check_args() will
initialize "bind_ops" but there are a couple early returns where that's
not true.  Initialize "bind_ops" to NULL from the start.

Also if vm_bind_ioctl_check_args, fails set bind_ops to NULL after
freeing.

Fixes: b43e864af0d4 ("drm/xe/uapi: Add DRM_XE_VM_BIND_FLAG_CPU_ADDR_MIRROR")
Reported-by: Dan Carpenter <dan.carpenter at linaro.org>
Signed-off-by: Dan Carpenter <dan.carpenter at linaro.org>
Signed-off-by: Matthew Brost <matthew.brost at intel.com>
---
 drivers/gpu/drm/xe/xe_vm.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/xe/xe_vm.c b/drivers/gpu/drm/xe/xe_vm.c
index 60303998bd61..2e6db5759d26 100644
--- a/drivers/gpu/drm/xe/xe_vm.c
+++ b/drivers/gpu/drm/xe/xe_vm.c
@@ -3177,8 +3177,10 @@ static int vm_bind_ioctl_check_args(struct xe_device *xe, struct xe_vm *vm,
 	return 0;
 
 free_bind_ops:
-	if (args->num_binds > 1)
+	if (args->num_binds > 1) {
 		kvfree(*bind_ops);
+		*bind_ops = NULL;
+	}
 	return err;
 }
 
@@ -3284,7 +3286,7 @@ int xe_vm_bind_ioctl(struct drm_device *dev, void *data, struct drm_file *file)
 	struct xe_exec_queue *q = NULL;
 	u32 num_syncs, num_ufence = 0;
 	struct xe_sync_entry *syncs = NULL;
-	struct drm_xe_vm_bind_op *bind_ops;
+	struct drm_xe_vm_bind_op *bind_ops = NULL;
 	struct xe_vma_ops vops;
 	struct dma_fence *fence;
 	int err;
-- 
2.34.1