Received: by 2002:ac0:8c9a:0:0:0:0:0 with SMTP id r26csp4966231ima; Tue, 5 Feb 2019 04:25:59 -0800 (PST) X-Google-Smtp-Source: AHgI3IZ5eFudvbLiSPvIRmo1AZe28qNfu3mTg8Zkyx7PCp1JHmb1IrQpF9NHbpptsd3MsKoQK6nk X-Received: by 2002:a17:902:7243:: with SMTP id c3mr4836068pll.53.1549369558939; Tue, 05 Feb 2019 04:25:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549369558; cv=none; d=google.com; s=arc-20160816; b=RXWUHiHMdbrclJj3fmy95/0aVTNKJK47Jo6UXz72kJ1ryClBc6cc9iAc77syu1ZUKZ 3j9l2fKIr2kcOdHmf0OcVB7Drb3iefqkarvPG4K9BbAiALwF7hRZINvPcRa83z8DpKoz 7RyVe5A9pRvHSXKaHLHh9ye4zKbVlOxPM0ornci2jjtKD6xswbyNBLFOS8QWksyDiJ7o 4HQgeyqJyh/fifie98rw2nuvY9abxzd51RSofWvbVf3tS75F5eOY8TymxrXU24Deys3A LEbKqFHMqs2Rz4ibyIRkNbkKk5UL7O9pEEIjVVEC6Z1G1OXCN/cSLSn00TAqX8GSfPU+ DVjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=QyVH8HHmZ5yaS/oshOIlsj1GdpxxCedD/X/A+PzEZbk=; b=uNFrGJid4sAVN6yp+r4dur6+6sw5g87Z3M7PQVe3WhbZjiSLm8NmzLrwj7LDr5J8jW Yk8TGrq0kXd88iKlUgPAsv9yCPkSzqxM8ZGquYbzqlZa+v9oDqFmnoWZ0Fy7kzx/v9Vq jv47VqQBiGStENE+ThgjXLTVVvrL5lZGl3fPaKE4Q9kpFXab+ubIYx13KAQ3vHhhq10L gVwlDpu0swnvc7952jDABBE9m31Cp9jLjfb587KCe22pJGqnO32CTtlibys7yqNC6blX +v/KQXtPIZCC6vc90zaNYC6PBCzNhAbXPooGjsjsiJ3RQkm/8GP83q0QII0enQHhEu+J 6V6A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i90si3101181pli.135.2019.02.05.04.25.43; Tue, 05 Feb 2019 04:25:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728961AbfBEMJO (ORCPT + 99 others); Tue, 5 Feb 2019 07:09:14 -0500 Received: from sauhun.de ([88.99.104.3]:56746 "EHLO pokefinder.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728782AbfBEMJL (ORCPT ); Tue, 5 Feb 2019 07:09:11 -0500 Received: from localhost (unknown [46.183.103.8]) by pokefinder.org (Postfix) with ESMTPSA id BB9252C0509; Tue, 5 Feb 2019 13:09:08 +0100 (CET) Date: Tue, 5 Feb 2019 13:09:06 +0100 From: Wolfram Sang To: Paul Kocialkowski Cc: bcm-kernel-feedback-list@broadcom.com, linux-i2c@vger.kernel.org, linux-rpi-kernel@lists.infradead.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Florian Fainelli , Ray Jui , Scott Branden , Eric Anholt , Stefan Wahren , Maxime Ripard , Eben Upton , Thomas Petazzoni Subject: Re: [PATCH v2] i2c: bcm2835: Clear current buffer pointers and counts after a transfer Message-ID: <20190205120905.GB1045@kunai> References: <20181227154225.5492-1-paul.kocialkowski@bootlin.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="tjCHc7DPkfUGtrlw" Content-Disposition: inline In-Reply-To: <20181227154225.5492-1-paul.kocialkowski@bootlin.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --tjCHc7DPkfUGtrlw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 27, 2018 at 04:42:25PM +0100, Paul Kocialkowski wrote: > The driver's interrupt handler checks whether a message is currently > being handled with the curr_msg pointer. When it is NULL, the interrupt > is considered to be unexpected. Similarly, the i2c_start_transfer > routine checks for the remaining number of messages to handle in > num_msgs. >=20 > However, these values are never cleared and always keep the message and > number relevant to the latest transfer (which might be done already and > the underlying message memory might have been freed). >=20 > When an unexpected interrupt hits with the DONE bit set, the isr will > then try to access the flags field of the curr_msg structure, leading > to a fatal page fault. >=20 > The msg_buf and msg_buf_remaining fields are also never cleared at the > end of the transfer, which can lead to similar pitfalls. >=20 > Fix these issues by introducing a cleanup function and always calling > it after a transfer is finished. >=20 > Fixes: e2474541032d ("i2c: bcm2835: Fix hang for writing messages larger = than 16 bytes") > Signed-off-by: Paul Kocialkowski Stefan, Florian, any comment about this patch? --tjCHc7DPkfUGtrlw Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEOZGx6rniZ1Gk92RdFA3kzBSgKbYFAlxZfOEACgkQFA3kzBSg KbYpQw/+I5EVIhwbmysIh+L9Au4/Gm2PS/klKGFRPiiV5gJZWeYg6Pnb7exKsPet Jht6B6C5nDf2c8UcGc4Sj3vdJMeu3hln3j8Xv/mQQo5bUYU2VYsf5+wTwrh8NFbH CUBP32dXvZMyDl5wI4dDXwyiOOtJYwMr76SXaeQuxsNZITBPMqI8sl3TYbCeaT2x /UoYyCD4GTBed3lRUknOqmtr07bbnsohBS3IFVKZMCiSSCoTAHNe9q3XptYVEdlp 0KyaaKrlEa4XvrZmolJMlgcHMoQMSptmARj6ZTl664WmwD90TrjsHoyPKAtFPn/B bP+XzwsAJqhasN/CrUrebDxd1vzMSGtj0kShlQABvZRXN7DK4vdmLfKrOYcCZ5ra bWigpqGuGOnyQOJCWfPh4o0EpHQt8Fqu06cKZLQDIGz7x7n7rqp5PRFJzxhGK3Go gY7ESo/VZ0rXGawuYFWVpGw3r/TAWNNIR39v1vmN7+lr7mfnKjvnZnwOS7+HwcBN CehQ9lS/pM2jvZZfs8mWbWx3wnmZ1tfWooacHBi9FRksTylHLoiOaPONfUXB4l5z exhP7ryt4iN/HS/wAVUYcTVzpIlDsDyf0kwsfXwRg+rj9ykl6DKC72nnK1bg/lEh HPuolBp1p71U5oY3AgfDSwtuEL1CR6IU/+vI6fnWTgRMJqbyxNY= =fC0y -----END PGP SIGNATURE----- --tjCHc7DPkfUGtrlw--