lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 24 May 2016 15:08:44 -0400
From:	Rhyland Klein <rklein@...dia.com>
To:	Jon Hunter <jonathanh@...dia.com>,
	Thierry Reding <treding@...dia.com>,
	Stephen Warren <swarren@...dotorg.org>,
	Alexandre Courbot <gnurou@...il.com>
CC:	<linux-kernel@...r.kernel.org>, <linux-tegra@...r.kernel.org>
Subject: Re: [PATCH] arm64: defconfig: Enable cros-ec and battery driver

On 5/24/2016 10:09 AM, Jon Hunter wrote:
> Hi Rhyland,
> 
> On 03/05/16 16:45, Rhyland Klein wrote:
>> Enable the ChromeOS Embedded Controller, its I2C tunnel driver, and
>> the BA27XXX battery driver. These are all used on the Tegra210 Smaug
>> platform.
>>
>> Signed-off-by: Rhyland Klein <rklein@...dia.com>
> 
> I tried booting with this patch with next-20160523 on the Tegra210 Smaug and I am seeing the following panic ...
> 
> [    1.258116] i2c /dev entries driver
> [    1.278519] Unable to handle kernel NULL pointer dereference at virtual address 00000378
> [    1.286605] pgd = ffff000008cb6000
> [    1.290000] [00000378] *pgd=000000013fffe003, *pud=000000013fffd003, *pmd=0000000000000000
> [    1.298277] Internal error: Oops: 96000004 [#1] PREEMPT SMP
> [    1.303839] Modules linked in:
> [    1.306898] CPU: 3 PID: 1 Comm: swapper/0 Not tainted 4.6.0-next-20160523+ #1047
> [    1.314284] Hardware name: Google Pixel C (DT)
> [    1.318719] task: ffff8000bc0b0000 ti: ffff8000bc0b8000 task.ti: ffff8000bc0b8000
> [    1.326199] PC is at _raw_spin_lock_irqsave+0x1c/0x50
> [    1.331245] LR is at power_supply_changed+0x1c/0x60
> [    1.336114] pc : [<ffff0000087a19a0>] lr : [<ffff000008613114>] pstate: 800000c5
> [    1.343498] sp : ffff8000bc0bb8d0
> [    1.346805] x29: ffff8000bc0bb8d0 x28: ffff000008c39a40 
> [    1.352120] x27: 0000000000000000 x26: 0000000000000000 
> [    1.357434] x25: ffff00000888a818 x24: ffff8000709d1800 
> [    1.362747] x23: ffff800071006270 x22: 0000000000000000 
> [    1.368061] x21: 0000000000000019 x20: 0000000000000378 
> [    1.373373] x19: 0000000000000000 x18: ffff00000885d138 
> [    1.378685] x17: 000000000000000e x16: 0000000000000007 
> [    1.383998] x15: 0000000000000001 x14: ffffffffffffffff 
> [    1.389310] x13: ffffffffffffffff x12: 0000000000000018 
> [    1.394625] x11: 0101010101010101 x10: 0000000000000850 
> [    1.399939] x9 : ffff8000bc0b8000 x8 : ffff8000bc0b08b0 
> [    1.405253] x7 : 0000000002480a08 x6 : ffff8000bff9c740 
> [    1.410567] x5 : ffff8000709d1058 x4 : 0000000000000000 
> [    1.415880] x3 : 0000000000000001 x2 : 0000000000000040 
> [    1.421192] x1 : ffff8000bc0b8000 x0 : 0000000000000378 
> [    1.426506] 
> [    1.427992] Process swapper/0 (pid: 1, stack limit = 0xffff8000bc0b8020)
> [    1.434683] Stack: (0xffff8000bc0bb8d0 to 0xffff8000bc0bc000)
> [    1.440419] b8c0:                                   ffff8000bc0bb900 ffff000008614984
> [    1.448239] b8e0: ffff800071006218 0000000000000096 ffff000200010055 ffff8000bc0bb8d8
> [    1.456059] b900: ffff8000bc0bb960 ffff000008615084 ffff800071006270 ffff000008c3a338
