There is a typo here. We meant to test rbuf instead of drv. We
already tested drv earlier.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/ir-lirc-codec.c b/drivers/media/IR/ir-lirc-codec.c
index 178bc5b..87e 100644
--- a/drivers/media/IR/ir-lirc-codec.c
+++ b
This function has sanity checks to make sure that dev is non-null. I
moved the dereference down below the checks. In the current code dev
is never actually null.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/au0828/au0828-video.c
b/drivers/media/video/au0828
for v4l2_dev, but I looked at the code and I
don't think that can be NULL either.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/ivtv/ivtvfb.c
b/drivers/media/video/ivtv/ivtvfb.c
index 2c2d862..be03a71 100644
--- a/drivers/media/video/ivtv/ivtvfb.c
+++ b/drivers/media/video
On Fri, Jul 23, 2010 at 07:46:47AM -0400, Andy Walls wrote:
On Fri, 2010-07-23 at 12:12 +0200, Dan Carpenter wrote:
In ivtvfb_callback_cleanup() we dereference itv before checking that
it's NULL. itv is assigned with container_of() which basically never
returns a NULL pointer so the check
If we return directly here then we miss out on some mutex_unlock()s
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/s5p-fimc/fimc-core.c
b/drivers/media/video/s5p-fimc/fimc-core.c
index b151c7b..1beb226 100644
--- a/drivers/media/video/s5p-fimc/fimc-core.c
+++ b
There were a couple issues here. If the allocation failed for dev
then it would lead to a NULL dereference. If request_irq() or
request_region() failed it would release the irq and the region even
though they were not successfully aquired.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff
The original code dereferenced ir-raw after freeing it and setting it
to NULL.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/ir-raw-event.c b/drivers/media/IR/ir-raw-event.c
index 43094e7..8e0e1b1 100644
--- a/drivers/media/IR/ir-raw-event.c
+++ b/drivers/media/IR
On Thu, Aug 12, 2010 at 05:35:04PM +0300, Maxim Levitsky wrote:
On Thu, 2010-08-12 at 09:46 +0200, Dan Carpenter wrote:
There were a couple issues here. If the allocation failed for dev
then it would lead to a NULL dereference. If request_irq() or
request_region() failed it would release
fw is always a non-NULL pointer at this point, and anyway
release_firmware() accepts NULL pointers.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/dvb-usb/opera1.c
b/drivers/media/dvb/dvb-usb/opera1.c
index 6b22ec6..f896337 100644
--- a/drivers/media/dvb/dvb-usb
We dereference maskptr unconditionally at the start of the function
and also inside the call to parse_tlist() towards the end of the
function. This function is called from store_val_any() and it always
passes a non-NULL pointer.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git
.)
There is only one caller for this function and it passes non-NULL
pointers, so this is essentially a cleanup rather than a bugfix.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/saa7164/saa7164-buffer.c
b/drivers/media/video/saa7164/saa7164-buffer.c
index 5713f3a
Add a check after the for loops to see if we found what we were looking
for or if we reached the end of the list.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/saa7134/saa7134-video.c
b/drivers/media/video/saa7134/saa7134-video.c
index 45f0ac8..24c3a78 100644
.
