From patchwork Fri Dec 11 09:02:13 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Inki Dae <inki.dae@samsung.com>
X-Patchwork-Id: 7827451
Return-Path: <linux-samsung-soc-owner@kernel.org>
X-Original-To: patchwork-linux-samsung-soc@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id A3BF2BEEE1
	for <patchwork-linux-samsung-soc@patchwork.kernel.org>;
	Fri, 11 Dec 2015 09:02:32 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 63A1320570
	for <patchwork-linux-samsung-soc@patchwork.kernel.org>;
	Fri, 11 Dec 2015 09:02:31 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 2068A20585
	for <patchwork-linux-samsung-soc@patchwork.kernel.org>;
	Fri, 11 Dec 2015 09:02:29 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752211AbbLKJC2 (ORCPT
	<rfc822;patchwork-linux-samsung-soc@patchwork.kernel.org>);
	Fri, 11 Dec 2015 04:02:28 -0500
Received: from mailout3.samsung.com ([203.254.224.33]:41807 "EHLO
	mailout3.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751395AbbLKJCY (ORCPT
	<rfc822;linux-samsung-soc@vger.kernel.org>);
	Fri, 11 Dec 2015 04:02:24 -0500
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Received: from epcpsbgr5.samsung.com
	(u145.gpu120.samsung.co.kr [203.254.230.145])
	by mailout3.samsung.com (Oracle Communications Messaging Server
	7.0.5.31.0 64bit (built May  5 2014))
	with ESMTP id <0NZ60190NRRXR210@mailout3.samsung.com> for
	linux-samsung-soc@vger.kernel.org;
	Fri, 11 Dec 2015 18:02:21 +0900 (KST)
Received: from epcpsbgm2new.samsung.com ( [172.20.52.116])
	by epcpsbgr5.samsung.com (EPCPMTA) with SMTP id C5.62.04790.D119A665;
	Fri, 11 Dec 2015 18:02:21 +0900 (KST)
X-AuditID: cbfee691-f79766d0000012b6-80-566a911df4b3
Received: from epmmp1.local.host ( [203.254.227.16])
	by epcpsbgm2new.samsung.com (EPCPMTA) with SMTP id
	2F.3F.09068.D119A665; Fri, 11 Dec 2015 18:02:21 +0900 (KST)
Content-transfer-encoding: 8BIT
Received: from [10.113.62.206] by mmp1.samsung.com
	(Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5
	2014)) with ESMTPA id <0NZ600AVSRRPPG00@mmp1.samsung.com>; Fri,
	11 Dec 2015 18:02:21 +0900 (KST)
Message-id: <566A9115.6040109@samsung.com>
Date: Fri, 11 Dec 2015 18:02:13 +0900
From: Inki Dae <inki.dae@samsung.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101
	Thunderbird/31.6.0
To: Marek Szyprowski <m.szyprowski@samsung.com>,
	dri-devel@lists.freedesktop.org, linux-samsung-soc@vger.kernel.org
Cc: Joonyoung Shim <jy0922.shim@samsung.com>,
	Seung-Woo Kim <sw0312.kim@samsung.com>,
	Andrzej Hajda <a.hajda@samsung.com>,
	Krzysztof Kozlowski <k.kozlowski@samsung.com>,
	Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>,
	Tobias Jakobi <tjakobi@math.uni-bielefeld.de>,
