From patchwork Tue Apr 19 17:14:48 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefano Stabellini X-Patchwork-Id: 92034 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from mail-yi0-f56.google.com (mail-yi0-f56.google.com [209.85.218.56]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (verified OK)) by ozlabs.org (Postfix) with ESMTPS id DCD18B703B for ; Wed, 20 Apr 2011 03:14:28 +1000 (EST) Received: by yib17 with SMTP id 17sf11065715yib.11 for ; Tue, 19 Apr 2011 10:14:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=beta; h=domainkey-signature:x-beenthere:received-spf:x-ironport-av:date :from:x-x-sender:to:cc:subject:message-id:user-agent:mime-version :x-original-sender:x-original-authentication-results:reply-to :precedence:mailing-list:list-id:x-google-group-id:list-post :list-help:list-archive:sender:list-subscribe:list-unsubscribe :content-type; bh=QqX+cXnPnQJcDTFxQd0zO+CuSdew5s7bE4ETu0+kkmU=; b=It36CHzrWKJrn1cAJJHqr3dZGzeXVeLavzEn6q1GNGxIL8RRX+1Af+EaRyZO4pGJnJ YYFPMcGKhxKGEpXgUdJuw9bcanLzyLnAqmTDSb5VSrPeFQ2x0ovl1c5ZMAezUGk+W2rv btzSstePKhjp2MVEJ+OyYYcFpu971Wh9b4XHo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlegroups.com; s=beta; h=x-beenthere:received-spf:x-ironport-av:date:from:x-x-sender:to:cc :subject:message-id:user-agent:mime-version:x-original-sender :x-original-authentication-results:reply-to:precedence:mailing-list :list-id:x-google-group-id:list-post:list-help:list-archive:sender :list-subscribe:list-unsubscribe:content-type; b=XF+QsfaeW0CieB7C8GmiZjcBB1eQk2gb1XGyuH0EETiNpWGPnM9aJgJhioddbX0ZKP LJdzB5aHvvLNYB+CC5GZcHatdSBWSp19jCp+S8XyfxUm6bI8GYhgPnieiQEj0c6PmT1z JJR5JxAy851mLHZne6J9z49Kh4QMUefP5gxjw= Received: by 10.101.107.5 with SMTP id j5mr647276anm.31.1303233264024; Tue, 19 Apr 2011 10:14:24 -0700 (PDT) X-BeenThere: rtc-linux@googlegroups.com Received: by 10.101.29.30 with SMTP id g30ls106973anj.1.gmail; Tue, 19 Apr 2011 10:14:22 -0700 (PDT) Received: by 10.100.45.8 with SMTP id s8mr1480855ans.22.1303233262896; Tue, 19 Apr 2011 10:14:22 -0700 (PDT) Received: by 10.100.45.8 with SMTP id s8mr1480854ans.22.1303233262878; Tue, 19 Apr 2011 10:14:22 -0700 (PDT) Received: from SMTP.EU.CITRIX.COM (smtp.eu.citrix.com [62.200.22.115]) by gmr-mx.google.com with ESMTPS id c20si25938ana.3.2011.04.19.10.14.21 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 19 Apr 2011 10:14:21 -0700 (PDT) Received-SPF: pass (google.com: domain of Stefano.Stabellini@eu.citrix.com designates 62.200.22.115 as permitted sender) client-ip=62.200.22.115; X-IronPort-AV: E=Sophos;i="4.64,240,1301875200"; d="scan'208";a="5380581" Received: from lonpmailmx01.citrite.net ([10.30.224.162]) by LONPIPO01.EU.CITRIX.COM with ESMTP/TLS/RC4-MD5; 19 Apr 2011 17:14:20 +0000 Received: from kaball.uk.xensource.com (10.80.2.59) by LONPMAILMX01.citrite.net (10.30.224.162) with Microsoft SMTP Server id 8.3.137.0; Tue, 19 Apr 2011 18:14:19 +0100 Date: Tue, 19 Apr 2011 18:14:48 +0100 From: Stefano Stabellini X-X-Sender: sstabellini@kaball-desktop To: Alessandro Zummo CC: , , Konrad Rzeszutek Wilk Subject: [rtc-linux] [PATCH] rtc-cmos: do not call rtc_update_irq when cmos->rtc is uninitialized Message-ID: User-Agent: Alpine 2.00 (DEB 1167 2008-08-23) MIME-Version: 1.0 X-Original-Sender: stefano.stabellini@eu.citrix.