linux

History

Dafna Hirschfeld 9f89c881bf media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released The func v4l2_m2m_ctx_release waits for currently running jobs to finish and then stop streaming both queues and frees the buffers. All this should be done before the call to mtk_vcodec_enc_release which frees the encoder handler. This fixes null-pointer dereference bug: [ 638.028076] Mem abort info: [ 638.030932] ESR = 0x96000004 [ 638.033978] EC = 0x25: DABT (current EL), IL = 32 bits [ 638.039293] SET = 0, FnV = 0 [ 638.042338] EA = 0, S1PTW = 0 [ 638.045474] FSC = 0x04: level 0 translation fault [ 638.050349] Data abort info: [ 638.053224] ISV = 0, ISS = 0x00000004 [ 638.057055] CM = 0, WnR = 0 [ 638.060018] user pgtable: 4k pages, 48-bit VAs, pgdp=000000012b6db000 [ 638.066485] [00000000000001a0] pgd=0000000000000000, p4d=0000000000000000 [ 638.073277] Internal error: Oops: 96000004 [#1] SMP [ 638.078145] Modules linked in: rfkill mtk_vcodec_dec mtk_vcodec_enc uvcvideo mtk_mdp mtk_vcodec_common videobuf2_dma_contig v4l2_h264 cdc_ether v4l2_mem2mem videobuf2_vmalloc usbnet videobuf2_memops videobuf2_v4l2 r8152 videobuf2_common videodev cros_ec_sensors cros_ec_sensors_core industrialio_triggered_buffer kfifo_buf elan_i2c elants_i2c sbs_battery mc cros_usbpd_charger cros_ec_chardev cros_usbpd_logger crct10dif_ce mtk_vpu fuse ip_tables x_tables ipv6 [ 638.118583] CPU: 0 PID: 212 Comm: kworker/u8:5 Not tainted 5.15.0-06427-g58a1d4dcfc74-dirty #109 [ 638.127357] Hardware name: Google Elm (DT) [ 638.131444] Workqueue: mtk-vcodec-enc mtk_venc_worker [mtk_vcodec_enc] [ 638.137974] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 638.144925] pc : vp8_enc_encode+0x34/0x2b0 [mtk_vcodec_enc] [ 638.150493] lr : venc_if_encode+0xac/0x1b0 [mtk_vcodec_enc] [ 638.156060] sp : ffff8000124d3c40 [ 638.159364] x29: ffff8000124d3c40 x28: 0000000000000000 x27: 0000000000000000 [ 638.166493] x26: 0000000000000000 x25: ffff0000e7f252d0 x24: ffff8000124d3d58 [ 638.173621] x23: ffff8000124d3d58 x22: ffff8000124d3d60 x21: 0000000000000001 [ 638.180750] x20: ffff80001137e000 x19: 0000000000000000 x18: 0000000000000001 [ 638.187878] x17: 000000040044ffff x16: 00400032b5503510 x15: 0000000000000000 [ 638.195006] x14: ffff8000118536c0 x13: ffff8000ee1da000 x12: 0000000030d4d91d [ 638.202134] x11: 0000000000000000 x10: 0000000000000980 x9 : ffff8000124d3b20 [ 638.209262] x8 : ffff0000c18d4ea0 x7 : ffff0000c18d44c0 x6 : ffff0000c18d44c0 [ 638.216391] x5 : ffff80000904a3b0 x4 : ffff8000124d3d58 x3 : ffff8000124d3d60 [ 638.223519] x2 : ffff8000124d3d78 x1 : 0000000000000001 x0 : ffff80001137efb8 [ 638.230648] Call trace: [ 638.233084] vp8_enc_encode+0x34/0x2b0 [mtk_vcodec_enc] [ 638.238304] venc_if_encode+0xac/0x1b0 [mtk_vcodec_enc] [ 638.243525] mtk_venc_worker+0x110/0x250 [mtk_vcodec_enc] [ 638.248918] process_one_work+0x1f8/0x498 [ 638.252923] worker_thread+0x140/0x538 [ 638.256664] kthread+0x148/0x158 [ 638.259884] ret_from_fork+0x10/0x20 [ 638.263455] Code: f90023f9 2a0103f5 aa0303f6 aa0403f8 (f940d277) [ 638.269538] ---[ end trace e374fc10f8e181f5 ]--- [gst-master] root@debian:~/gst-build# [ 638.019193] Unable to handle kernel NULL pointer dereference at virtual address 00000000000001a0 Fixes: `4e855a6efa` ("[media] vcodec: mediatek: Add Mediatek V4L2 Video Encoder Driver") Signed-off-by: Dafna Hirschfeld <dafna.hirschfeld@collabora.com> Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl> Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>		2021-11-30 12:17:57 +01:00
..
