From: Clemens Ladisch <clemens@ladisch.de>
To: Julia Lawall <julia@diku.dk>
Cc: tiwai@suse.de, tj@kernel.org, alsa-devel@alsa-project.org
Subject: Re: question about sound/pci/ctxfi/ctpcm.c
Date: Tue, 09 Nov 2010 09:07:41 +0100 [thread overview]
Message-ID: <4CD9014D.20800@ladisch.de> (raw)
In-Reply-To: <Pine.LNX.4.64.1011081753110.21375@pc-004.diku.dk>
Julia Lawall wrote:
> The file sound/pci/ctxfi/ctpcm.c contains the functions
> ct_pcm_playback_open and ct_pcm_capture_open that contain the following
> pattern of code:
>
> runtime->private_data = apcm;
> ...
> if (err < 0) {
> kfree(apcm);
> return err;
> }
>
> I wonder if this leaves a dangling pointer to apcm in runtime?
The runtime structure contains data that is valid only while the
substream is open; it is allocated by the ALSA framework before
calling the open callback, and deallocated after calling the close
callback (or if the open callback fails).
> The function ct_atc_pcm_free_substream on the other hand does set the
> private_data field to NULL after freeing apcm.
This is superfluous.
> But perhaps there is something in the calling context of open that
> ensures that if the open function fails, the private_data field of
> runtime will never be used?
If the open callback fails, the close callback will not be called.
However, the runtime->private_free callback, if set, will be called.
So there is indeed a dangling pointer.
Regards,
Clemens
next prev parent reply other threads:[~2010-11-09 8:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-08 16:58 question about sound/pci/ctxfi/ctpcm.c Julia Lawall
2010-11-09 8:07 ` Clemens Ladisch [this message]
2010-11-09 8:25 ` Julia Lawall
2010-11-09 11:03 ` Clemens Ladisch
2010-11-09 11:03 ` Julia Lawall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CD9014D.20800@ladisch.de \
--to=clemens@ladisch.de \
--cc=alsa-devel@alsa-project.org \
--cc=julia@diku.dk \
--cc=tiwai@suse.de \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.