On Tue, 27 Jan 2026 at 20:22, Peng Fan <[email protected]> wrote:
>
> > Subject: Re: [PATCH v2] remoteproc: imx_rproc: Not report loaded
> > resource table when none
> >
> > On Mon, 26 Jan 2026 at 23:51, Peng Fan (OSS)
> > <[email protected]> wrote:
> > >
> > > From: Peng Fan <[email protected]>
> > >
> > > priv->rsc_table is not NULL if the DT has a "rsc-table" entry,
> > > priv->indicating
> > > that _if_ there is a resource table in memory, that's where it should
> > be.
> > > Function imx_rproc_elf_find_loaded_rsc_table() is buggy so the
> > > narrative about a previously running FW with a valid resource table
> > can be dropped.
> > >
> >
> > (sigh)
> >
> > You apparently did not understand my last comment.
>
> Sorry about this. Does this looks good?
>
> Daniel, Iuliana, would you please help review?
>
> remoteproc: imx: Fix invalid loaded resource table detection
>
> imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded
> resource table even when the current firmware does not provide one.
>
> When the device tree contains a "rsc-table" entry, priv->rsc_table is
> non-NULL and denotes where a resource table would be located if one is
> present in memory. However, when the current firmware has no resource table,
> rproc->table_ptr is NULL. The function still returns priv->rsc_table, and the
> remoteproc core interprets this as a valid loaded resource table.
> .
> Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when
> there is no resource table for the current firmware (i.e. when
> rproc->table_ptr is NULL). This aligns the function's semantics with the
> remoteproc core: a loaded resource table is only reported when a valid
> table_ptr exists.
>
> With this change, starting firmware without a resource table no longer
> triggers a crash.
>
Yes, this will be fine.
> Thanks,
> Peng.
>
> >
> > > In this case rproc->table_ptr is NULL because the current firmware
> > > does not contain a resource table, but the remoteproc core still
> > > interprets the non-NULL return value as a loaded resource table and
> > > attempts to memcpy() from rproc->cached_table, leading to a NULL
> > > pointer dereference and kernel panic.
> > >
> > > Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table()
> > > when there is no cached resource table for the current firmware. This
> > > ensures that a loaded resource table is only reported when a valid
> > > table_ptr exists, which matches the remoteproc core expectations.
> > >
> > > This issue can be reproduced by:
> > > 1) start a firmware with a resource table
> > > 2) stop the remote processor
> > > 3) start a firmware without a resource table
> > >
> >
> > Another sign you did not understand my last comment.
> >
> > I had hopes of merging this patch but the changelog is too garbled to
> > be salvageable. I suggest you ask Daniel or Iuliana for help.
> >
> > > With this change, starting a firmware without a resource table no
> > > longer causes kernel dump.
> > >
> > > Fixes: e954a1bd1610 ("remoteproc: imx_rproc: Use imx specific hook
> > for
> > > find_loaded_rsc_table")
> > > Cc: [email protected]
> > > Signed-off-by: Peng Fan <[email protected]>
> > > ---
> > > Changes in v2:
> > > - Per Mathieu, Check rproc->table_ptr, update commit log
> > > - Include R-b from Frank
> > > - Link to v1:
> > >
> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> > lore
> > > .kernel.org%2Fr%2F20260122-imx-rproc-fix-v1-1-
> > 36cc64369a40%40nxp.com&d
> > >
> > ata=05%7C02%7Cpeng.fan%40nxp.com%7C781fb4227e024211e71c08
> > de5dbb609e%7C
> > >
> > 686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C639051256532
> > 530786%7CUnknow
> > >
> > n%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAw
> > MCIsIlAiOiJXaW
> > >
> > 4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=0
> > 3sG8la72ysD
> > > ivP9SMmA9Ry2YaiMvCjsHWAWaGFOVQw%3D&reserved=0
> > > ---
> > > drivers/remoteproc/imx_rproc.c | 4 ++++
> > > 1 file changed, 4 insertions(+)
> > >
> > > diff --git a/drivers/remoteproc/imx_rproc.c
> > > b/drivers/remoteproc/imx_rproc.c index
> > >
> > 375de79168a1c8d11b87ac1bd63774a3feac106d..f5f916d679051936
> > 0f446f063e09
> > > d018c5654953 100644
> > > --- a/drivers/remoteproc/imx_rproc.c
> > > +++ b/drivers/remoteproc/imx_rproc.c
> > > @@ -729,6 +729,10 @@ imx_rproc_elf_find_loaded_rsc_table(struct
> > rproc
> > > *rproc, const struct firmware * {
> > > struct imx_rproc *priv = rproc->priv;
> > >
> > > + /* No resource table in the firmware */
> > > + if (!rproc->table_ptr)
> > > + return NULL;
> > > +
> > > if (priv->rsc_table)
> > > return (struct resource_table *)priv->rsc_table;
> > >
> > >
> > > ---
> > > base-commit: e3b32dcb9f23e3c3927ef3eec6a5842a988fb574
> > > change-id: 20260122-imx-rproc-fix-e206f8e6e477
> > >
> > > Best regards,
> > > --
> > > Peng Fan <[email protected]>
> > >
