Re: [PATCH] i2c: designware: Revert recent changes to i2c_dw_probe_lock_support()

Kim Phillips <kim.phillips@xxxxxxx> · Thu, 11 Jan 2024 11:56:55 -0600

On 1/11/24 6:56 AM, Jarkko Nikula wrote:
Borislav Petkov reported a regression below on an AMD system and it
appeared on linux-next only after late December 2023. V, Narasimhan and
Kim Phillips helped to track down regression to commit 2f571a725434
("i2c: designware: Fix lock probe call order in dw_i2c_plat_probe()").

Unfortuately above commit is not directly revertible so revert it by
reverting also two other related commits on top of it. So this patch
reverts following commits:

f9b51f600217 ("i2c: designware: Save pointer to semaphore callbacks instead of index")
b8034c7d28a9 ("i2c: designware: Replace a while-loop by for-loop")
2f571a725434 ("i2c: designware: Fix lock probe call order in dw_i2c_plat_probe()")

[    6.245173] i2c_designware AMDI0010:00: Unknown Synopsys component type: 0xffffffff
[    6.252683] BUG: kernel NULL pointer dereference, address: 00000000000001fc
[    6.256551] #PF: supervisor read access in kernel mode
[    6.256551] #PF: error_code(0x0000) - not-present page
[    6.256551] PGD 0
[    6.256551] Oops: 0000 [#1] PREEMPT SMP NOPTI
[    6.256551] CPU: 32 PID: 211 Comm: kworker/32:0 Not tainted 6.7.0-rc6-next-20231222-1703820640818 #1
[    6.256551] Workqueue: pm pm_runtime_work
[    6.256551] RIP: 0010:regmap_read+0x12/0x70
[    6.256551] Code: 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 <8b> 87 fc 01 00 00 83 e8 01 85 f0 75 42 48 89 fb 41 89 f4 49 89 d5
[    6.256551] RSP: 0018:ff7fa5c740bcbc98 EFLAGS: 00010246
[    6.256551] RAX: 0000000000000000 RBX: ff38ff5c159f1028 RCX: 0000000000000008
[    6.256551] RDX: ff7fa5c740bcbcc4 RSI: 0000000000000034 RDI: 0000000000000000
[    6.256551] RBP: ff7fa5c740bcbcb0 R08: ff38ff5c02ceb8b0 R09: ff38ff5c002a4500
[    6.256551] R10: 0000000000000003 R11: 0000000000000003 R12: ff38ff5c159f1028
[    6.256551] R13: 0000000000000000 R14: 0000000000000000 R15: ff38ff5c159ed8f4
[    6.256551] FS:  0000000000000000(0000) GS:ff38ff6b0d200000(0000) knlGS:0000000000000000
[    6.256551] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    6.256551] CR2: 00000000000001fc CR3: 000000007403c001 CR4: 0000000000771ef0
[    6.256551] PKRU: 55555554
[    6.256551] Call Trace:
[    6.256551]  <TASK>
[    6.256551]  ? show_regs+0x6d/0x80
[    6.256551]  ? __die+0x29/0x70
[    6.256551]  ? page_fault_oops+0x153/0x4a0
[    6.256551]  ? do_user_addr_fault+0x30f/0x6c0
[    6.256551]  ? exc_page_fault+0x7c/0x190
[    6.256551]  ? asm_exc_page_fault+0x2b/0x30
[    6.256551]  ? regmap_read+0x12/0x70
[    6.256551]  ? update_load_avg+0x82/0x7d0
[    6.256551]  __i2c_dw_disable+0x38/0x180
[    6.256551]  i2c_dw_disable+0x3f/0xb0
[    6.256551]  i2c_dw_runtime_suspend+0x33/0x50
[    6.256551]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[    6.256551]  pm_generic_runtime_suspend+0x2f/0x40
[    6.256551]  __rpm_callback+0x48/0x120
[    6.256551]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[    6.256551]  rpm_callback+0x66/0x70
[    6.256551]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[    6.256551]  rpm_suspend+0x166/0x700
[    6.256551]  ? srso_alias_return_thunk+0x5/0xfbef5
[    6.256551]  ? __schedule+0x3df/0x1720
[    6.256551]  pm_runtime_work+0xb2/0xd0
[    6.256551]  process_one_work+0x178/0x350
[    6.256551]  worker_thread+0x2f5/0x420
[    6.256551]  ? __pfx_worker_thread+0x10/0x10
[    6.256551]  kthread+0xf5/0x130
[    6.256551]  ? __pfx_kthread+0x10/0x10
[    6.256551]  ret_from_fork+0x3d/0x60
[    6.256551]  ? __pfx_kthread+0x10/0x10
[    6.256551]  ret_from_fork_asm+0x1a/0x30
[    6.256551]  </TASK>
[    6.256551] Modules linked in:
[    6.256551] CR2: 00000000000001fc
[    6.256551] ---[ end trace 0000000000000000 ]---
[    6.256551] RIP: 0010:regmap_read+0x12/0x70
[    6.256551] Code: 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 <8b> 87 fc 01 00 00 83 e8 01 85 f0 75 42 48 89 fb 41 89 f4 49 89 d5
[    6.256551] RSP: 0018:ff7fa5c740bcbc98 EFLAGS: 00010246
[    6.256551] RAX: 0000000000000000 RBX: ff38ff5c159f1028 RCX: 0000000000000008
[    6.256551] RDX: ff7fa5c740bcbcc4 RSI: 0000000000000034 RDI: 0000000000000000
[    6.256551] RBP: ff7fa5c740bcbcb0 R08: ff38ff5c02ceb8b0 R09: ff38ff5c002a4500
[    6.256551] R10: 0000000000000003 R11: 0000000000000003 R12: ff38ff5c159f1028
[    6.256551] R13: 0000000000000000 R14: 0000000000000000 R15: ff38ff5c159ed8f4
[    6.256551] FS:  0000000000000000(0000) GS:ff38ff6b0d200000(0000) knlGS:0000000000000000
[    6.256551] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    6.256551] CR2: 00000000000001fc CR3: 000000007403c001 CR4: 0000000000771ef0
[    6.256551] PKRU: 55555554
[    6.256551] note: kworker/32:0[211] exited with irqs disabled

