| Message ID | 20250306074303.239081-1-manjunatha.venkatesh@nxp.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [v2] svc-i3c-master: Fix read from unreadable memory at svc_i3c_master_ibi_work() | expand |
On Thu, Mar 06, 2025 at 01:13:03PM +0530, Manjunatha Venkatesh wrote: > As part of I3C driver probing sequence for particular device instance, > While adding to queue it is trying to access ibi variable of dev which is > not yet initialized causing "Unable to handle kernel read from unreadable > memory" resulting in kernel panic. > > Signed-off-by: Manjunatha Venkatesh <manjunatha.venkatesh@nxp.com> > --- You sent it 3 times. Do you try my suggestion at v1? https://lore.kernel.org/linux-i3c/Z8m%2FzE9JvyiNq1HG@lizhi-Precision-Tower-5810/T/#t Before close above discussion, please not sent new version. Still missied fix tag and cc stable. Frank > Changes since v1: > - Patch tittle updated as per the review feedback > > drivers/i3c/master/svc-i3c-master.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/drivers/i3c/master/svc-i3c-master.c b/drivers/i3c/master/svc-i3c-master.c > index d6057d8c7dec..98c4d2e5cd8d 100644 > --- a/drivers/i3c/master/svc-i3c-master.c > +++ b/drivers/i3c/master/svc-i3c-master.c > @@ -534,8 +534,11 @@ static void svc_i3c_master_ibi_work(struct work_struct *work) > switch (ibitype) { > case SVC_I3C_MSTATUS_IBITYPE_IBI: > if (dev) { > - i3c_master_queue_ibi(dev, master->ibi.tbq_slot); > - master->ibi.tbq_slot = NULL; > + data = i3c_dev_get_master_data(dev); > + if (master->ibi.slots[data->ibi]) { > + i3c_master_queue_ibi(dev, master->ibi.tbq_slot); > + master->ibi.tbq_slot = NULL; > + } > } > svc_i3c_master_emit_stop(master); > break; > -- > 2.46.1 > > > -- > linux-i3c mailing list > linux-i3c@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-i3c
diff --git a/drivers/i3c/master/svc-i3c-master.c b/drivers/i3c/master/svc-i3c-master.c index d6057d8c7dec..98c4d2e5cd8d 100644 --- a/drivers/i3c/master/svc-i3c-master.c +++ b/drivers/i3c/master/svc-i3c-master.c @@ -534,8 +534,11 @@ static void svc_i3c_master_ibi_work(struct work_struct *work) switch (ibitype) { case SVC_I3C_MSTATUS_IBITYPE_IBI: if (dev) { - i3c_master_queue_ibi(dev, master->ibi.tbq_slot); - master->ibi.tbq_slot = NULL; + data = i3c_dev_get_master_data(dev); + if (master->ibi.slots[data->ibi]) { + i3c_master_queue_ibi(dev, master->ibi.tbq_slot); + master->ibi.tbq_slot = NULL; + } } svc_i3c_master_emit_stop(master); break;
As part of I3C driver probing sequence for particular device instance, While adding to queue it is trying to access ibi variable of dev which is not yet initialized causing "Unable to handle kernel read from unreadable memory" resulting in kernel panic. Signed-off-by: Manjunatha Venkatesh <manjunatha.venkatesh@nxp.com> --- Changes since v1: - Patch tittle updated as per the review feedback drivers/i3c/master/svc-i3c-master.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)