drm/vc4: NULL ptr dereference during HDMI audio registration with next-20190111

Submitted by Stefan Wahren on Jan. 12, 2019, 11:08 p.m.

Details

Message ID 1985876633.321074.1547334497781@email.ionos.de
State New
Series "drm/vc4: NULL ptr dereference during HDMI audio registration with next-20190111"
Headers show

Commit Message

Stefan Wahren Jan. 12, 2019, 11:08 p.m.
> Stefan Wahren <stefan.wahren@i2se.com> hat am 12. Januar 2019 um 12:24 geschrieben:
> 
> 
> Hi,
> 
> kernelci.org [1] noticed a NULL pointer dereference during HDMI audio registration with linux-next-20190111 on Raspberry Pi using bcm2835_defconfig. I was able to reproduce it, but couldn't find anything suspicious in the commit ("Merge remote-tracking branch 'drm-misc-fixes/for-linux-next-fixes'") bisected by kernelci.org.
> 
> Best regards
> Stefan
> 
> [1] - https://kernelci.org/boot/id/5c383ceb59b514d9ca6edd2f/
> 
> [    1.956798] Unable to handle kernel NULL pointer dereference at virtual address 00000000

okay, i think i've found the responsible commit 8780cf1142a5 ("ASoC: soc-core: defer card probe until all component is added to list").

The following patch fixes the issue for me:

Patch hide | download patch | download mbox

diff --git a/sound/soc/soc-core.c b/sound/soc/soc-core.c
index 0934b36..dc6b6d1 100644
--- a/sound/soc/soc-core.c
+++ b/sound/soc/soc-core.c
@@ -1134,7 +1134,8 @@  static int soc_init_dai_link(struct snd_soc_card *card,
 	 * Defer card registartion if platform dai component is not added to
 	 * component list.
 	 */
-	if (!soc_find_component(link->platform->of_node, link->platform->name))
+	if ((link->platform->of_node || link->platform->name) &&
+	    !soc_find_component(link->platform->of_node, link->platform->name))
 		return -EPROBE_DEFER;
 
 	/*
@@ -1153,7 +1154,8 @@  static int soc_init_dai_link(struct snd_soc_card *card,
 	 * Defer card registartion if cpu dai component is not added to
 	 * component list.
 	 */
-	if (!soc_find_component(link->cpu_of_node, link->cpu_name))
+	if ((link->cpu_of_node || link->cpu_name) &&
+	    !soc_find_component(link->cpu_of_node, link->cpu_name))
 		return -EPROBE_DEFER;
 
 	/*

Comments

Rohit Kumar Jan. 14, 2019, 9:09 a.m.
On 1/13/2019 4:38 AM, Stefan Wahren wrote:
>> Stefan Wahren <stefan.wahren@i2se.com> hat am 12. Januar 2019 um 12:24 geschrieben:
>>
>>
>> Hi,
>>
>> kernelci.org [1] noticed a NULL pointer dereference during HDMI audio registration with linux-next-20190111 on Raspberry Pi using bcm2835_defconfig. I was able to reproduce it, but couldn't find anything suspicious in the commit ("Merge remote-tracking branch 'drm-misc-fixes/for-linux-next-fixes'") bisected by kernelci.org.
>>
>> Best regards
>> Stefan
>>
>> [1] - https://kernelci.org/boot/id/5c383ceb59b514d9ca6edd2f/
>>
>> [    1.956798] Unable to handle kernel NULL pointer dereference at virtual address 00000000
> okay, i think i've found the responsible commit 8780cf1142a5 ("ASoC: soc-core: defer card probe until all component is added to list").

The fix is already posted via 
https://lore.kernel.org/patchwork/patch/1031226/.

Mark, Can you pick this up. We will still have to consider intel platform

where there is no soc_component associated with platform_name.

>
> The following patch fixes the issue for me:
>
> diff --git a/sound/soc/soc-core.c b/sound/soc/soc-core.c
> index 0934b36..dc6b6d1 100644
> --- a/sound/soc/soc-core.c
> +++ b/sound/soc/soc-core.c
> @@ -1134,7 +1134,8 @@ static int soc_init_dai_link(struct snd_soc_card *card,
>   	 * Defer card registartion if platform dai component is not added to
>   	 * component list.
>   	 */
> -	if (!soc_find_component(link->platform->of_node, link->platform->name))
> +	if ((link->platform->of_node || link->platform->name) &&
> +	    !soc_find_component(link->platform->of_node, link->platform->name))
>   		return -EPROBE_DEFER;
>   
>   	/*
> @@ -1153,7 +1154,8 @@ static int soc_init_dai_link(struct snd_soc_card *card,
>   	 * Defer card registartion if cpu dai component is not added to
>   	 * component list.
>   	 */
> -	if (!soc_find_component(link->cpu_of_node, link->cpu_name))
> +	if ((link->cpu_of_node || link->cpu_name) &&
> +	    !soc_find_component(link->cpu_of_node, link->cpu_name))
>   		return -EPROBE_DEFER;
>   
>   	/*

Thanks,
Rohit