The original code had a deadline of 1.005 seconds and the new code has a
deadline of .065 seconds.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/streamzap.c b/drivers/media/IR/streamzap.c
index 2cf57e6..d5d3cee 100644
--- a/drivers/media/IR/streamzap.c
+++ b/drivers
This was supposed to be an unlock on the error path.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/cx231xx/cx231xx-i2c.c
b/drivers/media/video/cx231xx/cx231xx-i2c.c
index cce74e5..8356706 100644
--- a/drivers/media/video/cx231xx/cx231xx-i2c.c
+++ b/drivers
There was an unlock missing if kzalloc() failed.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/s5p-fimc/fimc-core.c
b/drivers/media/video/s5p-fimc/fimc-core.c
index 1802701..8335045 100644
--- a/drivers/media/video/s5p-fimc/fimc-core.c
+++ b/drivers/media/video
These are signed so instead of being 1 and 0 as intended they are -1 and
0. It doesn't cause a bug in the current code but Sparse warns about it:
drivers/media/video/s5p-fimc/fimc-core.h:226:28:
error: dubious one-bit signed bitfield
Signed-off-by: Dan Carpenter erro...@gmail.com
diff
/media/video/s5p-fimc/fimc-core.c:286:
error: ‘TASK_NORMAL’ undeclared (first use in this function)
Signed-off-by: Dan Carpenter erro...@gmail.com
---
Compile tested only. :P
diff --git a/drivers/media/video/s5p-fimc/fimc-core.h
b/drivers/media/video/s5p
patch so I could handle it and add you
as reported by it is OK.
I thought it was probably a merge conflict. Thanks for taking care of
this.
regards,
dan carpenter
Regards,
Sylwester
ret = fimc_register_m2m_device(fimc);
if (ret)
goto err_irq;
--
To unsubscribe from
On Fri, Oct 22, 2010 at 09:10:57AM +0200, Sylwester Nawrocki wrote:
-Original Message-
From: Dan Carpenter [mailto:erro...@gmail.com]
Sent: Thursday, October 21, 2010 9:24 PM
To: Mauro Carvalho Chehab
Cc: Kyungmin Park; Sylwester Nawrocki; Pawel Osciak; Marek Szyprowski;
linux
() and it always is less than 16
characters so we can easily make the buffer smaller.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/saa7164/saa7164.h
b/drivers/media/video/saa7164/saa7164.h
index 1d9c5cb..8b3e844 100644
--- a/drivers/media/video/saa7164/saa7164.h
We shouldn't unlock here. I think this was a cut and paste error.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/lirc_dev.c b/drivers/media/IR/lirc_dev.c
index 8418b14..8ab9d87 100644
--- a/drivers/media/IR/lirc_dev.c
+++ b/drivers/media/IR/lirc_dev.c
@@ -522,10
:27:got int ( extern [toplevel] *noident
)( ... )
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/include/media/lirc_dev.h b/include/media/lirc_dev.h
index 54780a5..630e702 100644
--- a/include/media/lirc_dev.h
+++ b/include/media/lirc_dev.h
@@ -217,9 +217,9 @@ int lirc_dev_fop_open
is invalid now, there was another debug print that I removed.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/lirc_dev.c b/drivers/media/IR/lirc_dev.c
index fbca94f..6b9fc74 100644
--- a/drivers/media/IR/lirc_dev.c
+++ b/drivers/media/IR/lirc_dev.c
@@ -647,18 +647,18 @@ ssize_t
There is a missing unlock here. This was introduced as part of BKL
removal in c37db91fd0d4 V4L/DVB: bttv: fix driver lock and remove
explicit calls to BKL
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/bt8xx/bttv-driver.c
b/drivers/media/video/bt8xx/bttv
The lock isn't held here and doesn't need to be unlocked. The code has
been like this since the driver was merged.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/cx231xx/cx231xx-cards.c
b/drivers/media/video/cx231xx/cx231xx-cards.c
index 56c2d81..b7b905f
list_first_entry() always returns non-null here. I think the intent was
to test whether there were any entries in the used list.
Signed-off-by: Dan Carpenter erro...@gmail.com
---
I don't have this hardware so I can't test this. Please check
carefully.
diff --git a/drivers/media/video/saa7164
)
Wait, what? We just checked this a couple lines before.
The rest of the patch is right and a clever catch. It would affect
x86_64 systems and not i386. This doesn't have security implications
does it? You'd just catch the kmalloc() stack trace for insanely large
allocations.
regards,
dan
Hi Sergej,
I'm hoping this patch will take care of the bug you reported:
https://bugzilla.kernel.org/show_bug.cgi?id=24602
Please try it out and let me know. I'll resend with a proper
signed-off-by if it fixes the problem. (I don't have the hardware to
test this myself).
diff --git
zr-frame_num is a counter and was intended here instead of .
