[Letux-kernel] New LetuxOS Kernels - strcmp(NULL)
H. Nikolaus Schaller
hns at goldelico.com
Sun Jun 24 18:08:51 CEST 2018
> Am 24.06.2018 um 09:52 schrieb H. Nikolaus Schaller <hns at goldelico.com>:
> Main suspect is the generic-adc-battery driver (although I remember to have seen the
> strcmp(NULL) once even when blackisting it).
> The reason why it is the my main suspect is that the message iio_charge:-747
> seems to almost always come before platform backlight: Retrying from deferred list
> (AFAIR in failing and non-failing cases).
> But they did not yet confess :)
well, there is new evidence:
[ 7.479400] really_probe: driver generic-adc-battery
[ 7.484710] gab_probe: properties = ed1fde00
^^^ this is a printk for memory block address allocated by
[ 7.490631] i2c 1-0030: Retrying from deferred list
[ 7.495849] really_probe: driver ov9655
[ 7.508209] platform backlight: Retrying from deferred list
[ 7.514526] really_probe: driver pwm-backlight
[ 7.524291] pps_core: LinuxPPS API ver. 1 registered
[ 7.532531] pwm-backlight backlight: backlight supply power not found, using dummy regulator
[ 7.545471] (NULL device *): hwmon: 'gta04-battery' is not a valid name attribute, please fix
[ 7.554840] i2c 1-0030: Retrying from deferred list
[ 7.560089] really_probe: driver ov9655
[ 7.570648] platform backlight: Retrying from deferred list
[ 7.583770] really_probe: driver pwm-backlight
[ 7.598083] pinctrl_generic_get_group_name: group ed1fde50 has NULL name
^^^ here is the struct group_desc where the group->name magically became NULL
[ 7.605102] group>name = (null)
[ 7.613464] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti at linux.it>
[ 7.623229] group>pins = ed1faf10
[ 7.626861] group>num_pins = 1
[ 7.630340] group>data = ee444e10
[ 7.633972] pinctrl_generic_group_name_to_selector: pctldev = ee3bb200 function = backlight_pins_pinmux
[ 7.653869] really_probe: driver omap-dmtimer-pwm
[ 7.658966] strcmp(backlight_pins_pinmux, (null))
[ 7.664062] get_group_name() = pinctrl_generic_get_group_name+0x0/0xa0
[ 7.682098] ngroups = 19
[ 7.684936] selector = 18
[ 7.689056] really_probe: driver connector-analog-tv
So we have these addresses:
This is just 0x50 bytes apart.
A write to psy_desc->properties[0x14] = NULL would overwrite ed1fde50->name in this example.
Next I'll add some more printk to study where it is exactly writing to. Maybe one of the
memcpy address calculations is wrong.
And I think we should do a code review for the gab driver and the gab_probe() function...
More information about the Letux-kernel