Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-29 14:21:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
3467c9a7e7
linux/drivers/media/platform
History
Marek Szyprowski 3467c9a7e7 [media] s5p-mfc: fix failure path of s5p_mfc_alloc_memdev() 
s5p_mfc_alloc_memdev() function lacks proper releasing
of allocated device in case of reserved memory initialization
failure. This results in NULL pointer dereference:

[    2.828457] Unable to handle kernel NULL pointer dereference at virtual address 00000001
[    2.835089] pgd = c0004000
[    2.837752] [00000001] *pgd=00000000
[    2.844696] Internal error: Oops: 5 [#1] PREEMPT SMP ARM
[    2.848680] Modules linked in:
[    2.851722] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 4.8.0-rc6-00002-gafa1b97 #878
[    2.859357] Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
[    2.865433] task: ef080000 task.stack: ef06c000
[    2.869952] PC is at strcmp+0x0/0x30
[    2.873508] LR is at platform_match+0x84/0xac
[    2.877847] pc : [<c032621c>]    lr : [<c03f65e8>]    psr: 20000013
[    2.877847] sp : ef06dea0  ip : 00000000  fp : 00000000
[    2.889303] r10: 00000000  r9 : c0b34848  r8 : c0b1e968
[    2.894511] r7 : 00000000  r6 : 00000001  r5 : c086e7fc  r4 : eeb8e010
[    2.901021] r3 : 0000006d  r2 : 00000000  r1 : c086e7fc  r0 : 00000001
[    2.907533] Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
[    2.914649] Control: 10c5387d  Table: 4000404a  DAC: 00000051
[    2.920378] Process swapper/0 (pid: 1, stack limit = 0xef06c210)
[    2.926367] Stack: (0xef06dea0 to 0xef06e000)
[    2.930711] dea0: eeb8e010 c0c2d91c c03f4a6c c03f4a8c 00000000 c0c2d91c c03f4a6c c03f2fc8
[    2.938870] dec0: ef003274 ef10c4c0 c0c2d91c ef10cc80 c0c21270 c03f3fa4 c09c1be8 c0c2d91c
[    2.947028] dee0: 00000006 c0c2d91c 00000006 c0b3483c c0c47000 c03f5314 c0c2d908 c0b5fed8
[    2.955188] df00: 00000006 c010178c 60000013 c0a4ef14 00000000 c06feaa0 ef080000 60000013
[    2.963347] df20: 00000000 c0c095c8 efffca76 c0816b8c 000000d5 c0134098 c0b34848 c09d6cdc
[    2.971506] df40: c0a4de70 00000000 00000006 00000006 c0c09568 efffca40 c0b5fed8 00000006
[    2.979665] df60: c0b3483c c0c47000 000000d5 c0b34848 c0b005a4 c0b00d84 00000006 00000006
[    2.987824] df80: 00000000 c0b005a4 00000000 c06fb4d8 00000000 00000000 00000000 00000000
[    2.995983] dfa0: 00000000 c06fb4e0 00000000 c01079b8 00000000 00000000 00000000 00000000
[    3.004142] dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[    3.012302] dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 ffffffff ffffffff
[    3.020469] [<c032621c>] (strcmp) from [<c03f65e8>] (platform_match+0x84/0xac)
[    3.027672] [<c03f65e8>] (platform_match) from [<c03f4a8c>] (__driver_attach+0x20/0xb0)
[    3.035654] [<c03f4a8c>] (__driver_attach) from [<c03f2fc8>] (bus_for_each_dev+0x54/0x88)
[    3.043812] [<c03f2fc8>] (bus_for_each_dev) from [<c03f3fa4>] (bus_add_driver+0xe8/0x1f4)
[    3.051971] [<c03f3fa4>] (bus_add_driver) from [<c03f5314>] (driver_register+0x78/0xf4)
[    3.059958] [<c03f5314>] (driver_register) from [<c010178c>] (do_one_initcall+0x3c/0x16c)
[    3.068123] [<c010178c>] (do_one_initcall) from [<c0b00d84>] (kernel_init_freeable+0x120/0x1ec)
[    3.076802] [<c0b00d84>] (kernel_init_freeable) from [<c06fb4e0>] (kernel_init+0x8/0x118)
[    3.084958] [<c06fb4e0>] (kernel_init) from [<c01079b8>] (ret_from_fork+0x14/0x3c)
[    3.092506] Code: 1afffffb e12fff1e e1a03000 eafffff7 (e4d03001)
[    3.098618] ---[ end trace 511bf9d750810709 ]---
[    3.103207] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b

This patch fixes this issue.

