[alsa-devel] [PATCH] ALSA: pcm_dmaengine: Run complete cb only if runtime check passes

[Misael Lopez Cruz]

The DMA complete callback uses substream's runtime data, so make
sure the runtime check passes before going forward.

The callback could run while the stream is closing or after it's
already closed.  By then, the substream's runtime data might already
been freed and cause NULL pointer dereferences.

Signed-off-by: Misael Lopez Cruz <misael.lopez at ti.com>
Reviewed-by: Peter Ujfalusi <peter.ujfalusi at ti.com>
---
 sound/core/pcm_dmaengine.c |    7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/sound/core/pcm_dmaengine.c b/sound/core/pcm_dmaengine.c
index fba365a..061a8f7 100644
--- a/sound/core/pcm_dmaengine.c
+++ b/sound/core/pcm_dmaengine.c
@@ -133,7 +133,12 @@ EXPORT_SYMBOL_GPL(snd_dmaengine_pcm_set_config_from_dai_data);
 static void dmaengine_pcm_dma_complete(void *arg)
 {
 	struct snd_pcm_substream *substream = arg;
-	struct dmaengine_pcm_runtime_data *prtd = substream_to_prtd(substream);
+	struct dmaengine_pcm_runtime_data *prtd;
+
+	if (PCM_RUNTIME_CHECK(substream))
+		return;
+
+	prtd = substream_to_prtd(substream);
 
 	prtd->pos += snd_pcm_lib_period_bytes(substream);
 	if (prtd->pos >= snd_pcm_lib_buffer_bytes(substream))
-- 
1.7.9.5