| Message ID | 33b9da8f01b1d94844ac677efd31a66c40c39ecb.1452105878.git.shuahkh@osg.samsung.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Em Wed, 6 Jan 2016 13:27:13 -0700 Shuah Khan <shuahkh@osg.samsung.com> escreveu: > Add a new wrapper function to au0828_create_media_graph() > to be called as an entity_notify function to fix null > pointer dereference. A rebasing mistake resulted in > registering au0828_create_media_graph() without the > correct parameters which lead to the following > null pointer dereference: > > [ 69.006164] Call Trace: > [ 69.006169] [<ffffffff81a9a1b0>] dump_stack+0x44/0x64 > [ 69.006175] [<ffffffff81503af9>] print_trailer+0xf9/0x150 > [ 69.006180] [<ffffffff81509284>] object_err+0x34/0x40 > [ 69.006185] [<ffffffff815063c4>] ? ___slab_alloc+0x4c4/0x4e0 > [ 69.006190] [<ffffffff8150b732>] kasan_report_error+0x212/0x520 > [ 69.006196] [<ffffffff815063c4>] ? ___slab_alloc+0x4c4/0x4e0 > [ 69.006201] [<ffffffff8150ba83>] __asan_report_load1_noabort+0x43/0x50 > [ 69.006208] [<ffffffffa0d30991>] ? au0828_create_media_graph+0x641/0x730 [au0828] > [ 69.006215] [<ffffffffa0d30991>] au0828_create_media_graph+0x641/0x730 [au0828] > [ 69.006221] [<ffffffff82245c3d>] media_device_register_entity+0x33d/0x4f0 > [ 69.006234] [<ffffffffa0ebeb1c>] media_stream_init+0x2ac/0x610 [snd_usb_audio] > [ 69.006247] [<ffffffffa0ea9a70>] snd_usb_pcm_open+0xcd0/0x1280 [snd_usb_audio] Please merge the fix with the patch that caused the regression. > > Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com> > --- > drivers/media/usb/au0828/au0828-core.c | 16 +++++++++++++++- > 1 file changed, 15 insertions(+), 1 deletion(-) > > diff --git a/drivers/media/usb/au0828/au0828-core.c b/drivers/media/usb/au0828/au0828-core.c > index f8d2db3..9497ad1 100644 > --- a/drivers/media/usb/au0828/au0828-core.c > +++ b/drivers/media/usb/au0828/au0828-core.c > @@ -370,6 +370,20 @@ static int au0828_create_media_graph(struct au0828_dev *dev) > return 0; > } > > +void au0828_create_media_graph_notify(struct media_entity *new, > + void *notify_data) > +{ > +#ifdef CONFIG_MEDIA_CONTROLLER > + struct au0828_dev *dev = (struct au0828_dev *) notify_data; > + int ret; > + > + ret = au0828_create_media_graph(dev); > + if (ret) > + pr_err("%s() media graph create failed for new entity %s\n", > + __func__, new->name); > +#endif > +} > + > static int au0828_enable_source(struct media_entity *entity, > struct media_pipeline *pipe) > { > @@ -535,7 +549,7 @@ static int au0828_media_device_register(struct au0828_dev *dev, > } > /* register entity_notify callback */ > dev->entity_notify.notify_data = (void *) dev; > - dev->entity_notify.notify = (void *) au0828_create_media_graph; > + dev->entity_notify.notify = au0828_create_media_graph_notify; > ret = media_device_register_entity_notify(dev->media_dev, > &dev->entity_notify); > if (ret) { -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 01/28/2016 09:44 AM, Mauro Carvalho Chehab wrote: > Em Wed, 6 Jan 2016 13:27:13 -0700 > Shuah Khan <shuahkh@osg.samsung.com> escreveu: > >> Add a new wrapper function to au0828_create_media_graph() >> to be called as an entity_notify function to fix null >> pointer dereference. A rebasing mistake resulted in >> registering au0828_create_media_graph() without the >> correct parameters which lead to the following >> null pointer dereference: >> >> [ 69.006164] Call Trace: >> [ 69.006169] [<ffffffff81a9a1b0>] dump_stack+0x44/0x64 >> [ 69.006175] [<ffffffff81503af9>] print_trailer+0xf9/0x150 >> [ 69.006180] [<ffffffff81509284>] object_err+0x34/0x40 >> [ 69.006185] [<ffffffff815063c4>] ? ___slab_alloc+0x4c4/0x4e0 >> [ 69.006190] [<ffffffff8150b732>] kasan_report_error+0x212/0x520 >> [ 69.006196] [<ffffffff815063c4>] ? ___slab_alloc+0x4c4/0x4e0 >> [ 69.006201] [<ffffffff8150ba83>] __asan_report_load1_noabort+0x43/0x50 >> [ 69.006208] [<ffffffffa0d30991>] ? au0828_create_media_graph+0x641/0x730 [au0828] >> [ 69.006215] [<ffffffffa0d30991>] au0828_create_media_graph+0x641/0x730 [au0828] >> [ 69.006221] [<ffffffff82245c3d>] media_device_register_entity+0x33d/0x4f0 >> [ 