| Message ID | 20200529213823.98812-1-john.stultz@linaro.org (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | a6b675a89e51a1cdad0481b809b7840d3f86e4b5 |
| Headers | show |
| Series | [RFC] ASoC: qcom: q6asm-dai: kCFI fix | expand |
On 29/05/2020 22:38, John Stultz wrote: > Fixes the following kCFI crash seen on db845c, caused > by the function prototypes not matching the callback > function prototype. > > [ 82.585661] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000001 > [ 82.595387] Mem abort info: > [ 82.599463] ESR = 0x96000005 > [ 82.602658] EC = 0x25: DABT (current EL), IL = 32 bits > [ 82.608177] SET = 0, FnV = 0 > [ 82.611829] EA = 0, S1PTW = 0 > [ 82.615369] Data abort info: > [ 82.618751] ISV = 0, ISS = 0x00000005 > [ 82.622641] CM = 0, WnR = 0 > [ 82.625774] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000174259000 > [ 82.632292] [0000000000000001] pgd=0000000000000000, pud=0000000000000000 > [ 82.639167] Internal error: Oops: 96000005 [#1] PREEMPT SMP > [ 82.644795] Modules linked in: hci_uart btqca xhci_plat_hcd xhci_pci_renesas xhci_pci xhci_hcd wcn36xx wcnss_ctrl wcd934x vctrl_regulator ufs_qcom syscon_reboot_e > [ 82.644927] qcom_apcs_ipc_mailbox q6asm_dai q6routing q6asm q6afe_dai q6adm q6afe q6core q6dsp_common pm8941_pwrkey pm8916_wdt platform_mhu pinctrl_spmi_mpp pine > [ 82.812982] CPU: 3 PID: 240 Comm: kworker/u16:4 Tainted: G W 5.6.0-rc7-mainline-00960-g0c34353d11b9-dirty #1 > [ 82.824201] Hardware name: Thundercomm Dragonboard 845c (DT) > [ 82.829937] Workqueue: qcom_apr_rx apr_rxwq [apr] > [ 82.834698] pstate: 80c00005 (Nzcv daif +PAN +UAO) > [ 82.839553] pc : __cfi_check_fail+0x4/0x1c [q6asm_dai] > [ 82.844754] lr : __cfi_check+0x3a8/0x3b0 [q6asm_dai] > [ 82.849767] sp : ffffffc0105f3c20 > [ 82.853123] x29: ffffffc0105f3c30 x28: 0000000000000020 > [ 82.858489] x27: ffffff80f4588400 x26: ffffff80f458ec94 > [ 82.863854] x25: ffffff80f458ece8 x24: ffffffe3670c7000 > [ 82.869220] x23: ffffff8094bb7b34 x22: ffffffe367137000 > [ 82.874585] x21: bd07909b332eada6 x20: 0000000000000001 > [ 82.879950] x19: ffffffe36713863c x18: ffffff80f8df4430 > [ 82.885316] x17: 0000000000000001 x16: ffffffe39d15e660 > [ 82.890681] x15: 0000000000000001 x14: 0000000000000027 > [ 82.896047] x13: 0000000000000000 x12: ffffffe39e6465a0 > [ 82.901413] x11: 0000000000000051 x10: 000000000000ffff > [ 82.906779] x9 : 000ffffffe366c19 x8 : c3c5f18762d1ceef > [ 82.912145] x7 : 0000000000000000 x6 : ffffffc010877698 > [ 82.917511] x5 : ffffffc0105f3c00 x4 : 0000000000000000 > [ 82.922877] x3 : 0000000000000000 x2 : 0000000000000001 > [ 82.928243] x1 : ffffffe36713863c x0 : 0000000000000001 > [ 82.933610] Call trace: > [ 82.936099] __cfi_check_fail+0x4/0x1c [q6asm_dai] > [ 82.940955] q6asm_srvc_callback+0x22c/0x618 [q6asm] > [ 82.945973] apr_rxwq+0x1a8/0x27c [apr] > [ 82.949861] process_one_work+0x2e8/0x54c > [ 82.953919] worker_thread+0x27c/0x4d4 > [ 82.957715] kthread+0x144/0x154 > [ 82.960985] ret_from_fork+0x10/0x18 > [ 82.964603] Code: a8c37bfd f85f8e5e d65f03c0 b40000a0 (39400008) > [ 82.970762] ---[ end trace 410accb839617143 ]--- > [ 82.975429] Kernel panic - not syncing: Fatal exception > > Cc: Patrick Lai <plai@codeaurora.org> > Cc: Banajit Goswami <bgoswami@codeaurora.org> > Cc: Liam Girdwood <lgirdwood@gmail.com> > Cc: Mark Brown <broonie@kernel.org> > Cc: Jaroslav Kysela <perex@perex.cz> > Cc: