korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-02 03:44:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
72b5322f11
linux/drivers/clk
History
Lai Jiangshan 72b5322f11 clk: remove notifier from list before freeing it 
The @cn is stay in @clk_notifier_list after it is freed, it cause
memory corruption.

Example, if @clk is registered(first), unregistered(first),
registered(second), unregistered(second).

The freed @cn will be used when @clk is registered(second),
and the bug will be happened when @clk is unregistered(second):

[  517.040000] clk_notif_dbg clk_notif_dbg.1: clk_notifier_unregister()
[  517.040000] Unable to handle kernel paging request at virtual address 00df3008
[  517.050000] pgd = ed858000
[  517.050000] [00df3008] *pgd=00000000
[  517.060000] Internal error: Oops: 5 [#1] PREEMPT SMP ARM
[  517.060000] Modules linked in: clk_notif_dbg(O-) [last unloaded: clk_notif_dbg]
[  517.060000] CPU: 1 PID: 499 Comm: modprobe Tainted: G           O 3.10.0-rc3-00119-ga93cb29-dirty #85
[  517.060000] task: ee1e0180 ti: ee3e6000 task.ti: ee3e6000
[  517.060000] PC is at srcu_readers_seq_idx+0x48/0x84
[  517.060000] LR is at srcu_readers_seq_idx+0x60/0x84
[  517.060000] pc : [<c0052720>]    lr : [<c0052738>]    psr: 80070013
[  517.060000] sp : ee3e7d48  ip : 00000000  fp : ee3e7d6c
[  517.060000] r10: 00000000  r9 : ee3e6000  r8 : 00000000
[  517.060000] r7 : ed84fe4c  r6 : c068ec90  r5 : c068e430  r4 : 00000000
[  517.060000] r3 : 00df3000  r2 : 00000000  r1 : 00000002  r0 : 00000000
[  517.060000] Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
[  517.060000] Control: 18c5387d  Table: 2d85804a  DAC: 00000015
[  517.060000] Process modprobe (pid: 499, stack limit = 0xee3e6238)
[  517.060000] Stack: (0xee3e7d48 to 0xee3e8000)
....
[  517.060000] [<c0052720>] (srcu_readers_seq_idx+0x48/0x84) from [<c0052790>] (try_check_zero+0x34/0xfc)
[  517.060000] [<c0052790>] (try_check_zero+0x34/0xfc) from [<c00528b0>] (srcu_advance_batches+0x58/0x114)
[  517.060000] [<c00528b0>] (srcu_advance_batches+0x58/0x114) from [<c0052c30>] (__synchronize_srcu+0x114/0x1ac)
[  517.060000] [<c0052c30>] (__synchronize_srcu+0x114/0x1ac) from [<c0052d14>] (synchronize_srcu+0x2c/0x34)
[  517.060000] [<c0052d14>] (synchronize_srcu+0x2c/0x34) from [<c0053a08>] (srcu_notifier_chain_unregister+0x68/0x74)
[  517.060000] [<c0053a08>] (srcu_notifier_chain_unregister+0x68/0x74) from [<c0375a78>] (clk_notifier_unregister+0x7c/0xc0)
[  517.060000] [<c0375a78>] (clk_notifier_unregister+0x7c/0xc0) from [<bf008034>] (clk_notif_dbg_remove+0x34/0x9c [clk_notif_dbg])
[  517.060000] [<bf008034>] (clk_notif_dbg_remove+0x34/0x9c [clk_notif_dbg]) from [<c02bb974>] (platform_drv_remove+0x24/0x28)
[  517.060000] [<c02bb974>] (platform_drv_remove+0x24/0x28) from [<c02b9bf8>] (__device_release_driver+0x8c/0xd4)
[  517.060000] [<c02b9bf8>] (__device_release_driver+0x8c/0xd4) from [<c02ba680>] (driver_detach+0x9c/0xc4)
[  517.060000] [<c02ba680>] (driver_detach+0x9c/0xc4) from [<c02b99c4>] (bus_remove_driver+0xcc/0xfc)
[  517.060000] [<c02b99c4>] (bus_remove_driver+0xcc/0xfc) from [<c02bace4>] (driver_unregister+0x54/0x78)
[  517.060000] [<c02bace4>] (driver_unregister+0x54/0x78) from [<c02bbb44>] (platform_driver_unregister+0x1c/0x20)
[  517.060000] [<c02bbb44>] (platform_driver_unregister+0x1c/0x20) from [<bf0081f8>] (clk_notif_dbg_driver_exit+0x14/0x1c [clk_notif_dbg])
[  517.060000] [<bf0081f8>] (clk_notif_dbg_driver_exit+0x14/0x1c [clk_notif_dbg]) from [<c00835e4>] (SyS_delete_module+0x200/0x28c)
[  517.060000] [<c00835e4>] (SyS_delete_module+0x200/0x28c) from [<c000edc0>] (ret_fast_syscall+0x0/0x48)
[  517.060000] Code: e5973004 e7911102 e0833001 e2881002 (e7933101)

