poll_wait uses &buf->done, but buf is NULL. Move the poll_wait to later
in the function once buf is correctly set and only call it if it is
non-NULL.
Signed-off-by: Hans Verkuil <hverkuil-ci...@xs4all.nl>
Reported-by: Dan Carpenter <dan.carpen...@oracle.com>
Fixes: bb436cbeb918 ("media: videobuf: fix epoll() by calling poll_wait first")
Cc: <sta...@vger.kernel.org> # for v5.1 and up
---
diff --git a/drivers/media/v4l2-core/videobuf-core.c
b/drivers/media/v4l2-core/videobuf-core.c
index 7ef3e4d22bf6..939fc11cf080 100644
--- a/drivers/media/v4l2-core/videobuf-core.c
+++ b/drivers/media/v4l2-core/videobuf-core.c
@@ -1123,7 +1123,6 @@ __poll_t videobuf_poll_stream(struct file *file,
struct videobuf_buffer *buf = NULL;
__poll_t rc = 0;
- poll_wait(file, &buf->done, wait);
videobuf_queue_lock(q);
if (q->streaming) {
if (!list_empty(&q->stream))
@@ -1143,7 +1142,9 @@ __poll_t videobuf_poll_stream(struct file *file,
}
buf = q->read_buf;
}
- if (!buf)
+ if (buf)
+ poll_wait(file, &buf->done, wait);
+ else
rc = EPOLLERR;
if (0 == rc) {
