From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from madrid.collaboradmins.com (madrid.collaboradmins.com [46.235.227.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 42ADF1B59B; Fri, 23 Feb 2024 08:28:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=46.235.227.194 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708676915; cv=none; b=irEidcdQfmSfihS3P9puhyti8G7E7M6+XxXOJcqDz+C0dKUJyAoo+Yv6K62dIxaUOkMbL6P/sFi7pgVSfz8imvMpVH27d9Iq2p6UyMRXBvrB58ycTNHStT3Jb/7FCz2kPxULAEen8M9U8lZEmIe2NtjaxzYiEmOP5eTExWUQH5A= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708676915; c=relaxed/simple; bh=VQInuZKD4QOobr1zpp5OXgZQ5KFOiImoN91p7A5r86s=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=dsLnAkVsxNVgT/dqT2zRkpyZ0fqeYGjDYckhFG/t/qOhlmDjLTKE1s5OJZT8QYoO7TojRbuflym7nX+nC09OMBONR/mcH12mj40Uj9C0mbMb6Zghayu2yBPM/koabS71NOAKM7u4KZ0lEZWzp5bKOvGKOW35pAXjbSboXYSjXxU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=collabora.com; spf=pass smtp.mailfrom=collabora.com; dkim=pass (2048-bit key) header.d=collabora.com header.i=@collabora.com header.b=5i0bsycN; arc=none smtp.client-ip=46.235.227.194 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=collabora.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=collabora.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=collabora.com header.i=@collabora.com header.b="5i0bsycN" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=collabora.com; s=mail; t=1708676912; bh=VQInuZKD4QOobr1zpp5OXgZQ5KFOiImoN91p7A5r86s=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=5i0bsycN0PEShA+rSD7rUGII8bzQSP3VSj0KK8cROouRiefY5QXB/DqldGoZe7HDk gjz+fV+mS+ihmUABzdz7b1RViYN8yTo7R3ygSU6Wq5cxkePYKr8qdouRWIpGr4/Rvt yquGPG2IACjwKAkfW4JYJLFkectwCRnqBOliXHq7pT3jdx2agOFRs+8dX1SsAnYnBZ HtynFoRDgUFBCdF5b5fcAORbXQipp7YYHKKyWdQ+3PbDtGG0FUlobpk8ppnPm90UNF 2wo9NZfv6WEOc4OBQWsC/g3pmo4I9P2PhqzyI2/nXaiaogAiAIrr3drEq6wcYoyn6z iYLH2fEfFCC+g== Received: from [100.113.186.2] (cola.collaboradmins.com [195.201.22.229]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kholk11) by madrid.collaboradmins.com (Postfix) with ESMTPSA id 595C237820DB; Fri, 23 Feb 2024 08:28:31 +0000 (UTC) Message-ID: Date: Fri, 23 Feb 2024 09:28:30 +0100 Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v3,1/2] media: mediatek: vcodec: adding lock to protect decoder context list To: Yunfei Dong , =?UTF-8?Q?N=C3=ADcolas_F_=2E_R_=2E_A_=2E_Prado?= , Nicolas Dufresne , Hans Verkuil , Benjamin Gaignard , Nathan Hebert , Irui Wang Cc: Hsin-Yi Wang , Fritz Koenig , Daniel Vetter , Steve Cho , linux-media@vger.kernel.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, Project_Global_Chrome_Upstream_Group@mediatek.com References: <20240222092609.31382-1-yunfei.dong@mediatek.com> <20240222092609.31382-2-yunfei.dong@mediatek.com> From: AngeloGioacchino Del Regno Content-Language: en-US In-Reply-To: <20240222092609.31382-2-yunfei.dong@mediatek.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Il 22/02/24 10:26, Yunfei Dong ha scritto: > The ctx_list will be deleted when scp getting unexpected behavior, then the > ctx_list->next will be NULL, the kernel driver maybe access NULL pointer in > function vpu_dec_ipi_handler when going through each context, then reboot. > > Need to add lock to protect the ctx_list to make sure the ctx_list->next isn't > NULL pointer. > > Hardware name: Google juniper sku16 board (DT) > pstate: 20400005 (nzCv daif +PAN -UAO -TCO BTYPE=--) > pc : vpu_dec_ipi_handler+0x58/0x1f8 [mtk_vcodec_dec] > lr : scp_ipi_handler+0xd0/0x194 [mtk_scp] > sp : ffffffc0131dbbd0 > x29: ffffffc0131dbbd0 x28: 0000000000000000 > x27: ffffff9bb277f348 x26: ffffff9bb242ad00 > x25: ffffffd2d440d3b8 x24: ffffffd2a13ff1d4 > x23: ffffff9bb7fe85a0 x22: ffffffc0133fbdb0 > x21: 0000000000000010 x20: ffffff9b050ea328 > x19: ffffffc0131dbc08 x18: 0000000000001000 > x17: 0000000000000000 x16: ffffffd2d461c6e0 > x15: 0000000000000242 x14: 000000000000018f > x13: 000000000000004d x12: 0000000000000000 > x11: 0000000000000001 x10: fffffffffffffff0 > x9 : ffffff9bb6e793a8 x8 : 0000000000000000 > x7 : 0000000000000000 x6 : 000000000000003f > x5 : 0000000000000040 x4 : fffffffffffffff0 > x3 : 0000000000000020 x2 : ffffff9bb6e79080 > x1 : 0000000000000010 x0 : ffffffc0131dbc08 > Call trace: > vpu_dec_ipi_handler+0x58/0x1f8 [mtk_vcodec_dec (HASH:6c3f 2)] > scp_ipi_handler+0xd0/0x194 [mtk_scp (HASH:7046 3)] > mt8183_scp_irq_handler+0x44/0x88 [mtk_scp (HASH:7046 3)] > scp_irq_handler+0x48/0x90 [mtk_scp (HASH:7046 3)] > irq_thread_fn+0x38/0x94 > irq_thread+0x100/0x1c0 > kthread+0x140/0x1fc > ret_from_fork+0x10/0x30 > Code: 54000088 f94ca50a eb14015f 54000060 (f9400108) > ---[ end trace ace43ce36cbd5c93 ]--- > Kernel panic - not syncing: Oops: Fatal exception > SMP: stopping secondary CPUs > Kernel Offset: 0x12c4000000 from 0xffffffc010000000 > PHYS_OFFSET: 0xffffffe580000000 > CPU features: 0x08240002,2188200c > Memory Limit: none > > Fixes: 655b86e52eac ("media: mediatek: vcodec: Fix possible invalid memory access for decoder") > Signed-off-by: Yunfei Dong Reviewed-by: AngeloGioacchino Del Regno