Cc: stable@kernel.org
Reported-by: Sören Brinkmann <soren.brinkmann@xilinx.com>
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Tested-by: Sören Brinkmann <soren.brinkmann@xilinx.com>
Signed-off-by: Mike Turquette <mturquette@linaro.org>
[mturquette@linaro.org: shortened $SUBJECT]
2013-06-06 18:22:52 -07:00
..
mmp ARM: pxa: remove cpu_is_xxx in gpio driver 2013-04-11 09:59:23 +08:00
mvebu Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-04-30 09:36:50 -07:00
mxs clk: mxs: Include clk mxs header file 2013-05-30 18:27:24 -07:00
samsung clk: samsung: Add CLK_IGNORE_UNUSED flag for the sysreg clocks 2013-05-29 11:52:19 -07:00
socfpga ARM: socfpga: Upgrade clk driver for socfpga to make use of dts clock entries 2013-04-14 20:18:13 -07:00
spear ARM: arm-soc multiplatform updates for 3.10 2013-05-02 09:38:16 -07:00
sunxi clk: sunxi: Unify oscillator clock 2013-04-12 11:23:41 -07:00
tegra clk: tegra: add ac97 controller clock 2013-05-20 23:24:34 -07:00
ux500 clk: ux500: clk-sysctrl: handle clocks with no parents 2013-05-29 11:52:18 -07:00
versatile clk: vexpress: Add separate SP810 driver 2013-04-18 11:41:10 -07:00
x86 ACPI / LPSS: register clock device for Lynxpoint DMA properly 2013-05-14 10:23:58 +05:30
clk-axi-clkgen.c clk: Add axi-clkgen driver 2013-03-19 17:20:30 -07:00
clk-bcm2835.c clk: bcm2835: probe for fixed-clock in device tree 2013-01-14 21:46:59 -07:00
clk-composite.c clk: composite: allow fixed rates & fixed dividers 2013-04-12 11:23:24 -07:00
clk-devres.c ARM: 7537/1: clk: Fix release in devm_clk_put() 2012-09-19 21:51:27 +01:00
clk-divider.c clk: divider: Introduce CLK_DIVIDER_ALLOW_ZERO flag 2013-04-03 12:56:30 -07:00
clk-fixed-factor.c clk: add device tree fixed-factor-clock binding support 2013-04-12 10:52:23 -07:00
clk-fixed-rate.c clk: add common of_clk_init() function 2013-01-24 11:09:28 -08:00
clk-gate.c clk: Add CLK_IS_BASIC flag to identify basic clocks 2012-07-11 15:36:43 -07:00
clk-highbank.c ACPI and power management updates for 3.9-rc1 2013-02-20 11:26:56 -08:00
clk-ls1x.c clk: add Loongson1B clock support 2012-08-31 11:05:18 -07:00
clk-max77686.c clk: max77686: Avoid double free at remove time 2013-01-15 16:16:26 -08:00
clk-mux.c clk: add table lookup to mux 2013-03-22 15:18:18 -07:00
clk-nomadik.c ARM: nomadik: switch over to using the FSMC driver 2012-11-15 15:37:47 +02:00
clk-prima2.c clk: prima2: fix return value check in sirfsoc_of_clk_init() 2013-03-22 15:16:31 -07:00
clk-si5351.c clk: si5351: Set initial clkout rate when defined in platform data. 2013-05-29 15:09:24 -07:00
clk-si5351.h clk: add si5351 i2c common clock driver 2013-04-12 11:04:38 -07:00
clk-twl6040.c Drivers: misc: remove __dev* attributes. 2013-01-03 15:57:16 -08:00
clk-u300.c ARM: u300: convert to common clock 2012-07-11 15:36:45 -07:00
clk-vt8500.c clk: vt8500: Fix unbalanced spinlock in vt8500_dclk_set_rate() 2013-05-29 16:13:58 -07:00
clk-wm831x.c Driver core updates for 3.8-rc1 2012-12-11 13:13:55 -08:00
clk-zynq.c clk: zynq: Add missing zynq clk header 2013-03-27 08:44:07 -07:00
clk.c clk: remove notifier from list before freeing it 2013-06-06 18:22:52 -07:00
clkdev.c ARM: 7534/1: clk: Make the managed clk functions generically available 2012-09-15 21:55:27 +01:00
Kconfig clk: si5351: make clk-si5351 depend on CONFIG_OF 2013-04-15 21:42:56 -07:00
Makefile ARM: arm-soc driver changes for 3.10 2013-05-04 12:31:18 -07:00