vdec	media: mtk-vcodec: Align width and height to 64 bytes	2021-11-15 08:12:04 +00:00
venc	media: mtk-vcodec: remove unused func parameter	2021-11-19 06:03:24 +00:00
Makefile	media: mtk-vcodec: vdec: support stateless H.264 decoding	2021-09-30 10:07:42 +02:00
mtk_vcodec_dec_drv.c	media: mtk-vcodec: Fix an error handling path in 'mtk_vcodec_probe()'	2021-11-30 12:07:53 +01:00
mtk_vcodec_dec_pm.c	media: mtk-vcodec: fix PM runtime get logic	2021-05-10 11:36:34 +02:00
mtk_vcodec_dec_pm.h	media: mtk-vcodec: fix PM runtime get logic	2021-05-10 11:36:34 +02:00
mtk_vcodec_dec_stateful.c	media: mtk-vcodec: vdec: handle firmware version field	2021-09-30 10:07:41 +02:00
mtk_vcodec_dec_stateless.c	media: mtk-vcodec: vdec: remove redundant 'pfb' assignment	2021-11-15 08:12:06 +00:00
mtk_vcodec_dec.c	media: mtk-vcodec: vdec: support stateless API	2021-09-30 10:07:42 +02:00
mtk_vcodec_dec.h	media: mtk-vcodec: Align width and height to 64 bytes	2021-11-15 08:12:04 +00:00
mtk_vcodec_drv.h	media: mtk-vcodec: vdec: add media device if using stateless api	2021-09-30 10:07:42 +02:00
mtk_vcodec_enc_drv.c	media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released	2021-11-30 12:17:57 +01:00
mtk_vcodec_enc_pm.c	media: mtk-vcodec: Separating mtk encoder driver	2021-04-06 16:06:52 +02:00
mtk_vcodec_enc_pm.h
mtk_vcodec_enc.c	media: mtk-vcodec: enc: add vp8 profile ctrl	2021-11-19 06:02:52 +00:00
mtk_vcodec_enc.h
mtk_vcodec_fw_priv.h
mtk_vcodec_fw_scp.c
mtk_vcodec_fw_vpu.c
mtk_vcodec_fw.c
mtk_vcodec_fw.h
mtk_vcodec_intr.c	media: mtk-vcodec: Fix order of log arguments	2021-01-27 13:11:25 +01:00
mtk_vcodec_intr.h
mtk_vcodec_util.c
mtk_vcodec_util.h
vdec_drv_base.h
vdec_drv_if.c	media: mtk-vcodec: vdec: support stateless H.264 decoding	2021-09-30 10:07:42 +02:00
vdec_drv_if.h	media: mtk-vcodec: vdec: support stateless H.264 decoding	2021-09-30 10:07:42 +02:00
vdec_ipi_msg.h	media: mtk-vcodec: support version 2 of decoder firmware ABI	2021-09-30 10:07:41 +02:00
vdec_vpu_if.c	media: mtk-vcodec: support version 2 of decoder firmware ABI	2021-09-30 10:07:41 +02:00
vdec_vpu_if.h	media: mtk-vcodec: support version 2 of decoder firmware ABI	2021-09-30 10:07:41 +02:00
venc_drv_base.h
venc_drv_if.c
venc_drv_if.h
venc_ipi_msg.h	media: mtk-vcodec: fix kerneldoc warnings	2021-06-17 10:25:59 +02:00
venc_vpu_if.c	media: mtk-vcodec: remove unused func parameter	2021-11-19 06:03:24 +00:00
venc_vpu_if.h	media: mtk-vcodec: remove unused func parameter	2021-11-19 06:03:24 +00:00