Request to improve linux5x i2c_nct6775 kernel module patch

The patch commited by @philm and packaged/maintained by @schinfo for linux57 appears to be outdated and incomplete. This patch causes a NULL pointer dereference with OpenRGB and any 5.7.x or 5.8.x kernel on my hardware (ROG MAXIMUS XI HERO (WI-FI), BIOS 1502 02/21/2020):

BUG: kernel NULL pointer dereference
Aug 19 21:32:49 hostname kernel: BUG: kernel NULL pointer dereference, address: 0000000000000000
Aug 19 21:32:49 hostname kernel: #PF: supervisor read access in kernel mode
Aug 19 21:32:49 hostname kernel: #PF: error_code(0x0000) - not-present page
Aug 19 21:32:49 hostname kernel: PGD 0 P4D 0 
Aug 19 21:32:49 hostname kernel: Oops: 0000 [#1] PREEMPT SMP NOPTI
Aug 19 21:32:49 hostname kernel: CPU: 0 PID: 18113 Comm: OpenRGB Tainted: P           OE     5.7.16-1-MANJARO #1
Aug 19 21:32:49 hostname kernel: Hardware name: System manufacturer System Product Name/ROG MAXIMUS XI HERO (WI-FI), BIOS 1502 02/21/2020
Aug 19 21:32:49 hostname kernel: RIP: 0010:nct6775_access+0x1e0/0x490 [i2c_nct6775]
Aug 19 21:32:49 hostname kernel: Code: 4e dd 21 f1 e8 81 2a 9f f0 41 8d 55 03 44 89 e0 ee 48 8b 05 3a dd 21 f1 45 8d 65 02 e8 69 2a 9f f0 45 84 f6 0f 85 7a 02 00 00 <41> 0f b6 07 44 89 ea ee 48 8b 05 19 dd 21 f1 e8 4c 2a 9f f0 b8 08
Aug 19 21:32:49 hostname kernel: RSP: 0018:ffffa8d4c827fd50 EFLAGS: 00010246
Aug 19 21:32:49 hostname kernel: RAX: 0000000000000000 RBX: 0000000000000b04 RCX: 0000000000000000
Aug 19 21:32:49 hostname kernel: RDX: 0000000000000b03 RSI: 0000000000000047 RDI: ffff925e6226ec00
Aug 19 21:32:49 hostname kernel: RBP: 0000000000000000 R08: 00000000000000ab R09: 0000000000000001
Aug 19 21:32:49 hostname kernel: R10: 00000000000000ab R11: 0000000000000000 R12: 0000000000000b02
Aug 19 21:32:49 hostname kernel: R13: 0000000000000b00 R14: 0000000000000000 R15: 0000000000000000
Aug 19 21:32:49 hostname kernel: FS:  00007fa4337fe700(0000) GS:ffff925e6da00000(0000) knlGS:0000000000000000
Aug 19 21:32:49 hostname kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Aug 19 21:32:49 hostname kernel: CR2: 0000000000000000 CR3: 0000000dbde68001 CR4: 00000000003606f0
Aug 19 21:32:49 hostname kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Aug 19 21:32:49 hostname kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Aug 19 21:32:49 hostname kernel: Call Trace:
Aug 19 21:32:49 hostname kernel:  __i2c_smbus_xfer+0xe7/0x450
Aug 19 21:32:49 hostname kernel:  ? nct6775_func+0x10/0x10 [i2c_nct6775]
Aug 19 21:32:49 hostname kernel:  i2c_smbus_xfer+0x5b/0xf0
Aug 19 21:32:49 hostname kernel:  i2cdev_ioctl_smbus+0xa3/0x2d0 [i2c_dev]
Aug 19 21:32:49 hostname kernel:  ? _raw_spin_unlock_irqrestore+0x20/0x40
Aug 19 21:32:49 hostname kernel:  ? klist_next+0x136/0x140
Aug 19 21:32:49 hostname kernel:  i2cdev_ioctl+0x21c/0x310 [i2c_dev]
Aug 19 21:32:49 hostname kernel:  ksys_ioctl+0x82/0xc0
Aug 19 21:32:49 hostname kernel:  __x64_sys_ioctl+0x16/0x20
Aug 19 21:32:49 hostname kernel:  do_syscall_64+0x49/0x90
Aug 19 21:32:49 hostname kernel:  entry_SYSCALL_64_after_hwframe+0x44/0xa9
Aug 19 21:32:49 hostname kernel: RIP: 0033:0x7fa43df738eb
Aug 19 21:32:49 hostname kernel: Code: 0f 1e fa 48 8b 05 a5 95 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 75 95 0c 00 f7 d8 64 89 01 48
Aug 19 21:32:49 hostname kernel: RSP: 002b:00007fa4337fdd58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
Aug 19 21:32:49 hostname kernel: RAX: ffffffffffffffda RBX: 00007fa43400b2d0 RCX: 00007fa43df738eb
Aug 19 21:32:49 hostname kernel: RDX: 00007fa4337fdd60 RSI: 0000000000000720 RDI: 000000000000000a
Aug 19 21:32:49 hostname kernel: RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
Aug 19 21:32:49 hostname kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
Aug 19 21:32:49 hostname kernel: R13: 00000000000000ab R14: 0000000000000000 R15: 00007fa43400b530
