| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Mar 2017 22:21:22 +0800
From: Minghsiu Tsai <minghsiu.tsai@...iatek.com>
To: Hans Verkuil <hans.verkuil@...co.com>,
<daniel.thompson@...aro.org>, Rob Herring <robh+dt@...nel.org>,
Mauro Carvalho Chehab <mchehab@....samsung.com>,
Matthias Brugger <matthias.bgg@...il.com>,
Daniel Kurtz <djkurtz@...omium.org>,
Pawel Osciak <posciak@...omium.org>
CC: <srv_heupstream@...iatek.com>,
Eddie Huang <eddie.huang@...iatek.com>,
Yingjoe Chen <yingjoe.chen@...iatek.com>,
Wu-Cheng Li <wuchengli@...gle.com>,
<devicetree@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-media@...r.kernel.org>,
<linux-mediatek@...ts.infradead.org>,
Bin Liu <bin.liu@...iatek.com>,
Rick Chang <rick.chang@...iatek.com>,
Minghsiu Tsai <minghsiu.tsai@...iatek.com>
Subject: [PATCH] media: mtk-jpeg: fix continuous log "Context is NULL"
The symptom is continuous log "mtk-jpeg 18004000.jpegdec: Context is NULL"
in kernel log. It is becauese the error handling in irq doesn't clear
interrupt.
The calling flow like as below when issue happen
mtk_jpeg_device_run()
mtk_jpeg_job_abort()
v4l2_m2m_job_finish() -> m2m_dev->curr_ctx = NULL;
mtk_jpeg_dec_irq()
v4l2_m2m_get_curr_priv()
-> m2m_dev->curr_ctx == NULL
-> return NULL
log "Context is NULL"
There is race condition between job_abort() and irq. In order to simplify
code, don't want to add extra flag to maintain state, empty job_abort() and
clear interrupt before v4l2_m2m_get_curr_priv() in irq.
Signed-off-by: Minghsiu Tsai <minghsiu.tsai@...iatek.com>
---
drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c b/drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c
index b10183f..c02bc7f 100644
--- a/drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c
+++ b/drivers/media/platform/mtk-jpeg/mtk_jpeg_core.c
@@ -862,15 +862,6 @@ static int mtk_jpeg_job_ready(void *priv)
static void mtk_jpeg_job_abort(void *priv)
{
- struct mtk_jpeg_ctx *ctx = priv;
- struct mtk_jpeg_dev *jpeg = ctx->jpeg;
- struct vb2_buffer *src_buf, *dst_buf;
-
- src_buf = v4l2_m2m_src_buf_remove(ctx->fh.m2m_ctx);
- dst_buf = v4l2_m2m_dst_buf_remove(ctx->fh.m2m_ctx);
- v4l2_m2m_buf_done(to_vb2_v4l2_buffer(src_buf), VB2_BUF_STATE_ERROR);
- v4l2_m2m_buf_done(to_vb2_v4l2_buffer(dst_buf), VB2_BUF_STATE_ERROR);
- v4l2_m2m_job_finish(jpeg->m2m_dev, ctx->fh.m2m_ctx);
}
static struct v4l2_m2m_ops mtk_jpeg_m2m_ops = {
@@ -941,6 +932,8 @@ static irqreturn_t mtk_jpeg_dec_irq(int irq, void *priv)
u32 dec_ret;
int i;
+ dec_ret = mtk_jpeg_dec_get_int_status(jpeg->dec_reg_base);
+ dec_irq_ret = mtk_jpeg_dec_enum_result(dec_ret);
ctx = v4l2_m2m_get_curr_priv(jpeg->m2m_dev);
if (!ctx) {
v4l2_err(&jpeg->v4l2_dev, "Context is NULL\n");
@@ -951,9 +944,6 @@ static irqreturn_t mtk_jpeg_dec_irq(int irq, void *priv)
dst_buf = v4l2_m2m_dst_buf_remove(ctx->fh.m2m_ctx);
jpeg_src_buf = mtk_jpeg_vb2_to_srcbuf(src_buf);
- dec_ret = mtk_jpeg_dec_get_int_status(jpeg->dec_reg_base);
- dec_irq_ret = mtk_jpeg_dec_enum_result(dec_ret);
-
if (dec_irq_ret >= MTK_JPEG_DEC_RESULT_UNDERFLOW)
mtk_jpeg_dec_reset(jpeg->dec_reg_base);
--
1.9.1
Powered by blists - more mailing lists