projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f7cbd68)
[media] s5p-mfc: Fix NULL pointer dereference caused by not set q->lock
authorKamil Debski <k.debski@samsung.com>
Tue, 3 Mar 2015 14:32:58 +0000 (11:32 -0300)
committerMauro Carvalho Chehab <mchehab@osg.samsung.com>
Wed, 4 Mar 2015 11:59:58 +0000 (08:59 -0300)
The patch "media: s5p-mfc: use vb2_ops_wait_prepare/finish helper"
(654a731be1a0b6f606f3f3d12b50db08f2ae3c3) introduced a kernel panic.
The q->lock was set for just one queue, the other was not set thus causing
a NULL pointer dereference.

Reported-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Kamil Debski <k.debski@samsung.com>
Signed-off-by: Sylwester Nawrocki <s.nawrocki@samsung.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com>
drivers/media/platform/s5p-mfc/s5p_mfc.c patch | blob | blame | history

diff --git a/drivers/media/platform/s5p-mfc/s5p_mfc.c b/drivers/media/platform/s5p-mfc/s5p_mfc.c
index 8e44a59d8ec20f17bcfd601fd4a8c7abdaf8a530..98374e8bad3e99ffdf5a70d26b923e6e0c265bf3 100644 (file)
--- a/drivers/media/platform/s5p-mfc/s5p_mfc.c
+++ b/drivers/media/platform/s5p-mfc/s5p_mfc.c
@@ -833,6 +833,7 @@ static int s5p_mfc_open(struct file *file)
        q->type = V4L2_BUF_TYPE_VIDEO_OUTPUT_MPLANE;
        q->io_modes = VB2_MMAP;
        q->drv_priv = &ctx->fh;
+       q->lock = &dev->mfc_mutex;
        if (vdev == dev->vfd_dec) {
                q->io_modes = VB2_MMAP;
                q->ops = get_dec_queue_ops();