Reported-by: Borislav Petkov <bp@xxxxxxxxx>
Reported-by: V Narasimhan <Narasimhan.V@xxxxxxx>
Reported-by: Kim Phillips <kim.phillips@xxxxxxx>
Signed-off-by: Jarkko Nikula <jarkko.nikula@xxxxxxxxxxxxxxx>
---

Hold on, I'm testing this on top of next-20240111 and still seeing the splat...

[   18.822681][    T1] usbcore: registered new device driver usb
[   18.863839][    T1] i2c_designware AMDI0010:00: Unknown Synopsys component type: 0xffffffff
[   18.882449][    T1] i2c_designware AMDI0010:01: Unknown Synopsys component type: 0xffffffff
[   18.890568][ T3175] BUG: kernel NULL pointer dereference, address: 0000000000000384
[   18.894399][ T3175] #PF: supervisor read access in kernel mode
[   18.894399][ T3175] #PF: error_code(0x0000) - not-present page
[   18.894399][ T3175] PGD 0
[   18.894399][ T3175] Oops: 0000 [#1] SMP NOPTI
[   18.894399][ T3175] CPU: 386 PID: 3175 Comm: kworker/386:1 Not tainted 6.7.0-next-20240111+ #7 ad2022c7b217b1e9ec5a9b3b4ecf4603a3c9a2e0
[   18.894399][ T3175] Workqueue: pm pm_runtime_work
[   18.894399][ T3175] RIP: 0010:regmap_read+0x12/0x80
[   18.894399][ T3175] Code: ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 <8b> 87 84 03 00 00 83 e8 01 85 f0 75 54 48 89 fb 41 89 f4 49 89 d5
[   18.894399][ T3175] RSP: 0018:ff5a6e8852503c70 EFLAGS: 00010246
[   18.894399][ T3175] RAX: 0000000000000000 RBX: ff367ab45a32e028 RCX: 0000000000000000
[   18.894399][ T3175] RDX: ff5a6e8852503c9c RSI: 0000000000000034 RDI: 0000000000000000
[   18.894399][ T3175] RBP: ff5a6e8852503c88 R08: 0000000000000000 R09: 0000000000000000
[   18.894399][ T3175] R10: 0000000000000000 R11: 0000000000000000 R12: ff367ab45a32e028
[   18.894399][ T3175] R13: 0000000000000000 R14: 0000000000000000 R15: ff367aa50c2a9178
[   18.894399][ T3175] FS:  0000000000000000(0000) GS:ff367ac3ed600000(0000) knlGS:0000000000000000
[   18.894399][ T3175] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   18.894399][ T3175] CR2: 0000000000000384 CR3: 0000001813a64001 CR4: 0000000000771ef0
[   18.894399][ T3175] PKRU: 55555554
[   18.894399][ T3175] Call Trace:
[   18.894399][ T3175]  <TASK>
[   18.894399][ T3175]  ? show_regs+0x75/0x90
[   18.894399][ T3175]  ? __die+0x29/0x80
[   18.894399][ T3175]  ? page_fault_oops+0x153/0x4b0
[   18.894399][ T3175]  ? do_user_addr_fault+0x345/0x710
[   18.894399][ T3175]  ? exc_page_fault+0x87/0x1f0
[   18.894399][ T3175]  ? asm_exc_page_fault+0x2b/0x30
[   18.894399][ T3175]  ? regmap_read+0x12/0x80
[   18.894399][ T3175]  __i2c_dw_disable+0x38/0x190