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of Stefano.Stabellini@eu.citrix.com designates 62.200.22.115 as permitted sender) smtp.mail=Stefano.Stabellini@eu.citrix.com Reply-To: rtc-linux@googlegroups.com Precedence: list Mailing-list: list rtc-linux@googlegroups.com; contact rtc-linux+owners@googlegroups.com List-ID: X-Google-Group-Id: 712029733259 List-Post: , List-Help: , List-Archive: Sender: rtc-linux@googlegroups.com List-Subscribe: , List-Unsubscribe: , Hi all, I have a 32 bit kernel compiled with: CONFIG_HPET_TIMER CONFIG_HPET_EMULATE_RTC CONFIG_RTC_DRV_CMOS that crashes reliably on boot on xen with the following stack trace: [ 0.222933] BUG: unable to handle kernel NULL pointer dereference at 0000020c [ 0.222958] IP: [] queue_work_on+0x5/0x1f [ 0.222984] *pdpt = 0000000000000000 *pde = c2c2c2c2c2c2c2c2 [ 0.223008] Oops: 0002 [#1] SMP [ 0.223027] last sysfs file: [ 0.223040] Modules linked in: [ 0.223058] [ 0.223058] Pid: 1, comm: swapper Not tainted 2.6.39-rc3+ #247 [ 0.223058] EIP: 0061:[] EFLAGS: 00010006 CPU: 0 [ 0.223058] EIP is at queue_work_on+0x5/0x1f [ 0.223058] EAX: 00000000 EBX: cd81a5a0 ECX: 0000020c EDX: cd81a5a0 [ 0.223058] ESI: 000000ff EDI: ffffffd0 EBP: cd829cf4 ESP: cd829cec [ 0.223058] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: e021 [ 0.223058] Process swapper (pid: 1, ti=cd828000 task=cd824000 task.ti=cd828000) [ 0.223058] Stack: [ 0.223058] cd81a5a0 000000ff cd829d00 c104a38d c18b37d8 cd829d08 c104a39f cd829d10 [ 0.223058] c132a450 cd829d24 c132be1c cd829d20 c18b37d8 000000df cd829d38 c132bf15 [ 0.223058] cd829de8 c18b37d8 00000023 cd829d58 c132cba4 c132a045 030000a5 47142d2f [ 0.223058] Call Trace: [ 0.223058] [] queue_work+0x15/0x18 [ 0.223058] [] schedule_work+0xf/0x11 [ 0.223058] [] rtc_update_irq+0xd/0xf [ 0.223058] [] cmos_checkintr+0x4f/0x57 [ 0.223058] [] cmos_irq_disable+0x3a/0x3f [ 0.223058] [] cmos_set_alarm+0xcd/0x153 [ 0.223058] [] ? rtc_time_to_tm+0xfb/0x105 [ 0.223058] [] __rtc_set_alarm+0x63/0x6b [ 0.223058] [] rtc_timer_enqueue+0x7b/0xba [ 0.223058] [] ? rtc_tm_to_ktime+0x11/0x1d [ 0.223058] [] rtc_set_alarm+0x9d/0xb3 [ 0.223058] [] ? rtc_set_alarm+0x9d/0xb3 [ 0.223058] [] rtc_device_register+0x1bb/0x27b [ 0.223058] [] cmos_do_probe+0x14f/0x3c3 [ 0.223058] [] cmos_platform_probe+0x40/0x48 [ 0.223058] [] platform_drv_probe+0xc/0xe [ 0.223058] [] driver_probe_device+0x81/0xfd [ 0.223058] [] __driver_attach+0x43/0x5f [ 0.223058] [] bus_for_each_dev+0x3d/0x67 [ 0.223058] [] driver_attach+0x14/0x16 [ 0.223058] [] ? driver_probe_device+0xfd/0xfd [ 0.223058] [] bus_add_driver+0x8f/0x1c2 [ 0.223058] [] driver_register+0x7c/0xe3 [ 0.223058] [] platform_driver_register+0x38/0x3a [ 0.223058] [] platform_driver_probe+0x13/0x63 [ 0.223058] [] cmos_init+0x33/0x5e [ 0.223058] [] do_one_initcall+0x71/0x11c [ 0.223058] [] ? rtc_sysfs_init+0xc/0xc [ 0.223058] [] kernel_init+0xb6/0x131 [ 0.223058] [] ? parse_early_options+0x1c/0x1c [ 0.223058] [] kernel_thread_helper+0x6/0x10 [ 0.223058] Code: 5d c3 55 89 c1 89 e5 31 d2 53 8b 00 89 c3 30 db a8 04 0f 45 d3 8b 52 04 64 a1 d0 8c 80 c1 e8 2a fd ff ff 5b 5d c3 55 89 e5 56 53 <3e> 0f ba 29 00 19 f6 31 db 85 f6 75 07 e8 10 fd ff ff b3 01 89 [ 0.223058] EIP: [] queue_work_on+0x5/0x1f SS:ESP e021:cd829cec [ 0.223058] CR2: 000000000000020c [ 0.223058] ---[ end trace 4cb55f26e51edafd ]--- [ 0.224327] swapper used greatest stack depth: 6004 bytes left [ 0.224367] Kernel panic - not syncing: Attempted to kill init! [ 