> [    1.463879] b920: ffff8000710062d8 ffff8000bc0bb9f8 00097c2000000bb9 0000000000000000
> [    1.471699] b940: 0000002300863b48 0000000000000051 0000009600000019 ffff000000000001
> [    1.479519] b960: ffff8000bc0bb990 ffff000008615180 ffff800071006218 000000000000002e
> [    1.487339] b980: ffff8000710062d8 ffff000008615178 ffff8000bc0bb9d0 ffff0000086133d8
> [    1.495158] b9a0: ffff8000bc0bba7c ffff8000709d1800 ffff8000709d1800 ffff8000709d1b80
> [    1.502977] b9c0: ffff8000bc0bba7c ffff0000082282f4 ffff8000bc0bba00 ffff000008616508
> [    1.510797] b9e0: ffff8000709d1800 ffff0000086164f4 ffff8000709d1800 ffff00000847ecc4
> [    1.518617] ba00: ffff8000bc0bba50 ffff0000086183b0 0000000000000000 ffff8000709d1800
> [    1.526436] ba20: ffff8000709d1800 ffff000008c3ab50 ffff000008c3a000 ffff8000709d1818
> [    1.534255] ba40: ffff8000709d1b48 000000007fffffff ffff8000bc0bba80 ffff0000086193b4
> [    1.542075] ba60: 0000000000000000 ffff8000709d1818 ffff8000bc0bba80 ffff0000086191e0
> [    1.549894] ba80: ffff8000bc0bbb20 ffff000008613b6c ffff8000bb9ca400 ffff8000bb9ca438
> [    1.557714] baa0: ffff8000bc0bbbc0 ffff8000bb9ca020 ffff80007138e898 ffff8000bb9ca020
> [    1.565532] bac0: ffff000008ca4000 0000000000000000 ffff000008c76000 0000000000000000
> [    1.573352] bae0: ffff8000bb9ca400 ffff000008c3ab50 ffff80007138e898 ffff8000bb9ca020
> [    1.581171] bb00: ffff8000709d1804 0000000000000000 ffff8000bb9ca400 0000000000000000
> [    1.588991] bb20: ffff8000bc0bbb90 ffff000008613c54 ffff800071006218 ffff000008888e20
> [    1.596810] bb40: ffff8000bb9ca000 ffff000008ca5000 ffff000008c3a000 ffff8000bb9ca020
> [    1.604630] bb60: ffff000008889f18 ffff80007138e818 ffff000008c76000 0000000000000000
> [    1.612451] bb80: ffff8000bc0bbba0 ffff8000bb9ca718 ffff8000bc0bbba0 ffff000008614f1c
> [    1.620270] bba0: ffff8000bc0bbbe0 ffff000008615668 0000000000000000 ffff800071006218
> [    1.628091] bbc0: 0000000000000000 ffff800071006218 0000000000000000 0000000000000000
> [    1.635910] bbe0: ffff8000bc0bbc30 ffff0000085ffff4 ffff000008889f18 ffff8000bb9ca020
> [    1.643730] bc00: ffff8000bb9ca004 ffff8000bb9ca000 ffff000008615598 ffff000008acb0d0
> [    1.651549] bc20: ffff000008b2fba0 0000000000000101 ffff8000bc0bbc70 ffff0000084836dc
> [    1.659369] bc40: ffff8000bb9ca020 0000000000000000 ffff000008ca2000 ffff000008c3a698
> [    1.667189] bc60: 0000000000000000 0000000000000000 ffff8000bc0bbcb0 ffff000008483820
> [    1.675009] bc80: ffff8000bb9ca020 ffff000008c3a698 ffff8000bb9ca080 0000000000000000
> [    1.682828] bca0: ffff000008c21000 0000000000000000 ffff8000bc0bbce0 ffff000008481804
> [    1.690647] bcc0: 0000000000000000 ffff000008c3a698 ffff00000848377c ffff8000bc0bbd30
> [    1.698466] bce0: ffff8000bc0bbd20 ffff000008483008 ffff000008c3a698 ffff80007134fe00
> [    1.706286] bd00: ffff000008c389f8 ffff000008799b08 ffff8000bc2f2ca8 ffff80007134fb68
> [    1.714105] bd20: ffff8000bc0bbd30 ffff000008482c28 ffff8000bc0bbd70 ffff0000084840b8
