Re: [PATCH] gpio: bcm-kona: memory corruption fix

From: Ray Jui
Date: Mon Dec 08 2014 - 18:35:22 EST

Next message: Dan Williams: "Re: wl1251: NVS firmware data"
Previous message: Eric W. Biederman: "Re: [CFT][PATCH 6/7] userns: Add a knob to disable setgroups on a per user namespace basis"
In reply to: Olof Johansson: "[PATCH] gpio: bcm-kona: memory corruption fix"
Next in thread: Alexandre Courbot: "Re: [PATCH] gpio: bcm-kona: memory corruption fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/8/2014 1:34 PM, Olof Johansson wrote:

In one instance the base address of the internal controller state
structure is passed into a function doing writel to an offset of
the pointer passed in is used, instead of the register base.

Once I found the bug, I also went back to check for other sparse
warnings in the file, but found none. This one, however, triggered:

drivers/gpio/gpio-bcm-kona.c:552:47: warning: incorrect type in argument 1 (different address spaces)
drivers/gpio/gpio-bcm-kona.c:552:47: expected void [noderef] <asn:2>*reg_base
drivers/gpio/gpio-bcm-kona.c:552:47: got struct bcm_kona_gpio *kona_gpio
drivers/gpio/gpio-bcm-kona.c:556:47: warning: incorrect type in argument 1 (different address spaces)
drivers/gpio/gpio-bcm-kona.c:556:47: expected void [noderef] <asn:2>*reg_base
drivers/gpio/gpio-bcm-kona.c:556:47: got struct bcm_kona_gpio *kona_gpio

As far as I can tell, this bug has been here for a long time and is
not new, but I found it when hunting down another heisenbug on this
platform.

Not marking for stable since I am unaware of any upstream user of kona
on a product that would benefit from it.

Signed-off-by: Olof Johansson <olof@xxxxxxxxx>

Acked-by: Ray Jui <rjui@xxxxxxxxxxxx>

---
drivers/gpio/gpio-bcm-kona.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/gpio/gpio-bcm-kona.c b/drivers/gpio/gpio-bcm-kona.c
index de0801e..d552cca 100644
--- a/drivers/gpio/gpio-bcm-kona.c
+++ b/drivers/gpio/gpio-bcm-kona.c
@@ -549,11 +549,11 @@ static void bcm_kona_gpio_reset(struct bcm_kona_gpio *kona_gpio)
/* disable interrupts and clear status */
for (i = 0; i < kona_gpio->num_bank; i++) {
/* Unlock the entire bank first */
- bcm_kona_gpio_write_lock_regs(kona_gpio, i, UNLOCK_CODE);
+ bcm_kona_gpio_write_lock_regs(kona_gpio->reg_base, i, UNLOCK_CODE);
writel(0xffffffff, reg_base + GPIO_INT_MASK(i));
writel(0xffffffff, reg_base + GPIO_INT_STATUS(i));
/* Now re-lock the bank */
- bcm_kona_gpio_write_lock_regs(kona_gpio, i, LOCK_CODE);
+ bcm_kona_gpio_write_lock_regs(kona_gpio->reg_base, i, LOCK_CODE);
}
}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Williams: "Re: wl1251: NVS firmware data"
Previous message: Eric W. Biederman: "Re: [CFT][PATCH 6/7] userns: Add a knob to disable setgroups on a per user namespace basis"
In reply to: Olof Johansson: "[PATCH] gpio: bcm-kona: memory corruption fix"
Next in thread: Alexandre Courbot: "Re: [PATCH] gpio: bcm-kona: memory corruption fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]