Fixes: c79667dd93 ("media: s5p-mfc: replace custom
	reserved memory handling code with generic one")

CC: stable@vger.kernel.org  # v4.7+
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
2016-10-21 10:21:54 -02:00
..
am437x [media] vb2: replace void *alloc_ctxs by struct device *alloc_devs 2016-07-08 14:45:07 -03:00
atmel [media] atmel-isc: mark PM functions as __maybe_unused 2016-09-19 16:25:33 -03:00
blackfin [media] vb2: replace void *alloc_ctxs by struct device *alloc_devs 2016-07-08 14:45:07 -03:00
coda [media] media: coda: Fix probe() if reset controller is missing 2016-07-08 16:34:59 -03:00
davinci [media] davinci: don't break long lines 2016-10-21 09:29:45 -02:00
exynos4-is [media] exynos4-is: don't break long lines 2016-10-21 09:30:15 -02:00
exynos-gsc [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00
marvell-ccic [media] marvell-ccic: don't break long lines 2016-10-21 09:30:46 -02:00
mtk-vcodec Linux 4.8 2016-10-05 16:43:53 -03:00
mtk-vpu [media] VPU: mediatek: remove redundant dev_err call in mtk_vpu_probe() 2016-07-13 08:00:23 -03:00
omap [media] omap: don't break long lines 2016-10-21 09:31:11 -02:00
omap3isp [media] omap3isp: don't break long lines 2016-10-21 09:34:16 -02:00
rcar-vin [media] rcar-vin: add R-Car gen2 fallback compatibility string 2016-09-22 12:52:55 -03:00
s3c-camif [media] vb2: replace void *alloc_ctxs by struct device *alloc_devs 2016-07-08 14:45:07 -03:00
s5p-g2d [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00
s5p-jpeg [media] s5p-jpeg: fix system and runtime PM integration 2016-09-22 10:11:57 -03:00
s5p-mfc [media] s5p-mfc: fix failure path of s5p_mfc_alloc_memdev() 2016-10-21 10:21:54 -02:00
soc_camera [media] soc-camera/rcar-vin: remove obsolete driver 2016-09-19 16:29:54 -03:00
sti [media] c8sectpfe: don't break long lines 2016-10-21 09:35:11 -02:00
ti-vpe [media] ti-vpe: don't break long lines 2016-10-21 09:35:36 -02:00
vivid [media] vivid: fix error return code in vivid_create_instance() 2016-09-19 14:18:42 -03:00
vsp1 [media] vsp1: fix CodingStyle violations on multi-line comments 2016-09-19 15:18:01 -03:00
xilinx [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00
arv.c [media] media: remove the setting of the flag V4L2_FL_USE_FH_PRIO 2014-07-04 16:14:59 -03:00
fsl-viu.c [media] fsl-viu: drop format names 2015-08-11 06:59:09 -03:00
Kconfig Linux 4.8 2016-10-05 16:43:53 -03:00
m2m-deinterlace.c [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00
Makefile [media] pxa_camera: merge soc_mediabus.c into pxa_camera.c 2016-09-12 06:42:24 -03:00
mx2_emmaprp.c [media] platform: don't break long lines 2016-10-21 10:06:32 -02:00
pxa_camera.c [media] platform: don't break long lines 2016-10-21 10:06:32 -02:00
rcar_jpu.c [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00
rcar-fcp.c [media] rcar-fcp: Make sure rcar_fcp_enable() returns 0 on success 2016-09-15 09:02:16 -03:00
sh_veu.c [media] vb2: replace void *alloc_ctxs by struct device *alloc_devs 2016-07-08 14:45:07 -03:00
sh_vou.c [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00
via-camera.c [media] platform: don't break long lines 2016-10-21 10:06:32 -02:00
via-camera.h
vim2m.c [media] platform: constify vb2_ops structures 2016-09-19 16:21:06 -03:00