	Gustavo Padovan <gustavo@padovan.org>,
	Javier Martinez Canillas <javier@osg.samsung.com>
Subject: Re: [PATCH v2 06/22] drm/exynos: move dma_addr attribute from exynos
	plane to exynos fb
References: <1448891617-18830-1-git-send-email-m.szyprowski@samsung.com>
	<1448891617-18830-7-git-send-email-m.szyprowski@samsung.com>
	<566978A1.60302@samsung.com>
In-reply-to: <566978A1.60302@samsung.com>
X-Brightmail-Tracker: 
 H4sIAAAAAAAAA+NgFtrOIsWRmVeSWpSXmKPExsWyRsSkRFd2YlaYwfXNBha31p1jtdg4Yz2r
	xZWv79ksdj7YxW7x5u0aJosX9y6yWLx+YWgx4/w+Jou1R+6yW8yY/JLNom31B1YHbo/73ceZ
	PP4dY/fY0n+X3WPnpL1MHn1bVjF6fN4kF8AWxWWTkpqTWZZapG+XwJWx9cxcxoLJvhU7rl9h
	b2BcYt/FyMEhIWAi0XUmv4uRE8gUk7hwbz1bFyMXh5DACkaJGzcesUEkTCQ23f7CCJFYyijR
	++kJM0iCV0BQ4sfkeywgg5gF5CWOXMqGMNUlpkzJhSh/wCixtf82VLmWRNPJJiYQm0VAVWLG
	i1dgcTYge+KK+2wgvaICERLdJypBwiICpRKv+u+DrWUW+MwkMf/WbBaQhLBAkkT7v4VQhy5j
	lJh1bRXYUE4BTYmpk9YwgSQkBL6yS+x63wG1TUDi2+RDLBAfy0psOsAM8ZikxMEVN1gmMIrN
	QvLOLIR3ZiG8s4CReRWjaGpBckFxUnqRqV5xYm5xaV66XnJ+7iZGYHye/vds4g7G+wesDzEK
	cDAq8fAu4MgKE2JNLCuuzD3EaAp0w0RmKdHkfGASyCuJNzQ2M7IwNTE1NjK3NFMS59WR/hks
	JJCeWJKanZpakFoUX1Sak1p8iJGJg1OqgbHHyv/BpC+RZdsiF8+9c4G77vONyMiZJ/unPNU6
	0MN69WnGih35rxzmf7DzV4pxT9j935fbtfhubvsX3rN7uva13NS69+Dqtr/a4hMv/GBV2Ttt
	/4xdS7xPz3i3xnai3U2rc1kiDw+Z9rm+s/+Xkb3rRLz85wbHvfuDcg+/ufGi7GzlT9mcP9wv
	lViKMxINtZiLihMBzHplLMoCAAA=
X-Brightmail-Tracker: 
 H4sIAAAAAAAAA+NgFmplleLIzCtJLcpLzFFi42I5/e+xgK7sxKwwgz2daha31p1jtdg4Yz2r
	xZWv79ksdj7YxW7x5u0aJosX9y6yWLx+YWgx4/w+Jou1R+6yW8yY/JLNom31B1YHbo/73ceZ
	PP4dY/fY0n+X3WPnpL1MHn1bVjF6fN4kF8AW1cBok5GamJJapJCal5yfkpmXbqvkHRzvHG9q
	ZmCoa2hpYa6kkJeYm2qr5OIToOuWmQN0npJCWWJOKVAoILG4WEnfDtOE0BA3XQuYxghd35Ag
	uB4jAzSQsIYxY+uZuYwFk30rdly/wt7AuMS+i5GTQ0LARGLT7S+MELaYxIV769m6GLk4hASW
	Mkr0fnrCDJLgFRCU+DH5HksXIwcHs4C8xJFL2RCmusSUKbkQ5Q8YJbb234Yq15JoOtnEBGKz
	CKhKzHjxCizOBmRPXHGfDaRXVCBCovtEJUhYRKBU4lX/fUaQOcwCn5kk5t+azQKSEBZIkmj/
	txDqnmWMErOurQIbyimgKTF10hqmCYwCs5CcNwvhvFkI5y1gZF7FKJFakFxQnJSea5SXWq5X
	nJhbXJqXrpecn7uJEZwEnknvYDy8y/0QowAHoxIP7wKOrDAh1sSy4srcQ4wSHMxKIrz8qUAh
	3pTEyqrUovz4otKc1OJDjKZA/01klhJNzgcmqLySeENjEzMjSyNzQwsjY3Mlcd59lyLDhATS
	E0tSs1NTC1KLYPqYODilGhi3cM0XM3td0Pm0boKB8O2Sta6Pw0MXLBAMjBa6KNvF9f2MQExT
	16IdHcU9WbeP7AuJ5FvkEWh2KN77bsDWafM2LjrRfDf5sqDedimO4u17tTY9Taqbe9dTaAXj
	K7fMTsWpcSWv3BIvcGXNkzjAdGPhYa5tsyw3MsYKOMxfJcMQ6fLB/5TbYgElluKMREMt5qLi
	RACRFWO6GAMAAA==
DLP-Filter: Pass
X-MTR: 20000000000000000@CPGS
X-CFilter-Loop: Reflected
Sender: linux-samsung-soc-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-samsung-soc.vger.kernel.org>
X-Mailing-List: linux-samsung-soc@vger.kernel.org
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Hi Marek,