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/zoran/zoran_device.c
b/drivers/media/video/zoran/zoran_device.c
index b02007e..e8a2784 100644
--- a/drivers/media/video/zoran/zoran_device.c
+++ b
...@redhat.com
I'm taking off for the weekend, so I won't be able to look at this
more until Monday. See you then. :)
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
/show_bug.cgi?id=24602
Signed-off-by: Dan Carpenter erro...@gmail.com
---
Sergej could you test this one?
diff --git a/drivers/media/video/bt8xx/bttv-driver.c
b/drivers/media/video/bt8xx/bttv-driver.c
index a529619..6c8f4b0 100644
--- a/drivers/media/video/bt8xx/bttv-driver.c
+++ b/drivers/media
This is a copy and paste error. It should be using sizeof(cap-driver)
instead of sizeof(cap-card).
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/timblogiw.c b/drivers/media/video/timblogiw.c
index cf48aa9..ef1b7a5 100644
--- a/drivers/media/video/timblogiw.c
)
1645 saddr = 0xff;
We check saddr_len == 0 twice which doesn't make sense. I'm not sure
what the correct fix is though. It's been this way since the driver was
merged.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body
()
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
The original code compared saddr_len with zero twice in a nonsensical
way. I asked the list, and Andy Walls and Sri Deevi say that the second
check should be if saddr_len == 1.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/cx231xx/cx231xx-core.c
b/drivers
Negate has higher precedence than bitwise AND. I2C_M_RD is 0x1 so
the original code is equivelent to just checking if (!msg-flags).
Signed-off-by: Dan Carpenter dan.carpen...@oracle.com
diff --git a/drivers/media/dvb/dvb-usb/mxl111sf-i2c.c
b/drivers/media/dvb/dvb-usb/mxl111sf-i2c.c
index
This lock should be released as well on the error path.
Signed-off-by: Dan Carpenter dan.carpen...@oracle.com
diff --git a/drivers/media/dvb/frontends/dib9000.c
b/drivers/media/dvb/frontends/dib9000.c
index e276b11..660f806 100644
--- a/drivers/media/dvb/frontends/dib9000.c
+++ b/drivers/media
: dereference of noderef
expression
Signed-off-by: Dan Carpenter dan.carpen...@oracle.com
diff --git a/drivers/media/rc/ir-lirc-codec.c b/drivers/media/rc/ir-lirc-codec.c
index 165ea8f..5faba2a 100644
--- a/drivers/media/rc/ir-lirc-codec.c
+++ b/drivers/media/rc/ir-lirc-codec.c
@@ -99,7 +99,7
If i is 2 then when we call cx25821_video_mux() we'd end up going
past the end of the cx25821_boards[dev-board]-input[].
The INPUT() macro obfuscates what's going on in that function so it's
a bit hard to follow.
Signed-off-by: Dan Carpenter dan.carpen...@oracle.com
---
I don't have
of a 2 magic number.
You're right. The hard coded 2 is not helpful... Why not just an:
if (i = ARRAY_SIZE(cx25821_boards)) {...
I'll send a patch to do that.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord
Never mind. I figured out what you meant. I've fixed my patch and
I will send v2 this evening.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org
If i is 2 then when we call cx25821_video_mux() we'd end up going
past the end of the cx25821_boards[dev-board]-input[].
The INPUT() macro obfuscates what's going on in that function so it's
a bit hard to follow. And as Mauro points out the hard coded 2 is
not very helpful.
Signed-off-by: Dan
about it.
Julian was replying to problems that a specific patch introduced and
everything he said was correct. Piotr was already going to redo the
patches anyway.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord
, but I changed it to
less than or equal to DMX_TS_PES_PCR (4).
