kernel NULL pointer dereference, ucsi bug

kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Good day,

There's a problem with ucsi starting from 5.2-rc1 (maybe earlier
versions of 5.2 are affected too).
Recently I've tried these versions of rc3 (commits), all have this issue:
3ab4436f688c2d2f221793953cd05435ca84261c (05/31)
3ea3091f1bd8586125848c62be295910e9802af0
cd6c84d8f0cdc911df435bb075ba22ce3c605b07 (rc2)

These are lines from journal logs (more in the attachment):
Jun 01 16:17:27 kernel: BUG: kernel NULL pointer dereference, address:
0000000000000368
Jun 01 16:17:27 kernel: #PF: supervisor read access in kernel mode
Jun 01 16:17:27 kernel: #PF: error_code(0x0000) - not-present page
Jun 01 16:17:27 kernel: Oops: 0000 [#1] PREEMPT SMP PTI
Jun 01 16:17:27 kernel: CPU: 7 PID: 252 Comm: kworker/7:2 Tainted: G
  U     OE     5.2.0-1-MANJARO #1
Jun 01 16:17:27 kernel: Hardware name: Timi TM1701/TM1701, BIOS
XMAKB5R0P0906 10/23/2018
Jun 01 16:17:27 kernel: Workqueue: events_long ucsi_init [typec_ucsi]
Jun 01 16:17:27 kernel: RIP: 0010:typec_altmode_get_partner+0x5/0x20 [typec]
Jun 01 16:17:27 kernel: Code: 85 c0 74 08 e9 3c 8a 78 e2 31 c0 c3 b8
a1 ff ff ff c3 b8 ed ff ff ff c3 66 66 2e 0f 1f 84 00 00 00 00 00 66
90 0f 1f 44 00 00 <48> 8b 87 68 03 00 00 48 83 c0 08 c3 66 66 2e 0f 1f
84 00 00 00 00
Jun 01 16:17:27 kernel: RSP: 0018:ffffa67542123e00 EFLAGS: 00010293
Jun 01 16:17:27 kernel: RAX: 0000000000000000 RBX: ffff8e9485a56800
RCX: 0000000000000000
Jun 01 16:17:27 kernel: RDX: 0000000000000000 RSI: 0000000000000246
RDI: 0000000000000000
Jun 01 16:17:27 kernel: RBP: 0000000000000000 R08: ffff8e949ebdbdc0
R09: 0000000000000000
Jun 01 16:17:27 kernel: R10: 0000000000000000 R11: 0000000000000000
R12: 0000000000000000
Jun 01 16:17:27 kernel: R13: ffff8e9499237540 R14: ffff8e9485a56ac0
R15: ffff8e9485a56800
Jun 01 16:17:27 kernel: FS:  0000000000000000(0000)
GS:ffff8e949ebc0000(0000) knlGS:0000000000000000
Jun 01 16:17:27 kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Jun 01 16:17:27 kernel: CR2: 0000000000000368 CR3: 00000001c8a0a003
CR4: 00000000003606e0
Jun 01 16:17:27 kernel: Call Trace:
Jun 01 16:17:27 kernel:  ucsi_altmode_update_active+0x85/0x100 [typec_ucsi]
Jun 01 16:17:27 kernel:  ucsi_init+0x398/0x590 [typec_ucsi]
Jun 01 16:17:27 kernel:  process_one_work+0x1eb/0x410
Jun 01 16:17:27 kernel:  worker_thread+0x2d/0x3d0
Jun 01 16:17:27 kernel:  ? process_one_work+0x410/0x410
Jun 01 16:17:27 kernel:  kthread+0x112/0x130
Jun 01 16:17:27 kernel:  ? kthread_park+0x80/0x80
Jun 01 16:17:27 kernel:  ret_from_fork+0x35/0x40
Jun 01 16:17:27 kernel: Modules linked in: bnep arc4 sunrpc iwlmvm
rtsx_usb_ms btusb memstick btrtl cdc_ether btbcm usbnet btintel
uvcvideo r8152 bluetooth mii snd_hda_codec_hdmi mac80211
videobuf2_vmalloc videobuf2_memops snd_soc_skl intel_rapl
videobuf2_v4l2 snd_soc_hdac_hda videobuf2_common x86_pkg_temp_thermal
intel_powerclamp videodev snd_hda_ext_core snd_soc_skl_ipc
snd_soc_sst_ipc coretemp ecdh_generic media ecc snd_hda_codec_realtek
kvm_intel snd_soc_sst_dsp snd_soc_acpi_intel_match joydev snd_soc_acpi
snd_hda_codec_generic snd_soc_core fuse iwlwifi mousedev ledtrig_audio
mei_hdcp kvm snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel
iTCO_wdt iTCO_vendor_support cfg80211 snd_hda_codec snd_hda_core
snd_hwdep hid_multitouch snd_pcm irqbypass snd_timer intel_cstate
intel_uncore snd idma64 intel_rapl_perf psmouse mei_me ucsi_acpi
typec_ucsi pcspkr input_leds intel_wmi_thunderbolt intel_lpss_pci mei
intel_xhci_usb_role_switch soundcore rfkill i2c_i801 wmi_bmof
intel_pch_thermal intel_lpss roles
Jun 01 16:17:27 kernel:  typec i2c_hid intel_hid battery sparse_keymap
ac evdev mac_hid pcc_cpufreq nf_log_ipv6 ip6t_REJECT nf_reject_ipv6
xt_hl ip6t_rt nf_log_ipv4 nf_log_common ipt_REJECT nf_reject_ipv4
xt_LOG xt_multiport xt_CT iptable_raw xt_limit xt_addrtype xt_tcpudp
xt_conntrack ip6table_filter ip6_tables nf_conntrack_netbios_ns
nf_conntrack_broadcast nf_nat_ftp nf_nat nf_conntrack_ftp nf_conntrack
nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_filter vboxnetflt(OE)
vboxnetadp(OE) vboxpci(OE) vboxdrv(OE) vboxvideo ttm vboxsf(OE)
vboxguest uinput sg crypto_user acpi_call(OE) ip_tables x_tables ext4
crc32c_generic crc16 mbcache jbd2 algif_skcipher af_alg hid_apple
hid_generic usbhid hid rtsx_usb_sdmmc mmc_core rtsx_usb uas
usb_storage dm_crypt dm_mod nls_iso8859_1 nls_cp437 sd_mod
crct10dif_pclmul crc32_pclmul ghash_clmulni_intel serio_raw atkbd
libps2 aesni_intel ahci libahci libata aes_x86_64 xhci_pci crypto_simd
cryptd glue_helper xhci_hcd scsi_mod i8042 tpm_crb serio tpm_tis wmi
tpm_tis_core
Jun 01 16:17:27 kernel:  crc32c_intel vfat fat tpm rng_core i915
i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt
fb_sys_fops drm intel_agp intel_gtt agpgart
Jun 01 16:17:27 kernel: CR2: 0000000000000368
Jun 01 16:17:27 kernel: ---[ end trace 05c2c0e558309d1c ]---
Jun 01 16:17:27 kernel: RIP: 0010:typec_altmode_get_partner+0x5/0x20 [typec]
Jun 01 16:17:27 kernel: Code: 85 c0 74 08 e9 3c 8a 78 e2 31 c0 c3 b8
a1 ff ff ff c3 b8 ed ff ff ff c3 66 66 2e 0f 1f 84 00 00 00 00 00 66
90 0f 1f 44 00 00 <48> 8b 87 68 03 00 00 48 83 c0 08 c3 66 66 2e 0f 1f
84 00 00 00 00
Jun 01 16:17:27 kernel: RSP: 0018:ffffa67542123e00 EFLAGS: 00010293
Jun 01 16:17:27 kernel: RAX: 0000000000000000 RBX: ffff8e9485a56800
RCX: 0000000000000000
Jun 01 16:17:27 kernel: RDX: 0000000000000000 RSI: 0000000000000246
RDI: 0000000000000000
Jun 01 16:17:27 kernel: RBP: 0000000000000000 R08: ffff8e949ebdbdc0
R09: 0000000000000000
Jun 01 16:17:27 kernel: R10: 0000000000000000 R11: 0000000000000000
R12: 0000000000000000
Jun 01 16:17:27 kernel: R13: ffff8e9499237540 R14: ffff8e9485a56ac0
R15: ffff8e9485a56800
Jun 01 16:17:27 kernel: FS:  0000000000000000(0000)
GS:ffff8e949ebc0000(0000) knlGS:0000000000000000
Jun 01 16:17:27 kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Jun 01 16:17:27 kernel: CR2: 0000000000000368 CR3: 00000001c8a0a003
CR4: 00000000003606e0
inxi -Fxz
----------------------------------------------------------------------------------------------------------