I found out why NULL point access happened. That was incurred by below your patch,
[PATCH] drm/exynos: move dma_addr attribute from exynos plane to exynos fb

When another crtc driver is hotplugged in runtime such as HDMI or VIDI,
the drm frambuffer object of fb_helper is set to the plane state of the new crtc driver
so the driver should get the drm framebuffer object from the plane's state or
exynos_plane->pending_fb which is set by exynos_plane_atomic_update function.

After that, I think the drm framebuffer should be set to drm plane as a current fb
which would be scanned out.

Anyway, I can fix it like below if you are ok.

Thanks,
Inki Dae

        if (ctx->vblank_on)


2015? 12? 10? 22:05? Inki Dae ?(?) ? ?:
> 
> 
> 2015? 11? 30? 22:53? Marek Szyprowski ?(?) ? ?:
>> DMA address is a framebuffer attribute and the right place for it is
>> exynos_drm_framebuffer not exynos_drm_plane. This patch also introduces
>> helper function for getting dma address of the given framebuffer.
>>
>> Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
>> Reviewed-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
>> ---
>>  drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 13 ++++++++-----
>>  drivers/gpu/drm/exynos/exynos7_drm_decon.c    | 16 +++++++++-------
>>  drivers/gpu/drm/exynos/exynos_drm_drv.h       |  3 ---
>>  drivers/gpu/drm/exynos/exynos_drm_fb.c        | 16 ++++++----------
>>  drivers/gpu/drm/exynos/exynos_drm_fb.h        |  3 +--
>>  drivers/gpu/drm/exynos/exynos_drm_fimd.c      | 10 ++++++----
>>  drivers/gpu/drm/exynos/exynos_drm_plane.c     | 18 ------------------
>>  drivers/gpu/drm/exynos/exynos_drm_vidi.c      |  5 ++++-
>>  drivers/gpu/drm/exynos/exynos_mixer.c         |  7 ++++---
>>  9 files changed, 38 insertions(+), 53 deletions(-)
>>
> 
> <--snip-->
> 
>> diff --git a/drivers/gpu/drm/exynos/exynos_drm_vidi.c b/drivers/gpu/drm/exynos/exynos_drm_vidi.c
>> index 669362c53f49..3ce141236fad 100644
>> --- a/drivers/gpu/drm/exynos/exynos_drm_vidi.c
>> +++ b/drivers/gpu/drm/exynos/exynos_drm_vidi.c
>> @@ -24,6 +24,7 @@
>>  
>>  #include "exynos_drm_drv.h"
>>  #include "exynos_drm_crtc.h"
>> +#include "exynos_drm_fb.h"
>>  #include "exynos_drm_plane.h"
>>  #include "exynos_drm_vidi.h"
>>  
>> @@ -126,11 +127,13 @@ static void vidi_update_plane(struct exynos_drm_crtc *crtc,
>>  			      struct exynos_drm_plane *plane)
>>  {
>>  	struct vidi_context *ctx = crtc->ctx;
>> +	dma_addr_t addr;
>>  
>>  	if (ctx->suspended)
>>  		return;
>>  
>> -	DRM_DEBUG_KMS("dma_addr = %pad\n", plane->dma_addr);
>> +	addr = exynos_drm_fb_dma_addr(plane->base.fb, 0);
> 
> At this point, plane->base.fb is NULL so null pointer access happens like below,
> 
> [    5.969422] Unable to handle kernel NULL pointer dereference at virtual address 00000090
> [    5.977481] pgd = ee590000
> [    5.980142] [00000090] *pgd=6e526831, *pte=00000000, *ppte=00000000
> [    5.986347] Internal error: Oops: 17 [#1] PREEMPT SMP ARM
> [    5.991712] Modules linked in:
> [    5.994770] CPU: 3 PID: 1598 Comm: sh Not tainted 4.4.0-rc3-00052-gc60d7e2-dirty #199
> [    6.002565] Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
> [    6.008647] task: ef328000 ti: ee4d4000 task.ti: ee4d4000
> [    6.014053] PC is at exynos_drm_fb_dma_addr+0x8/0x14
