ampere-kernel-decoders

claude-noether/ampere-kernel-decoders

Fork 0

Commit Graph

Author	SHA1	Message	Date
marfrit	17aa443f8f	iter2 close: F1 falsifier fired, mechanism reconstruction was wrong Phase 6 ran Steps 1-4 cleanly (vendor + adapt + UAPI header + h265_set_controls wiring; 4 atomic commits f91c3f5..1a2c958 on backend master, build green). Phase 6 Step 5 smoke test triggered F1 falsifier per Phase 1 falsifier path. Evidence: - strace ioctl trace shows per-frame VIDIOC_S_EXT_CTRLS carries 5 controls (IDs 0xa40a90..0xa40a94 = standard HEVC SPS/PPS/SLICE/ SCALING/DECODE_PARAMS). The new 0xa40a98 (EXT_SPS_ST_RPS) and 0xa40a99 (EXT_SPS_LT_RPS) DO NOT appear in any S_EXT_CTRLS call. - Probe-line still fires (has_hevc_ext_sps_rps_rkvdec=true confirmed via vainfo log) — so the gate is fine, but the populate-and-add code path doesn't reach v4l2_set_controls. - OOPS register state identical across pre-iter2 + post-iter2: x1 = 0x51a0 (small integer treated as pointer; pgd=0 confirms invalid). The kernel reads this same garbage value regardless of whether userspace tries to set the controls or not. Hypothesis revision: Phase 0's 'UAPI-gap' reconstruction was PARTIALLY refuted. Even when userspace doesn't populate the new CIDs (pre-iter2) AND when it tries to (iter2 but the call doesn't actually fire), the kernel ends up with run->ext_sps_st_rps=0x51a0. The 0x51a0 is a deterministic kernel-side state — uninitialized ctrl->p_cur.p or a confused offset-vs-pointer. Three diagnostic next-steps for iter3 (kernel-side investigation): 1. Backend instrumentation: log h265_populate_ext_sps_rps_cache return code + source_data SPS NAL search outcome 2. Backend code-path check: is h265.c::h265_set_controls really the call site, or does picture.c dispatch via something else? 3. Kernel instrumentation: printk in rkvdec_hevc_prepare_hw_st_rps dumping run->ext_sps_st_rps as read from ctrl->p_cur.p Meta-campaign re-shuffle: - iter2 closes F1 (this commit) - iter3 was 'VP9 enablement' -> now bumped to 'HEVC kernel investigation' (more urgent, has concrete evidence to pursue) - iter4 = VP9 kernel enablement (was iter3) Source code stays on backend master — iter2 infrastructure (vendored parser, UAPI shim, runtime probe) is reusable for iter3+ regardless of whether the eventual kernel-side fix changes how userspace integrates. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-16 09:32:05 +00:00

Author

SHA1

Message

Date

marfrit

17aa443f8f

iter2 close: F1 falsifier fired, mechanism reconstruction was wrong

Phase 6 ran Steps 1-4 cleanly (vendor + adapt + UAPI header +
h265_set_controls wiring; 4 atomic commits f91c3f5..1a2c958 on
backend master, build green). Phase 6 Step 5 smoke test triggered
F1 falsifier per Phase 1 falsifier path.

Evidence:
- strace ioctl trace shows per-frame VIDIOC_S_EXT_CTRLS carries 5
  controls (IDs 0xa40a90..0xa40a94 = standard HEVC SPS/PPS/SLICE/
  SCALING/DECODE_PARAMS). The new 0xa40a98 (EXT_SPS_ST_RPS) and
  0xa40a99 (EXT_SPS_LT_RPS) DO NOT appear in any S_EXT_CTRLS call.
- Probe-line still fires (has_hevc_ext_sps_rps_rkvdec=true confirmed
  via vainfo log) — so the gate is fine, but the populate-and-add
  code path doesn't reach v4l2_set_controls.
- OOPS register state identical across pre-iter2 + post-iter2:
  x1 = 0x51a0 (small integer treated as pointer; pgd=0 confirms
  invalid). The kernel reads this same garbage value regardless of
  whether userspace tries to set the controls or not.

Hypothesis revision: Phase 0's 'UAPI-gap' reconstruction was
PARTIALLY refuted. Even when userspace doesn't populate the new
CIDs (pre-iter2) AND when it tries to (iter2 but the call doesn't
actually fire), the kernel ends up with run->ext_sps_st_rps=0x51a0.
The 0x51a0 is a deterministic kernel-side state — uninitialized
ctrl->p_cur.p or a confused offset-vs-pointer.

Three diagnostic next-steps for iter3 (kernel-side investigation):
  1. Backend instrumentation: log h265_populate_ext_sps_rps_cache
     return code + source_data SPS NAL search outcome
  2. Backend code-path check: is h265.c::h265_set_controls really
     the call site, or does picture.c dispatch via something else?
  3. Kernel instrumentation: printk in rkvdec_hevc_prepare_hw_st_rps
     dumping run->ext_sps_st_rps as read from ctrl->p_cur.p

Meta-campaign re-shuffle:
  - iter2 closes F1 (this commit)
  - iter3 was 'VP9 enablement' -> now bumped to 'HEVC kernel
    investigation' (more urgent, has concrete evidence to pursue)
  - iter4 = VP9 kernel enablement (was iter3)

Source code stays on backend master — iter2 infrastructure
(vendored parser, UAPI shim, runtime probe) is reusable for iter3+
regardless of whether the eventual kernel-side fix changes how
userspace integrates.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-16 09:32:05 +00:00

1 Commits