Takashi Iwai <tiwai@suse.com> > Cc: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> > Cc: Vinod Koul <vkoul@kernel.org> > Cc: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> > Cc: Stephan Gerhold <stephan@gerhold.net> > Cc: Sami Tolvanen <samitolvanen@google.com> > Cc: Todd Kjos <tkjos@google.com> > Cc: Alistair Delva <adelva@google.com> > Cc: Amit Pundir <amit.pundir@linaro.org> > Cc: Sumit Semwal <sumit.semwal@linaro.org> > Cc: alsa-devel@alsa-project.org > Signed-off-by: John Stultz <john.stultz@linaro.org> > --- > sound/soc/qcom/qdsp6/q6asm-dai.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Thanks for the Patch! Reviewed-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> > > diff --git a/sound/soc/qcom/qdsp6/q6asm-dai.c b/sound/soc/qcom/qdsp6/q6asm-dai.c > index 125af00bba53..4640804aab7f 100644 > --- a/sound/soc/qcom/qdsp6/q6asm-dai.c > +++ b/sound/soc/qcom/qdsp6/q6asm-dai.c > @@ -176,7 +176,7 @@ static const struct snd_compr_codec_caps q6asm_compr_caps = { > }; > > static void event_handler(uint32_t opcode, uint32_t token, > - uint32_t *payload, void *priv) > + void *payload, void *priv) > { > struct q6asm_dai_rtd *prtd = priv; > struct snd_pcm_substream *substream = prtd->substream; > @@ -490,7 +490,7 @@ static int q6asm_dai_hw_params(struct snd_soc_component *component, > } > > static void compress_event_handler(uint32_t opcode, uint32_t token, > - uint32_t *payload, void *priv) > + void *payload, void *priv) > { > struct q6asm_dai_rtd *prtd = priv; > struct snd_compr_stream *substream = prtd->cstream; >
On Fri, May 29, 2020 at 09:38:23PM +0000, John Stultz wrote: > [ 82.585661] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000001 > [ 82.595387] Mem abort info: > [ 82.599463] ESR = 0x96000005 > [ 82.602658] EC = 0x25: DABT (current EL), IL = 32 bits Please think hard before including complete backtraces in upstream reports, they are very large and contain almost no useful information relative to their size so often obscure the relevant content in your message. If part of the backtrace is usefully illustrative (it often is for search engines if nothing else) then it's usually better to pull out the relevant sections.
On Fri, 29 May 2020 21:38:23 +0000, John Stultz wrote: > Fixes the following kCFI crash seen on db845c, caused > by the function prototypes not matching the callback > function prototype. > > [ 82.585661] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000001 > [ 82.595387] Mem abort info: > [ 82.599463] ESR = 0x96000005 > [ 82.602658] EC = 0x25: DABT (current EL), IL = 32 bits > [ 82.608177] SET = 0, FnV = 0 > [ 82.611829] EA = 0, S1PTW = 0 > [ 82.615369] Data abort info: > [ 82.618751] ISV = 0, ISS = 0x00000005 > [ 82.622641] CM = 0, WnR = 0 > [ 82.625774] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000174259000 > [ 82.632292] [0000000000000001] pgd=0000000000000000, pud=0000000000000000 > [ 82.639167] Internal error: Oops: 96000005 [#1] PREEMPT SMP > [ 82.644795] Modules linked in: hci_uart btqca xhci_plat_hcd xhci_pci_renesas xhci_pci xhci_hcd wcn36xx wcnss_ctrl wcd934x vctrl_regulator ufs_qcom syscon_reboot_e > [ 82.644927] qcom_apcs_ipc_mailbox q6asm_dai q6routing q6asm q6afe_dai q6adm q6afe q6core q6dsp_common pm8941_pwrkey pm8916_wdt platform_mhu pinctrl_spmi_mpp pine > [ 82.812982] CPU: 3 PID: 240 Comm: kworker/u16:4 Tainted: G W 