System:    Host: <HOSTNAME> Kernel: 5.1.5-1-MANJARO x86_64 bits: 64
compiler: gcc v: 8.3.0
           Desktop: KDE Plasma 5.15.5 Distro: Manjaro Linux
Machine:   Type: Laptop System: Timi product: TM1701 v: N/A serial: <filter>
           Mobo: Timi model: TM1701 v: MP serial: <filter> UEFI:
INSYDE v: XMAKB5R0P0906
           date: 10/23/2018
Battery:   ID-1: BAT0 charge: 54.3 Wh condition: 54.3/60.0 Wh (90%)
model: SUNWODA R15B01W
           status: Full
CPU:       Topology: Quad Core model: Intel Core i7-8550U bits: 64
type: MT MCP arch: Kaby Lake
           rev: A L2 cache: 8192 KiB
           flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3
vmx bogomips: 31880
           Speed: 3034 MHz min/max: 400/4000 MHz Core speeds (MHz): 1:
2700 2: 2700 3: 2700
           4: 2700 5: 2700 6: 2700 7: 2700 8: 2700
Graphics:  Device-1: Intel UHD Graphics 620 vendor: Xiaomi driver:
i915 v: kernel bus ID: 00:02.0
           Device-2: NVIDIA GP108M [GeForce MX150] driver: N/A bus ID: 01:00.0
           Display: x11 server: X.Org 1.20.4 driver: intel
           resolution: 1920x1080~60Hz, 1920x1080~60Hz
           OpenGL: renderer: Mesa DRI Intel UHD Graphics 620 (Kabylake
GT2) v: 4.5 Mesa 19.0.5
           direct render: Yes
Audio:     Device-1: Intel Sunrise Point-LP HD Audio vendor: Xiaomi
driver: snd_hda_intel
           v: kernel bus ID: 00:1f.3
           Sound Server: ALSA v: k5.1.5-1-MANJARO
Network:   Device-1: Intel Wireless 8265 / 8275 driver: iwlwifi v:
kernel port: 4040
           bus ID: 02:00.0
           IF: wlp2s0 state: up mac: <filter>
           Device-2: Realtek RTL8153 Gigabit Ethernet Adapter type:
USB driver: r8152
           bus ID: 2-1.1:3

-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Greg KH]

On Sun, Jun 02, 2019 at 09:24:43PM +1000, Vladimir Yerilov wrote:
> Good day,
> 
> There's a problem with ucsi starting from 5.2-rc1 (maybe earlier
> versions of 5.2 are affected too).
> Recently I've tried these versions of rc3 (commits), all have this issue:
> 3ab4436f688c2d2f221793953cd05435ca84261c (05/31)
> 3ea3091f1bd8586125848c62be295910e9802af0
> cd6c84d8f0cdc911df435bb075ba22ce3c605b07 (rc2)

Can you run 'git bisect' to see what the exact offending patch is?

thanks,

greg k-h

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

No, I can't.

Unfortunately, this exceeds the scope of my knowledge. I simply don't
know enough to understand your request correctly. What I can is to
compile and try some pre-rc1 5.2 kernel and see how it goes. Also I
managed to trace the source of this problem more precisely.
The issue happens only during the boot with any cable connected to USB
type C charging port. I have 2 of them: one with power delivery / data
transfer / video output capabilities, another one is capable for data
transfer only. So the failing one is power delivery port. No matter
what is connected - I tried charger cable, OTG cable (C to A USB) and
USB type C hub - all cause the same bug, but only charger's one
actually had power from the wall.

Plugging a cable *after* logging in, however, doesn't seem to cause
any of what I've described in the original bugreport.

Thank you for your help,
Vladimir


пн, 3 июн. 2019 г. в 23:13, Greg KH <gregkh@linuxfoundation.org>:
>
> On Sun, Jun 02, 2019 at 09:24:43PM +1000, Vladimir Yerilov wrote:
> > Good day,
> >
> > There's a problem with ucsi starting from 5.2-rc1 (maybe earlier
> > versions of 5.2 are affected too).
> > Recently I've tried these versions of rc3 (commits), all have this issue:
> > 3ab4436f688c2d2f221793953cd05435ca84261c (05/31)
> > 3ea3091f1bd8586125848c62be295910e9802af0
> > cd6c84d8f0cdc911df435bb075ba22ce3c605b07 (rc2)
>
> Can you run 'git bisect' to see what the exact offending patch is?
>
> thanks,
>
> greg k-h



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Greg KH]

On Tue, Jun 04, 2019 at 12:58:38AM +1000, Vladimir Yerilov wrote:
> No, I can't.
> 
> Unfortunately, this exceeds the scope of my knowledge. I simply don't
> know enough to understand your request correctly. What I can is to
> compile and try some pre-rc1 5.2 kernel and see how it goes. Also I
> managed to trace the source of this problem more precisely.

If you can use a pre-rc1 5.2 kernel, that means you are using git, so
just look at 'git bisect --help' for how that command works and how you
can use it to find the exact problem commit.

thanks,

greg k-h

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Good day Mr. Kroah-Hartman,

I've found the culprit commit. It took a while though but now I'm sure:

commit - brief decription - time - works (y) or not (n)
670784fb4ebe54434e263837390e358405031d9e - rc1 2019-05-20
e260ad01f0aa9e96b5386d5cd7184afd949dc457 - rc0 2019-05-14 19:52:51 -0700 n
8ea5b2abd07e2280a332bd9c1a7f4dd15b9b6c13 - rc0 2019-05-09 19:35:41 -0700 n
54516da1ea859dd4f56ebba2e483d2df9d7c8a32 - rc0 2019-05-05 21:58:36 -0700 y
71ae5fc87c34ecbdca293c2a5c563d6be2576558 - rc0 2019-05-06 20:29:45 -0700 y
80f232121b69cc69a31ccb2b38c1665d770b0710 - rc0 2019-05-07 22:03:58 -0700 y
a2d635decbfa9c1e4ae15cb05b68b2559f7f827c - rc0 2019-05-08 21:35:19 -0700 n
132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a - rc0 2019-05-08 10:03:52 -0700 n
86dc59e39031fb0d366d5b1f92db015b24bef70b - rc0 2019-05-08 09:46:44 -0700 y

So 86dc59e39031fb0d366d5b1f92db015b24bef70b is the last working for
me, and 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a is the breaking one:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.2-rc3&id=132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a


вт, 4 июн. 2019 г. в 15:40, Greg KH <gregkh@linuxfoundation.org>:
>
> On Tue, Jun 04, 2019 at 12:58:38AM +1000, Vladimir Yerilov wrote:
> > No, I can't.
> >
> > Unfortunately, this exceeds the scope of my knowledge. I simply don't
> > know enough to understand your request correctly. What I can is to
> > compile and try some pre-rc1 5.2 kernel and see how it goes. Also I
> > managed to trace the source of this problem more precisely.
>
> If you can use a pre-rc1 5.2 kernel, that means you are using git, so
> just look at 'git bisect --help' for how that command works and how you
> can use it to find the exact problem commit.
>
> thanks,
>
> greg k-h



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Greg KH]

