The platform_device_put() function was called in one case by the
add_child() function during error handling even if the passed
variable "pdev" contained a null pointer.
Return directly in this case.
This issue was detected by using the Coccinelle software.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Adjust jump targets according to the Linux coding style convention.
Another check for the variable "status" can be omitted then at the end.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The platform_device_put() function was called in one case by the
add_numbered_child() function during error handling even if the passed
variable "pdev" contained a null pointer.
Return directly in this case.
This issue was detected by using the Coccinelle software.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The STMPE platform data is only populated from the device tree
in all existing users, so push the struct and make the OF case
the norm.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The driver's Kconfig symbol is a boolean but nothing prevents the driver
to be built as a module instead of built-in. It is true that most system
integrators will choose the latter but the config should not restrict it.
Suggested-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Signed-off-by: Javier Martinez Canillas <javier@osg.samsung.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The driver's init function is called at subsys init call level but the
dependencies provided by the driver are looked up by drivers that have
probe deferral support, so manual ordering of init calls isn't needed.
Suggested-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
Signed-off-by: Javier Martinez Canillas <javier@osg.samsung.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Some duplicate defines seem to have snuck into the registers file, this
patch simply removes them.
Signed-off-by: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
This define RPM_SIGNAL probably pertains to the IPC signal which
we ended up fetching from the device tree instead. the define is
unused, remove it.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Stephen Boyd <sboyd@codeaurora.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Wire up the powerkey driver functionality for the hi655x PMIC.
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Currently the hi655x-pmic driver has names for interrupt mask
values, but not for the interrupt numbers themselves.
So to allow for interrupt numbers to have sane names, rename
the mask values with the _MASK postfix and use the existing
names as the interrupt name
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
While trying to get the powerkey to function, I found when
pressing the key, I would get infinitely repeating interrupts.
After digging around a bit, it seems we didn't set the ack_base
value for the regmap irqchip logic, so nothing was acking the
interrupt.
This patch adds the ack_base, which seems to make things work.
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Previously the arizona_irq_thread implementation would call
handle_nested_irqs() to handle AOD interrupts without checking if any
were actually pending. The kernel will see these as spurious IRQs and
will eventually disable the IRQ.
This patch ensures we only launch the nested handler if there are AOD
interrupts pending in the codec.
Signed-off-by: Simon Trimmer <simont@opensource.wolfsonmicro.com>
Signed-off-by: Richard Fitzgerald <rf@opensource.wolfsonmicro.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The RPM in MSM8660/APQ8060 has different offsets to the selector
ACK and request context ACK registers. Make all these register
offsets part of the per-SoC data and assign the right values.
The bug was found by verifying backwards to the vendor tree in
the out-of-tree files <mach/rpm-[8660|8064|8960]>: all were using
offsets 3,11,15,23 and a select size of 4, except the MSM8660/APQ8060
which was using offsets 3,11,19,27 and a select size of 7.
All other platforms apart from msm8660 were affected by reading
excess registers, since 7 was hardcoded as the number of select
words, this patch makes also this part dynamic so we only write/read
as many select words as the platform actually use.
Symptoms of this bug when using msm8660: the first RPM transaction
would work, but the next would stall or raise an error since the
previous transaction was not properly ACKed as the ACK words were
read at the wrong offset.
Cc: stable@vger.kernel.org
Fixes: 58e214382b ("mfd: qcom-rpm: Driver for the Qualcomm RPM")
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Reviewed-by: Björn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The regmap structure pointer is named regmap_tscadc, this is not
consistent with other drivers and is redundant, it also contributes
to several checkpatch warnings involving long lines. Rename this.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
All functions in this driver reference the same ti_tscadc_dev per device
but use several different names for this structure pointer, this can
be confusing when following the code. Use the name 'tscadc' everywhere.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The programming guidelines of the MAX77620 for servicing interrupt is:
1. When interrupt occurs from PMIC, mask the PMIC interrupt by
setting GLBLM.
2. Read IRQTOP and service the interrupt.
3. Once all interrupts has been checked and serviced, the interrupt
service routine un-masks the hardware interrupt line by clearing
GLBLM.
