Re: [PATCH v1] media: camss: vfe: Don't use vfe->base before it's assigned
From: Marek Szyprowski
Date: Wed Aug 11 2021 - 03:49:00 EST
On 10.08.2021 12:33, Robert Foss wrote:
> vfe->ops->hw_version(vfe) being called before vfe->base has been assigned
> is incorrect and causes crashes.
>
> Fixes: b10b5334528a9 ("media: camss: vfe: Don't read hardware version needlessly")
>
> Reported-by: Linux Kernel Functional Testing <lkft@xxxxxxxxxx>
> Signed-off-by: Robert Foss <robert.foss@xxxxxxxxxx>
With this patch applied on top of linux next-20210810 instead of the
NULL pointer dereference I get following error on DragonBoard410c while
loading kernel modules:
[ 18.480608] qcom-venus 1d00000.video-codec: Adding to iommu group 1
[ 18.536167] qcom-camss 1b0ac00.camss: Adding to iommu group 2
[ 18.600373] Internal error: synchronous external abort: 96000010 [#1]
PREEMPT SMP
> ---
> drivers/media/platform/qcom/camss/camss-vfe.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/media/platform/qcom/camss/camss-vfe.c b/drivers/media/platform/qcom/camss/camss-vfe.c
> index 6b2f33fc9be22..1c8d2f0f81207 100644
> --- a/drivers/media/platform/qcom/camss/camss-vfe.c
> +++ b/drivers/media/platform/qcom/camss/camss-vfe.c
> @@ -1299,7 +1299,6 @@ int msm_vfe_subdev_init(struct camss *camss, struct vfe_device *vfe,
> return -EINVAL;
> }
> vfe->ops->subdev_init(dev, vfe);
> - vfe->ops->hw_version(vfe);
>
> /* Memory */
>
> @@ -1309,6 +1308,8 @@ int msm_vfe_subdev_init(struct camss *camss, struct vfe_device *vfe,
> return PTR_ERR(vfe->base);
> }
>
> + vfe->ops->hw_version(vfe);
> +
> /* Interrupt */
>
> r = platform_get_resource_byname(pdev, IORESOURCE_IRQ,
Best regards
--
Marek Szyprowski, PhD
Samsung R&D Institute Poland