On Wed, Jun 05, 2019 at 04:36:23PM +1000, Vladimir Yerilov wrote:
> Good day Mr. Kroah-Hartman,
> 
> I've found the culprit commit. It took a while though but now I'm sure:
> 
> commit - brief decription - time - works (y) or not (n)
> 670784fb4ebe54434e263837390e358405031d9e - rc1 2019-05-20
> e260ad01f0aa9e96b5386d5cd7184afd949dc457 - rc0 2019-05-14 19:52:51 -0700 n
> 8ea5b2abd07e2280a332bd9c1a7f4dd15b9b6c13 - rc0 2019-05-09 19:35:41 -0700 n
> 54516da1ea859dd4f56ebba2e483d2df9d7c8a32 - rc0 2019-05-05 21:58:36 -0700 y
> 71ae5fc87c34ecbdca293c2a5c563d6be2576558 - rc0 2019-05-06 20:29:45 -0700 y
> 80f232121b69cc69a31ccb2b38c1665d770b0710 - rc0 2019-05-07 22:03:58 -0700 y
> a2d635decbfa9c1e4ae15cb05b68b2559f7f827c - rc0 2019-05-08 21:35:19 -0700 n
> 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a - rc0 2019-05-08 10:03:52 -0700 n
> 86dc59e39031fb0d366d5b1f92db015b24bef70b - rc0 2019-05-08 09:46:44 -0700 y
> 
> So 86dc59e39031fb0d366d5b1f92db015b24bef70b is the last working for
> me, and 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a is the breaking one:
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.2-rc3&id=132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a

132d68d37d33 ("Merge tag 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb")
is a merge point, which is odd, you should be able to drop down into
that and find the exact wrong commit.

what does 'git bisect log' show?

thanks,

greg k-h

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Thanks a lot! Now I understand how to work with bisect in general.
However, its log is unlikely to be of help because I use my distro
tools to make a kernel package. So I dropped down into the merge
commit and for now I am here:

index : kernel/git/davem/net-next.git
commit - time&date - works or not
80f232121b69cc69a31ccb2b38c1665d770b0710 - 2019-05-07 22:03:58 -0700 - y
5d438e200215f61ca6a7aa69f3c4e035ac54d8ee - 2019-04-25 11:03:52 +0200 - y
6f6a407a591ebe3e4c6bd2329b29862b3980a3ca - 2019-05-03 18:00:15 +0200 -
bug introduced? Not sure:
Jun 06 18:57:33 kernel: BUG: unable to handle kernel NULL pointer
dereference at 0000000000000370
But no log-in issues which were preventing me from logging in as whole
merge 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a did, so there must be
something else after this commit too. For now I marked it as "bad".
e823d948b7e53dc982c867ac4ce7877fc0418897 - 2019-04-30 17:55:08 +0200 -
this is being built at the moment.

Bisect log, just in case:
git bisect start
# bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
'usb-5.2-rc1' of
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
# good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
Make 'sja1105et_regs' and 'sja1105pqrs_regs' static
git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
# good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
# good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
ccg: add get_fw_info function
git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
# bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of
https://git.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into
usb-next
git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca

Have a good day,
Vladimir


чт, 6 июн. 2019 г. в 02:59, Greg KH <gregkh@linuxfoundation.org>:
>
> On Wed, Jun 05, 2019 at 04:36:23PM +1000, Vladimir Yerilov wrote:
> > Good day Mr. Kroah-Hartman,
> >
> > I've found the culprit commit. It took a while though but now I'm sure:
> >
> > commit - brief decription - time - works (y) or not (n)
> > 670784fb4ebe54434e263837390e358405031d9e - rc1 2019-05-20
> > e260ad01f0aa9e96b5386d5cd7184afd949dc457 - rc0 2019-05-14 19:52:51 -0700 n
> > 8ea5b2abd07e2280a332bd9c1a7f4dd15b9b6c13 - rc0 2019-05-09 19:35:41 -0700 n
> > 54516da1ea859dd4f56ebba2e483d2df9d7c8a32 - rc0 2019-05-05 21:58:36 -0700 y
> > 71ae5fc87c34ecbdca293c2a5c563d6be2576558 - rc0 2019-05-06 20:29:45 -0700 y
> > 80f232121b69cc69a31ccb2b38c1665d770b0710 - rc0 2019-05-07 22:03:58 -0700 y
> > a2d635decbfa9c1e4ae15cb05b68b2559f7f827c - rc0 2019-05-08 21:35:19 -0700 n
> > 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a - rc0 2019-05-08 10:03:52 -0700 n
> > 86dc59e39031fb0d366d5b1f92db015b24bef70b - rc0 2019-05-08 09:46:44 -0700 y
> >
> > So 86dc59e39031fb0d366d5b1f92db015b24bef70b is the last working for
> > me, and 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a is the breaking one:
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.2-rc3&id=132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
>
> 132d68d37d33 ("Merge tag 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb")
> is a merge point, which is odd, you should be able to drop down into
> that and find the exact wrong commit.
>
> what does 'git bisect log' show?
>
> thanks,
>
> greg k-h



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Finally I can name the first bad commit:

git bisect good
ad74b8649beaf1a22cf8641324e3321fa0269d16 is the first bad commit
commit ad74b8649beaf1a22cf8641324e3321fa0269d16
Author: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Date:   Tue Apr 23 17:21:48 2019 +0300

   usb: typec: ucsi: Preliminary support for alternate modes

   With UCSI the alternate modes, just like everything else
   related to USB Type-C connectors, are handled in firmware.
   The operating system can see the status and is allowed to
   request certain things, for example entering and exiting the
   modes, but the support for alternate modes is very limited
   in UCSI. The feature is also optional, which means that even
   when the platform supports alternate modes, the operating
   system may not be even made aware of them.

   UCSI does not support direct VDM reading or writing.
   Instead, alternate modes can be entered and exited using a
   single custom command which takes also an optional SVID
   specific configuration value as parameter. That means every
   supported alternate mode has to be handled separately in
   UCSI driver.

   This commit does not include support for any specific
   alternate mode. The discovered alternate modes are now
   registered, but binding a driver to an alternate mode will
   not be possible until support for that alternate mode is
   added to the UCSI driver.

   Tested-by: Ajay Gupta <ajayg@nvidia.com>
   Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
   Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

:040000 040000 f19a610d131d6d3e6397934562dd6112e78b2415
76df0e463eeacf57157adba0291fc9577c7d5145 M      dr
ivers

git bisect log
git bisect start
# bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
'usb-5.2-rc1' of git://git.kernel.org/pub/scm/
linux/kernel/git/gregkh/usb
git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
# good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
Make 'sja1105et_regs' and 'sja1105pq
rs_regs' static
git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
# good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
git://git.kernel.org/pub/scm/linux/kernel/git/dav
em/net-next
git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
# good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
ccg: add get_fw_info function
git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
# bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of https://git.kernel.org
/pub/scm/linux/kernel/git/johan/usb-serial into usb-next
git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
# bad: [e823d948b7e53dc982c867ac4ce7877fc0418897] usb: musb: dsps: Use
dev_get_drvdata()
git bisect bad e823d948b7e53dc982c867ac4ce7877fc0418897
# bad: [6fee3787ea7aebf25fecdce325ee9b2150c5727b] dt-bindings:
usb-xhci: Add r8a774c0 support
git bisect bad 6fee3787ea7aebf25fecdce325ee9b2150c5727b
# bad: [cf28369c634fafb5f4e81750cba6988cdb4b4490] usb: typec: Add
driver for NVIDIA Alt Modes
git bisect bad cf28369c634fafb5f4e81750cba6988cdb4b4490
# bad: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb: typec: ucsi:
Preliminary support for alternate mode
s
git bisect bad ad74b8649beaf1a22cf8641324e3321fa0269d16
# good: [5c9ae5a87573d38cfc4c740aafda2fa6ce06e401] usb: typec: ucsi:
ccg: add firmware flashing support
git bisect good 5c9ae5a87573d38cfc4c740aafda2fa6ce06e401
# first bad commit: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb:
typec: ucsi: Preliminary support for a
lternate modes