[   18.894399][ T3175]  ? local_clock+0x12/0x20
[   18.894399][ T3175]  i2c_dw_disable+0x3f/0xb0
[   18.894399][ T3175]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[   18.894399][ T3175]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[   18.894399][ T3175]  i2c_dw_runtime_suspend+0x26/0x40
[   18.894399][ T3175]  pm_generic_runtime_suspend+0x2f/0x50
[   18.894399][ T3175]  __rpm_callback+0x48/0x130
[   18.894399][ T3175]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[   18.894399][ T3175]  rpm_callback+0x6c/0x80
[   18.894399][ T3175]  ? __pfx_pm_generic_runtime_suspend+0x10/0x10
[   18.894399][ T3175]  rpm_suspend+0x17a/0x730
[   18.894399][ T3175]  ? lock_acquired+0xc2/0x350
[   18.894399][ T3175]  pm_runtime_work+0xd6/0xf0
[   18.894399][ T3175]  process_one_work+0x215/0x4f0
[   18.894399][ T3175]  ? process_one_work+0x1b5/0x4f0
[   18.894399][ T3175]  worker_thread+0x1d5/0x3f0
[   18.894399][ T3175]  ? __pfx_worker_thread+0x10/0x10
[   18.894399][ T3175]  kthread+0xd8/0x110
[   18.894399][ T3175]  ? __pfx_kthread+0x10/0x10
[   18.894399][ T3175]  ret_from_fork+0x47/0x70
[   18.894399][ T3175]  ? __pfx_kthread+0x10/0x10
[   18.894399][ T3175]  ret_from_fork_asm+0x1a/0x30
[   18.894399][ T3175]  </TASK>
[   18.894399][ T3175] Modules linked in:
[   18.894399][ T3175] CR2: 0000000000000384
[   18.894399][ T3175] ---[ end trace 0000000000000000 ]---
[   18.894399][ T3175] RIP: 0010:regmap_read+0x12/0x80
[   18.894399][ T3175] Code: ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 <8b> 87 84 03 00 00 83 e8 01 85 f0 75 54 48 89 fb 41 89 f4 49 89 d5
[   18.894399][ T3175] RSP: 0018:ff5a6e8852503c70 EFLAGS: 00010246
[   18.894399][ T3175] RAX: 0000000000000000 RBX: ff367ab45a32e028 RCX: 0000000000000000
[   18.894399][ T3175] RDX: ff5a6e8852503c9c RSI: 0000000000000034 RDI: 0000000000000000
[   18.894399][ T3175] RBP: ff5a6e8852503c88 R08: 0000000000000000 R09: 0000000000000000
[   18.894399][ T3175] R10: 0000000000000000 R11: 0000000000000000 R12: ff367ab45a32e028
[   18.894399][ T3175] R13: 0000000000000000 R14: 0000000000000000 R15: ff367aa50c2a9178
[   18.894399][ T3175] FS:  0000000000000000(0000) GS:ff367ac3ed600000(0000) knlGS:0000000000000000
[   18.894399][ T3175] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   18.894399][ T3175] CR2: 0000000000000384 CR3: 0000001813a64001 CR4: 0000000000771ef0
[   18.894399][ T3175] PKRU: 55555554
[   18.894399][ T3175] note: kworker/386:1[3175] exited with irqs disabled

Thanks,

Kim