Signed-off-by: Dan Carpenter dan.carpen...@oracle.com
diff --git a/drivers/media/dvb/ttpci/av7110.c b/drivers/media/dvb/ttpci/av7110.c
index 3d20719..abf6b55 100644
--- a/drivers/media/dvb/ttpci/av7110.c
+++ b/drivers/media/dvb/ttpci
-DCONFIG_AS102_USB -Idrivers/media/dvb/dvb-core
It sounds like you're going to do a resend to add in the
Signed-off-by lines?
It would be better to separate these two chunks out and put them at
the end after you've fixed the compile errors in [PATCH 13/14].
regards,
dan carpenter
before patch 13/14, as drivers/staging/Makefile wasn't touch on patch 1/14.
Ah sorry. My bad.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org
/media/as102/as10x_cmd.c
patch: malformed patch at line 696:
___
I'm applying with patch not with git am.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord
Bitwise negate was intended here. INPUT_SEL_MASK is 0x30.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/cx231xx/cx231xx-avcore.c
b/drivers/media/video/cx231xx/cx231xx-avcore.c
index d52955c..c53e972 100644
--- a/drivers/media/video/cx231xx/cx231xx-avcore.c
:
/* Set the interrupt mask, for poll mode just diable all int */
^^
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
On Fri, Dec 31, 2010 at 06:17:58AM -0800, Justin P. Mattock wrote:
Wrong: [PATCH 02/15]drivers:spi:dw_spi.c Typo change diable to disable.
Right: [PATCH 02/15] spi/dw_spi: Typo change diable to disable
regards,
dan carpenter
alright.. so having the backlash is alright
0x0100
no! I changed it to disabled to make it proper..
Finn is obviously right, but maybe a compromise would be:
Only the value EEPROM_SW_AD_ENABLE means enable, other values mean
disable.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux
info-num comes from the user. It's type int. If the user passes
in a negative value that would cause memory corruption.
Signed-off-by: Dan Carpenter erro...@gmail.com
---
V2: change the check instead of making num and unsigned int
diff --git a/drivers/media/dvb/ttpci/av7110_ca.c
b/drivers
in the userspace API? Who would notice? (I'm still
quite a newbie at system programming).
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo
info-num comes from the user. It's type int. If the user passes
in a negative value that would cause memory corruption.
Signed-off-by: Dan Carpenter erro...@gmail.com
---
V2: change the check instead of making num and unsigned int
V3: white space changes
diff --git a/drivers/media/dvb/ttpci
kfree(state) if fe allocation fails.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/frontends/dib8000.c
b/drivers/media/dvb/frontends/dib8000.c
index 3e20aa8..c1c3e26 100644
--- a/drivers/media/dvb/frontends/dib8000.c
+++ b/drivers/media/dvb/frontends/dib8000.c
dib9000_mbx_send_attr() returns an int. It doesn't work to save
negative error codes in an unsigned char, so I've made ret an int
type.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/frontends/dib9000.c
b/drivers/media/dvb/frontends/dib9000.c
index 43fb6e4
kmalloc() can fail so check whether state-internal is NULL.
append_internal() can return NULL on allocation failures so check that.
Also if we hit the error condition later in the function then there is
a memory leak and we need to call remove_dev() to fix it.
Signed-off-by: Dan Carpenter erro
an additional leak that I missed in the
first version of this patch.
Signed-off-by: Dan Carpenter erro...@gmail.com
---
v2: Fix the leak Oliver noticed.
diff --git a/drivers/media/dvb/frontends/stv090x.c
b/drivers/media/dvb/frontends/stv090x.c
index d3362d0..41d0f0a 100644
--- a/drivers/media/dvb
We use err to store negative error codes so it should be signed. And
if we return an error from stv0367_get_tuner_freq() that needs to be
handled properly as well. (param-frequency is a u32).
