diff options
author | Christian Neumüller <cn00@gmx.at> | 2014-09-09 11:20:19 +0200 |
---|---|---|
committer | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2017-05-15 02:18:23 +0200 |
commit | db423114339705ea03e45487f55ab8bbf64f4d3c (patch) | |
tree | a6cbec9bd06ef7dc992055022d678fb8ccfe6da8 /drivers/motor | |
parent | 18e37f85679895b69a3ee41e8caf0dcbca3b8db5 (diff) | |
download | kernel_samsung_smdk4412-db423114339705ea03e45487f55ab8bbf64f4d3c.zip kernel_samsung_smdk4412-db423114339705ea03e45487f55ab8bbf64f4d3c.tar.gz kernel_samsung_smdk4412-db423114339705ea03e45487f55ab8bbf64f4d3c.tar.bz2 |
bcmdhd wireless: Fix off by one in initialization.
An sprintf in dhd_write_macaddr wrote a rogue null byte after the buffer.
Found with CONFIG_CC_STACKPROTECTOR=y (idea of Lanchon at XDA Developers [1]).
[1]: http://forum.xda-developers.com/showthread.php?p=55306602
Panic, on a Samsung Galaxy S2 i9100, was:
<0>[ 26.412257] c1 Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: bf013a2c
<0>[ 26.412315] c1
<4>[ 26.412334] c1 Backtrace:
<4>[ 26.412382] c1 [<c064e5b8>] (dump_backtrace+0x0/0x10c) from [<c0b91e6c>] (dump_stack+0x18/0x1c)
<4>[ 26.412439] c1 r6:e211e820 r5:c0ed4760 r4:c0f5c940 r3:271aed5c
<4>[ 26.412496] c1 [<c0b91e54>] (dump_stack+0x0/0x1c) from [<c0b92204>] (panic+0x80/0x1ac)
<4>[ 26.412561] c1 [<c0b92184>] (panic+0x0/0x1ac) from [<c0684be0>] (init_oops_id+0x0/0x58)
<4>[ 26.412613] c1 r3:271aed5c r2:271aed00 r1:bf013a2c r0:c0cb8880
<4>[ 26.412663] c1 r7:e273bc32
<4>[ 26.412742] c1 [<c0684bc4>] (__stack_chk_fail+0x0/0x1c) from [<bf013a2c>] (dhd_write_macaddr+0x2e4/0x310 [dhd])
<4>[ 26.412864] c1 [<bf013748>] (dhd_write_macaddr+0x0/0x310 [dhd]) from [<bf01a554>] (dhd_bus_start+0x1a4/0x2e0 [dhd])
<4>[ 26.412985] c1 [<bf01a3b0>] (dhd_bus_start+0x0/0x2e0 [dhd]) from [<bf020558>] (dhdsdio_probe+0x4a4/0x72c [dhd])
<4>[ 26.413097] c1 [<bf0200b4>] (dhdsdio_probe+0x0/0x72c [dhd]) from [<bf00c0ec>] (bcmsdh_probe+0xf8/0x150 [dhd])
<4>[ 26.413206] c1 [<bf00bff4>] (bcmsdh_probe+0x0/0x150 [dhd]) from [<bf00e038>] (bcmsdh_sdmmc_probe+0x54/0xbc [dhd])
<4>[ 26.413304] c1 [<bf00dfe4>] (bcmsdh_sdmmc_probe+0x0/0xbc [dhd]) from [<c09a7fe8>] (sdio_bus_probe+0xfc/0x108)
<4>[ 26.413368] c1 r5:e2d97000 r4:e2d97008
<4>[ 26.413414] c1 [<c09a7eec>] (sdio_bus_probe+0x0/0x108) from [<c0896764>] (driver_probe_device+0x94/0x1a8)
<4>[ 26.413474] c1 r8:00000000 r7:bf067414 r6:e2d9703c r5:c0f6ddb8 r4:e2d97008
<4>[ 26.413531] c1 r3:c09a7eec
<4>[ 26.413563] c1 [<c08966d0>] (driver_probe_device+0x0/0x1a8) from [<c089690c>] (__driver_attach+0x94/0x98)
<4>[ 26.413624] c1 r7:e2e631e0 r6:e2d9703c r5:bf067414 r4:e2d97008
<4>[ 26.413683] c1 [<c0896878>] (__driver_attach+0x0/0x98) from [<c0895678>] (bus_for_each_dev+0x4c/0x94)
<4>[ 26.413742] c1 r6:c0896878 r5:bf067414 r4:00000000 r3:c0896878
<4>[ 26.413799] c1 [<c089562c>] (bus_for_each_dev+0x0/0x94) from [<c0896428>] (driver_attach+0x24/0x28)
