| Message ID | 20200620164449.GA19776@mail.rc.ru (mailing list archive) |
|---|---|
| State | New, archived |
| Delegated to: | viresh kumar |
| Headers | show |
| Series | cpufreq: dt: fix oops on armada37xx | expand |
On Sat, Jun 20, 2020 at 05:44:49PM +0100, Ivan Kokshaysky wrote: > Commit 0c868627e617e43a295d8 (cpufreq: dt: Allow platform specific > intermediate callbacks) added two function pointers to the > struct cpufreq_dt_platform_data. However, armada37xx_cpufreq_driver_init() > has this struct (pdata) located on the stack and uses only "suspend" > and "resume" fields. So these newly added "get_intermediate" and > "target_intermediate" pointers are uninitialized and contain arbitrary > non-null values, causing all kinds of trouble. > > For instance, here is an oops on espressobin after an attempt to change > the cpefreq governor: > > [ 29.174554] Unable to handle kernel execute from non-executable memory at virtual address ffff00003f87bdc0 > ... > [ 29.269373] pc : 0xffff00003f87bdc0 > [ 29.272957] lr : __cpufreq_driver_target+0x138/0x580 > ... > > Fixed by zeroing out pdata before use. > > Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> Hi Ivan A Fixes: tag would be good. Reviewed-by: Andrew Lunn <andrew@lunn.ch> Andrew
On Sat, Jun 20, 2020 at 07:54:38PM +0200, Andrew Lunn wrote: > On Sat, Jun 20, 2020 at 05:44:49PM +0100, Ivan Kokshaysky wrote: > > Commit 0c868627e617e43a295d8 (cpufreq: dt: Allow platform specific > > intermediate callbacks) added two function pointers to the > > struct cpufreq_dt_platform_data. However, armada37xx_cpufreq_driver_init() > > has this struct (pdata) located on the stack and uses only "suspend" > > and "resume" fields. So these newly added "get_intermediate" and > > "target_intermediate" pointers are uninitialized and contain arbitrary > > non-null values, causing all kinds of trouble. > > > > For instance, here is an oops on espressobin after an attempt to change > > the cpefreq governor: > > > > [ 29.174554] Unable to handle kernel execute from non-executable memory at virtual address ffff00003f87bdc0 > > ... > > [ 29.269373] pc : 0xffff00003f87bdc0 > > [ 29.272957] lr : __cpufreq_driver_target+0x138/0x580 > > ... > > > > Fixed by zeroing out pdata before use. > > > > Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> > > Hi Ivan > > A Fixes: tag would be good. Hi Andrew, I'm not sure that "Fixes:" would be appropriate here - commit 0c868627e617 is fine by itself, it just revealed a bug in older code. Thanks for reviewing, Ivan. > Reviewed-by: Andrew Lunn <andrew@lunn.ch> > > Andrew
On 20-06-20, 17:44, Ivan Kokshaysky wrote: > Commit 0c868627e617e43a295d8 (cpufreq: dt: Allow platform specific > intermediate callbacks) added two function pointers to the > struct cpufreq_dt_platform_data. However, armada37xx_cpufreq_driver_init() > has this struct (pdata) located on the stack and uses only "suspend" > and "resume" fields. So these newly added "get_intermediate" and > "target_intermediate" pointers are uninitialized and contain arbitrary > non-null values, causing all kinds of trouble. > > For instance, here is an oops on espressobin after an attempt to change > the cpefreq governor: > > [ 29.174554] Unable to handle kernel execute from non-executable memory at virtual address ffff00003f87bdc0 > ... > [ 29.269373] pc : 0xffff00003f87bdc0 > [ 29.272957] lr : __cpufreq_driver_target+0x138/0x580 > ... > > Fixed by zeroing out pdata before use. > > Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> > --- > drivers/cpufreq/armada-37xx-cpufreq.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/cpufreq/armada-37xx-cpufreq.c b/drivers/cpufreq/armada-37xx-cpufreq.c > index aa0f06dec959..df1c941260d1 100644 > --- a/drivers/cpufreq/armada-37xx-cpufreq.c > +++ b/drivers/cpufreq/armada-37xx-cpufreq.c > @@ -456,6 +456,7 @@ static int __init armada37xx_cpufreq_driver_init(void) > /* Now that everything is setup, enable the DVFS at hardware level */ > armada37xx_cpufreq_enable_dvfs(nb_pm_base); > > + memset(&pdata, 0, sizeof(pdata)); > pdata.suspend = armada37xx_cpufreq_suspend; > pdata.resume = armada37xx_cpufreq_resume; Applied. Thanks.
diff --git a/drivers/cpufreq/armada-37xx-cpufreq.c b/drivers/cpufreq/armada-37xx-cpufreq.c index aa0f06dec959..df1c941260d1 100644 --- a/drivers/cpufreq/armada-37xx-cpufreq.c +++ b/drivers/cpufreq/armada-37xx-cpufreq.c @@ -456,6 +456,7 @@ static int __init armada37xx_cpufreq_driver_init(void) /* Now that everything is setup, enable the DVFS at hardware level */ armada37xx_cpufreq_enable_dvfs(nb_pm_base); + memset(&pdata, 0, sizeof(pdata)); pdata.suspend = armada37xx_cpufreq_suspend; pdata.resume = armada37xx_cpufreq_resume;
Commit 0c868627e617e43a295d8 (cpufreq: dt: Allow platform specific intermediate callbacks) added two function pointers to the struct cpufreq_dt_platform_data. However, armada37xx_cpufreq_driver_init() has this struct (pdata) located on the stack and uses only "suspend" and "resume" fields. So these newly added "get_intermediate" and "target_intermediate" pointers are uninitialized and contain arbitrary non-null values, causing all kinds of trouble. For instance, here is an oops on espressobin after an attempt to change the cpefreq governor: [ 29.174554] Unable to handle kernel execute from non-executable memory at virtual address ffff00003f87bdc0 ... [ 29.269373] pc : 0xffff00003f87bdc0 [ 29.272957] lr : __cpufreq_driver_target+0x138/0x580 ... Fixed by zeroing out pdata before use. Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> --- drivers/cpufreq/armada-37xx-cpufreq.c | 1 + 1 file changed, 1 insertion(+)