On 7/24/19 9:51 AM, Douglas Gilbert wrote:
Hi, Same hardware setup as last time*** (NXP OM13588 + SAMA5D2_Xplained + lk 5.1.18) but not sure exactly how it was triggered. I was using the NXP test monitor (NXP software) with another OM13588+KL27Z at the other end of the USB Type C cable (it is also a PD DRP). When I looked back at the Linux debug window I saw this: [36749.300000] Unable to handle kernel NULL pointer dereference at virtual address 000001f0 [36749.310000] pgd = 41dad9a1 [36749.310000] [000001f0] *pgd=00000000 [36749.320000] Internal error: Oops: 5 [#1] THUMB2 [36749.320000] Modules linked in: tcpci tcpm [36749.320000] CPU: 0 PID: 2338 Comm: kworker/u2:0 Not tainted 5.1.18-sama5-armv7-r2 #6 [36749.320000] Hardware name: Atmel SAMA5 [36749.320000] Workqueue: 2-0050 tcpm_pd_rx_handler [tcpm] [36749.320000] PC is at typec_altmode_attention+0x0/0x14 [36749.320000] LR is at tcpm_pd_rx_handler+0xa3b/0xda0 [tcpm]
In tcpm_pd_svdm(): adev = typec_match_altmode(...); ... typec_altmode_attention(adev, p[1]); typec_match_altmode() can return NULL. The calling code doesn't check the returned pointer. I suspect that typec_match_altmode() returns NULL, causing the crash. Heikki, can this happen ? What would be the proper fix ? Guenter
[36749.320000] pc : [<c03fbee8>] lr : [<bf8030fb>] psr: 60030033 [36749.320000] sp : df4a9e48 ip : 00000020 fp : 00000002 [36749.320000] r10: 00000006 r9 : 00000000 r8 : 00000001 [36749.320000] r7 : deee6044 r6 : c0907008 r5 : dd4a7900 r4 : deee6040 [36749.320000] r3 : 00000001 r2 : 00001fc9 r1 : c0128525 r0 : 00000000 [36749.320000] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA Thumb Segment none [36749.320000] Control: 50c53c7d Table: 3c5cc059 DAC: 00000051 [36749.320000] Process kworker/u2:0 (pid: 2338, stack limit = 0x64d0912d) [36749.320000] Stack: (0xdf4a9e48 to 0xdf4aa000) [36749.320000] 9e40: 00000006 00000001 ffb3b4c1 ffffffff c090e6c0 c090e6c0 [36749.320000] 9e60: c090e6c0 c060373c c060373c 00000000 dd4a7916 c090e6c0 00000000 df730f00 [36749.320000] 9e80: 1fc98106 c0128525 c090e6c0 df59a040 400e0013 df4a9ea0 df59a040 00000000 [36749.320000] 9ea0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 c094e650 [36749.320000] 9ec0: df4a9f08 c012a647 c01031e9 c090ab8c 00000000 c0124f95 ffffffff 00000000 [36749.320000] 9ee0: dc637580 c090e6c0 0bd6fbbc df747500 dc637580 c090e6c0 df4a9f08 968fe74d [36749.320000] 9f00: deea6e00 dd4a7900 ded05180 deedd100 80000000 df406000 dd4a7904 00000000 [36749.320000] 9f20: 00000000 c012082b df406000 df406000 df4a9f48 ded05180 df406000 ded05194 [36749.320000] 9f40: 50000000 c09132a0 df406014 df4a8000 df406000 c0120a6d dc5a1100 00000000 [36749.320000] 9f60: df4a9f78 dc5a1080 dc5a1100 00000000 df4a8000 ded05180 c01209b1 df7c1eb0 [36749.320000] 9f80: dc5a1098 c012431f ffffffff dc5a1100 c0124251 00000000 00000000 00000000 [36749.320000] 9fa0: 00000000 00000000 00000000 c01010f9 00000000 00000000 00000000 00000000 [36749.320000] 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [36749.320000] 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000 [36749.320000] [<c03fbee8>] (typec_altmode_attention) from [<bf8030fb>] (tcpm_pd_rx_handler+0xa3b/0xda0 [tcpm]) [36749.320000] [<bf8030fb>] (tcpm_pd_rx_handler [tcpm]) from [<c012082b>] (process_one_work+0x123/0x2a8) [36749.320000] [<c012082b>] (process_one_work) from [<c0120a6d>] (worker_thread+0xbd/0x3b0) [36749.320000] [<c0120a6d>] (worker_thread) from [<c012431f>] (kthread+0xcf/0xf4) [36749.320000] [<c012431f>] (kthread) from [<c01010f9>] (ret_from_fork+0x11/0x38) [36749.320000] Exception stack(0xdf4a9fb0 to 0xdf4a9ff8) [36749.320000] 9fa0: 00000000 00000000 00000000 00000000 [36749.320000] 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [36749.320000] 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 [36749.320000] Code: f76d bbae 4770 bf00 (f8d0) 01f0 [36749.590000] ---[ end trace ee6ff121ba861a9f ]--- Oops also attached. Doug Gilbert *** Email: "Re: 5.1.18 oops: echo source > /sys/class/typec/port0/preferred_role"