Best regards,
Vladimir

чт, 6 июн. 2019 г. в 02:59, Greg KH <gregkh@linuxfoundation.org>:
>
> On Wed, Jun 05, 2019 at 04:36:23PM +1000, Vladimir Yerilov wrote:
> > Good day Mr. Kroah-Hartman,
> >
> > I've found the culprit commit. It took a while though but now I'm sure:
> >
> > commit - brief decription - time - works (y) or not (n)
> > 670784fb4ebe54434e263837390e358405031d9e - rc1 2019-05-20
> > e260ad01f0aa9e96b5386d5cd7184afd949dc457 - rc0 2019-05-14 19:52:51 -0700 n
> > 8ea5b2abd07e2280a332bd9c1a7f4dd15b9b6c13 - rc0 2019-05-09 19:35:41 -0700 n
> > 54516da1ea859dd4f56ebba2e483d2df9d7c8a32 - rc0 2019-05-05 21:58:36 -0700 y
> > 71ae5fc87c34ecbdca293c2a5c563d6be2576558 - rc0 2019-05-06 20:29:45 -0700 y
> > 80f232121b69cc69a31ccb2b38c1665d770b0710 - rc0 2019-05-07 22:03:58 -0700 y
> > a2d635decbfa9c1e4ae15cb05b68b2559f7f827c - rc0 2019-05-08 21:35:19 -0700 n
> > 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a - rc0 2019-05-08 10:03:52 -0700 n
> > 86dc59e39031fb0d366d5b1f92db015b24bef70b - rc0 2019-05-08 09:46:44 -0700 y
> >
> > So 86dc59e39031fb0d366d5b1f92db015b24bef70b is the last working for
> > me, and 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a is the breaking one:
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.2-rc3&id=132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
>
> 132d68d37d33 ("Merge tag 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb")
> is a merge point, which is odd, you should be able to drop down into
> that and find the exact wrong commit.
>
> what does 'git bisect log' show?
>
> thanks,
>
> greg k-h



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Hi everyone,

Here is another bunch of bisect logs generated during the search of
BUG: unable to handle kernel NULL pointer dereference at
0000000000000370.
Strangely, none of these commits except
132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a cause logon issues, but
nevertheless, I think them all worth being looked into. Both rounds
were made just to be sure which commit introduced a bug.

Round one:
git bisect start
# bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
'usb-5.2-rc1' of
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
# good: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of
https://git.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into
usb-next
git bisect good 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
# good: [01e5d1830cf54ac45768ef9ceb3e79cea2e1198c] Merge tag
'mmc-v5.2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc
git bisect good 01e5d1830cf54ac45768ef9ceb3e79cea2e1198c
# good: [6ffe0acc935f344eb0b35da07c034d5122222e77] Merge tag
'wireless-drivers-next-for-davem-2019-05-03' of
git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next
git bisect good 6ffe0acc935f344eb0b35da07c034d5122222e77
# good: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of
https://git.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into
usb-next
git bisect good 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
# good: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of
https://git.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into
usb-next
git bisect good 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
# good: [2310673c3c12e4b7f8a31c41f67f701d24b0de86] Merge tag
'char-misc-5.2-rc1-part1' of
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
git bisect good 2310673c3c12e4b7f8a31c41f67f701d24b0de86
# good: [67a242223958d628f0ba33283668e3ddd192d057] Merge tag
'for-5.2/block-20190507' of git://git.kernel.dk/linux-block
git bisect good 67a242223958d628f0ba33283668e3ddd192d057
# good: [82efe439599439a5e1e225ce5740e6cfb777a7dd] Merge tag
'devicetree-for-5.2' of
git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux
git bisect good 82efe439599439a5e1e225ce5740e6cfb777a7dd
# good: [54516da1ea859dd4f56ebba2e483d2df9d7c8a32] Merge branch
'r8169-replace-some-magic-with-more-speaking-functions'
git bisect good 54516da1ea859dd4f56ebba2e483d2df9d7c8a32
# good: [a9e41a529681b38087c91ebc0bb91e12f510ca2d] Merge
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
git bisect good a9e41a529681b38087c91ebc0bb91e12f510ca2d
# good: [408b56ca5c8eea1e46d2094818de8acc7215cf58] usb: gadget: udc:
lpc32xx: simplify probe
git bisect good 408b56ca5c8eea1e46d2094818de8acc7215cf58
# good: [5799aecd64f2bb6c8175a2e86fbcb9e60d052221] usb: dwc2: Fix
channel disable flow
git bisect good 5799aecd64f2bb6c8175a2e86fbcb9e60d052221
# good: [b873e2d0ea1efc91fb603b727733525f07419f2b] usb: dwc3: Do core
validation early on probe
git bisect good b873e2d0ea1efc91fb603b727733525f07419f2b
# good: [2e487d280525b91b03976203b15aba365ec5b4e6] usb: dwc3: Rename
DWC3_DCTL_LPM_ERRATA
git bisect good 2e487d280525b91b03976203b15aba365ec5b4e6
# bad: [3515468a87a47781f6af818773650513ff14656a] Merge tag
'usb-for-v5.2' of
git://git.kernel.org/pub/scm/linux/kernel/git/balbi/usb into usb-next
git bisect bad 3515468a87a47781f6af818773650513ff14656a
# bad: [12456e509be25d24fe479394852428517922d02a] Merge 5.1-rc7 into usb-next
git bisect bad 12456e509be25d24fe479394852428517922d02a
# first bad commit: [12456e509be25d24fe479394852428517922d02a] Merge
5.1-rc7 into usb-next

Round two:
git bisect start
# bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
'usb-5.2-rc1' of
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
# good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
Make 'sja1105et_regs' and 'sja1105pqrs_regs' static
git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
# good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
# good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
ccg: add get_fw_info function
git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
# good: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of
https://git.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into
usb-next
git bisect good 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
# good: [1e868545f2bb06f7dd4a1c97c5b9ed2615929cf0] usb: dwc2: gadget:
Move gadget phy init into core phy init
git bisect good 1e868545f2bb06f7dd4a1c97c5b9ed2615929cf0
# good: [c8006f67ae0371900e601112d9f9cd8fff1c8387] usb: dwc2: Set
actual frame number for completed ISOC transfer
git bisect good c8006f67ae0371900e601112d9f9cd8fff1c8387
# good: [c729969b2b692ce3ed362e60d38391e7671758ff] usb: dwc3: gadget:
Set lpm_capable
git bisect good c729969b2b692ce3ed362e60d38391e7671758ff
# good: [8d791929b2fbdf7734c1596d808e55cb457f4562] usb: dwc3: Fix
default lpm_nyet_threshold value
git bisect good 8d791929b2fbdf7734c1596d808e55cb457f4562
# good: [2e487d280525b91b03976203b15aba365ec5b4e6] usb: dwc3: Rename
DWC3_DCTL_LPM_ERRATA
git bisect good 2e487d280525b91b03976203b15aba365ec5b4e6
# bad: [3515468a87a47781f6af818773650513ff14656a] Merge tag
'usb-for-v5.2' of
git://git.kernel.org/pub/scm/linux/kernel/git/balbi/usb into usb-next
git bisect bad 3515468a87a47781f6af818773650513ff14656a
# bad: [12456e509be25d24fe479394852428517922d02a] Merge 5.1-rc7 into usb-next
git bisect bad 12456e509be25d24fe479394852428517922d02a
# first bad commit: [12456e509be25d24fe479394852428517922d02a] Merge
5.1-rc7 into usb-next