69.006234] [<ffffffffa0ebeb1c>] media_stream_init+0x2ac/0x610 [snd_usb_audio] >> [ 69.006247] [<ffffffffa0ea9a70>] snd_usb_pcm_open+0xcd0/0x1280 [snd_usb_audio] > > Please merge the fix with the patch that caused the regression. ok will merge it. thanks, -- Shuah > >> >> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com> >> --- >> drivers/media/usb/au0828/au0828-core.c | 16 +++++++++++++++- >> 1 file changed, 15 insertions(+), 1 deletion(-) >> >> diff --git a/drivers/media/usb/au0828/au0828-core.c b/drivers/media/usb/au0828/au0828-core.c >> index f8d2db3..9497ad1 100644 >> --- a/drivers/media/usb/au0828/au0828-core.c >> +++ b/drivers/media/usb/au0828/au0828-core.c >> @@ -370,6 +370,20 @@ static int au0828_create_media_graph(struct au0828_dev *dev) >> return 0; >> } >> >> +void au0828_create_media_graph_notify(struct media_entity *new, >> + void *notify_data) >> +{ >> +#ifdef CONFIG_MEDIA_CONTROLLER >> + struct au0828_dev *dev = (struct au0828_dev *) notify_data; >> + int ret; >> + >> + ret = au0828_create_media_graph(dev); >> + if (ret) >> + pr_err("%s() media graph create failed for new entity %s\n", >> + __func__, new->name); >> +#endif >> +} >> + >> static int au0828_enable_source(struct media_entity *entity, >> struct media_pipeline *pipe) >> { >> @@ -535,7 +549,7 @@ static int au0828_media_device_register(struct au0828_dev *dev, >> } >> /* register entity_notify callback */ >> dev->entity_notify.notify_data = (void *) dev; >> - dev->entity_notify.notify = (void *) au0828_create_media_graph; >> + dev->entity_notify.notify = au0828_create_media_graph_notify; >> ret = media_device_register_entity_notify(dev->media_dev, >> &dev->entity_notify); >> if (ret) {
diff --git a/drivers/media/usb/au0828/au0828-core.c b/drivers/media/usb/au0828/au0828-core.c index f8d2db3..9497ad1 100644 --- a/drivers/media/usb/au0828/au0828-core.c +++ b/drivers/media/usb/au0828/au0828-core.c @@ -370,6 +370,20 @@ static int au0828_create_media_graph(struct au0828_dev *dev) return 0; } +void au0828_create_media_graph_notify(struct media_entity *new, + void *notify_data) +{ +#ifdef CONFIG_MEDIA_CONTROLLER + struct au0828_dev *dev = (struct au0828_dev *) notify_data; + int ret; + + ret = au0828_create_media_graph(dev); + if (ret) + pr_err("%s() media graph create failed for new entity %s\n", + __func__, new->name); +#endif +} + static int au0828_enable_source(struct media_entity *entity, struct media_pipeline *pipe) { @@ -535,7 +549,7 @@ static int au0828_media_device_register(struct au0828_dev *dev, } /* register entity_notify callback */ dev->entity_notify.notify_data = (void *) dev; - dev->entity_notify.notify = (void *) au0828_create_media_graph; + dev->entity_notify.notify = au0828_create_media_graph_notify; ret = media_device_register_entity_notify(dev->media_dev, &dev->entity_notify); if (ret) {
Add a new wrapper function to au0828_create_media_graph() to be called as an entity_notify function to fix null pointer dereference. A rebasing mistake resulted in registering au0828_create_media_graph() without the correct parameters which lead to the following null pointer dereference: [ 69.006164] Call Trace: [ 69.006169] [<ffffffff81a9a1b0>] dump_stack+0x44/0x64 [ 69.006175] [<ffffffff81503af9>] print_trailer+0xf9/0x150 [ 69.006180] [<ffffffff81509284>] object_err+0x34/0x40 [ 69.006185] [<ffffffff815063c4>] ? ___slab_alloc+0x4c4/0x4e0 [ 69.006190] [<ffffffff8150b732>] kasan_report_error+0x212/0x520 [ 69.006196] [<ffffffff815063c4>] ? ___slab_alloc+0x4c4/0x4e0 [ 69.006201] [<ffffffff8150ba83>] __asan_report_load1_noabort+0x43/0x50 [ 69.006208] [<ffffffffa0d30991>] ? au0828_create_media_graph+0x641/0x730 [au0828] [ 69.006215] [<ffffffffa0d30991>] au0828_create_media_graph+0x641/0x730 [au0828] [ 69.006221] [<ffffffff82245c3d>] media_device_register_entity+0x33d/0x4f0 [ 69.006234] [<ffffffffa0ebeb1c>] media_stream_init+0x2ac/0x610 [snd_usb_audio] [ 69.006247] [<ffffffffa0ea9a70>] snd_usb_pcm_open+0xcd0/0x1280 [snd_usb_audio] Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com> --- drivers/media/usb/au0828/au0828-core.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-)