On Fri, Apr 20, 2018 at 01:50:01PM +0200, Emil Lundmark wrote:
This fixes a NULL pointer dereference that can happen if the UDL driver is unloaded before the framebuffer is initialized. This can happen e.g. if the USB device is unplugged right after it was plugged in.
JFYI, in future, if someone makes a suggestion on how to fix a bug, it's good practice to add a Suggested-by tag to give credit.
Reviewed-by: Sean Paul seanpaul@chromium.org
Signed-off-by: Emil Lundmark lndmrk@chromium.org
drivers/gpu/drm/udl/udl_fb.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/gpu/drm/udl/udl_fb.c b/drivers/gpu/drm/udl/udl_fb.c index 2ebdc6d5a76e..5754e37f741b 100644 --- a/drivers/gpu/drm/udl/udl_fb.c +++ b/drivers/gpu/drm/udl/udl_fb.c @@ -426,9 +426,11 @@ static void udl_fbdev_destroy(struct drm_device *dev, { drm_fb_helper_unregister_fbi(&ufbdev->helper); drm_fb_helper_fini(&ufbdev->helper);
- drm_framebuffer_unregister_private(&ufbdev->ufb.base);
- drm_framebuffer_cleanup(&ufbdev->ufb.base);
- drm_gem_object_put_unlocked(&ufbdev->ufb.obj->base);
- if (ufbdev->ufb.obj) {
drm_framebuffer_unregister_private(&ufbdev->ufb.base);drm_framebuffer_cleanup(&ufbdev->ufb.base);drm_gem_object_put_unlocked(&ufbdev->ufb.obj->base);- }
}
int udl_fbdev_init(struct drm_device *dev)
2.17.0.484.g0c8726318c-goog