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/frontends/stv0367.c
b
The CellsCoeffs arrays are [3][6][5] not [2][6][5].
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/frontends/stv0367.c
b/drivers/media/dvb/frontends/stv0367.c
index 7117ce9..ec9de40 100644
--- a/drivers/media/dvb/frontends/stv0367.c
+++ b/drivers/media/dvb
a real bug versus just a GCC warning. It was introduced
in 8aff8ba95155df [media] tm6000: add radio support to the driver.
I've added Dmitri to the CC list.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord
was on its own line but it
wasn't the start of a function.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pvrusb2/pvrusb2-std.c
b/drivers/media/video/pvrusb2/pvrusb2-std.c
index ca9f83a..a5d4867 100644
--- a/drivers/media/video/pvrusb2/pvrusb2-std.c
+++ b
* Include linux/string.h instead of asm/string.h.
* Remove unneeded curly braces.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pvrusb2/pvrusb2-std.c
b/drivers/media/video/pvrusb2/pvrusb2-std.c
index a5d4867..370a9ab 100644
--- a/drivers/media/video/pvrusb2
This function returns NULL on failure so lets do that if kzalloc()
fails. There is a separate problem that the caller for this function
doesn't check for errors...
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pvrusb2/pvrusb2-std.c
b/drivers/media/video
This patch renames some variables to bring them more in line with
kernel CodingStyle.
arrPtr = arr
arrSize = arr_size
bufPtr = buf
bufSize = buf_size
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pvrusb2/pvrusb2-std.c
b/drivers/media/video/pvrusb2/pvrusb2
The generic_standards_cnt define is only used in one place and it's
more readable to just call ARRAY_SIZE(generic_standards) directly.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pvrusb2/pvrusb2-std.c
b/drivers/media/video/pvrusb2/pvrusb2-std.c
index d5a679f
Using !0 is less readable than just saying 1.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pvrusb2/pvrusb2-std.c
b/drivers/media/video/pvrusb2/pvrusb2-std.c
index 9bebc08..ca4f67b 100644
--- a/drivers/media/video/pvrusb2/pvrusb2-std.c
+++ b/drivers/media/video
On Fri, Mar 25, 2011 at 11:33:36PM -0500, Mike Isely wrote:
Acked-By: Mike Isely is...@pobox.com
I'd need to reformat this one to get it to apply... :/ It doesn't
actually fix the bug so it's not worth it.
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe
already miss a patch posted to linux-media
addressing it?)
My laptop was stolen so I can't review code for the next couple weeks.
I remember that I thought your patch looked correct, but I was hoping that
Dmitri would Ack it.
regards,
dan carpenter
--
To unsubscribe from this list: send the line
:743:28: error: bad constant
expression
drivers/media/dvb/frontends/cxd2820r_core.c:748:32: error: cannot size
expression
drivers/media/dvb/frontends/cxd2820r_core.c:762:31: error: cannot size
expression
CC [M] drivers/media/dvb/frontends/cxd2820r_core.o
regards,
dan carpenter
If the tvp-cmd == DTV_MAX_COMMAND then we read past the end of the
array.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/dvb-core/dvb_frontend.c
b/drivers/media/dvb/dvb-core/dvb_frontend.c
index 9827804..607e293 100644
--- a/drivers/media/dvb/dvb-core
If change_protocol() fails and we goto out_raw, then it calls unlock
twice. I noticed that the other time we called change_protocol() we
held the dev-lock, so I changed it to hold it here too.
Signed-off-by: Dan Carpenter erro...@gmail.com
---
Compile tested only.
diff --git a/drivers/media/rc
In the original code, if the allocation failed we dereference rr3
when it was NULL.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/rc/redrat3.c b/drivers/media/rc/redrat3.c
index 5147767..4582ef7 100644
--- a/drivers/media/rc/redrat3.c
+++ b/drivers/media/rc/redrat3.c
We dereference buf on the line before so if it were NULL here we
would have OOPsed earlier. Also list_entry() never returns NULL.
