ACK: [SRU][J:linux-bluefield][PATCH v1 1/1] UBUNTU: SAUCE: ipmb_host: resolve lockdep warnings

Alessio Faina alessio.faina at canonical.com
Mon Oct 20 07:14:59 UTC 2025 

On Fri, Oct 10, 2025 at 06:35:24PM -0400, David Thompson wrote:
> BugLink: https://bugs.launchpad.net/bugs/2127673
> 
> When running a kernel with CONFIG_LOCK_STAT, the ipmb_host driver
> causes a lock warning:
> 
> [   21.758110] 1 lock held by swapper/0/0:
> [   21.761931]  #0: ffff00008be2d8c0 (&master->lock){-...}-{2:2}, at: ipmb_slave_cb+0x70/0x208 [ipmb_host]
> [   21.771320]
>                stack backtrace:
> [   21.775664] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.8.12+ #1
> [   21.781656] Hardware name: https://www.mellanox.com BlueField-3 DPU/BlueField-3 DPU, BIOS 4.13.0.13780 Sep 30 2025
> [   21.791986] Call trace:
> [   21.794419]  dump_backtrace+0xa0/0x128
> [   21.798154]  show_stack+0x20/0x38
> [   21.801455]  dump_stack_lvl+0xec/0x150
> [   21.805192]  dump_stack+0x18/0x28
> [   21.808494]  print_usage_bug.part.0+0x2a4/0x3c0
> [   21.813012]  mark_lock+0x4d4/0x710
> [   21.816401]  __lock_acquire+0x938/0x1ae8
> [   21.820311]  lock_acquire+0x118/0x300
> [   21.823961]  fs_reclaim_acquire+0xd8/0xf8
> [   21.827957]  kmalloc_trace+0x60/0x2f0
> [   21.831607]  ipmb_slave_cb+0x140/0x208 [ipmb_host]
> [   21.836384]  i2c_slave_event+0x34/0x160
> [   21.840207]  mlxbf_i2c_irq_recv.isra.0+0x258/0x2b0 [i2c_mlxbf]
> [   21.846028]  mlxbf_i2c_irq+0x12c/0x1f0 [i2c_mlxbf]
> [   21.850804]  __handle_irq_event_percpu+0xb0/0x328
> [   21.855495]  handle_irq_event+0x54/0xe0
> 
> The lockdep warning shows an inconsistent lock state problem
> with the following critical issues:
> 1) Memory allocation in IRQ context: The ipmb_slave_cb() function
>    (called from IRQ handler mlxbf_i2c_irq) is calling kmalloc() with
>    GFP_KERNEL flag, which can trigger memory reclaim and sleep.
>    This is not allowed in interrupt context.
> 2) Incorrect spinlock usage: The ipmb_slave_cb() function uses
>    spin_lock() instead of spin_lock_irqsave(). Since this function is
>    called from interrupt context, it needs to use the IRQ-safe version.
> 
> Signed-off-by: David Thompson <davthompson at nvidia.com>
> Reviewed-by: Asmaa Mnebhi <asmaa at nvidia.com>
> ---
>  drivers/char/ipmi/ipmb_host.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/char/ipmi/ipmb_host.c b/drivers/char/ipmi/ipmb_host.c
> index b74d81e0c499..d4cc6b73cab0 100644
> --- a/drivers/char/ipmi/ipmb_host.c
> +++ b/drivers/char/ipmi/ipmb_host.c
> @@ -193,7 +193,7 @@ static int ipmb_handle_response(struct ipmb_master *master)
>  			RSP_QUEUE_MAX_LEN)
>  		return -EFAULT;
>  
> -	queue_elem = kmalloc(sizeof(*queue_elem), GFP_KERNEL);
> +	queue_elem = kmalloc(sizeof(*queue_elem), GFP_ATOMIC);
>  	if (!queue_elem)
>  		return -ENOMEM;
>  	memcpy(&queue_elem->rsp, &master->rsp,
> @@ -621,6 +621,7 @@ static int ipmb_slave_cb(struct i2c_client *client,
>  			enum i2c_slave_event event, u8 *val)
>  {
>  	struct ipmb_master *master = i2c_get_clientdata(client);
> +	unsigned long flags;
>  	u8 *buf;
>  
>  	if (!handshake_rsp) {
> @@ -628,7 +629,7 @@ static int ipmb_slave_cb(struct i2c_client *client,
>  		return 0;
>  	}
>  
> -	spin_lock(&master->lock);
> +	spin_lock_irqsave(&master->lock, flags);
>  
>  	switch (event) {
>  	case I2C_SLAVE_WRITE_REQUESTED:
> @@ -663,7 +664,7 @@ static int ipmb_slave_cb(struct i2c_client *client,
>  	default:
>  		break;
>  	}
> -	spin_unlock(&master->lock);
> +	spin_unlock_irqrestore(&master->lock, flags);
>  
>  	return 0;
>  }
> -- 
> 2.43.2
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Acked-by: Alessio Faina <alessio.faina at canonical.com>

More information about the kernel-team mailing list