On 2/24/2020 5:18 PM, Pierre-Louis Bossart wrote:
On 2/24/20 6:52 AM, Amadeusz Sławiński wrote:
Incrementation of avail_clk_cnt was incorrectly moved to error path. Put
it back to success path.
Fixes: 6ee927f2f01466 ('ASoC: Intel: Skylake: Fix NULL ptr dereference
when unloading clk dev')
Signed-off-by: Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx>
---
sound/soc/intel/skylake/skl-ssp-clk.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/sound/soc/intel/skylake/skl-ssp-clk.c
b/sound/soc/intel/skylake/skl-ssp-clk.c
index 1c0e5226cb5b..bd43885f3805 100644
--- a/sound/soc/intel/skylake/skl-ssp-clk.c
+++ b/sound/soc/intel/skylake/skl-ssp-clk.c
@@ -384,9 +384,11 @@ static int skl_clk_dev_probe(struct
platform_device *pdev)
&clks[i], clk_pdata, i);
if (IS_ERR(data->clk[data->avail_clk_cnt])) {
- ret = PTR_ERR(data->clk[data->avail_clk_cnt++]);
+ ret = PTR_ERR(data->clk[data->avail_clk_cnt]);
Are you sure?
If you start with avail_clk_cnt set to zero, the error handling will
decrement and access offset -1
Yes, I'm sure as far as I know c it will first check the value and then
decrement it, so it will be 0 while doing the "while" check and it won't
enter the loop.
You can double check with simplified usecase:
#include <stdio.h>
int main() {
int i = 0;
while(i--)
printf("do something with i, while i = %d\n", i);
}
which seems to work fine to me, by not entering the loop.
Use case is as following:
we start with avail_clk_cnt = 0;
register clock at index 0; increment avail_clk_cnt to 1;
register clock at index 1; increment avail_clk_cnt to 2;
register clock at index 2; increment avail_clk_cnt to 3
now let's assume that there is no more clocks to register
so we do our stuff and then we need to free clocks
so we enter loop
3 evaluates to true, so we decrement it and release clock at index 2
2 evaluates to true, so we decrement it and release clock at index 1
1 evaluates to true, so we decrement it and release clock at index 0
0 evaluates to false, so wo don't enter loop
similar thing happens if we fail to register clock and do error handling
Amadeusz