пт, 7 июн. 2019 г. в 02:58, Vladimir Yerilov <openmindead@gmail.com>:
>
> Finally I can name the first bad commit:
>
> git bisect good
> ad74b8649beaf1a22cf8641324e3321fa0269d16 is the first bad commit
> commit ad74b8649beaf1a22cf8641324e3321fa0269d16
> Author: Heikki Krogerus <heikki.krogerus@linux.intel.com>
> Date:   Tue Apr 23 17:21:48 2019 +0300
>
>    usb: typec: ucsi: Preliminary support for alternate modes
>
>    With UCSI the alternate modes, just like everything else
>    related to USB Type-C connectors, are handled in firmware.
>    The operating system can see the status and is allowed to
>    request certain things, for example entering and exiting the
>    modes, but the support for alternate modes is very limited
>    in UCSI. The feature is also optional, which means that even
>    when the platform supports alternate modes, the operating
>    system may not be even made aware of them.
>
>    UCSI does not support direct VDM reading or writing.
>    Instead, alternate modes can be entered and exited using a
>    single custom command which takes also an optional SVID
>    specific configuration value as parameter. That means every
>    supported alternate mode has to be handled separately in
>    UCSI driver.
>
>    This commit does not include support for any specific
>    alternate mode. The discovered alternate modes are now
>    registered, but binding a driver to an alternate mode will
>    not be possible until support for that alternate mode is
>    added to the UCSI driver.
>
>    Tested-by: Ajay Gupta <ajayg@nvidia.com>
>    Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
>    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>
> :040000 040000 f19a610d131d6d3e6397934562dd6112e78b2415
> 76df0e463eeacf57157adba0291fc9577c7d5145 M      dr
> ivers
>
> git bisect log
> git bisect start
> # bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
> 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/
> linux/kernel/git/gregkh/usb
> git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
> # good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
> Make 'sja1105et_regs' and 'sja1105pq
> rs_regs' static
> git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
> # good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
> git://git.kernel.org/pub/scm/linux/kernel/git/dav
> em/net-next
> git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
> # good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
> ccg: add get_fw_info function
> git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
> # bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
> 'usb-serial-5.2-rc1' of https://git.kernel.org
> /pub/scm/linux/kernel/git/johan/usb-serial into usb-next
> git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
> # bad: [e823d948b7e53dc982c867ac4ce7877fc0418897] usb: musb: dsps: Use
> dev_get_drvdata()
> git bisect bad e823d948b7e53dc982c867ac4ce7877fc0418897
> # bad: [6fee3787ea7aebf25fecdce325ee9b2150c5727b] dt-bindings:
> usb-xhci: Add r8a774c0 support
> git bisect bad 6fee3787ea7aebf25fecdce325ee9b2150c5727b
> # bad: [cf28369c634fafb5f4e81750cba6988cdb4b4490] usb: typec: Add
> driver for NVIDIA Alt Modes
> git bisect bad cf28369c634fafb5f4e81750cba6988cdb4b4490
> # bad: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb: typec: ucsi:
> Preliminary support for alternate mode
> s
> git bisect bad ad74b8649beaf1a22cf8641324e3321fa0269d16
> # good: [5c9ae5a87573d38cfc4c740aafda2fa6ce06e401] usb: typec: ucsi:
> ccg: add firmware flashing support
> git bisect good 5c9ae5a87573d38cfc4c740aafda2fa6ce06e401
> # first bad commit: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb:
> typec: ucsi: Preliminary support for a
> lternate modes
>
> Best regards,
> Vladimir
>
> чт, 6 июн. 2019 г. в 02:59, Greg KH <gregkh@linuxfoundation.org>:
> >
> > On Wed, Jun 05, 2019 at 04:36:23PM +1000, Vladimir Yerilov wrote:
> > > Good day Mr. Kroah-Hartman,
> > >
> > > I've found the culprit commit. It took a while though but now I'm sure:
> > >
> > > commit - brief decription - time - works (y) or not (n)
> > > 670784fb4ebe54434e263837390e358405031d9e - rc1 2019-05-20
> > > e260ad01f0aa9e96b5386d5cd7184afd949dc457 - rc0 2019-05-14 19:52:51 -0700 n
> > > 8ea5b2abd07e2280a332bd9c1a7f4dd15b9b6c13 - rc0 2019-05-09 19:35:41 -0700 n
> > > 54516da1ea859dd4f56ebba2e483d2df9d7c8a32 - rc0 2019-05-05 21:58:36 -0700 y
> > > 71ae5fc87c34ecbdca293c2a5c563d6be2576558 - rc0 2019-05-06 20:29:45 -0700 y
> > > 80f232121b69cc69a31ccb2b38c1665d770b0710 - rc0 2019-05-07 22:03:58 -0700 y
> > > a2d635decbfa9c1e4ae15cb05b68b2559f7f827c - rc0 2019-05-08 21:35:19 -0700 n
> > > 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a - rc0 2019-05-08 10:03:52 -0700 n
> > > 86dc59e39031fb0d366d5b1f92db015b24bef70b - rc0 2019-05-08 09:46:44 -0700 y
> > >
> > > So 86dc59e39031fb0d366d5b1f92db015b24bef70b is the last working for
> > > me, and 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a is the breaking one:
> > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.2-rc3&id=132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
> >
> > 132d68d37d33 ("Merge tag 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb")
> > is a merge point, which is odd, you should be able to drop down into
> > that and find the exact wrong commit.
> >
> > what does 'git bisect log' show?
> >
> > thanks,
> >
> > greg k-h
>
>
>
> --
> ----
> Best regards,
> Vladimir Yerilov



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Greg KH]

On Fri, Jun 07, 2019 at 02:58:51AM +1000, Vladimir Yerilov wrote:
> Finally I can name the first bad commit:
> 
> git bisect good
> ad74b8649beaf1a22cf8641324e3321fa0269d16 is the first bad commit
> commit ad74b8649beaf1a22cf8641324e3321fa0269d16
> Author: Heikki Krogerus <heikki.krogerus@linux.intel.com>
> Date:   Tue Apr 23 17:21:48 2019 +0300
> 
>    usb: typec: ucsi: Preliminary support for alternate modes
> 
>    With UCSI the alternate modes, just like everything else
>    related to USB Type-C connectors, are handled in firmware.
>    The operating system can see the status and is allowed to
>    request certain things, for example entering and exiting the
>    modes, but the support for alternate modes is very limited
>    in UCSI. The feature is also optional, which means that even
>    when the platform supports alternate modes, the operating
>    system may not be even made aware of them.
> 
>    UCSI does not support direct VDM reading or writing.
>    Instead, alternate modes can be entered and exited using a
>    single custom command which takes also an optional SVID
>    specific configuration value as parameter. That means every
>    supported alternate mode has to be handled separately in
>    UCSI driver.
> 
>    This commit does not include support for any specific
>    alternate mode. The discovered alternate modes are now
>    registered, but binding a driver to an alternate mode will
>    not be possible until support for that alternate mode is
>    added to the UCSI driver.
> 
>    Tested-by: Ajay Gupta <ajayg@nvidia.com>
>    Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
>    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> 
> :040000 040000 f19a610d131d6d3e6397934562dd6112e78b2415
> 76df0e463eeacf57157adba0291fc9577c7d5145 M      dr
> ivers
> 
> git bisect log
> git bisect start
> # bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
> 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/
> linux/kernel/git/gregkh/usb
> git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
> # good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
> Make 'sja1105et_regs' and 'sja1105pq
> rs_regs' static
> git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
> # good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
> git://git.kernel.org/pub/scm/linux/kernel/git/dav
> em/net-next
> git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
> # good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
> ccg: add get_fw_info function
> git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
> # bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
> 'usb-serial-5.2-rc1' of https://git.kernel.org
> /pub/scm/linux/kernel/git/johan/usb-serial into usb-next
> git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
> # bad: [e823d948b7e53dc982c867ac4ce7877fc0418897] usb: musb: dsps: Use
> dev_get_drvdata()
> git bisect bad e823d948b7e53dc982c867ac4ce7877fc0418897
> # bad: [6fee3787ea7aebf25fecdce325ee9b2150c5727b] dt-bindings:
> usb-xhci: Add r8a774c0 support
> git bisect bad 6fee3787ea7aebf25fecdce325ee9b2150c5727b
> # bad: [cf28369c634fafb5f4e81750cba6988cdb4b4490] usb: typec: Add
> driver for NVIDIA Alt Modes
> git bisect bad cf28369c634fafb5f4e81750cba6988cdb4b4490
> # bad: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb: typec: ucsi:
> Preliminary support for alternate mode
> s
> git bisect bad ad74b8649beaf1a22cf8641324e3321fa0269d16
> # good: [5c9ae5a87573d38cfc4c740aafda2fa6ce06e401] usb: typec: ucsi:
> ccg: add firmware flashing support
> git bisect good 5c9ae5a87573d38cfc4c740aafda2fa6ce06e401
> # first bad commit: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb:
> typec: ucsi: Preliminary support for a
> lternate modes
> 
> Best regards,
> Vladimir


Heikki, any thoughts?

