On reading in_voltage_scale of we got an NULL pointer dereference Oops.
The reason for this is, that mcp320x_read_raw tries to access
chip_info->resolution from struct mcp320x, but chip_info is never set.
chip_info was never set since the driver was added, but there was no
acute problem, because it was not referenced.
The acute problem exists since
b12206e917ac34bec41b9ff93d37d8bd53a2b3bc
iio: adc: mcp320x. Add support for more ADCs
This patch fixes the issue by setting chip_info in mcp320x_probe.
Signed-off-by: Manfred Schlaegl <[email protected]>
---
drivers/iio/adc/mcp320x.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/iio/adc/mcp320x.c b/drivers/iio/adc/mcp320x.c
index 8d9c9b9..d819823 100644
--- a/drivers/iio/adc/mcp320x.c
+++ b/drivers/iio/adc/mcp320x.c
@@ -299,6 +299,8 @@ static int mcp320x_probe(struct spi_device *spi)
indio_dev->channels = chip_info->channels;
indio_dev->num_channels = chip_info->num_channels;
+ adc->chip_info = chip_info;
+
adc->transfer[0].tx_buf = &adc->tx_buf;
adc->transfer[0].len = sizeof(adc->tx_buf);
adc->transfer[1].rx_buf = adc->rx_buf;
--
1.7.10.4
On Fri, Jul 10, 2015 at 10:55:30PM +0200, Manfred Schlaegl wrote:
> On reading in_voltage_scale of we got an NULL pointer dereference Oops.
>
> The reason for this is, that mcp320x_read_raw tries to access
> chip_info->resolution from struct mcp320x, but chip_info is never set.
>
> chip_info was never set since the driver was added, but there was no
> acute problem, because it was not referenced.
> The acute problem exists since
> b12206e917ac34bec41b9ff93d37d8bd53a2b3bc
> iio: adc: mcp320x. Add support for more ADCs
>
> This patch fixes the issue by setting chip_info in mcp320x_probe.
>
> Signed-off-by: Manfred Schlaegl <[email protected]>
> ---
> drivers/iio/adc/mcp320x.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/iio/adc/mcp320x.c b/drivers/iio/adc/mcp320x.c
> index 8d9c9b9..d819823 100644
> --- a/drivers/iio/adc/mcp320x.c
> +++ b/drivers/iio/adc/mcp320x.c
> @@ -299,6 +299,8 @@ static int mcp320x_probe(struct spi_device *spi)
> indio_dev->channels = chip_info->channels;
> indio_dev->num_channels = chip_info->num_channels;
>
> + adc->chip_info = chip_info;
> +
Looks good to me.
Reviewed-by: Michael Welling <[email protected]>
> adc->transfer[0].tx_buf = &adc->tx_buf;
> adc->transfer[0].len = sizeof(adc->tx_buf);
> adc->transfer[1].rx_buf = adc->rx_buf;
> --
> 1.7.10.4
>
On 2015-07-13 16:16, Michael Welling wrote:
> On Fri, Jul 10, 2015 at 10:55:30PM +0200, Manfred Schlaegl wrote:
>> On reading in_voltage_scale of we got an NULL pointer dereference Oops.
>>
>> The reason for this is, that mcp320x_read_raw tries to access
>> chip_info->resolution from struct mcp320x, but chip_info is never set.
>>
>> chip_info was never set since the driver was added, but there was no
>> acute problem, because it was not referenced.
>> The acute problem exists since
>> b12206e917ac34bec41b9ff93d37d8bd53a2b3bc
>> iio: adc: mcp320x. Add support for more ADCs
>>
>> This patch fixes the issue by setting chip_info in mcp320x_probe.
>>
>> Signed-off-by: Manfred Schlaegl <[email protected]>
>> ---
>> drivers/iio/adc/mcp320x.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/drivers/iio/adc/mcp320x.c b/drivers/iio/adc/mcp320x.c
>> index 8d9c9b9..d819823 100644
>> --- a/drivers/iio/adc/mcp320x.c
>> +++ b/drivers/iio/adc/mcp320x.c
>> @@ -299,6 +299,8 @@ static int mcp320x_probe(struct spi_device *spi)
>> indio_dev->channels = chip_info->channels;
>> indio_dev->num_channels = chip_info->num_channels;
>>
>> + adc->chip_info = chip_info;
>> +
>
> Looks good to me.
>
> Reviewed-by: Michael Welling <[email protected]>
>
>> adc->transfer[0].tx_buf = &adc->tx_buf;
>> adc->transfer[0].len = sizeof(adc->tx_buf);
>> adc->transfer[1].rx_buf = adc->rx_buf;
>> --
>> 1.7.10.4
>>
Thanks for reviewing!
best regards,
manfred
On 14/07/15 12:53, Manfred Schlaegl wrote:
> On 2015-07-13 16:16, Michael Welling wrote:
>> On Fri, Jul 10, 2015 at 10:55:30PM +0200, Manfred Schlaegl wrote:
>>> On reading in_voltage_scale of we got an NULL pointer dereference Oops.
>>>
>>> The reason for this is, that mcp320x_read_raw tries to access
>>> chip_info->resolution from struct mcp320x, but chip_info is never set.
>>>
>>> chip_info was never set since the driver was added, but there was no
>>> acute problem, because it was not referenced.
>>> The acute problem exists since
>>> b12206e917ac34bec41b9ff93d37d8bd53a2b3bc
>>> iio: adc: mcp320x. Add support for more ADCs
>>>
>>> This patch fixes the issue by setting chip_info in mcp320x_probe.
>>>
>>> Signed-off-by: Manfred Schlaegl <[email protected]>
>>> ---
>>> drivers/iio/adc/mcp320x.c | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/drivers/iio/adc/mcp320x.c b/drivers/iio/adc/mcp320x.c
>>> index 8d9c9b9..d819823 100644
>>> --- a/drivers/iio/adc/mcp320x.c
>>> +++ b/drivers/iio/adc/mcp320x.c
>>> @@ -299,6 +299,8 @@ static int mcp320x_probe(struct spi_device *spi)
>>> indio_dev->channels = chip_info->channels;
>>> indio_dev->num_channels = chip_info->num_channels;
>>>
>>> + adc->chip_info = chip_info;
>>> +
>>
>> Looks good to me.
>>
>> Reviewed-by: Michael Welling <[email protected]>
>>
>>> adc->transfer[0].tx_buf = &adc->tx_buf;
>>> adc->transfer[0].len = sizeof(adc->tx_buf);
>>> adc->transfer[1].rx_buf = adc->rx_buf;
>>> --
>>> 1.7.10.4
>>>
>
> Thanks for reviewing!
>
> best regards,
> manfred
>
Applied to the fixes-togreg branch of iio.git
Michael, there are moves afoot to clarify the meaning of reviewed-by
as covering only more substantial reviews (kind of tricky on a one liner
like this!) Hence for similar patches in future, an Acked-by may
be more appropriate.
Thanks,
Jonathan
On Sun, Jul 19, 2015 at 02:00:24PM +0100, Jonathan Cameron wrote:
> Applied to the fixes-togreg branch of iio.git
>
> Michael, there are moves afoot to clarify the meaning of reviewed-by
> as covering only more substantial reviews (kind of tricky on a one liner
> like this!) Hence for similar patches in future, an Acked-by may
> be more appropriate.
>
Actually I did review the patch and sent comments to the author.
In my haste I pressed reply istead of reply-all.. Oooops.
> Thanks,
>
> Jonathan