lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ea9a04fb-368d-daca-96ae-9366253a5e91@xs4all.nl>
Date:   Wed, 18 May 2022 11:37:28 +0200
From:   Hans Verkuil <hverkuil-cisco@...all.nl>
To:     Yunfei Dong <yunfei.dong@...iatek.com>,
        Alexandre Courbot <acourbot@...omium.org>,
        Nicolas Dufresne <nicolas@...fresne.ca>,
        AngeloGioacchino Del Regno 
        <angelogioacchino.delregno@...labora.com>,
        Benjamin Gaignard <benjamin.gaignard@...labora.com>,
        Tiffany Lin <tiffany.lin@...iatek.com>,
        Andrew-CT Chen <andrew-ct.chen@...iatek.com>,
        Mauro Carvalho Chehab <mchehab@...nel.org>,
        Rob Herring <robh+dt@...nel.org>,
        Matthias Brugger <matthias.bgg@...il.com>,
        Tomasz Figa <tfiga@...gle.com>
Cc:     George Sun <george.sun@...iatek.com>,
        Xiaoyong Lu <xiaoyong.lu@...iatek.com>,
        Hsin-Yi Wang <hsinyi@...omium.org>,
        Fritz Koenig <frkoenig@...omium.org>,
        Daniel Vetter <daniel@...ll.ch>,
        dri-devel <dri-devel@...ts.freedesktop.org>,
        Irui Wang <irui.wang@...iatek.com>,
        Steve Cho <stevecho@...omium.org>, linux-media@...r.kernel.org,
        devicetree@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org,
        linux-mediatek@...ts.infradead.org,
        Project_Global_Chrome_Upstream_Group@...iatek.com
Subject: Re: [PATCH v6, 6/7] media: mediatek: vcodec: prevent kernel crash
 when scp ipi timeout

Hi Yunfei,

On 5/13/22 11:25, Yunfei Dong wrote:
> When SCP timeout during playing video, kernel crashes with following
> message. It's caused by accessing NULL pointer in vpu_dec_ipi_handler.
> This patch doesn't solve the root cause of NULL pointer, but merely
> prevent kernel crashed when encounter the NULL pointer.

Is the root cause being addressed as well? Where is the root cause? Is it
in this driver or in the scp (i.e. the remoteproc) driver?

I need a bit more information to decide whether this series is ready to
be merged for 5.20 or not.

Regards,

	Hans

> 
> After applied this patch, kernel keeps alive, only the video player turns
> to green screen.
> 
> [67242.065474] pc : vpu_dec_ipi_handler+0xa0/0xb20 [mtk_vcodec_dec]
> [67242.065485] [MTK_V4L2] level=0 fops_vcodec_open(),334:
> 18000000.vcodec_dec decoder [135]
> [67242.065523] lr : scp_ipi_handler+0x11c/0x244 [mtk_scp]
> [67242.065540] sp : ffffffbb4207fb10
> [67242.065557] x29: ffffffbb4207fb30 x28: ffffffd00a1d5000
> [67242.065592] x27: 1ffffffa0143aa24 x26: 0000000000000000
> [67242.065625] x25: dfffffd000000000 x24: ffffffd0168bfdb0
> [67242.065659] x23: 1ffffff76840ff74 x22: ffffffbb41fa8a88
> [67242.065692] x21: ffffffbb4207fb9c x20: ffffffbb4207fba0
> [67242.065725] x19: ffffffbb4207fb98 x18: 0000000000000000
> [67242.065758] x17: 0000000000000000 x16: ffffffd042022094
> [67242.065791] x15: 1ffffff77ed4b71a x14: 1ffffff77ed4b719
> [67242.065824] x13: 0000000000000000 x12: 0000000000000000
> [67242.065857] x11: 0000000000000000 x10: dfffffd000000001
> [67242.065890] x9 : 0000000000000000 x8 : 0000000000000002
> [67242.065923] x7 : 0000000000000000 x6 : 000000000000003f
> [67242.065956] x5 : 0000000000000040 x4 : ffffffffffffffe0
> [67242.065989] x3 : ffffffd043b841b8 x2 : 0000000000000000
> [67242.066021] x1 : 0000000000000010 x0 : 0000000000000010
> [67242.066055] Call trace:
> [67242.066092]  vpu_dec_ipi_handler+0xa0/0xb20 [mtk_vcodec_dec
> 12220d230d83a7426fc38c56b3e7bc6066955bae]
> [67242.066119]  scp_ipi_handler+0x11c/0x244 [mtk_scp
> 8fb69c2ef141dd3192518b952b65aba35627b8bf]
> [67242.066145]  mt8192_scp_irq_handler+0x70/0x128 [mtk_scp
> 8fb69c2ef141dd3192518b952b65aba35627b8bf]
> [67242.066172]  scp_irq_handler+0xa0/0x114 [mtk_scp
> 8fb69c2ef141dd3192518b952b65aba35627b8bf]
> [67242.066200]  irq_thread_fn+0x84/0xf8
> [67242.066220]  irq_thread+0x170/0x1ec
> [67242.066242]  kthread+0x2f8/0x3b8
> [67242.066264]  ret_from_fork+0x10/0x30
> [67242.066292] Code: 38f96908 35003628 91004340 d343fc08 (38f96908)
> 
> Signed-off-by: Tinghan Shen <tinghan.shen@...iatek.com>
> Signed-off-by: Yunfei Dong <yunfei.dong@...iatek.com>
> Reviewed-by: Macpaul Lin <macpaul.lin@...iatek.com>
> ---
>  drivers/media/platform/mediatek/vcodec/vdec_vpu_if.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/drivers/media/platform/mediatek/vcodec/vdec_vpu_if.c b/drivers/media/platform/mediatek/vcodec/vdec_vpu_if.c
> index 35f4d5583084..1041dd663e76 100644
> --- a/drivers/media/platform/mediatek/vcodec/vdec_vpu_if.c
> +++ b/drivers/media/platform/mediatek/vcodec/vdec_vpu_if.c
> @@ -91,6 +91,11 @@ static void vpu_dec_ipi_handler(void *data, unsigned int len, void *priv)
>  	struct vdec_vpu_inst *vpu = (struct vdec_vpu_inst *)
>  					(unsigned long)msg->ap_inst_addr;
>  
> +	if (!vpu) {
> +		mtk_v4l2_err("ap_inst_addr is NULL");
> +		return;
> +	}
> +
>  	mtk_vcodec_debug(vpu, "+ id=%X", msg->msg_id);
>  
>  	vpu->failure = msg->status;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