Vladimir, can you post the oops message again?  I don't see it here in
the email thread anymore.

thanks,

greg k-h

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

I guess you meant the previous one, Greg (oops msg was just my excuse,
nothing more), so here it is:

>>
Finally I can name the first bad commit:

git bisect good
ad74b8649beaf1a22cf8641324e3321fa0269d16 is the first bad commit
commit ad74b8649beaf1a22cf8641324e3321fa0269d16
Author: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Date:   Tue Apr 23 17:21:48 2019 +0300

   usb: typec: ucsi: Preliminary support for alternate modes

   With UCSI the alternate modes, just like everything else
   related to USB Type-C connectors, are handled in firmware.
   The operating system can see the status and is allowed to
   request certain things, for example entering and exiting the
   modes, but the support for alternate modes is very limited
   in UCSI. The feature is also optional, which means that even
   when the platform supports alternate modes, the operating
   system may not be even made aware of them.

   UCSI does not support direct VDM reading or writing.
   Instead, alternate modes can be entered and exited using a
   single custom command which takes also an optional SVID
   specific configuration value as parameter. That means every
   supported alternate mode has to be handled separately in
   UCSI driver.

   This commit does not include support for any specific
   alternate mode. The discovered alternate modes are now
   registered, but binding a driver to an alternate mode will
   not be possible until support for that alternate mode is
   added to the UCSI driver.

   Tested-by: Ajay Gupta <ajayg@nvidia.com>
   Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
   Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

:040000 040000 f19a610d131d6d3e6397934562dd6112e78b2415
76df0e463eeacf57157adba0291fc9577c7d5145 M      dr
ivers

git bisect log
git bisect start
# bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
'usb-5.2-rc1' of git://git.kernel.org/pub/scm/
linux/kernel/git/gregkh/usb
git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
# good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
Make 'sja1105et_regs' and 'sja1105pq
rs_regs' static
git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
# good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
git://git.kernel.org/pub/scm/linux/kernel/git/dav
em/net-next
git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
# good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
ccg: add get_fw_info function
git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
# bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
'usb-serial-5.2-rc1' of https://git.kernel.org
/pub/scm/linux/kernel/git/johan/usb-serial into usb-next
git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
# bad: [e823d948b7e53dc982c867ac4ce7877fc0418897] usb: musb: dsps: Use
dev_get_drvdata()
git bisect bad e823d948b7e53dc982c867ac4ce7877fc0418897
# bad: [6fee3787ea7aebf25fecdce325ee9b2150c5727b] dt-bindings:
usb-xhci: Add r8a774c0 support
git bisect bad 6fee3787ea7aebf25fecdce325ee9b2150c5727b
# bad: [cf28369c634fafb5f4e81750cba6988cdb4b4490] usb: typec: Add
driver for NVIDIA Alt Modes
git bisect bad cf28369c634fafb5f4e81750cba6988cdb4b4490
# bad: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb: typec: ucsi:
Preliminary support for alternate mode
s
git bisect bad ad74b8649beaf1a22cf8641324e3321fa0269d16
# good: [5c9ae5a87573d38cfc4c740aafda2fa6ce06e401] usb: typec: ucsi:
ccg: add firmware flashing support
git bisect good 5c9ae5a87573d38cfc4c740aafda2fa6ce06e401
# first bad commit: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb:
typec: ucsi: Preliminary support for a
lternate modes

Best regards,
Vladimir
<<

The above bisect log was my initial try to find a commit which
introduced an issue. I came to
ad74b8649beaf1a22cf8641324e3321fa0269d16 eventually.
The latter bisect tries ended up at
12456e509be25d24fe479394852428517922d02a, which is merge, as I
understand, so the actual culprit is
ad74b8649beaf1a22cf8641324e3321fa0269d16 anyways.
PS: rc4 is still a no-go for me (just to re-iterate how severe the
problem is): not only error logs I see but I cannot log in as well,
system hangs up completely (haven't tried REISUB though).

вт, 11 июн. 2019 г. в 00:32, Greg KH <gregkh@linuxfoundation.org>:
>
> On Fri, Jun 07, 2019 at 02:58:51AM +1000, Vladimir Yerilov wrote:
> > Finally I can name the first bad commit:
> >
> > git bisect good
> > ad74b8649beaf1a22cf8641324e3321fa0269d16 is the first bad commit
> > commit ad74b8649beaf1a22cf8641324e3321fa0269d16
> > Author: Heikki Krogerus <heikki.krogerus@linux.intel.com>
> > Date:   Tue Apr 23 17:21:48 2019 +0300
> >
> >    usb: typec: ucsi: Preliminary support for alternate modes
> >
> >    With UCSI the alternate modes, just like everything else
> >    related to USB Type-C connectors, are handled in firmware.
> >    The operating system can see the status and is allowed to
> >    request certain things, for example entering and exiting the
> >    modes, but the support for alternate modes is very limited
> >    in UCSI. The feature is also optional, which means that even
> >    when the platform supports alternate modes, the operating
> >    system may not be even made aware of them.
> >
> >    UCSI does not support direct VDM reading or writing.
> >    Instead, alternate modes can be entered and exited using a
> >    single custom command which takes also an optional SVID
> >    specific configuration value as parameter. That means every
> >    supported alternate mode has to be handled separately in
> >    UCSI driver.
> >
> >    This commit does not include support for any specific
> >    alternate mode. The discovered alternate modes are now
> >    registered, but binding a driver to an alternate mode will
> >    not be possible until support for that alternate mode is
> >    added to the UCSI driver.
> >
> >    Tested-by: Ajay Gupta <ajayg@nvidia.com>
> >    Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
> >    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> >
> > :040000 040000 f19a610d131d6d3e6397934562dd6112e78b2415
> > 76df0e463eeacf57157adba0291fc9577c7d5145 M      dr
> > ivers
> >
> > git bisect log
> > git bisect start
> > # bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
> > 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/
> > linux/kernel/git/gregkh/usb
> > git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
> > # good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
> > Make 'sja1105et_regs' and 'sja1105pq
> > rs_regs' static
> > git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
> > # good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
> > git://git.kernel.org/pub/scm/linux/kernel/git/dav
> > em/net-next
> > git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
> > # good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
> > ccg: add get_fw_info function
> > git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
> > # bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
> > 'usb-serial-5.2-rc1' of https://git.kernel.org
> > /pub/scm/linux/kernel/git/johan/usb-serial into usb-next
> > git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
> > # bad: [e823d948b7e53dc982c867ac4ce7877fc0418897] usb: musb: dsps: Use
> > dev_get_drvdata()
> > git bisect bad e823d948b7e53dc982c867ac4ce7877fc0418897
> > # bad: [6fee3787ea7aebf25fecdce325ee9b2150c5727b] dt-bindings:
> > usb-xhci: Add r8a774c0 support
> > git bisect bad 6fee3787ea7aebf25fecdce325ee9b2150c5727b
> > # bad: [cf28369c634fafb5f4e81750cba6988cdb4b4490] usb: typec: Add
> > driver for NVIDIA Alt Modes
> > git bisect bad cf28369c634fafb5f4e81750cba6988cdb4b4490
> > # bad: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb: typec: ucsi:
> > Preliminary support for alternate mode
> > s
> > git bisect bad ad74b8649beaf1a22cf8641324e3321fa0269d16
> > # good: [5c9ae5a87573d38cfc4c740aafda2fa6ce06e401] usb: typec: ucsi:
> > ccg: add firmware flashing support
> > git bisect good 5c9ae5a87573d38cfc4c740aafda2fa6ce06e401
> > # first bad commit: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb:
> > typec: ucsi: Preliminary support for a
> > lternate modes
> >
> > Best regards,
> > Vladimir
>
>
> Heikki, any thoughts?
>
> Vladimir, can you post the oops message again?  I don't see it here in
> the email thread anymore.
>
> thanks,
>
> greg k-h



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Heikki Krogerus]