Aug 19 21:32:49 hostname kernel: Modules linked in: snd_seq_dummy snd_hrtimer snd_seq rfcomm xt_multiport iptable_filter ip6table_filter ip6_tables ppdev parport_pc parport vmw_vsock_vmci_transport vsock vmw_vmci vmmon(OE) nf_log_ipv6 nf_log_ipv4 nf_log_common nft_log nft_limit nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c cmac nf_tables algif_hash algif_skcipher af_alg nct6775 bnep nfnetlink vmnet(OE) hwmon_vid snd_usb_audio snd_usbmidi_lib snd_rawmidi snd_seq_device mc btusb btrtl btbcm btintel bluetooth ecdh_generic ecc joydev mousedev input_leds nls_iso8859_1 nls_cp437 vfat fat fuse raid1 intel_rapl_msr mei_hdcp ucsi_ccg typec_ucsi iTCO_wdt iTCO_vendor_support typec eeepc_wmi asus_wmi battery sparse_keymap intel_rapl_common wmi_bmof mxm_wmi iwlmvm snd_sof_pci snd_sof_intel_byt snd_sof_intel_ipc snd_sof_intel_hda_common snd_soc_hdac_hda snd_sof_xtensa_dsp snd_sof_intel_hda snd_sof mac80211 snd_soc_skl snd_soc_sst_ipc snd_soc_sst_dsp libarc4 snd_hda_ext_core x86_pkg_temp_thermal
Aug 19 21:32:49 hostname kernel:  intel_powerclamp snd_soc_acpi_intel_match snd_soc_acpi coretemp snd_soc_core kvm_intel snd_hda_codec_realtek snd_compress iwlwifi snd_hda_codec_generic ac97_bus snd_hda_codec_hdmi ledtrig_audio snd_pcm_dmaengine kvm snd_hda_intel cfg80211 snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep igb snd_pcm ofpart cmdlinepart irqbypass intel_spi_pci intel_spi snd_timer rapl spi_nor intel_cstate mei_me i2c_algo_bit intel_uncore md_mod e1000e pcspkr mtd tpm_crb i2c_i801 snd dca mei rfkill soundcore i2c_nvidia_gpu ie31200_edac wmi tpm_tis tpm_tis_core tpm evdev rng_core mac_hid acpi_tad vboxnetflt(OE) vboxnetadp(OE) vboxdrv(OE) uinput i2c_nct6775 i2c_dev nvidia_drm(POE) nvidia_modeset(POE) drm_kms_helper cec rc_core drm agpgart syscopyarea sysfillrect sysimgblt fb_sys_fops nvidia(POE) sg crypto_user ip_tables x_tables ext4 crc32c_generic crc16 mbcache jbd2 hid_steam hid_generic usbhid hid dm_crypt dm_mod crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel aesni_intel
Aug 19 21:32:49 hostname kernel:  crypto_simd cryptd glue_helper xhci_pci xhci_hcd
Aug 19 21:32:49 hostname kernel: CR2: 0000000000000000
Aug 19 21:32:49 hostname kernel: ---[ end trace 37c4493883c48e5a ]---
Aug 19 21:32:49 hostname kernel: RIP: 0010:nct6775_access+0x1e0/0x490 [i2c_nct6775]
Aug 19 21:32:49 hostname kernel: Code: 4e dd 21 f1 e8 81 2a 9f f0 41 8d 55 03 44 89 e0 ee 48 8b 05 3a dd 21 f1 45 8d 65 02 e8 69 2a 9f f0 45 84 f6 0f 85 7a 02 00 00 <41> 0f b6 07 44 89 ea ee 48 8b 05 19 dd 21 f1 e8 4c 2a 9f f0 b8 08
Aug 19 21:32:49 hostname kernel: RSP: 0018:ffffa8d4c827fd50 EFLAGS: 00010246
Aug 19 21:32:49 hostname kernel: RAX: 0000000000000000 RBX: 0000000000000b04 RCX: 0000000000000000
Aug 19 21:32:49 hostname kernel: RDX: 0000000000000b03 RSI: 0000000000000047 RDI: ffff925e6226ec00
Aug 19 21:32:49 hostname kernel: RBP: 0000000000000000 R08: 00000000000000ab R09: 0000000000000001
Aug 19 21:32:49 hostname kernel: R10: 00000000000000ab R11: 0000000000000000 R12: 0000000000000b02
Aug 19 21:32:49 hostname kernel: R13: 0000000000000b00 R14: 0000000000000000 R15: 0000000000000000
Aug 19 21:32:49 hostname kernel: FS:  00007fa4337fe700(0000) GS:ffff925e6da00000(0000) knlGS:0000000000000000
Aug 19 21:32:49 hostname kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Aug 19 21:32:49 hostname kernel: CR2: 0000000000000000 CR3: 0000000dbde68001 CR4: 00000000003606f0
Aug 19 21:32:49 hostname kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Aug 19 21:32:49 hostname kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

A diff with OpenRGB.patch shows that 0001-i2c-nuvoton-nc677x-hwmon-driver.patch is missing #include <linux/delay.h>, additional timeout logic, and changes to drivers/i2c/busses/i2c-piix4.c that introduce /* Extra delay for SERVERWORKS_CSB5 */.

Building linux57 (latest 5.7.16) after replacing this patch with the latest version from Adam Honse resolves the problem. Thanks for your hard work with Manjaro, it’s much appreciated.

3 Likes

Thank you very much for the information and kudos for the good cooperation.

I’ve already adopted it in GitLab for all kernels up to 4.19.
It will then be adopted with the next build.

2 Likes

Well, this created a regression as not all things got adopted:

The following patches need to be adopted to fix the issue:

2 Likes

Thanks, I can confirm that i2c_nct6775 is working as expected with OpenRGB and linux57-5.7.17-2 on my system.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.