From af4bac11531fbc0b5955fdccbe3f5ea265cd7374 Mon Sep 17 00:00:00 2001 From: Sameer Pujar Date: Sun, 19 Jan 2020 19:49:23 +0530 Subject: [PATCH] ASoC: soc-pcm: crash in snd_soc_dapm_new_dai Crash happens in snd_soc_dapm_new_dai() when substream->private_data access is made and substream is NULL here. This is seen for DAIs where only playback or capture stream is defined. This seems to be happening for codec2codec DAI link. Both playback and capture are 0 during soc_new_pcm(). This is probably happening because cpu_dai and codec_dai are both validated either for SNDRV_PCM_STREAM_PLAYBACK or SNDRV_PCM_STREAM_CAPTURE. Shouldn't be playback = 1 when, - playback stream is available for codec_dai AND - capture stream is available for cpu_dai and vice-versa for capture = 1? Signed-off-by: Sameer Pujar Link: https://lore.kernel.org/r/1579443563-12287-1-git-send-email-spujar@nvidia.com Signed-off-by: Mark Brown --- sound/soc/soc-pcm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sound/soc/soc-pcm.c b/sound/soc/soc-pcm.c index b78f6ff2b1d3..f70bec7815ee 100644 --- a/sound/soc/soc-pcm.c +++ b/sound/soc/soc-pcm.c @@ -2916,10 +2916,10 @@ int soc_new_pcm(struct snd_soc_pcm_runtime *rtd, int num) for_each_rtd_codec_dai(rtd, i, codec_dai) { if (snd_soc_dai_stream_valid(codec_dai, SNDRV_PCM_STREAM_PLAYBACK) && - snd_soc_dai_stream_valid(cpu_dai, SNDRV_PCM_STREAM_PLAYBACK)) + snd_soc_dai_stream_valid(cpu_dai, SNDRV_PCM_STREAM_CAPTURE)) playback = 1; if (snd_soc_dai_stream_valid(codec_dai, SNDRV_PCM_STREAM_CAPTURE) && - snd_soc_dai_stream_valid(cpu_dai, SNDRV_PCM_STREAM_CAPTURE)) + snd_soc_dai_stream_valid(cpu_dai, SNDRV_PCM_STREAM_PLAYBACK)) capture = 1; } -- 2.30.2