On Mon, Jun 10, 2019 at 04:32:47PM +0200, Greg KH wrote:
> On Fri, Jun 07, 2019 at 02:58:51AM +1000, Vladimir Yerilov wrote:
> > Finally I can name the first bad commit:
> > 
> > git bisect good
> > ad74b8649beaf1a22cf8641324e3321fa0269d16 is the first bad commit
> > commit ad74b8649beaf1a22cf8641324e3321fa0269d16
> > Author: Heikki Krogerus <heikki.krogerus@linux.intel.com>
> > Date:   Tue Apr 23 17:21:48 2019 +0300
> > 
> >    usb: typec: ucsi: Preliminary support for alternate modes
> > 
> >    With UCSI the alternate modes, just like everything else
> >    related to USB Type-C connectors, are handled in firmware.
> >    The operating system can see the status and is allowed to
> >    request certain things, for example entering and exiting the
> >    modes, but the support for alternate modes is very limited
> >    in UCSI. The feature is also optional, which means that even
> >    when the platform supports alternate modes, the operating
> >    system may not be even made aware of them.
> > 
> >    UCSI does not support direct VDM reading or writing.
> >    Instead, alternate modes can be entered and exited using a
> >    single custom command which takes also an optional SVID
> >    specific configuration value as parameter. That means every
> >    supported alternate mode has to be handled separately in
> >    UCSI driver.
> > 
> >    This commit does not include support for any specific
> >    alternate mode. The discovered alternate modes are now
> >    registered, but binding a driver to an alternate mode will
> >    not be possible until support for that alternate mode is
> >    added to the UCSI driver.
> > 
> >    Tested-by: Ajay Gupta <ajayg@nvidia.com>
> >    Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
> >    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> > 
> > :040000 040000 f19a610d131d6d3e6397934562dd6112e78b2415
> > 76df0e463eeacf57157adba0291fc9577c7d5145 M      dr
> > ivers
> > 
> > git bisect log
> > git bisect start
> > # bad: [132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a] Merge tag
> > 'usb-5.2-rc1' of git://git.kernel.org/pub/scm/
> > linux/kernel/git/gregkh/usb
> > git bisect bad 132d68d37d33f1d0b9c1f507c8b4d64c27ecec8a
> > # good: [86dc59e39031fb0d366d5b1f92db015b24bef70b] net: dsa: sja1105:
> > Make 'sja1105et_regs' and 'sja1105pq
> > rs_regs' static
> > git bisect good 86dc59e39031fb0d366d5b1f92db015b24bef70b
> > # good: [80f232121b69cc69a31ccb2b38c1665d770b0710] Merge
> > git://git.kernel.org/pub/scm/linux/kernel/git/dav
> > em/net-next
> > git bisect good 80f232121b69cc69a31ccb2b38c1665d770b0710
> > # good: [5d438e200215f61ca6a7aa69f3c4e035ac54d8ee] usb: typec: ucsi:
> > ccg: add get_fw_info function
> > git bisect good 5d438e200215f61ca6a7aa69f3c4e035ac54d8ee
> > # bad: [6f6a407a591ebe3e4c6bd2329b29862b3980a3ca] Merge tag
> > 'usb-serial-5.2-rc1' of https://git.kernel.org
> > /pub/scm/linux/kernel/git/johan/usb-serial into usb-next
> > git bisect bad 6f6a407a591ebe3e4c6bd2329b29862b3980a3ca
> > # bad: [e823d948b7e53dc982c867ac4ce7877fc0418897] usb: musb: dsps: Use
> > dev_get_drvdata()
> > git bisect bad e823d948b7e53dc982c867ac4ce7877fc0418897
> > # bad: [6fee3787ea7aebf25fecdce325ee9b2150c5727b] dt-bindings:
> > usb-xhci: Add r8a774c0 support
> > git bisect bad 6fee3787ea7aebf25fecdce325ee9b2150c5727b
> > # bad: [cf28369c634fafb5f4e81750cba6988cdb4b4490] usb: typec: Add
> > driver for NVIDIA Alt Modes
> > git bisect bad cf28369c634fafb5f4e81750cba6988cdb4b4490
> > # bad: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb: typec: ucsi:
> > Preliminary support for alternate mode
> > s
> > git bisect bad ad74b8649beaf1a22cf8641324e3321fa0269d16
> > # good: [5c9ae5a87573d38cfc4c740aafda2fa6ce06e401] usb: typec: ucsi:
> > ccg: add firmware flashing support
> > git bisect good 5c9ae5a87573d38cfc4c740aafda2fa6ce06e401
> > # first bad commit: [ad74b8649beaf1a22cf8641324e3321fa0269d16] usb:
> > typec: ucsi: Preliminary support for a
> > lternate modes
> > 
> > Best regards,
> > Vladimir
> 
> 
> Heikki, any thoughts?

I'll take a look.

> Vladimir, can you post the oops message again?  I don't see it here in
> the email thread anymore.
> 
> thanks,
> 
> greg k-h

thanks,

-- 
heikki

Re: kernel NULL pointer dereference, ucsi bug

[Heikki Krogerus]

Hi Vladimir,

On Sun, Jun 02, 2019 at 09:24:43PM +1000, Vladimir Yerilov wrote:
> Good day,
> 
> There's a problem with ucsi starting from 5.2-rc1 (maybe earlier
> versions of 5.2 are affected too).
> Recently I've tried these versions of rc3 (commits), all have this issue:
> 3ab4436f688c2d2f221793953cd05435ca84261c (05/31)
> 3ea3091f1bd8586125848c62be295910e9802af0
> cd6c84d8f0cdc911df435bb075ba22ce3c605b07 (rc2)
> 
> These are lines from journal logs (more in the attachment):
> Jun 01 16:17:27 kernel: BUG: kernel NULL pointer dereference, address:
> 0000000000000368
> Jun 01 16:17:27 kernel: #PF: supervisor read access in kernel mode
> Jun 01 16:17:27 kernel: #PF: error_code(0x0000) - not-present page
> Jun 01 16:17:27 kernel: Oops: 0000 [#1] PREEMPT SMP PTI
> Jun 01 16:17:27 kernel: CPU: 7 PID: 252 Comm: kworker/7:2 Tainted: G
>   U     OE     5.2.0-1-MANJARO #1
> Jun 01 16:17:27 kernel: Hardware name: Timi TM1701/TM1701, BIOS
> XMAKB5R0P0906 10/23/2018
> Jun 01 16:17:27 kernel: Workqueue: events_long ucsi_init [typec_ucsi]
> Jun 01 16:17:27 kernel: RIP: 0010:typec_altmode_get_partner+0x5/0x20 [typec]
> Jun 01 16:17:27 kernel: Code: 85 c0 74 08 e9 3c 8a 78 e2 31 c0 c3 b8
> a1 ff ff ff c3 b8 ed ff ff ff c3 66 66 2e 0f 1f 84 00 00 00 00 00 66
> 90 0f 1f 44 00 00 <48> 8b 87 68 03 00 00 48 83 c0 08 c3 66 66 2e 0f 1f
> 84 00 00 00 00
> Jun 01 16:17:27 kernel: RSP: 0018:ffffa67542123e00 EFLAGS: 00010293
> Jun 01 16:17:27 kernel: RAX: 0000000000000000 RBX: ffff8e9485a56800
> RCX: 0000000000000000
> Jun 01 16:17:27 kernel: RDX: 0000000000000000 RSI: 0000000000000246
> RDI: 0000000000000000
> Jun 01 16:17:27 kernel: RBP: 0000000000000000 R08: ffff8e949ebdbdc0
> R09: 0000000000000000
> Jun 01 16:17:27 kernel: R10: 0000000000000000 R11: 0000000000000000
> R12: 0000000000000000
> Jun 01 16:17:27 kernel: R13: ffff8e9499237540 R14: ffff8e9485a56ac0
> R15: ffff8e9485a56800
> Jun 01 16:17:27 kernel: FS:  0000000000000000(0000)
> GS:ffff8e949ebc0000(0000) knlGS:0000000000000000
> Jun 01 16:17:27 kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> Jun 01 16:17:27 kernel: CR2: 0000000000000368 CR3: 00000001c8a0a003
> CR4: 00000000003606e0
> Jun 01 16:17:27 kernel: Call Trace:
> Jun 01 16:17:27 kernel:  ucsi_altmode_update_active+0x85/0x100 [typec_ucsi]
> Jun 01 16:17:27 kernel:  ucsi_init+0x398/0x590 [typec_ucsi]
> Jun 01 16:17:27 kernel:  process_one_work+0x1eb/0x410
> Jun 01 16:17:27 kernel:  worker_thread+0x2d/0x3d0
> Jun 01 16:17:27 kernel:  ? process_one_work+0x410/0x410
> Jun 01 16:17:27 kernel:  kthread+0x112/0x130
> Jun 01 16:17:27 kernel:  ? kthread_park+0x80/0x80
> Jun 01 16:17:27 kernel:  ret_from_fork+0x35/0x40

The firmware is reporting that an alt mode which does not exist is
active? What do you have connected to the USB Type-C connectors on the
machine when that happens?