> [    6.018990] LR is at vidi_update_plane+0x4c/0xc4
> [    6.023581] pc : [<c02b1fb4>]    lr : [<c02c3cc4>]    psr: 80000013
> [    6.023581] sp : ee4d5d90  ip : 00000001  fp : 00000000
> [    6.035029] r10: 00000000  r9 : c05b965c  r8 : ee813e00
> [    6.040241] r7 : 00000000  r6 : ee8e3330  r5 : 00000000  r4 : ee8e3010
> [    6.046749] r3 : 00000000  r2 : 00000000  r1 : 00000024  r0 : 00000000
> [    6.053264] Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
> [    6.060379] Control: 10c5387d  Table: 6e59004a  DAC: 00000051
> [    6.066107] Process sh (pid: 1598, stack limit = 0xee4d4210)
> [    6.071748] Stack: (0xee4d5d90 to 0xee4d6000)
> [    6.076100] 5d80:                                     00000000 ee813300 ee476e40 00000005
> [    6.084236] 5da0: ee8e3330 c028ac14 00000008 ee476e40 ee476fc0 ef3b3800 ee476fc0 eeb3e380
> [    6.092395] 5dc0: 00000002 c02b08e4 00000000 eeb3e3a4 ee476fc0 ee476e40 ef3b3800 eeb3e380
> [    6.100554] 5de0: 00000002 c02b12b8 ee854400 00000000 00000001 ee8501a8 00000000 ee476e40
> [    6.108714] 5e00: ef3b3800 00000001 ee476e40 00000050 ee850c80 00000001 ee476e40 ef3b3aac
> [    6.116873] 5e20: 00000002 000000ff 00000000 c028e0ec 000a82b4 c02acc50 ee8e36a0 ee476c80
> [    6.125032] 5e40: ef3b3aac ef3b3800 ee476c9c ee850c80 ef3b3800 ef3b3800 ef3b3800 ef3b398c
> [    6.133191] 5e60: c088c390 00000002 000a82b4 c028f8d4 00000000 ef3b3800 ef0f4300 c028f948
> [    6.141350] 5e80: ee850c80 c028f864 ef3b3a84 00000001 ef3b3a90 c02853e4 00000001 00000000
> [    6.149509] 5ea0: 000a82b4 ee4d5ec0 00000002 ee8e3010 00000002 00000002 ee4d5f88 00000000
> [    6.157669] 5ec0: 00000000 eeb8df00 000a82b4 c02c4278 00000002 ee476b00 eeb8df0c c01390ac
> [    6.165828] 5ee0: 00000000 00000000 ee4e1f00 00000002 000a9540 ee4d5f88 c000f844 ee4d4000
> [    6.173987] 5f00: 00000000 c00dbf70 000a82b4 c00093dc ee4d4000 ee4d5f78 ef328234 c0579bec
> [    6.182146] 5f20: 00000001 00000001 ee4d5f3c 00000001 ee45e9c4 00000001 000a82b4 c005ca74
> [    6.190306] 5f40: ee45e9c4 00000002 000a9540 c005cad4 ee4e1f00 00000002 000a9540 ee4d5f88
> [    6.198465] 5f60: c000f844 c00dc770 00000000 00000000 ee4e1f00 ee4e1f00 00000002 000a9540
> [    6.206624] 5f80: c000f844 c00dcf98 00000000 00000000 00000003 000a7c40 00000001 000a9540
> [    6.214783] 5fa0: 00000004 c000f680 000a7c40 00000001 00000001 000a9540 00000002 00000000
> [    6.222942] 5fc0: 000a7c40 00000001 000a9540 00000004 00000020 000a82c8 000a8294 000a82b4
> [    6.231102] 5fe0: 00000000 be8b1624 00012345 b6e94166 40000030 00000001 00000000 00000000
> [    6.239270] [<c02b1fb4>] (exynos_drm_fb_dma_addr) from [<c02c3cc4>] (vidi_update_plane+0x4c/0xc4)
> [    6.248122] [<c02c3cc4>] (vidi_update_plane) from [<c028ac14>] (drm_atomic_helper_commit_planes+0x1f4/0x258)
> [    6.257928] [<c028ac14>] (drm_atomic_helper_commit_planes) from [<c02b08e4>] (exynos_atomic_commit_complete+0xe4/0x1c4)
> [    6.268688] [<c02b08e4>] (exynos_atomic_commit_complete) from [<c02b12b8>] (exynos_atomic_commit+0x180/0x1cc)
> [    6.278584] [<c02b12b8>] (exynos_atomic_commit) from [<c028e0ec>] (restore_fbdev_mode+0x260/0x290)
> [    6.287525] [<c028e0ec>] (restore_fbdev_mode) from [<c028f8d4>] (drm_fb_helper_restore_fbdev_mode_unlocked+0x30/0x74)