And finally, we handled the situation where the list is empty
earlier in the function.
So this test isn't needed and I've removed it.
Signed-off-by: Dan Carpenter
'!' has higher precedence than '' so we need parenthesis here.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/pwc/pwc-v4l.c
b/drivers/media/video/pwc/pwc-v4l.c
index e9a0e94..8c70e64 100644
--- a/drivers/media/video/pwc/pwc-v4l.c
+++ b/drivers/media/video/pwc
On Thu, Aug 04, 2011 at 12:21:29PM +0200, Florian Mickler wrote:
Mauro, what to do?
Apply the fix which Tino tested, perhaps? :P (obviously).
The bug is present in 3.0 so it should be tagged for stable as well.
regards,
dan carpenter
--
To unsubscribe from this list: send the line
The goto needs to be moved after the assignment.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/frontends/dib7000p.c
b/drivers/media/dvb/frontends/dib7000p.c
index a64a538..9c40267 100644
--- a/drivers/media/dvb/frontends/dib7000p.c
+++ b/drivers/media/dvb
The ret = -EIO needs to be before the goto.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/frontends/dib9000.c
b/drivers/media/dvb/frontends/dib9000.c
index a085588..01e6b0c 100644
--- a/drivers/media/dvb/frontends/dib9000.c
+++ b/drivers/media/dvb/frontends
this changes later.
6) In the default case where an ioctl is not implemented then
returning -ENOTTY is more appropriate than returning -EFAULT.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/ddbridge/ddbridge-core.c
b/drivers/media/dvb/ddbridge/ddbridge-core.c
index
starting with @@ into 2 lines so
the patch doesn't apply.
Could you resend the patch without line wrapping?
regards,
dan carpenter
--
To unsubscribe from this list: send the line unsubscribe linux-media in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
== VIDEOBUF_DONE ||
3198 buf-vb.state == VIDEOBUF_ERROR)
3199 rc = POLLIN|POLLRDNORM;
3200 else
3201 rc = 0;
3202 err:
3203 mutex_unlock(fh-cap.vb_lock);
regards,
dan carpenter
--
To unsubscribe from this list: send the line
.
Signed-off-by: Dan Carpenter erro...@gmail.com
--- orig/drivers/media/video/ov511.c2009-11-29 14:44:46.0 +0200
+++ devel/drivers/media/video/ov511.c 2009-11-29 14:44:57.0 +0200
@@ -5878,7 +5878,7
I saw a patch earlier from Johan Hovold which said you shouldn't pass
stack variables to usb_control_msg() so I used smatch to do an audit.
Here are the results for 2.6.33-rc1 + Johan's patch.
regards,
dan carpenter
drivers/media/dvb/dvb-usb/a800.c +82 a800_rc_query(3) error: doing dma
*/
410 state-br = 0xff;
411 state-bf = 0xff;
412
413 if (!state-config-rf_loop_enable)
414 zl10036_init_tab[1][2] |= 0x01;
This seems like an off by one error. I think it maybe should say
zl10036_init_tab[1][1] |= 0x01;?
regards,
dan
medusa_set_videostandard() takes the lock but it always drops it before
returning.
This was found with a static checker and compile tested only. :/
Signed-off-by: Dan Carpenter erro...@gmail.com
--- orig/drivers/staging/cx25821/cx25821-medusa-video.c 2009-12-28
09:13:01.0 +0200
I was initially concerned about the weird array index (the 2 bumps
into the next row of the array). Matthias Schwarzott look at the
datasheet and it turns out it should be zl10036_init_tab[1][0] |= 0x01;
Signed-off-by: Dan Carpenter erro...@gmail.com
--- orig/drivers/media/dvb/frontends/zl10036
/input/misc/imon.c +1979 imon_probe(383) error: double unlock
'mutex:context-lock'
drivers/input/misc/imon.c +1983 imon_probe(387) error: double unlock
'mutex:context-lock'
It sometimes unlocks both before and after the goto.
regards,
dan carpenter
--
To unsubscribe from this list: send the line
It's possible that we wanted to resize to a smaller size but we didn't
have enough memory to create the new table. We need to test for that
here so we don't try to lock twice and dead lock. Also we free the
oldkeymap on that path and that would be bad.