Add the pre and post interrupt service handler for mask and unmask the
global interrupt mask bit (for step 1 and 3) as callback from regmap-irq.
Signed-off-by: Laxman Dewangan <ldewangan@nvidia.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Add support for the Altera Arria10 Development Kit System Resource
chip which is implemented using a MAX5 as a external gpio extender
with the regmap framework over a SPI bus.
Signed-off-by: Thor Thayer <tthayer@opensource.altera.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Add maintainer for the Altera Arria10 Max5 System Resource chip files.
Signed-off-by: Thor Thayer <tthayer@opensource.altera.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
WARNING: please, no spaces at the start of a line
+ { "tps6507x", 0 },$
WARNING: please, no spaces at the start of a line
+ { }$
Signed-off-by: Ben Copeland <ben.copeland@linaro.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
tscadc_readl and tscadc_writel are single line functions and do not save
use anything, remove these.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Fix the code formatting to use the kernel preferred style
of using the actual variables to determine the size using
the sizeof() operator.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Dialog Semiconductor support would like to follow files by adding to the
existing MAINTAINERS search terms. The update will allow us to follow
files for PMIC documentation bindings and header files.
The full list is:
DT bindings
- Documentation/devicetree/bindings/mfd/da9052-i2c.txt
- Documentation/devicetree/bindings/mfd/da9055.txt
- Documentation/devicetree/bindings/mfd/da9062.txt
- Documentation/devicetree/bindings/mfd/da9063.txt
- Documentation/devicetree/bindings/mfd/da9150.txt
- Documentation/devicetree/bindings/regulator/da9210.txt
- Documentation/devicetree/bindings/regulator/da9211.txt
Header files
- include/linux/mfd/da9062/core.h
- include/linux/mfd/da9062/registers.h
- include/linux/regulator/da9211.h
Signed-off-by: Steve Twiss <stwiss.opensource@diasemi.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Fix the warnings about the following functions not being
declared by including omap-usb.h which declares them:
drivers/mfd/omap-usb-tll.c:333:5: warning: symbol 'omap_tll_init' was not declared. Should it be static?
drivers/mfd/omap-usb-tll.c:408:5: warning: symbol 'omap_tll_enable' was not declared. Should it be static?
drivers/mfd/omap-usb-tll.c:442:5: warning: symbol 'omap_tll_disable' was not declared. Should it be static?
Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The kernel expects the power_off function to not return, and if it does
it panics. Add a slight delay after the i2c write which turns off power
through the PMIC, to give capacitors etc. some time to drain.
Without this the kernel lives on long enough after the poweroff to
print the following on the serial console on my Mele A1000G quad:
[ 248.583588] reboot: Power down
[ 248.600490] Kernel pa
With the delay the start of printing "Kernel panic" is gone.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Acked-by: Chen-Yu Tsai <wens@csie.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
These tables are never modified, so declare them as const.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
trivial fix to spelling mistake in dev_err message
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The Kconfig currently controlling compilation of this code is:
drivers/mfd/Kconfig: config MFD_MAX8925
drivers/mfd/Kconfig: bool "Maxim Semiconductor MAX8925 PMIC Support"
...meaning that it currently is not being built as a module by anyone.
Lets remove the modular code that is essentially orphaned, so that
when reading the driver there is no doubt it is builtin-only.
Since module_init was not in use by this code, the init ordering
remains unchanged with this commit.
Also note that MODULE_DEVICE_TABLE is a no-op for non-modular code.
We also delete the MODULE_LICENSE tag etc. since all that information
is already contained at the top of the file in the comments.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The Kconfig currently controlling compilation of this code is:
drivers/mfd/Kconfig:config MFD_MAX8997
drivers/mfd/Kconfig: bool "Maxim Semiconductor MAX8997/8966 PMIC Support"
...meaning that it currently is not being built as a module by anyone.
Lets remove the modular code that is essentially orphaned, so that
when reading the driver there is no doubt it is builtin-only.
We explicitly disallow a driver unbind, since that doesn't have a
sensible use case anyway, and it allows us to drop the ".remove"
code for non-modular drivers.