> [    6.298111] [<c028f8d4>] (drm_fb_helper_restore_fbdev_mode_unlocked) from [<c028f948>] (drm_fb_helper_set_par+0x30/0x54)
> [    6.308961] [<c028f948>] (drm_fb_helper_set_par) from [<c028f864>] (drm_fb_helper_hotplug_event+0x9c/0xdc)
> [    6.318595] [<c028f864>] (drm_fb_helper_hotplug_event) from [<c02853e4>] (drm_helper_hpd_irq_event+0xd4/0x160)
> [    6.328578] [<c02853e4>] (drm_helper_hpd_irq_event) from [<c02c4278>] (vidi_store_connection+0x94/0xcc)
> [    6.337954] [<c02c4278>] (vidi_store_connection) from [<c01390ac>] (kernfs_fop_write+0xb8/0x1bc)
> [    6.346723] [<c01390ac>] (kernfs_fop_write) from [<c00dbf70>] (__vfs_write+0x20/0xd8)
> [    6.354531] [<c00dbf70>] (__vfs_write) from [<c00dc770>] (vfs_write+0x90/0x164)
> [    6.361821] [<c00dc770>] (vfs_write) from [<c00dcf98>] (SyS_write+0x44/0x9c)
> [    6.368855] [<c00dcf98>] (SyS_write) from [<c000f680>] (ret_fast_syscall+0x0/0x3c)
> [    6.376404] Code: eb0b17f1 eaffffe7 e3510003 d2811024 (d7900101) 
> 
> When vidi driver is intiated by triggering a connection sysfs file, vidi driver tries modeset binding by calling drm_fb_helper_hotplug_event.
> However, at this time it seems there is a case that plan->state->crtc exists but plane->fb is NULL, which would be related to vidi driver.
> 
> I just looked into this issue roughly so we would need to check this issue in more details.
> 
> Thanks,
> Inki Dae
> 
>> +	DRM_DEBUG_KMS("dma_addr = %pad\n", &addr);
>>  
>>  	if (ctx->vblank_on)
>>  		schedule_work(&ctx->work);
>> diff --git a/drivers/gpu/drm/exynos/exynos_mixer.c b/drivers/gpu/drm/exynos/exynos_mixer.c
>> index 47777be1a754..f40de82848dc 100644
>> --- a/drivers/gpu/drm/exynos/exynos_mixer.c
>> +++ b/drivers/gpu/drm/exynos/exynos_mixer.c
>> @@ -37,6 +37,7 @@
>>  
>>  #include "exynos_drm_drv.h"
>>  #include "exynos_drm_crtc.h"
>> +#include "exynos_drm_fb.h"
>>  #include "exynos_drm_plane.h"
>>  #include "exynos_drm_iommu.h"
>>  
>> @@ -422,8 +423,8 @@ static void vp_video_buffer(struct mixer_context *ctx,
>>  		return;
>>  	}
>>  
>> -	luma_addr[0] = plane->dma_addr[0];
>> -	chroma_addr[0] = plane->dma_addr[1];
>> +	luma_addr[0] = exynos_drm_fb_dma_addr(fb, 0);
>> +	chroma_addr[0] = exynos_drm_fb_dma_addr(fb, 1);
>>  
>>  	if (mode->flags & DRM_MODE_FLAG_INTERLACE) {
>>  		ctx->interlace = true;
>> @@ -575,7 +576,7 @@ static void mixer_graph_buffer(struct mixer_context *ctx,
>>  	dst_y_offset = plane->crtc_y;
>>  
>>  	/* converting dma address base and source offset */
>> -	dma_addr = plane->dma_addr[0]
>> +	dma_addr = exynos_drm_fb_dma_addr(fb, 0)
>>  		+ (plane->src_x * fb->bits_per_pixel >> 3)
>>  		+ (plane->src_y * fb->pitches[0]);
>>  	src_x_offset = 0;
>>
---
To unsubscribe from this list: send the line "unsubscribe linux-samsung-soc" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

--- a/drivers/gpu/drm/exynos/exynos_drm_vidi.c
+++ b/drivers/gpu/drm/exynos/exynos_drm_vidi.c
@@ -137,7 +137,7 @@ static void vidi_update_plane(struct exynos_drm_crtc *crtc,
        if (ctx->suspended)
                return;
 
-       addr = exynos_drm_fb_dma_addr(plane->base.fb, 0);
+       addr = exynos_drm_fb_dma_addr(plane->pending_fb, 0);
        DRM_DEBUG_KMS("dma_addr = %pad\n", &addr);

+	plane->base.fb = plane->pending_fb;