5.6.0-rc7-mainline-00960-g0c34353d11b9-dirty #1 > [ 82.824201] Hardware name: Thundercomm Dragonboard 845c (DT) > [ 82.829937] Workqueue: qcom_apr_rx apr_rxwq [apr] > [ 82.834698] pstate: 80c00005 (Nzcv daif +PAN +UAO) > [ 82.839553] pc : __cfi_check_fail+0x4/0x1c [q6asm_dai] > [ 82.844754] lr : __cfi_check+0x3a8/0x3b0 [q6asm_dai] > [ 82.849767] sp : ffffffc0105f3c20 > [ 82.853123] x29: ffffffc0105f3c30 x28: 0000000000000020 > [ 82.858489] x27: ffffff80f4588400 x26: ffffff80f458ec94 > [ 82.863854] x25: ffffff80f458ece8 x24: ffffffe3670c7000 > [ 82.869220] x23: ffffff8094bb7b34 x22: ffffffe367137000 > [ 82.874585] x21: bd07909b332eada6 x20: 0000000000000001 > [ 82.879950] x19: ffffffe36713863c x18: ffffff80f8df4430 > [ 82.885316] x17: 0000000000000001 x16: ffffffe39d15e660 > [ 82.890681] x15: 0000000000000001 x14: 0000000000000027 > [ 82.896047] x13: 0000000000000000 x12: ffffffe39e6465a0 > [ 82.901413] x11: 0000000000000051 x10: 000000000000ffff > [ 82.906779] x9 : 000ffffffe366c19 x8 : c3c5f18762d1ceef > [ 82.912145] x7 : 0000000000000000 x6 : ffffffc010877698 > [ 82.917511] x5 : ffffffc0105f3c00 x4 : 0000000000000000 > [ 82.922877] x3 : 0000000000000000 x2 : 0000000000000001 > [ 82.928243] x1 : ffffffe36713863c x0 : 0000000000000001 > [ 82.933610] Call trace: > [ 82.936099] __cfi_check_fail+0x4/0x1c [q6asm_dai] > [ 82.940955] q6asm_srvc_callback+0x22c/0x618 [q6asm] > [ 82.945973] apr_rxwq+0x1a8/0x27c [apr] > [ 82.949861] process_one_work+0x2e8/0x54c > [ 82.953919] worker_thread+0x27c/0x4d4 > [ 82.957715] kthread+0x144/0x154 > [ 82.960985] ret_from_fork+0x10/0x18 > [ 82.964603] Code: a8c37bfd f85f8e5e d65f03c0 b40000a0 (39400008) > [ 82.970762] ---[ end trace 410accb839617143 ]--- > [ 82.975429] Kernel panic - not syncing: Fatal exception Applied to https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git for-next Thanks! [1/1] ASoC: qcom: q6asm-dai: kCFI fix commit: a6b675a89e51a1cdad0481b809b7840d3f86e4b5 All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent to Linus during the next merge window (or sooner if it is a bug fix), however if problems are discovered then the patch may be dropped or reverted. You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed. If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced. Please add any relevant lists and maintainers to the CCs when replying to this mail. Thanks, Mark
diff --git a/sound/soc/qcom/qdsp6/q6asm-dai.c b/sound/soc/qcom/qdsp6/q6asm-dai.c index 125af00bba53..4640804aab7f 100644 --- a/sound/soc/qcom/qdsp6/q6asm-dai.c +++ b/sound/soc/qcom/qdsp6/q6asm-dai.c @@ -176,7 +176,7 @@ static const struct snd_compr_codec_caps q6asm_compr_caps = { }; static void event_handler(uint32_t opcode, uint32_t token, - uint32_t *payload, void *priv) + void *payload, void *priv) { struct q6asm_dai_rtd *prtd = priv; struct snd_pcm_substream *substream = prtd->substream; @@ -490,7 +490,7 @@ static int q6asm_dai_hw_params(struct snd_soc_component *component, } static void compress_event_handler(uint32_t opcode, uint32_t token, - uint32_t *payload, void *priv) + void *payload, void *priv) { struct q6asm_dai_rtd *prtd = priv; struct snd_compr_stream *substream = prtd->cstream;
