From mboxrd@z Thu Jan  1 00:00:00 1970
From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= <gael.portay@gmail.com>
Subject: [PATCH 0/3] ARM: at91/tclib: fix segmentation fault
Date: Wed, 20 Aug 2014 00:07:49 +0200
Message-ID: <1408486072-19268-1-git-send-email-gael.portay@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Return-path: <linux-pwm-owner@vger.kernel.org>
Received: from mail-we0-f173.google.com ([74.125.82.173]:47464 "EHLO
	mail-we0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751721AbaHSWIK (ORCPT
	<rfc822;linux-pwm@vger.kernel.org>); Tue, 19 Aug 2014 18:08:10 -0400
Sender: linux-pwm-owner@vger.kernel.org
List-Id: linux-pwm@vger.kernel.org
To: Arnd Bergmann <arnd@arndb.de>, Daniel Lezcano <daniel.lezcano@linaro.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-pwm@vger.kernel.org, Nicolas Ferre <nicolas.ferre@atmel.com>, Thierry Reding <thierry.reding@gmail.com>, Thomas Gleixner <tglx@linutronix.de>
Cc: Boris Brezillon <boris.brezillon@free-electrons.com>, Alexandre Belloni <alexandre.belloni@free-electrons.com>, Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>, =?UTF-8?q?Ga=C3=ABl=20PORTAY?= <gael.portay@gmail.com>

Hi every one,

This set of patches fix a segmentation fault happening when kexec-ing
kernel on an at91 platform (see backtrace below).

While the previous kernel shuts down, the tcb_clksrc driver leaves its
interruptions unmasked. When the new kernel initiliazes any tclib makin=
g use of
a TC block, an interruption may happen before the interrupt handler is =
set,
causing a kernel segmentation fault.

To prevent from such cases from happening, the last patch sets up the s=
hutdown
callback which masks interruptions when the machine is shutdown. Furthe=
rmore,
it also masks the interruptions at probe to make sure no interruption h=
appens
before the handler is set. This will prevent freshly kexec-ed kernel fr=
om
crashing when launched from a kernel which does not properly mask inter=
ruptions
at shutdown.