<4>[ 26.413857] c1 r6:c0f02af0 r5:bf067414 r4:bf067414
<4>[ 26.413904] c1 [<c0896404>] (driver_attach+0x0/0x28) from [<c08960c8>] (bus_add_driver+0x180/0x250)
<4>[ 26.413970] c1 [<c0895f48>] (bus_add_driver+0x0/0x250) from [<c0896e14>] (driver_register+0x80/0x150)
<4>[ 26.414037] c1 [<c0896d94>] (driver_register+0x0/0x150) from [<c09a8128>] (sdio_register_driver+0x2c/0x30)
<4>[ 26.414131] c1 [<c09a80fc>] (sdio_register_driver+0x0/0x30) from [<bf00e250>] (sdio_function_init+0x3c/0x8c [dhd])
<4>[ 26.414244] c1 [<bf00e214>] (sdio_function_init+0x0/0x8c [dhd]) from [<bf00c19c>] (bcmsdh_register+0x1c/0x24 [dhd])
<4>[ 26.414311] c1 r5:00000004 r4:bf06a3c4
<4>[ 26.414398] c1 [<bf00c180>] (bcmsdh_register+0x0/0x24 [dhd]) from [<bf027990>] (dhd_bus_register+0x24/0x48 [dhd])
<4>[ 26.414515] c1 [<bf02796c>] (dhd_bus_register+0x0/0x48 [dhd]) from [<bf07618c>] (init_module+0x18c/0x284 [dhd])
<4>[ 26.414610] c1 [<bf076000>] (init_module+0x0/0x284 [dhd]) from [<c06448f8>] (do_one_initcall+0x128/0x1a8)
<4>[ 26.414683] c1 [<c06447d0>] (do_one_initcall+0x0/0x1a8) from [<c06b9710>] (sys_init_module+0xdf8/0x1b1c)
<4>[ 26.414756] c1 [<c06b8918>] (sys_init_module+0x0/0x1b1c) from [<c064a8c0>] (ret_fast_syscall+0x0/0x30)
<2>[ 26.414861] c0 CPU0: stopping
<4>[ 26.414886] c0 Backtrace:
<4>[ 26.414920] c0 [<c064e5b8>] (dump_backtrace+0x0/0x10c) from [<c0b91e6c>] (dump_stack+0x18/0x1c)
<4>[ 26.414977] c0 r6:c0d54000 r5:c0eb5d08 r4:00000006 r3:271aed5c
<4>[ 26.415039] c0 [<c0b91e54>] (dump_stack+0x0/0x1c) from [<c06444bc>] (do_IPI+0x258/0x29c)
<4>[ 26.415102] c0 [<c0644264>] (do_IPI+0x0/0x29c) from [<c064a340>] (__irq_svc+0x80/0x130)
<4>[ 26.415156] c0 Exception stack(0xc0d55ef0 to 0xc0d55f38)
<4>[ 26.415197] c0 5ee0: 3b9ac9ff 540deacd 01c99e53 00072679
<4>[ 26.415258] c0 5f00: c0f5a468 00000000 c0d54000 00000000 c1b540a8 412fc091 00000000 c0d55f64
<4>[ 26.415317] c0 5f20: 540deacd c0d55f38 c06aa768 c065bd78 20000013 ffffffff
<4>[ 26.415380] c0 [<c065bd3c>] (exynos4_enter_idle+0x0/0x174) from [<c099a890>] (cpuidle_idle_call+0xa4/0x120)
<4>[ 26.415442] c0 r7:00000000 r6:00000001 r5:c0f815ac r4:c1b540b8
<4>[ 26.415498] c0 [<c099a7ec>] (cpuidle_idle_call+0x0/0x120) from [<c064bd40>] (cpu_idle+0xc4/0x100)
<4>[ 26.415554] c0 r8:4000406a r7:c0ba09a8 r6:c0f59ec4 r5:c0ebd8c4 r4:c0d54000
<4>[ 26.415610] c0 r3:c099a7ec
<4>[ 26.415641] c0 [<c064bc7c>] (cpu_idle+0x0/0x100) from [<c0b83238>] (rest_init+0x8c/0xa4)
<4>[ 26.415694] c0 r7:c1b51180 r6:c0f59e00 r5:00000002 r4:c0d54000
<4>[ 26.415752] c0 [<c0b831ac>] (rest_init+0x0/0xa4) from [<c00089c4>] (start_kernel+0x2dc/0x330)
<4>[ 26.415807] c0 r5:c063d944 r4:c0eb5d34
<4>[ 26.415845] c0 [<c00086e8>] (start_kernel+0x0/0x330) from [<40008044>] (0x40008044)
Change-Id: Iaa907383e196fdf787ae4660977b58de79212de1
Diffstat (limited to 'drivers/motor')
0 files changed, 0 insertions, 0 deletions