All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] [media] media-entity: only call dev_dbg_obj if mdev is not NULL
@ 2017-04-06 19:32 Helen Koike
  2017-04-07  7:40 ` Sakari Ailus
  0 siblings, 1 reply; 4+ messages in thread
From: Helen Koike @ 2017-04-06 19:32 UTC (permalink / raw)
  To: linux-media; +Cc: mchehab, linux-kernel

Fix kernel Oops NULL pointer deference
Call dev_dbg_obj only after checking if gobj->mdev is not NULL

Signed-off-by: Helen Koike <helen.koike@collabora.com>
---
 drivers/media/media-entity.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/media/media-entity.c b/drivers/media/media-entity.c
index 5640ca2..bc44193 100644
--- a/drivers/media/media-entity.c
+++ b/drivers/media/media-entity.c
@@ -199,12 +199,12 @@ void media_gobj_create(struct media_device *mdev,
 
 void media_gobj_destroy(struct media_gobj *gobj)
 {
-	dev_dbg_obj(__func__, gobj);
-
 	/* Do nothing if the object is not linked. */
 	if (gobj->mdev == NULL)
 		return;
 
+	dev_dbg_obj(__func__, gobj);
+
 	gobj->mdev->topology_version++;
 
 	/* Remove the object from mdev list */
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] [media] media-entity: only call dev_dbg_obj if mdev is not NULL
  2017-04-06 19:32 [PATCH] [media] media-entity: only call dev_dbg_obj if mdev is not NULL Helen Koike
@ 2017-04-07  7:40 ` Sakari Ailus
  2017-04-07 14:36   ` Helen Koike
  0 siblings, 1 reply; 4+ messages in thread
From: Sakari Ailus @ 2017-04-07  7:40 UTC (permalink / raw)
  To: Helen Koike; +Cc: linux-media, mchehab, linux-kernel

Hi Helen,

On Thu, Apr 06, 2017 at 04:32:00PM -0300, Helen Koike wrote:
> Fix kernel Oops NULL pointer deference
> Call dev_dbg_obj only after checking if gobj->mdev is not NULL
> 
> Signed-off-by: Helen Koike <helen.koike@collabora.com>
> ---
>  drivers/media/media-entity.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/media/media-entity.c b/drivers/media/media-entity.c
> index 5640ca2..bc44193 100644
> --- a/drivers/media/media-entity.c
> +++ b/drivers/media/media-entity.c
> @@ -199,12 +199,12 @@ void media_gobj_create(struct media_device *mdev,
>  
>  void media_gobj_destroy(struct media_gobj *gobj)
>  {
> -	dev_dbg_obj(__func__, gobj);
> -
>  	/* Do nothing if the object is not linked. */
>  	if (gobj->mdev == NULL)
>  		return;
>  
> +	dev_dbg_obj(__func__, gobj);
> +
>  	gobj->mdev->topology_version++;
>  
>  	/* Remove the object from mdev list */

Where is media_gobj_destroy() called with an object with NULL mdev?

I do not object to the change, but would like to know because I don't think
it's supposed to happen.

There are issues though, until the patches fixing object referencing are
finished and merged. Unfortunately I haven't been able to work on those
recently, will pick them up again soon...

-- 
Kind regards,

Sakari Ailus
e-mail: sakari.ailus@iki.fi	XMPP: sailus@retiisi.org.uk

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] [media] media-entity: only call dev_dbg_obj if mdev is not NULL
  2017-04-07  7:40 ` Sakari Ailus
@ 2017-04-07 14:36   ` Helen Koike
  0 siblings, 0 replies; 4+ messages in thread
From: Helen Koike @ 2017-04-07 14:36 UTC (permalink / raw)
  To: Sakari Ailus; +Cc: linux-media, mchehab, linux-kernel

Hi Sakari,

On 2017-04-07 04:40 AM, Sakari Ailus wrote:
> Hi Helen,
>
> On Thu, Apr 06, 2017 at 04:32:00PM -0300, Helen Koike wrote:
>> Fix kernel Oops NULL pointer deference
>> Call dev_dbg_obj only after checking if gobj->mdev is not NULL
>>
>> Signed-off-by: Helen Koike <helen.koike@collabora.com>
>> ---
>>  drivers/media/media-entity.c | 4 ++--
>>  1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/media/media-entity.c b/drivers/media/media-entity.c
>> index 5640ca2..bc44193 100644
>> --- a/drivers/media/media-entity.c
>> +++ b/drivers/media/media-entity.c
>> @@ -199,12 +199,12 @@ void media_gobj_create(struct media_device *mdev,
>>
>>  void media_gobj_destroy(struct media_gobj *gobj)
>>  {
>> -	dev_dbg_obj(__func__, gobj);
>> -
>>  	/* Do nothing if the object is not linked. */
>>  	if (gobj->mdev == NULL)
>>  		return;
>>
>> +	dev_dbg_obj(__func__, gobj);
>> +
>>  	gobj->mdev->topology_version++;
>>
>>  	/* Remove the object from mdev list */
>
> Where is media_gobj_destroy() called with an object with NULL mdev?
>
> I do not object to the change, but would like to know because I don't think
> it's supposed to happen.


This happens when media_device_unregister(mdev) is called before 
unregistering the subdevices v4l2_device_unregister_subdev(sd) (which 
should be possible).

v4l2_device_unregister_subdev(sd) ends up calling v4l2_device_release() 
that calls media_device_unregister_entity() again (previously called by 
media_device_unregister(mdev)

Helen

>
> There are issues though, until the patches fixing object referencing are
> finished and merged. Unfortunately I haven't been able to work on those
> recently, will pick them up again soon...
>

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH] [media] media-entity: only call dev_dbg_obj if mdev is not NULL
@ 2017-04-06 19:25 Helen Koike
  0 siblings, 0 replies; 4+ messages in thread
From: Helen Koike @ 2017-04-06 19:25 UTC (permalink / raw)
  To: linux-media

Fix kernel Oops NULL pointer deference
Call dev_dbg_obj only after checking if gobj->mdev is not NULL

Signed-off-by: Helen Koike <helen.koike@collabora.com>
---
 drivers/media/media-entity.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/media/media-entity.c b/drivers/media/media-entity.c
index 5640ca2..bc44193 100644
--- a/drivers/media/media-entity.c
+++ b/drivers/media/media-entity.c
@@ -199,12 +199,12 @@ void media_gobj_create(struct media_device *mdev,
 
 void media_gobj_destroy(struct media_gobj *gobj)
 {
-	dev_dbg_obj(__func__, gobj);
-
 	/* Do nothing if the object is not linked. */
 	if (gobj->mdev == NULL)
 		return;
 
+	dev_dbg_obj(__func__, gobj);
+
 	gobj->mdev->topology_version++;
 
 	/* Remove the object from mdev list */
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-04-07 14:36 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-06 19:32 [PATCH] [media] media-entity: only call dev_dbg_obj if mdev is not NULL Helen Koike
2017-04-07  7:40 ` Sakari Ailus
2017-04-07 14:36   ` Helen Koike
  -- strict thread matches above, loose matches on Subject: below --
2017-04-06 19:25 Helen Koike

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.