Since module_init was not in use by this code, the init ordering
remains unchanged with this commit.
Also note that MODULE_DEVICE_TABLE is a no-op for non-modular code.
We also delete the MODULE_LICENSE tag etc. since all that information
is already contained at the top of the file in the comments.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The Kconfig currently controlling compilation of this code is:
mfd/Kconfig:config MFD_MAX8998
mfd/Kconfig: bool "Maxim Semiconductor MAX8998/National LP3974 PMIC Support"
...meaning that it currently is not being built as a module by anyone.
Lets remove the modular code that is essentially orphaned, so that
when reading the driver there is no doubt it is builtin-only.
We explicitly disallow a driver unbind, since that doesn't have a
sensible use case anyway, and it allows us to drop the ".remove"
code for non-modular drivers.
Since module_init was not in use by this code, the init ordering
remains unchanged with this commit.
We delete the include of module.h as well as an unused include of
moduleparam.h too.
Also note that MODULE_DEVICE_TABLE is a no-op for non-modular code.
We also delete the MODULE_LICENSE tag etc. since all that information
is already contained at the top of the file in the comments.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The Kconfig currently controlling compilation of this code is:
drivers/mfd/Kconfig:config MFD_MAX77620
drivers/mfd/Kconfig: bool "Maxim Semiconductor MAX77620 and MAX20024 PMIC Support"
...meaning that it currently is not being built as a module by anyone.
Lets remove the modular code that is essentially orphaned, so that
when reading the driver there is no doubt it is builtin-only.
Since module_i2c_driver() uses the same init level priority as
builtin_i2c_driver() the init ordering remains unchanged with
this commit.
Also note that MODULE_DEVICE_TABLE is a no-op for non-modular code.
We also delete the MODULE_LICENSE tag etc. since all that information
was (or is now) contained at the top of the file in the comments.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The Kconfig currently controlling compilation of this code is:
drivers/mfd/Kconfig:config MFD_MAX77843
drivers/mfd/Kconfig: bool "Maxim Semiconductor MAX77843 PMIC Support"
...meaning that it currently is not being built as a module by anyone.
Lets remove the modular code that is essentially orphaned, so that
when reading the driver there is no doubt it is builtin-only.
We explicitly disallow a driver unbind, since that doesn't have a
sensible use case anyway, and it allows us to drop the ".remove"
code for non-modular drivers.
Since module_i2c_driver() uses the same init level priority as
builtin_i2c_driver() the init ordering remains unchanged with
this commit.
Also note that MODULE_DEVICE_TABLE is a no-op for non-modular code.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Dialog Semiconductor support would like to follow files by adding to the
existing MAINTAINERS search terms. The update will allow us to follow
files for PMIC documentation bindings and header files.
The full list is:
DT bindings
- Documentation/devicetree/bindings/mfd/da9052-i2c.txt
- Documentation/devicetree/bindings/mfd/da9055.txt
- Documentation/devicetree/bindings/mfd/da9062.txt
- Documentation/devicetree/bindings/mfd/da9063.txt
Header files
- include/linux/mfd/da9062/core.h
- include/linux/mfd/da9062/registers.h
Signed-off-by: Steve Twiss <stwiss.opensource@diasemi.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The axp22x pmic has a bunch of volatile registers besides the interrupt
ones, extend axp22x_volatile_ranges with these.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Use the PMIC's repower capability for reboots. Register a restart
handler and use a slightly elevated priority of 192 since the PMIC
has suprior reset capability (causing a system wide reset).
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Only register power off if the PMIC is defined as system power
controller (see Documentation/devicetree/bindings/power/
power-controller.txt).
