Hi,
On Wed, 18 Nov 2020 08:50:09 -0600 Nishanth Menon nm@ti.com wrote:
At the start of driver initialization, we do not know what bias setting the bootloader has configured the system for and we only know for certain the very first time we do a transition.
However, since the initial value of the comparison index is -EINVAL, this negative value results in an array out of bound access on the very first transition.
Since we don't know what the setting is, we just set the bias configuration as there is nothing to compare against. This prevents the array out of bound access.
NOTE: Even though we could use a more relaxed check of "< 0" the only valid values(ignoring cosmic ray induced bitflips) are -EINVAL, 0+.
Fixes: 40b1936efebd ("regulator: Introduce TI Adaptive Body Bias(ABB) on-chip LDO driver") Link: https://lore.kernel.org/linux-mm/CA+G9fYuk4imvhyCN7D7T6PMDH6oNp6HDCRiTUKMQ6Q... Reported-by: Naresh Kamboju naresh.kamboju@linaro.org Reviewed-by: Arnd Bergmann arnd@arndb.de Signed-off-by: Nishanth Menon nm@ti.com
Mark,
I will leave it to your descretion if this needs to be tagged for stable or to drop the Fixes tag - Side effect, if this occurs, will be an unstable system very hard to track down - but typically occurring during system boot - Impacts systems: DM3/OMAP3,4,5,DRA7/AM5x.
I would categorize this as "This could be a problem..." problem.. the bug is an out of bound read, and has been around since v3.11 and is not a catastrophic data corruption kind of issue.
Though theoretically, there is a possibility that the compare may pass and result in missing bias configuration(and resulting system will be unstable), I have'nt heard of actual report (but, it will be surprising if any actual instability was actually tracked down to this bug). Any ways, I had to go to git full history to pick the exact commit - I have left it in the patch.
Hmm so probably these boot problems which only occur when your debug cable is not attached?
Is there any connection with commits like this: ARM: dts: omap36xx: using OPP1G needs to control the abb_ldo
So would the potential problem be more probable by patches like the that one mentioned above?
Regards, Andreas