> [    1.721924] bd40: ffff000008c3a698 ffff8000bc0b8000 0000000000000000 ffff000008c76000
> [    1.729743] bd60: ffff000008ae048c ffff00000833b0fc ffff8000bc0bbda0 ffff000008601f14
> [    1.737564] bd80: ffff000008b0ffa4 ffff8000bc0b8000 0000000000000000 ffff000008485218
> [    1.745384] bda0: ffff8000bc0bbdd0 ffff000008b0ffbc ffff000008b0ffa4 ffff000008081a54
> [    1.753203] bdc0: ffff8000bc0bbdd0 ffff000008c3a660 ffff8000bc0bbde0 ffff000008081a54
> [    1.761021] bde0: ffff8000bc0bbe50 ffff000008ae0ce0 ffff000008b96740 ffff000008b2fb00
> [    1.768842] be00: 0000000000000006 ffff000008c76000 ffff8000bc0bbe00 ffff0000089d2b78
> [    1.776662] be20: ffff000008be8b10 0000000600000006 0000000000000000 0000000000000000
> [    1.784481] be40: ffff000008ae048c ffff000008acb0d0 ffff8000bc0bbeb0 ffff00000879b9c4
> [    1.792300] be60: ffff00000879b9b4 0000000000000000 0000000000000000 0000000000000000
> [    1.800120] be80: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.807940] bea0: 0000000000000000 0000000000000000 0000000000000000 ffff000008084e10
> [    1.815759] bec0: ffff00000879b9b4 0000000000000000 0000000000000000 0000000000000000
> [    1.823577] bee0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.831396] bf00: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.839215] bf20: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.847034] bf40: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.854853] bf60: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.862671] bf80: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.870491] bfa0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.878310] bfc0: 0000000000000000 0000000000000000 0000000000000000 0000000000000005
> [    1.886129] bfe0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
> [    1.893948] Call trace:
> [    1.896389] Exception stack(0xffff8000bc0bb710 to 0xffff8000bc0bb830)
> [    1.902818] b700:                                   0000000000000000 0000000000000378
> [    1.910637] b720: ffff8000bc0bb8d0 ffff0000087a19a0 ffff000e0001001e ffff8000709a8018
> [    1.918456] b740: ffff8000bc0bb780 ffff00000866a21c ffff8000bc0bb7c0 ffff00000860ffd8
> [    1.926276] b760: 0000000000000020 ffff8000bc0bb8f0 0000000000000020 ffff80007138e398
> [    1.934095] b780: ffff80007138e380 0000000000000002 0000000000000002 0000000000000004
> [    1.941915] b7a0: ffff80007138e394 ffff8000bc0bb8e0 0000000000000378 ffff8000bc0b8000
> [    1.949735] b7c0: 0000000000000040 0000000000000001 0000000000000000 ffff8000709d1058
> [    1.957554] b7e0: ffff8000bff9c740 0000000002480a08 ffff8000bc0b08b0 ffff8000bc0b8000
> [    1.965374] b800: 0000000000000850 0101010101010101 0000000000000018 ffffffffffffffff
> [    1.973193] b820: ffffffffffffffff 0000000000000001
> [    1.978064] [<ffff0000087a19a0>] _raw_spin_lock_irqsave+0x1c/0x50
> [    1.984150] [<ffff000008614984>] bq27xxx_battery_update+0x88/0x51c
> [    1.990321] [<ffff000008615084>] bq27xxx_battery_poll+0x24/0x70
> [    1.996231] [<ffff000008615180>] bq27xxx_battery_get_property+0xb0/0x3b4