Can you use the machine normally when nothing is connected to the USB
Type-C connectors, and does the issue happen always when you plug in
some specific device?

Is it possible to send complete dmesg output after that happened?

thanks,

-- 
heikki

Re: kernel NULL pointer dereference, ucsi bug

[Heikki Krogerus]

[-- Attachment #1: Type: text/plain, Size: 1501 bytes --]

On Tue, Jun 11, 2019 at 10:19:27PM +1000, Vladimir Yerilov wrote:
> Hi Heikki,
> 
> > What do you have connected to the USB Type-C connectors on the
> machine when that happens?
> 
> Now, on 5.2-rc4, it happens only during boot and when power cord is
> connected to laptop's type-c charging port. Another port, which does
> not support charging, does not cause this problem, I mean I can have
> something connected to it or not, no issue is observed if charger is
> disconnected. I even tried to connect my hub to the guilty charging
> port, everything works fine until hub is powered from the charger, in
> that case the bug happens again. This differs from my previous tests
> when whatever I had connected to the charging port, caused failures,
> even type C to A OTG cable. To summarize: now it happens when power
> cord from the charger is connected during the boot, but if I connect
> it after boot (e.g. after logging in to my X session), no crash
> occurs.
> 
> > Can you use the machine normally when nothing is connected to the USB Type-C connectors
> 
> Yeah, everything is great when nothing is connected to the faulty
> charging port during the boot, and charger may be connected later, but
> it's kinda... wrong.
> 
> > Is it possible to send complete dmesg output after that happened?
> 
> You can find everything attached (done with journalctl -k -xb)

Thanks. I don't see anything the driver is doing wrong. I'm attaching
a patch. Can you test if it fixes the issue?

Br,

-- 
heikki

[-- Attachment #2: 0001-usb-typec-Make-sure-an-alt-mode-exist-before-getting.patch --]
[-- Type: text/plain, Size: 993 bytes --]

From d6979950ee911194dab9ae7513fe36dc3730f7a9 Mon Sep 17 00:00:00 2001
From: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Date: Tue, 11 Jun 2019 11:10:25 +0300
Subject: [PATCH] usb: typec: Make sure an alt mode exist before getting its
 partner

Interim. For testing only!

Adding check to typec_altmode_get_partner() to prevent
potential NULL pointer dereference.

Signed-off-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
---
 drivers/usb/typec/bus.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/usb/typec/bus.c b/drivers/usb/typec/bus.c
index 76299b6ff06d..74cb3c2ecb34 100644
--- a/drivers/usb/typec/bus.c
+++ b/drivers/usb/typec/bus.c
@@ -192,7 +192,7 @@ EXPORT_SYMBOL_GPL(typec_altmode_vdm);
 const struct typec_altmode *
 typec_altmode_get_partner(struct typec_altmode *adev)
 {
-	return &to_altmode(adev)->partner->adev;
+	return adev ? &to_altmode(adev)->partner->adev : NULL;
 }
 EXPORT_SYMBOL_GPL(typec_altmode_get_partner);
 
-- 
2.20.1

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Yes, it works.
I've built 5.2-rc4 with this patch and it works fine now, the problem is gone.
It is great that I didn't have to downgrade BIOS as a last resort in
my attempts to workaround this issue.

Thank you!

Cc to Greg in order to let him know that it is resolved now.

ср, 12 июн. 2019 г. в 19:55, Heikki Krogerus <heikki.krogerus@linux.intel.com>:
>
> On Tue, Jun 11, 2019 at 10:19:27PM +1000, Vladimir Yerilov wrote:
> > Hi Heikki,
> >
> > > What do you have connected to the USB Type-C connectors on the
> > machine when that happens?
> >
> > Now, on 5.2-rc4, it happens only during boot and when power cord is
> > connected to laptop's type-c charging port. Another port, which does
> > not support charging, does not cause this problem, I mean I can have
> > something connected to it or not, no issue is observed if charger is
> > disconnected. I even tried to connect my hub to the guilty charging
> > port, everything works fine until hub is powered from the charger, in
> > that case the bug happens again. This differs from my previous tests
> > when whatever I had connected to the charging port, caused failures,
> > even type C to A OTG cable. To summarize: now it happens when power
> > cord from the charger is connected during the boot, but if I connect
> > it after boot (e.g. after logging in to my X session), no crash
> > occurs.
> >
> > > Can you use the machine normally when nothing is connected to the USB Type-C connectors
> >
> > Yeah, everything is great when nothing is connected to the faulty
> > charging port during the boot, and charger may be connected later, but
> > it's kinda... wrong.
> >
> > > Is it possible to send complete dmesg output after that happened?
> >
> > You can find everything attached (done with journalctl -k -xb)
>
> Thanks. I don't see anything the driver is doing wrong. I'm attaching
> a patch. Can you test if it fixes the issue?
>
> Br,
>
> --
> heikki



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Greg KH]

On Wed, Jun 12, 2019 at 10:23:56PM +1000, Vladimir Yerilov wrote:
> Yes, it works.
> I've built 5.2-rc4 with this patch and it works fine now, the problem is gone.
> It is great that I didn't have to downgrade BIOS as a last resort in
> my attempts to workaround this issue.
> 
> Thank you!
> 
> Cc to Greg in order to let him know that it is resolved now.

It is not "resolved" until the fix is merged into Linus's tree :)

thanks,

greg k-h

Re: kernel NULL pointer dereference, ucsi bug

[Vladimir Yerilov]

Oh, you are right. I meant... You know what I meant :)
I hope the fix will get there eventually in one way or another. Should
you need any further tests from my side, just ask and I will make my
faulty machine work on it.

Thank you guys again for your kind assistance.


ср, 12 июн. 2019 г. в 22:32, Greg KH <gregkh@linuxfoundation.org>:
>
> On Wed, Jun 12, 2019 at 10:23:56PM +1000, Vladimir Yerilov wrote:
> > Yes, it works.
> > I've built 5.2-rc4 with this patch and it works fine now, the problem is gone.
> > It is great that I didn't have to downgrade BIOS as a last resort in
> > my attempts to workaround this issue.
> >
> > Thank you!
> >
> > Cc to Greg in order to let him know that it is resolved now.
>
> It is not "resolved" until the fix is merged into Linus's tree :)
>
> thanks,
>
> greg k-h



-- 
----
Best regards,
Vladimir Yerilov

Re: kernel NULL pointer dereference, ucsi bug

[Heikki Krogerus]

On Wed, Jun 12, 2019 at 10:57:35PM +1000, Vladimir Yerilov wrote:
> Oh, you are right. I meant... You know what I meant :)
> I hope the fix will get there eventually in one way or another. Should
> you need any further tests from my side, just ask and I will make my
> faulty machine work on it.
> 
> Thank you guys again for your kind assistance.

The patch I gave you does not fix the root cause, but instead just
works around it. The change it brings is however useful, so I'm going
to send the patch to the linux-usb ml as a fix for this issue.

I think the root problem in this case is that the firmware is
reporting the alternate modes in a customized way. The problem is
actually not with the firmware itself. The problem is with UCSI
specification. The UCSI spec does not explain how exactly the
alternate modes should be handled, so every platform does it a bit
differently (a major operating system does not seem to care about the
alternate modes).

The ucsi driver we have in kernel already considers a number of
different ways the alternate modes could be handled, but clearly not
the way Kaby Lakes handle them. I'm going to continue debugging this
with a Kaby Lake board, and once/if I figure out how to manage the
alternate modes on it, I'll send the final fix. But for now, let's
workaround the problem.


thanks,

-- 
heikki