0.224386] Pid: 1, comm: swapper Tainted: G D 2.6.39-rc3+ #247 [ 0.224400] Call Trace: [ 0.224415] [] panic+0x50/0x146 [ 0.224432] [] do_exit+0x87/0x6b0 [ 0.224450] [] ? xen_restore_fl_direct_reloc+0x4/0x4 [ 0.224468] [] ? _raw_spin_unlock_irqrestore+0xf/0x11 [ 0.224489] [] ? kmsg_dump+0x35/0xb5 [ 0.224505] [] oops_end+0x98/0xa0 [ 0.224524] [] no_context+0x13e/0x148 [ 0.224542] [] __bad_area_nosemaphore+0xef/0xf7 [ 0.224558] [] ? spurious_fault+0xff/0xff [ 0.224576] [] bad_area_nosemaphore+0xd/0x10 [ 0.224593] [] do_page_fault+0x1ad/0x35e [ 0.224610] [] ? xen_force_evtchn_callback+0xf/0x14 [ 0.224629] [] ? check_events+0x8/0xc [ 0.224645] [] ? xen_restore_fl_direct_reloc+0x4/0x4 [ 0.224663] [] ? vprintk+0x2fb/0x31d [ 0.224680] [] ? spurious_fault+0xff/0xff [ 0.224699] [] error_code+0x5a/0x60 [ 0.224716] [] ? spurious_fault+0xff/0xff [ 0.224735] [] ? queue_work_on+0x5/0x1f [ 0.224750] [] queue_work+0x15/0x18 [ 0.224768] [] schedule_work+0xf/0x11 [ 0.224788] [] rtc_update_irq+0xd/0xf [ 0.224804] [] cmos_checkintr+0x4f/0x57 [ 0.224821] [] cmos_irq_disable+0x3a/0x3f [ 0.224839] [] cmos_set_alarm+0xcd/0x153 [ 0.224857] [] ? rtc_time_to_tm+0xfb/0x105 [ 0.224875] [] __rtc_set_alarm+0x63/0x6b [ 0.224893] [] rtc_timer_enqueue+0x7b/0xba [ 0.224911] [] ? rtc_tm_to_ktime+0x11/0x1d [ 0.224928] [] rtc_set_alarm+0x9d/0xb3 [ 0.224945] [] ? rtc_set_alarm+0x9d/0xb3 [ 0.224962] [] rtc_device_register+0x1bb/0x27b [ 0.224981] [] cmos_do_probe+0x14f/0x3c3 [ 0.224998] [] cmos_platform_probe+0x40/0x48 [ 0.225017] [] platform_drv_probe+0xc/0xe [ 0.225034] [] driver_probe_device+0x81/0xfd [ 0.225054] [] __driver_attach+0x43/0x5f [ 0.225071] [] bus_for_each_dev+0x3d/0x67 [ 0.225088] [] driver_attach+0x14/0x16 [ 0.225104] [] ? driver_probe_device+0xfd/0xfd [ 0.225120] [] bus_add_driver+0x8f/0x1c2 [ 0.225136] [] driver_register+0x7c/0xe3 [ 0.225153] [] platform_driver_register+0x38/0x3a [ 0.225169] [] platform_driver_probe+0x13/0x63 [ 0.225186] [] cmos_init+0x33/0x5e [ 0.225201] [] do_one_initcall+0x71/0x11c [ 0.225217] [] ? rtc_sysfs_init+0xc/0xc [ 0.225233] [] kernel_init+0xb6/0x131 [ 0.225248] [] ? parse_early_options+0x1c/0x1c [ 0.225265] [] kernel_thread_helper+0x6/0x10 the same kernel config works on 2.6.38. Note that running on Xen means that hpet is not available. The problem seems to be that cmos_do_probe calls rtc_device_register that ends up calling cmos_checkintr (see stack trace), however at this point cmos->rtc is still NULL because cmos->rtc gets a value only when rtc_device_register returns. It seems that on 2.6.38 a call to rtc_device_register didn't result in a call to cmos_checkintr so the problem didn't happen. It is probably not the correct fix, but the following patch fixes the crash for me: commit 6a5411f016864709907fe1fa9fbbe6b267823f66 Author: Stefano Stabellini Date: Tue Apr 19 16:59:44 2011 +0000 rtc-cmos: do not call rtc_update_irq when cmos->rtc is uninitialized Signed-off-by: Stefano Stabellini diff --git a/drivers/rtc/rtc-cmos.c b/drivers/rtc/rtc-cmos.c index 911e75c..039068f 100644 --- a/drivers/rtc/rtc-cmos.c +++ b/drivers/rtc/rtc-cmos.c @@ -290,7 +290,7 @@ static void cmos_checkintr(struct cmos_rtc *cmos, unsigned char rtc_control) return; rtc_intr &= (rtc_control & RTC_IRQMASK) | RTC_IRQF; - if (is_intr(rtc_intr)) + if (is_intr(rtc_intr) && cmos->rtc != NULL) rtc_update_irq(cmos->rtc, 1, rtc_intr); }