> [    2.002923] [<ffff0000086133d8>] power_supply_read_temp+0x2c/0x54
> [    2.009005] [<ffff000008616508>] thermal_zone_get_temp+0x5c/0x11c
> [    2.015089] [<ffff0000086183b0>] thermal_zone_device_update+0x34/0xb4
> [    2.021518] [<ffff0000086193b4>] thermal_zone_device_register+0x87c/0x8cc
> [    2.028295] [<ffff000008613b6c>] __power_supply_register+0x370/0x430
> [    2.034638] [<ffff000008613c54>] power_supply_register_no_ws+0x10/0x18
> [    2.041155] [<ffff000008614f1c>] bq27xxx_battery_setup+0x104/0x15c
> [    2.047325] [<ffff000008615668>] bq27xxx_battery_i2c_probe+0xd0/0x1b0
> [    2.053757] [<ffff0000085ffff4>] i2c_device_probe+0x174/0x240
> [    2.059498] [<ffff0000084836dc>] driver_probe_device+0x1fc/0x29c
> [    2.065493] [<ffff000008483820>] __driver_attach+0xa4/0xa8
> [    2.070969] [<ffff000008481804>] bus_for_each_dev+0x58/0x98
> [    2.076531] [<ffff000008483008>] driver_attach+0x20/0x28
> [    2.081832] [<ffff000008482c28>] bus_add_driver+0x1c8/0x22c
> [    2.087395] [<ffff0000084840b8>] driver_register+0x68/0x108
> [    2.092958] [<ffff000008601f14>] i2c_register_driver+0x38/0x7c
> [    2.098784] [<ffff000008b0ffbc>] bq27xxx_battery_i2c_driver_init+0x18/0x20
> [    2.105650] [<ffff000008081a54>] do_one_initcall+0x38/0x12c
> [    2.111215] [<ffff000008ae0ce0>] kernel_init_freeable+0x148/0x1ec
> [    2.117299] [<ffff00000879b9c4>] kernel_init+0x10/0x100
> [    2.122516] [<ffff000008084e10>] ret_from_fork+0x10/0x40
> [    2.127819] Code: b9401823 11000463 b9001823 f9800011 (885ffc01) 
> [    2.133927] ---[ end trace 9759cbbac2b2ba9b ]---
> [    2.138547] note: swapper/0[1] exited with preempt_count 1
> [    2.144061] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
> [    2.144061] 
> [    2.153187] SMP: stopping secondary CPUs
> [    2.157104] Kernel Offset: disabled
> [    2.160584] Memory Limit: none
> [    2.163633] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
> [    2.163633] 
> 
> Have you tried this recently? I have not had chance to dig into this.
> 

I haven't, but looking now, its another case where a callback triggered
during power_supply registration was using an uninitialized pointer for
the power_supply. This patch works for me locally, do you want to test
it out?

diff --git a/drivers/power/power_supply_core.c
b/drivers/power/power_supply_core.c
index 456987c88baa..1e02eae6e4b4 100644
--- a/drivers/power/power_supply_core.c
+++ b/drivers/power/power_supply_core.c
@@ -561,11 +561,15 @@ static int power_supply_read_temp(struct
thermal_zone_device *tzd,
 {
 	struct power_supply *psy;
 	union power_supply_propval val;
-	int ret;
+	int ret = 0;

 	WARN_ON(tzd == NULL);
+
 	psy = tzd->devdata;
-	ret = psy->desc->get_property(psy, POWER_SUPPLY_PROP_TEMP, &val);
+	WARN_ON(atomic_read(&psy->use_cnt) == 0);
+
+	if (atomic_read(&psy->use_cnt) > 0)
+		ret = psy->desc->get_property(psy, POWER_SUPPLY_PROP_TEMP, &val);

 	/* Convert tenths of degree Celsius to milli degree Celsius. */
 	if (!ret)



-rhyland

-- 
nvpublic

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