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Extend the driver to support Ricoh RN5T567. Support the additional
DCDC and slightly different voltage range of LDORTC1.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Acked-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The Ricoh RN5T567 is from the same family as the Ricoh RN5T618 is,
the differences are:
+ DCDC4
+ Slightly different output voltage/currents
+ 32kHz Output
- ADC/Charger capabilities
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
The PMIC driver used to register itself as poweroff controller by
default, hence assuming that this device is using the PMIC as
system power controller.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Acked-by: Carlo Caione <carlo@endlessm.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>
Pull parisc fixes from Helge Deller:
- Fix printk time stamps on SMP systems which got wrong due to a patch
which was added during the merge window
- Fix two bugs in the stack backtrace code: Races in module unloading
and possible invalid accesses to memory due to wrong instruction
decoding (Mikulas Patocka)
- Fix userspace crash when syscalls access invalid unaligned userspace
addresses. Those syscalls will now return EFAULT as expected.
(tagged for stable kernel series)
* 'parisc-4.7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
parisc: Move die_if_kernel() prototype into traps.h header
parisc: Fix pagefault crash in unaligned __get_user() call
parisc: Fix printk time during boot
parisc: Fix backtrace on PA-RISC
Pull key handling update from James Morris:
"This alters a new keyctl function added in the current merge window to
allow for a future extension planned for the next merge window"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
KEYS: Add placeholder for KDF usage with DH
The /dev/ptmx device node is changed to lookup the directory entry "pts"
in the same directory as the /dev/ptmx device node was opened in. If
there is a "pts" entry and that entry is a devpts filesystem /dev/ptmx
uses that filesystem. Otherwise the open of /dev/ptmx fails.
The DEVPTS_MULTIPLE_INSTANCES configuration option is removed, so that
userspace can now safely depend on each mount of devpts creating a new
instance of the filesystem.
Each mount of devpts is now a separate and equal filesystem.
Reserved ttys are now available to all instances of devpts where the
mounter is in the initial mount namespace.
A new vfs helper path_pts is introduced that finds a directory entry
named "pts" in the directory of the passed in path, and changes the
passed in path to point to it. The helper path_pts uses a function
path_parent_directory that was factored out of follow_dotdot.
In the implementation of devpts:
- devpts_mnt is killed as it is no longer meaningful if all mounts of
devpts are equal.
- pts_sb_from_inode is replaced by just inode->i_sb as all cached
inodes in the tty layer are now from the devpts filesystem.
- devpts_add_ref is rolled into the new function devpts_ptmx. And the
unnecessary inode hold is removed.
- devpts_del_ref is renamed devpts_release and reduced to just a
deacrivate_super.
- The newinstance mount option continues to be accepted but is now
ignored.
In devpts_fs.h definitions for when !CONFIG_UNIX98_PTYS are removed as
they are never used.
Documentation/filesystems/devices.txt is updated to describe the current
situation.
This has been verified to work properly on openwrt-15.05, centos5,
centos6, centos7, debian-6.0.2, debian-7.9, debian-8.2, ubuntu-14.04.3,
ubuntu-15.10, fedora23, magia-5, mint-17.3, opensuse-42.1,
slackware-14.1, gentoo-20151225 (13.0?), archlinux-2015-12-01. With the
caveat that on centos6 and on slackware-14.1 that there wind up being
two instances of the devpts filesystem mounted on /dev/pts, the lower
copy does not end up getting used.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Greg KH <greg@kroah.com>
Cc: Peter Hurley <peter@hurleysoftware.com>
Cc: Peter Anvin <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Cc: Jann Horn <jann@thejh.net>
Cc: Jiri Slaby <jslaby@suse.com>
Cc: Florian Weimer <fw@deneb.enyo.de>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
One of the debian buildd servers had this crash in the syslog without
any other information:
Unaligned handler failed, ret = -2
clock_adjtime (pid 22578): Unaligned data reference (code 28)
