From a12395c464d24bd867312ebb8f97ec68d91afeec Mon Sep 17 00:00:00 2001
From: Rajnesh Kanwal <rajnesh.kanwal@imgtec.com>
Date: Sun, 25 Sep 2022 20:25:18 +0100
Subject: [PATCH] pvr: Call VALGRIND_FREELIKE_BLOCK before unmapping to avoid
 use after free.

Fixes: CID 1503261.

Signed-off-by: Rajnesh Kanwal <rajnesh.kanwal@imgtec.com>
Reviewed-by: Frank Binns <frank.binns@imgtec.com>
Reviewed-by: Karmjit Mahil <Karmjit.Mahil@imgtec.com>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/18866>
---
 src/imagination/vulkan/winsys/pvrsrvkm/pvr_srv_bo.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/imagination/vulkan/winsys/pvrsrvkm/pvr_srv_bo.c b/src/imagination/vulkan/winsys/pvrsrvkm/pvr_srv_bo.c
index 0368182..c0540ea 100644
--- a/src/imagination/vulkan/winsys/pvrsrvkm/pvr_srv_bo.c
+++ b/src/imagination/vulkan/winsys/pvrsrvkm/pvr_srv_bo.c
@@ -346,12 +346,12 @@ void pvr_srv_winsys_buffer_unmap(struct pvr_winsys_bo *bo)
    /* output error if trying to unmap memory that is not previously mapped */
    assert(bo->map);
 
+   VG(VALGRIND_FREELIKE_BLOCK(bo->map, 0));
+
    /* Unmap the whole PMR from CPU space */
    if (munmap(bo->map, bo->size))
       vk_error(NULL, VK_ERROR_UNKNOWN);
 
-   VG(VALGRIND_FREELIKE_BLOCK(bo->map, 0));
-
    bo->map = NULL;
 
    buffer_release(srv_bo);
-- 
2.7.4