fbcon: Avoid deleting a timer in IRQ context
authorThierry Reding <treding@nvidia.com>
Thu, 21 May 2015 07:58:03 +0000 (09:58 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 27 May 2015 12:55:38 +0000 (05:55 -0700)
commita5edce42184844239bc209c727435654cd0b5f2d
treeae3a70d1706766a5ee632df58de8fbbf1d10ccb7
parent3db9ab0b6d8a293435a78c048f877099e040f72c
fbcon: Avoid deleting a timer in IRQ context

Commit 27a4c827c34a ("fbcon: use the cursor blink interval provided by
vt") unconditionally removes the cursor blink timer. Unfortunately that
wreaks havoc under some circumstances. An easily reproducible way is to
use both the framebuffer console and a debug serial port as the console
output for kernel messages (e.g. "console=ttyS0 console=tty1" on the
kernel command-line. Upon boot this triggers a warning from within the
del_timer_sync() function because it is called from IRQ context:

[    5.070096] ------------[ cut here ]------------
[    5.070110] WARNING: CPU: 0 PID: 0 at ../kernel/time/timer.c:1098 del_timer_sync+0x4c/0x54()
[    5.070115] Modules linked in:
[    5.070120] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.1.0-rc4-next-20150519 #1
[    5.070123] Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
[    5.070142] [] (unwind_backtrace) from [] (show_stack+0x10/0x14)
[    5.070156] [] (show_stack) from [] (dump_stack+0x70/0xbc)
[    5.070164] [] (dump_stack) from [] (warn_slowpath_common+0x74/0xb0)
[    5.070169] [] (warn_slowpath_common) from [] (warn_slowpath_null+0x1c/0x24)
[    5.070174] [] (warn_slowpath_null) from [] (del_timer_sync+0x4c/0x54)
[    5.070183] [] (del_timer_sync) from [] (fbcon_del_cursor_timer+0x2c/0x40)
[    5.070190] [] (fbcon_del_cursor_timer) from [] (fbcon_cursor+0x9c/0x180)
[    5.070198] [] (fbcon_cursor) from [] (hide_cursor+0x30/0x98)
[    5.070204] [] (hide_cursor) from [] (vt_console_print+0x2a8/0x340)
[    5.070212] [] (vt_console_print) from [] (call_console_drivers.constprop.23+0xc8/0xec)
[    5.070218] [] (call_console_drivers.constprop.23) from [] (console_unlock+0x498/0x4f0)
[    5.070223] [] (console_unlock) from [] (vprintk_emit+0x1f0/0x508)
[    5.070228] [] (vprintk_emit) from [] (vprintk_default+0x24/0x2c)
[    5.070234] [] (vprintk_default) from [] (printk+0x70/0x88)

After which the system starts spewing all kinds of weird and seemingly
unrelated error messages.

This commit fixes this by restoring the condition under which the call
to fbcon_del_cursor_timer() happens.

Reported-by: Daniel Stone <daniel@fooishbar.org>
Reported-by: Kevin Hilman <khilman@kernel.org>
Tested-by: Kevin Hilman <khilman@linaro.org>
Tested-by: Scot Doyle <lkml14@scotdoyle.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Tested-by: Andrew Vagin <avagin@virtuozzo.com>
Tested-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/video/console/fbcon.c