CPU: 1 PID: 22578 Comm: clock_adjtime Tainted: G E 4.5.0-2-parisc64-smp #1 Debian 4.5.4-1
task: 000000007d9960f8 ti: 00000001bde7c000 task.ti: 00000001bde7c000
YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
PSW: 00001000000001001111100000001111 Tainted: G E
r00-03 000000ff0804f80f 00000001bde7c2b0 00000000402d2be8 00000001bde7c2b0
r04-07 00000000409e1fd0 00000000fa6f7fff 00000001bde7c148 00000000fa6f7fff
r08-11 0000000000000000 00000000ffffffff 00000000fac9bb7b 000000000002b4d4
r12-15 000000000015241c 000000000015242c 000000000000002d 00000000fac9bb7b
r16-19 0000000000028800 0000000000000001 0000000000000070 00000001bde7c218
r20-23 0000000000000000 00000001bde7c210 0000000000000002 0000000000000000
r24-27 0000000000000000 0000000000000000 00000001bde7c148 00000000409e1fd0
r28-31 0000000000000001 00000001bde7c320 00000001bde7c350 00000001bde7c218
sr00-03 0000000001200000 0000000001200000 0000000000000000 0000000001200000
sr04-07 0000000000000000 0000000000000000 0000000000000000 0000000000000000
IASQ: 0000000000000000 0000000000000000 IAOQ: 00000000402d2e84 00000000402d2e88
IIR: 0ca0d089 ISR: 0000000001200000 IOR: 00000000fa6f7fff
CPU: 1 CR30: 00000001bde7c000 CR31: ffffffffffffffff
ORIG_R28: 00000002369fe628
IAOQ[0]: compat_get_timex+0x2dc/0x3c0
IAOQ[1]: compat_get_timex+0x2e0/0x3c0
RP(r2): compat_get_timex+0x40/0x3c0
Backtrace:
[<00000000402d4608>] compat_SyS_clock_adjtime+0x40/0xc0
[<0000000040205024>] syscall_exit+0x0/0x14
This means the userspace program clock_adjtime called the clock_adjtime()
syscall and then crashed inside the compat_get_timex() function.
Syscalls should never crash programs, but instead return EFAULT.
The IIR register contains the executed instruction, which disassebles
into "ldw 0(sr3,r5),r9".
This load-word instruction is part of __get_user() which tried to read the word
at %r5/IOR (0xfa6f7fff). This means the unaligned handler jumped in. The
unaligned handler is able to emulate all ldw instructions, but it fails if it
fails to read the source e.g. because of page fault.
The following program reproduces the problem:
#define _GNU_SOURCE
#include <unistd.h>
#include <sys/syscall.h>
#include <sys/mman.h>
int main(void) {
/* allocate 8k */
char *ptr = mmap(NULL, 2*4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
/* free second half (upper 4k) and make it invalid. */
munmap(ptr+4096, 4096);
/* syscall where first int is unaligned and clobbers into invalid memory region */
/* syscall should return EFAULT */
return syscall(__NR_clock_adjtime, 0, ptr+4095);
}
To fix this issue we simply need to check if the faulting instruction address
is in the exception fixup table when the unaligned handler failed. If it
is, call the fixup routine instead of crashing.
While looking at the unaligned handler I found another issue as well: The
target register should not be modified if the handler was unsuccessful.
Signed-off-by: Helge Deller <deller@gmx.de>
Cc: stable@vger.kernel.org
This patch fixes backtrace on PA-RISC
There were several problems:
1) The code that decodes instructions handles instructions that subtract
from the stack pointer incorrectly. If the instruction subtracts the
number X from the stack pointer the code increases the frame size by
(0x100000000-X). This results in invalid accesses to memory and
recursive page faults.
2) Because gcc reorders blocks, handling instructions that subtract from
the frame pointer is incorrect. For example, this function
int f(int a)
{
if (__builtin_expect(a, 1))
return a;
g();
return a;
}
is compiled in such a way, that the code that decreases the stack
pointer for the first "return a" is placed before the code for "g" call.
If we recognize this decrement, we mistakenly believe that the frame
size for the "g" call is zero.
To fix problems 1) and 2), the patch doesn't recognize instructions that
decrease the stack pointer at all. To further safeguard the unwind code
against nonsense values, we don't allow frame size larger than
Total_frame_size.
3) The backtrace is not locked. If stack dump races with module unload,
invalid table can be accessed.
This patch adds a spinlock when processing module tables.
Note, that for correct backtrace, you need recent binutils.
Binutils 2.18 from Debian 5 produce garbage unwind tables.
Binutils 2.21 work better (it sometimes forgets function frames, but at
least it doesn't generate garbage).
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Helge Deller <deller@gmx.de>