Fixes the following kCFI crash seen on db845c, caused by the function prototypes not matching the callback function prototype. [ 82.585661] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000001 [ 82.595387] Mem abort info: [ 82.599463] ESR = 0x96000005 [ 82.602658] EC = 0x25: DABT (current EL), IL = 32 bits [ 82.608177] SET = 0, FnV = 0 [ 82.611829] EA = 0, S1PTW = 0 [ 82.615369] Data abort info: [ 82.618751] ISV = 0, ISS = 0x00000005 [ 82.622641] CM = 0, WnR = 0 [ 82.625774] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000174259000 [ 82.632292] [0000000000000001] pgd=0000000000000000, pud=0000000000000000 [ 82.639167] Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 82.644795] Modules linked in: hci_uart btqca xhci_plat_hcd xhci_pci_renesas xhci_pci xhci_hcd wcn36xx wcnss_ctrl wcd934x vctrl_regulator ufs_qcom syscon_reboot_e [ 82.644927] qcom_apcs_ipc_mailbox q6asm_dai q6routing q6asm q6afe_dai q6adm q6afe q6core q6dsp_common pm8941_pwrkey pm8916_wdt platform_mhu pinctrl_spmi_mpp pine [ 82.812982] CPU: 3 PID: 240 Comm: kworker/u16:4 Tainted: G W 5.6.0-rc7-mainline-00960-g0c34353d11b9-dirty #1 [ 82.824201] Hardware name: Thundercomm Dragonboard 845c (DT) [ 82.829937] Workqueue: qcom_apr_rx apr_rxwq [apr] [ 82.834698] pstate: 80c00005 (Nzcv daif +PAN +UAO) [ 82.839553] pc : __cfi_check_fail+0x4/0x1c [q6asm_dai] [ 82.844754] lr : __cfi_check+0x3a8/0x3b0 [q6asm_dai] [ 82.849767] sp : ffffffc0105f3c20 [ 82.853123] x29: ffffffc0105f3c30 x28: 0000000000000020 [ 82.858489] x27: ffffff80f4588400 x26: ffffff80f458ec94 [ 82.863854] x25: ffffff80f458ece8 x24: ffffffe3670c7000 [ 82.869220] x23: ffffff8094bb7b34 x22: ffffffe367137000 [ 82.874585] x21: bd07909b332eada6 x20: 0000000000000001 [ 82.879950] x19: ffffffe36713863c x18: ffffff80f8df4430 [ 82.885316] x17: 0000000000000001 x16: ffffffe39d15e660 [ 82.890681] x15: 0000000000000001 x14: 0000000000000027 [ 82.896047] x13: 0000000000000000 x12: ffffffe39e6465a0 [ 82.901413] x11: 0000000000000051 x10: 000000000000ffff [ 82.906779] x9 : 000ffffffe366c19 x8 : c3c5f18762d1ceef [ 82.912145] x7 : 0000000000000000 x6 : ffffffc010877698 [ 82.917511] x5 : ffffffc0105f3c00 x4 : 0000000000000000 [ 82.922877] x3 : 0000000000000000 x2 : 0000000000000001 [ 82.928243] x1 : ffffffe36713863c x0 : 0000000000000001 [ 82.933610] Call trace: [ 82.936099] __cfi_check_fail+0x4/0x1c [q6asm_dai] [ 82.940955] q6asm_srvc_callback+0x22c/0x618 [q6asm] [ 82.945973] apr_rxwq+0x1a8/0x27c [apr] [ 82.949861] process_one_work+0x2e8/0x54c [ 82.953919] worker_thread+0x27c/0x4d4 [ 82.957715] kthread+0x144/0x154 [ 82.960985] ret_from_fork+0x10/0x18 [ 82.964603] Code: a8c37bfd f85f8e5e d65f03c0 b40000a0 (39400008) [ 82.970762] ---[ end trace 410accb839617143 ]--- [ 82.975429] Kernel panic - not syncing: Fatal exception Cc: Patrick Lai <plai@codeaurora.org> Cc: Banajit Goswami <bgoswami@codeaurora.org> Cc: Liam Girdwood <lgirdwood@gmail.com> Cc: Mark Brown <broonie@kernel.org> Cc: Jaroslav Kysela <perex@perex.cz> Cc: Takashi Iwai <tiwai@suse.com> Cc: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Cc: Vinod Koul <vkoul@kernel.org> Cc: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Cc: Stephan Gerhold <stephan@gerhold.net> Cc: Sami Tolvanen <samitolvanen@google.com> Cc: Todd Kjos <tkjos@google.com> Cc: Alistair Delva <adelva@google.com> Cc: Amit Pundir <amit.pundir@linaro.org> Cc: Sumit Semwal <sumit.semwal@linaro.org> Cc: alsa-devel@alsa-project.org Signed-off-by: John Stultz <john.stultz@linaro.org> --- sound/soc/qcom/qdsp6/q6asm-dai.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)