Unable to handle kernel NULL pointer dereference at virtual address 000=
00000
pgd =3D c0004000
[00000000] *pgd=3D00000000
Internal error: Oops: 80000005 [#1] ARM
Modules linked in:
CPU: 0 PID: 1 Comm: swapper Not tainted 3.16.0+ #144
task: c1828aa0 ti: c182a000 task.ti: c182a000
PC is at 0x0
LR is at ch2_irq+0x28/0x30
pc : [<00000000>]    lr : [<c01db904>]    psr: 000000d3
sp : c182bd38  ip : c182bd48  fp : c182bd44
r10: c0373390  r9 : c1825b00  r8 : 60000053
r7 : 00000000  r6 : 00000000  r5 : 00000013  r4 : c036e800
r3 : 00000000  r2 : 00002004  r1 : c036e760  r0 : c036e760
=46lags: nzcv  IRQs off  FIQs off  Mode SVC_32  ISA ARM  Segment kernel
Control: 0005317f  Table: 20004000  DAC: 00000017
Process swapper (pid: 1, stack limit =3D 0xc182a1c0)
Stack: (0xc182bd38 to 0xc182c000)
bd20:                                                       c182bd7c c1=
82bd48
bd40: c0045430 c01db8ec 00000000 c18c6f40 c182bd74 c1825b00 c035cec4 00=
000000
bd60: c182be2c 60000053 c1825b34 00000000 c182bd94 c182bd80 c0045570 c0=
045408
bd80: 00000000 c1825b00 c182bdac c182bd98 c0047f34 c0045550 00000013 c0=
36619c
bda0: c182bdc4 c182bdb0 c0044da4 c0047e98 0000007f 00000013 c182bde4 c1=
82bdc8
bdc0: c0009e34 c0044d8c fefff000 c0046728 60000053 ffffffff c182bdf4 c1=
82bde8
bde0: c00086a8 c0009ddc c182be74 c182bdf8 c000cb80 c0008674 00000000 00=
000013
be00: 00000000 00014200 c1825b00 c036e800 00000013 c035ed98 60000053 c1=
825b34
be20: 00000000 c182be74 c182be20 c182be40 c0047994 c0046728 60000053 ff=
ffffff
be40: 00000013 c036e800 c182be64 c1825b00 00000013 c036e800 c035ed98 c0=
3874bc
be60: 00000004 c036e700 c182be94 c182be78 c004689c c0046398 c036e760 c1=
8c6080
be80: 00000000 c035ed10 c182bedc c182be98 c0348b08 c004684c 0000000c c0=
34dac8
bea0: 004c4b3f c028c338 c036e760 00000013 c014ecc8 c18e67e0 c035b9c0 c0=
348884
bec0: c035b9c0 c182a020 00000000 00000000 c182bf54 c182bee0 c00089fc c0=
348894
bee0: c00da51c c1ffcc78 c182bf0c c182bef8 c002d100 c002d09c c1ffcc78 00=
000000
bf00: c182bf54 c182bf10 c002d308 c0336570 c182bf3c c0334e44 00000003 00=
000003
bf20: 00000030 c0334b44 c0044d74 00000003 00000003 c034dac8 c0350a94 c0=
373440
bf40: c0373440 00000030 c182bf94 c182bf58 c0336d24 c000890c 00000003 00=
000003
bf60: c0336560 c182bf64 c182bf64 6e616e0d 00000000 c0272fc8 00000000 00=
000000
bf80: 00000000 00000000 c182bfac c182bf98 c0272fd8 c0336bd8 c182a000 00=
000000
bfa0: 00000000 c182bfb0 c00095d0 c0272fd8 00000000 00000000 00000000 00=
000000
bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00=
000000
bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 374d27cd 33=
cc33e4
Backtrace:
[<c01db8dc>] (ch2_irq) from [<c0045430>] (handle_irq_event_percpu+0x38/=
0x148)
[<c00453f8>] (handle_irq_event_percpu) from [<c0045570>] (handle_irq_ev=
ent+0x30/0x40)
 r10:00000000 r9:c1825b34 r8:60000053 r7:c182be2c r6:00000000 r5:c035ce=
c4
 r4:c1825b00
[<c0045540>] (handle_irq_event) from [<c0047f34>] (handle_fasteoi_irq+0=
xac/0x11c)
 r4:c1825b00 r3:00000000
[<c0047e88>] (handle_fasteoi_irq) from [<c0044da4>] (generic_handle_irq=
+0x28/0x38)
 r5:c036619c r4:00000013
[<c0044d7c>] (generic_handle_irq) from [<c0009e34>] (handle_IRQ+0x68/0x=
88)
 r4:00000013 r3:0000007f
[<c0009dcc>] (handle_IRQ) from [<c00086a8>] (at91_aic_handle_irq+0x44/0=
x4c)
 r6:ffffffff r5:60000053 r4:c0046728 r3:fefff000
[<c0008664>] (at91_aic_handle_irq) from [<c000cb80>] (__irq_svc+0x40/0x=
4c)
Exception stack(0xc182bdf8 to 0xc182be40)
bde0:                                                       00000000 00=
000013
be00: 00000000 00014200 c1825b00 c036e800 00000013 c035ed98 60000053 c1=
825b34
be20: 00000000 c182be74 c182be20 c182be40 c0047994 c0046728 60000053 ff=
ffffff
[<c0046388>] (__setup_irq) from [<c004689c>] (setup_irq+0x60/0x8c)
 r10:c036e700 r9:00000004 r8:c03874bc r7:c035ed98 r6:c036e800 r5:000000=
13
 r4:c1825b00
[<c004683c>] (setup_irq) from [<c0348b08>] (tcb_clksrc_init+0x284/0x31c=
)
 r6:c035ed10 r5:00000000 r4:c18c6080 r3:c036e760
[<c0348884>] (tcb_clksrc_init) from [<c00089fc>] (do_one_initcall+0x100=
/0x1b4)
 r10:00000000 r9:00000000 r8:c182a020 r7:c035b9c0 r6:c0348884 r5:c035b9=
c0
 r4:c18e67e0
[<c00088fc>] (do_one_initcall) from [<c0336d24>] (kernel_init_freeable+=
0x15c/0x224)
 r9:00000030 r8:c0373440 r7:c0373440 r6:c0350a94 r5:c034dac8 r4:0000000=
3
[<c0336bc8>] (kernel_init_freeable) from [<c0272fd8>] (kernel_init+0x10=
/0xec)
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:c0272fc8 r4:0000000=
0
[<c0272fc8>] (kernel_init) from [<c00095d0>] (ret_from_fork+0x14/0x24)
 r4:00000000 r3:c182a000
Code: bad PC value
---[ end trace 5b30f0017e282e47 ]---
Kernel panic - not syncing: Fatal exception in interrupt

Your sincerly,
Ga=C3=ABl PORTAY

Ga=C3=ABl PORTAY (3):
  ARM: at91/tclib: prefer using of devm_* functions
  ARM: at91/tclib: move initialization from alloc to probe
  ARM: at91/tclib: mask interruptions at shutdown and probe

 drivers/clocksource/tcb_clksrc.c |   2 +-
 drivers/misc/atmel_tclib.c       | 101 +++++++++++++++++--------------=
--------
 drivers/pwm/pwm-atmel-tcb.c      |   2 +-
 include/linux/atmel_tc.h         |   8 ++--
 4 files changed, 51 insertions(+), 62 deletions(-)

--=20
1.9.3