From: Stephen Boyd <sboyd@kernel.org>
To: Michael Turquette <mturquette@baylibre.com>,
Nathan Chancellor <natechancellor@gmail.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>,
Ray Jui <rjui@broadcom.com>,
Scott Branden <sbranden@broadcom.com>,
bcm-kernel-feedback-list@broadcom.com,
Nicolas Saenz Julienne <nsaenzjulienne@suse.de>,
linux-clk@vger.kernel.org, linux-rpi-kernel@lists.infradead.org,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, clang-built-linux@googlegroups.com,
Sami Tolvanen <samitolvanen@google.com>,
Nathan Chancellor <natechancellor@gmail.com>
Subject: Re: [PATCH 2/2] clk: bcm2835: Remove casting to bcm2835_clk_register
Date: Tue, 26 May 2020 16:42:09 -0700 [thread overview]
Message-ID: <159053652927.88029.9853028696716182136@swboyd.mtv.corp.google.com> (raw)
In-Reply-To: <20200516080806.1459784-2-natechancellor@gmail.com>
Quoting Nathan Chancellor (2020-05-16 01:08:07)
> There are four different callback functions that are used for the
> clk_register callback that all have different second parameter types.
>
> bcm2835_register_pll -> struct bcm2835_pll_data
> bcm2835_register_pll_divider -> struct bcm2835_pll_divider_data
> bcm2835_register_clock -> struct bcm2835_clock_data
> bcm2835_register_date -> struct bcm2835_gate_data
>
> These callbacks are cast to bcm2835_clk_register so that there is no
> error about incompatible pointer types. Unfortunately, this is a control
> flow integrity violation, which verifies that the callback function's
> types match the prototypes exactly before jumping.
>
> [ 0.857913] CFI failure (target: 0xffffff9334a81820):
> [ 0.857977] WARNING: CPU: 3 PID: 35 at kernel/cfi.c:29 __cfi_check_fail+0x50/0x58
> [ 0.857985] Modules linked in:
> [ 0.858007] CPU: 3 PID: 35 Comm: kworker/3:1 Not tainted 4.19.123-v8-01301-gdbb48f16956e4-dirty #1
> [ 0.858015] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)
> [ 0.858031] Workqueue: events 0xffffff9334a925c8
> [ 0.858046] pstate: 60000005 (nZCv daif -PAN -UAO)
> [ 0.858058] pc : __cfi_check_fail+0x50/0x58
> [ 0.858070] lr : __cfi_check_fail+0x50/0x58
> [ 0.858078] sp : ffffff800814ba90
> [ 0.858086] x29: ffffff800814ba90 x28: 000fffffffdfff3d
> [ 0.858101] x27: 00000000002000c2 x26: ffffff93355fdb18
> [ 0.858116] x25: 0000000000000000 x24: ffffff9334a81820
> [ 0.858131] x23: ffffff93357f3580 x22: ffffff9334af1000
> [ 0.858146] x21: a79b57e88f8ebc81 x20: ffffff93357f3580
> [ 0.858161] x19: ffffff9334a81820 x18: fffffff679769070
> [ 0.858175] x17: 0000000000000000 x16: 0000000000000000
> [ 0.858190] x15: 0000000000000004 x14: 000000000000003c
> [ 0.858205] x13: 0000000000003044 x12: 0000000000000000
> [ 0.858220] x11: b57e91cd641bae00 x10: b57e91cd641bae00
> [ 0.858235] x9 : b57e91cd641bae00 x8 : b57e91cd641bae00
> [ 0.858250] x7 : 0000000000000000 x6 : ffffff933591d4e5
> [ 0.858264] x5 : 0000000000000000 x4 : 0000000000000000
> [ 0.858279] x3 : ffffff800814b718 x2 : ffffff9334a84818
> [ 0.858293] x1 : ffffff9334bba66c x0 : 0000000000000029
> [ 0.858308] Call trace:
> [ 0.858321] __cfi_check_fail+0x50/0x58
> [ 0.858337] __cfi_check+0x3ab3c/0x4467c
> [ 0.858351] bcm2835_clk_probe+0x210/0x2dc
> [ 0.858369] platform_drv_probe+0xb0/0xfc
> [ 0.858380] really_probe+0x4a0/0x5a8
> [ 0.858391] driver_probe_device+0x68/0x104
> [ 0.858403] __device_attach_driver+0x100/0x148
> [ 0.858418] bus_for_each_drv+0xb0/0x12c
> [ 0.858431] __device_attach.llvm.17225159516306086099+0xc0/0x168
> [ 0.858443] bus_probe_device+0x44/0xfc
> [ 0.858455] deferred_probe_work_func+0xa0/0xe0
> [ 0.858472] process_one_work+0x210/0x538
> [ 0.858485] worker_thread+0x2e8/0x478
> [ 0.858500] kthread+0x154/0x164
> [ 0.858515] ret_from_fork+0x10/0x18
>
> To fix this, change the second parameter of all functions void * and use
> a local variable with the correct type so that everything works
> properly. With this, the only use of bcm2835_clk_register is in struct
> bcm2835_clk_desc so we can just remove it and use the type directly.
>
> Fixes: 56eb3a2ed972 ("clk: bcm2835: remove use of BCM2835_CLOCK_COUNT in driver")
> Link: https://github.com/ClangBuiltLinux/linux/issues/1028
> Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
> ---
Applied to clk-next
next prev parent reply other threads:[~2020-05-26 23:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-16 8:08 [PATCH 1/2] clk: bcm2835: Fix return type of bcm2835_register_gate Nathan Chancellor
2020-05-16 8:08 ` [PATCH 2/2] clk: bcm2835: Remove casting to bcm2835_clk_register Nathan Chancellor
2020-05-26 23:42 ` Stephen Boyd [this message]
2020-05-26 23:42 ` [PATCH 1/2] clk: bcm2835: Fix return type of bcm2835_register_gate Stephen Boyd
2020-05-26 23:53 ` Nathan Chancellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=159053652927.88029.9853028696716182136@swboyd.mtv.corp.google.com \
--to=sboyd@kernel.org \
--cc=bcm-kernel-feedback-list@broadcom.com \
--cc=clang-built-linux@googlegroups.com \
--cc=f.fainelli@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-clk@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rpi-kernel@lists.infradead.org \
--cc=mturquette@baylibre.com \
--cc=natechancellor@gmail.com \
--cc=nsaenzjulienne@suse.de \
--cc=rjui@broadcom.com \
--cc=samitolvanen@google.com \
--cc=sbranden@broadcom.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).