Signed-off-by: Dan Carpenter erro
Return -EINVAL if we don't find the control id.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/cx231xx/cx231xx-video.c
b/drivers/media/video/cx231xx/cx231xx-video.c
index d4f546f..5a74ef8 100644
--- a/drivers/media/video/cx231xx/cx231xx-video.c
+++ b/drivers
Return -EINVAL if we don't find the right query control id.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video/cx88/cx88-video.c
b/drivers/media/video/cx88/cx88-video.c
index 48c450f..b4c80cb 100644
--- a/drivers/media/video/cx88/cx88-video.c
+++ b/drivers/media
If the kmalloc() failed for ccdc_cfg = kmalloc(...); then we would exit
with the lock held. I moved the mutex_lock() below the allocation
because it isn't protecting anything in that block and allocations are
allocations are sometimes slow.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff
soc_mbus_bytes_per_line() returns -EINVAL on error but we store it in an
unsigned int so the test for less than zero doesn't work. I think it
always returns small positive values so we can just cast it to int
here.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/video
On Mon, May 03, 2010 at 08:07:29PM -0300, Mauro Carvalho Chehab wrote:
a...@linux-foundation.org wrote:
From: Dan Carpenter erro...@gmail.com
It's possible that we wanted to resize to a smaller size but we didn't
have enough memory to create the new table. We need to test for that here
If there is an error here we should unlock in the caller (which is
imon_init_intf1()). We can remove this stray unlock.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/imon.c b/drivers/media/IR/imon.c
index b65c31a..d48ad6d 100644
--- a/drivers/media/IR/imon.c
The original condition is always false because ! has higher precedence
than == and neither 0 nor 1 is equal to IMON_DISPLAY_TYPE_VGA.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/imon.c b/drivers/media/IR/imon.c
index b65c31a..93b5796 100644
--- a/drivers/media/IR
There is a typo here. We meant to test ir instead of props. The
props variable was tested earlier.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/IR/imon.c b/drivers/media/IR/imon.c
index b65c31a..f2066d0 100644
--- a/drivers/media/IR/imon.c
+++ b/drivers/media/IR
corrected yet. Btw. Smatch includes a pretty good test to
find places which use stack memory as a dma buffer. That's how I found
these. (http://smatch.sf.net).
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/dvb-usb/az6027.c
b/drivers/media/dvb/dvb-usb/az6027.c
index
== (code | 0xffee))
1209 break;
After the for loop i can be 0 to 21.
1210
1211 keycode = imon_panel_key_table[i %
IMON_KEY_RELEASE_OFFSET].keycode;
IMON_KEY_RELEASE_OFFSET is 1000 so it doesn't affect anything.
regards,
dan carpenter
--
To unsubscribe from
If the az6027_usb_in_op() returns a negative errno ret is -EIO and in
that case the value of b[0] may be undefined. The original code
assigned 0 to ret, but since it's already 0 now we can skip that.
Signed-off-by: Dan Carpenter erro...@gmail.com
diff --git a/drivers/media/dvb/dvb-usb/az6027.c
% IMON_KEY_RELEASE_OFFSET].keycode;
+ keycode = imon_panel_key_table[i].keycode;
return keycode;
}
There is still potentially a problem here because if we don't hit the
break statement, then we're one past the end of the array.
regards,
dan carpenter
--
To unsubscribe from this list: send the line
1 - 100 of 680 matches
Mail list logo