Commit 4bbcece8 authored by Jindong Yue's avatar Jindong Yue Committed by Treehugger Robot
Browse files

ANDROID: sound: usb: Fix wrong behavior of vendor hooking 



The snd_vendor_set_pcm_intf() returns 0 if user does not implement
related hook, then the code wrongly goes to "unlock" label and returns.

A kernel panic is observed when recording with uvc camera:

 Unable to handle kernel paging request at virtual address ffffffc112dad130
 Mem abort info:
   ESR = 0x0000000096000005
   EC = 0x25: DABT (current EL), IL = 32 bits
   SET = 0, FnV = 0
   EA = 0, S1PTW = 0
   FSC = 0x05: level 1 translation fault
 Data abort info:
   ISV = 0, ISS = 0x00000005
   CM = 0, WnR = 0
 swapper pgtable: 4k pages, 39-bit VAs, pgdp=000000008204c000
 [ffffffc112dad130] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000
 Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP

 CPU: 0 PID: 1824 Comm: RenderThread Tainted: G         C OE      6.1.25-android14-11-00106-g8aea35f10913-ab10346598 #1
 Hardware name: NXP i.MX8ULP EVK (DT)
 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
 pc : __memcpy+0x1a0/0x230
 lr : retire_capture_urb+0x1d8/0x220
 sp : ffffffc008003d90
 x29: ffffffc008003db0 x28: 00000000ffffffc0 x27: 0000000000000040
 x26: ffffffc012dad180 x25: ffffff804649fc00 x24: ffffff803ebacfe4
 x23: 0000000000000000 x22: ffffff800626d390 x21: 0000000000000004
 x20: 0000000000000040 x19: ffffff800626d2e8 x18: ffffffc008005040
 x17: 00000000ceb13bd2 x16: 00000000ceb13bd2 x15: 0000000000004000
 x14: 00000000017a0ec0 x13: 0000000000000004 x12: 000000000e1700a2
 x11: 0000000000000000 x10: 0000000000000001 x9 : ffffffc01454e000
 x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000
 x5 : ffffffc11454e000 x4 : ffffffc112dad140 x3 : ffffffd98b3b2960
 x2 : 00000000ffffffc0 x1 : ffffffc012dad180 x0 : ffffffc01454e040
 Call trace:
  __memcpy+0x1a0/0x230
  snd_complete_urb+0x3dc/0x624
  __usb_hcd_giveback_urb+0xb0/0x138
  usb_giveback_urb_bh+0x88/0x19c
  tasklet_action_common+0x1ac/0x4bc
  tasklet_hi_action+0x24/0x34
  __do_softirq+0x11c/0x430
  ____do_softirq+0x10/0x20
  call_on_irq_stack+0x40/0x74
  do_softirq_own_stack+0x1c/0x2c
  __irq_exit_rcu+0x6c/0xcc
  irq_exit_rcu+0x10/0x1c
  el0_interrupt+0x54/0x1d8
  __el0_irq_handler_common+0x18/0x28
  el0t_64_irq_handler+0x10/0x1c
  el0t_64_irq+0x1a0/0x1a4
 Code: a93e24a8 a93f2caa d65f03c0 d503201f (a97f348c)
 ---[ end trace 0000000000000000 ]---
 Kernel panic - not syncing: Oops: Fatal exception in interrupt
 SMP: stopping secondary CPUs
 Kernel Offset: 0x1982a00000 from 0xffffffc008000000
 PHYS_OFFSET: 0x80000000
 CPU features: 0x00,00000000,00100184,0000421b

Bug: 289281539
Fixes: a7cd7a3d ("ANDROID: sound: usb: Add vendor's hooking interface")
Change-Id: If07d59e4f60555a968892b129be23f1890f96597
Signed-off-by: default avatarJindong Yue <jindong.yue@nxp.com>
parent 55f14668
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment