Tool/software: Linux
Hi Team,
Customer use sdm660 platform on ANDROID N and the related linux kernel version 4.4.
There is a rcu_read_lock in notifier when Power_supply call notifier and task in the rcu_read_lock can not sleep, but mutex in i2c_transfer generated in the sleep when bq27542 drive read i2c information, resulting in crash.(kernel 4.4)
Work queue is our current method , but this has an impact on real-time, is there a better solution?
The following is stack information when device crash:
[ 9.916404] init: (Parsing /system/etc/init/vold.rc took 0.00s.)
[ 9.926649] EXT4-fs (mmcblk0p51): recovery complete
[ 9.927653] EXT4-fs (mmcblk0p51): mounted filesystem with ordered data mode. Opts: barrier=1
[ 9.934119] adsp-loader soc:qcom,msm-adsp-loader: adsp_loader_do: scheduling work to load ADSP fw
[ 9.944120] init: Starting service 'logd'...
[ 9.949834] subsys-pil-tz 15700000.qcom,lpass: adsp: loading from 0x0000000092a00000 to 0x0000000094800000
[ 9.950751] EXT4-fs (mmcblk0p14): re-mounted. Opts: (null)
[ 9.956112] init: Starting service 'qseecomd'...
[ 9.956859] init: Starting service 'exec 1 (/system/bin/init.qti.qseecomd.sh)'...
[ 9.964479] audit: type=1400 audit(315.619:4): avc: denied { getattr } for pid=551 comm="init.qti.qseeco" path="/vendor" dev="mmcblk0p14" ino=7812 scontext=u:r:init-qti-fbe-sh:s0 tcontext=u:object_r:system_file:s0 tclass=lnk_file permissive=0
[ 9.980281] logd.auditd: start
[ 9.980317] logd.klogd: 9969547495
[ 10.022799] capability: warning: `qseecomd' uses 32-bit capabilities (legacy support in use)
[ 10.079418] type=1400 audit(315.729:5): avc: denied { getattr } for pid=578 comm="getprop" path="/vendor" dev="mmcblk0p14" ino=7812 scontext=u:r:init-qti-fbe-sh:s0 tcontext=u:object_r:system_file:s0 tclass=lnk_file permissive=0
[ 10.098327] init: Service 'exec 1 (/system/bin/init.qti.qseecomd.sh)' (pid 551) exited with status 0
[ 10.098462] init: write_file: Unable to write to '/dev/ipa': Invalid argument
[ 10.102916] bq_psy_pffffffea28e49000
[ 10.102924] BUG: sleeping function called from invalid context at /home/user/Awork/mt/TOO/LA.UM.6.1/LINUX/android/kernel/msm-4.4/kernel/locking/rtmutex.c:1399
[ 10.102927] in_atomic(): 0, irqs_disabled(): 0, pid: 204, name: kworker/0:1
[ 10.102935] ------------[ cut here ]------------
[ 10.102938] kernel BUG at /home/user/Awork/mt/TOO/LA.UM.6.1/LINUX/android/kernel/msm-4.4/kernel/sched/core.c:8531!
[ 10.102943] ------------[ cut here ]------------
[ 10.102947] kernel BUG at /home/user/Awork/mt/TOO/LA.UM.6.1/LINUX/android/kernel/msm-4.4/kernel/sched/core.c:8531!
[ 10.102950] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
[ 10.102958] Modules linked in:
[ 10.102964] CPU: 0 PID: 204 Comm: kworker/0:1 Not tainted 4.4.21+ #1
[ 10.102967] Hardware name: Qualcomm Technologies, Inc. SDM 660 PM660 + PM660A MTP (DT)
[ 10.102982] Workqueue: events power_supply_changed_work
[ 10.102986] task: ffffffea29735100 ti: ffffffea297d4000 task.ti: ffffffea297d4000
[ 10.102997] PC is at ___might_sleep+0x134/0x144
[ 10.103001] LR is at ___might_sleep+0xf8/0x144
[ 10.103005] pc : [<ffffff89642cc774>] lr : [<ffffff89642cc738>] pstate: 60000145
[ 10.103008] sp : ffffffea297d79b0
[ 10.103015] x29: ffffffea297d79b0 x28: 0000000000000000
[ 10.103022] x27: 0000000000000000 x26: 0000000000000000
[ 10.103029] x25: 0000000000000000 x24: ffffff8966827128
[ 10.103036] x23: 0000000000000000 x22: 0000000000000000
[ 10.103043] x21: 0000000000000577 x20: ffffff8965738f99
[ 10.103049] x19: ffffffea297d4000 x18: 00000000000000c3
[ 10.103056] x17: 0000007f94257e58 x16: ffffff89643f8870
[ 10.103063] x15: 0000007f94316810 x14: 0ffffffffffffffe
[ 10.103070] x13: 0000000000000018 x12: 0101010101010101
[ 10.103076] x11: 7f7f7f7f7f7f7f7f x10: fefefefeff30392f
[ 10.103083] x9 : 7f7f7f7f7f7f7f7f x8 : ffffffea350712b7
[ 10.103090] x7 : ffffff89643027b8 x6 : 0000000000000000
[ 10.103096] x5 : ffffffea297d7830 x4 : ffffffea297d78d0
[ 10.103103] x3 : 0000000000000000 x2 : 0000000000000000
[ 10.103110] x1 : 0000000057ac6e9d x0 : 0000000000000140
[ 10.103114]
[ 10.103114] PC: 0xffffff89642cc734:
[ 10.103135] c734 9402da9d f9400a60 f9400401 d28dd3a0 f2aaf580 f9401021 eb00003f 54000080
[ 10.103155] c754 b000a380 91311c00 9402da93 d53b4220 36380080 d5384100 f9400800 940256af
[ 10.103175] c774 d4210000 a94153f3 a8c37bfd d65f03c0 a9bd7bfd 910003fd a90153f3 a9025bf5
[ 10.103194] c794 aa0003f4 aa1e03e0 2a0103f5 2a0203f6 d503201f d5384100 f9400800 f9400001
[ 10.103198]
[ 10.103198] LR: 0xffffff89642cc6f8:
[ 10.103217] c6f8 f9000801 b000a380 aa1403e1 912f3400 9402daa8 b9401a60 d53b4222 f9400a64
[ 10.103236] c718 6b1f001f b000a380 1a9f07e1 91303000 12190042 b944f083 911ac084 9402da9d
[ 10.103256] c738 f9400a60 f9400401 d28dd3a0 f2aaf580 f9401021 eb00003f 54000080 b000a380
[ 10.103275] c758 91311c00 9402da93 d53b4220 36380080 d5384100 f9400800 940256af d4210000
[ 10.103279]
[ 10.103279] SP: 0xffffffea297d7970:
[ 10.103299] 7970 642cc738 ffffff89 297d79b0 ffffffea 642cc774 ffffff89 60000145 00000000
[ 10.103318] 7990 297357b0 ffffffea 297d7830 ffffffea ffffffff ffffffff 643027b8 ffffff89
[ 10.103338] 79b0 297d79e0 ffffffea 642cc800 ffffff89 2a0b4040 ffffffea 65738f99 ffffff89
[ 10.103357] 79d0 00000000 00000000 00000000 00000000 297d7a10 ffffffea 651d274c ffffff89
[ 10.103360]
[ 10.103363] Process kworker/0:1 (pid: 204, stack limit = 0xffffffea297d4020)
[ 10.103366] Call trace:
[ 10.103370] Exception stack(0xffffffea297d77e0 to 0xffffffea297d7910)
[ 10.103375] 77e0: ffffffea297d4000 0000008000000000 ffffffea297d79b0 ffffff89642cc774
[ 10.103380] 7800: 0000000000000000 0000000000000000 ffffffea297d7830 ffffff89643025c4
[ 10.103384] 7820: 0000000000000000 ffffff89665b0000 ffffffea297d78d0 ffffff89643027b8
[ 10.103389] 7840: ffffff8964302770 ffffff896573dc0c 0000000000000577 0000000000000000
[ 10.103393] 7860: 0000000000000000 ffffff8966827128 0000000000000000 0000000000000000
[ 10.103397] 7880: 0000000000000140 0000000057ac6e9d 0000000000000000 0000000000000000
[ 10.103403] 78a0: ffffffea297d78d0 ffffffea297d7830 0000000000000000 ffffff89643027b8
[ 10.103407] 78c0: ffffffea350712b7 7f7f7f7f7f7f7f7f fefefefeff30392f 7f7f7f7f7f7f7f7f
[ 10.103410] 78e0: 0101010101010101 0000000000000018 0ffffffffffffffe 0000007f94316810
[ 10.103414] 7900: ffffff89643f8870 0000007f94257e58
[ 10.103420] [<ffffff89642cc774>] ___might_sleep+0x134/0x144
[ 10.103424] [<ffffff89642cc800>] __might_sleep+0x7c/0x8c
[ 10.103432] [<ffffff89651d274c>] rt_mutex_lock+0x2c/0x7c
[ 10.103440] [<ffffff8964a594a4>] i2c_lock_adapter+0x50/0x5c
[ 10.103444] [<ffffff8964a5a92c>] i2c_transfer+0x60/0xbc
[ 10.103449] [<ffffff8964b97b7c>] bq27542_read_i2c.isra.4+0x78/0x90
[ 10.103453] [<ffffff8964b97bd4>] bq27x00_battery_soc+0x40/0x94
[ 10.103457] [<ffffff8964b98be4>] bq27542_get_property+0xb8/0x120
[ 10.103462] [<ffffff8964b8f48c>] power_supply_get_property+0x48/0x54
[ 10.103470] [<ffffff8964bb92b8>] smblib_get_prop_batt_capacity+0x5c/0x80
[ 10.103475] [<ffffff8964bb3e04>] smb2_batt_get_prop+0x1e8/0x358
[ 10.103479] [<ffffff8964b8f48c>] power_supply_get_property+0x48/0x54
[ 10.103483] [<ffffff8964bb0b04>] get_and_evaluate_battery_soc+0x5c/0x23c
[ 10.103488] [<ffffff8964bb1bb4>] power_supply_callback+0x80/0x94
[ 10.103497] [<ffffff89642c0ecc>] notifier_call_chain+0x58/0x8c
[ 10.103502] [<ffffff89642c1124>] __atomic_notifier_call_chain+0x44/0x5c
[ 10.103506] [<ffffff89642c1174>] atomic_notifier_call_chain+0x38/0x44
[ 10.103511] [<ffffff8964b8fcc0>] power_supply_changed_work+0xa8/0xec
[ 10.103517] [<ffffff89642b9d74>] process_one_work+0x234/0x40c
[ 10.103522] [<ffffff89642baacc>] worker_thread+0x2e0/0x410
[ 10.103527] [<ffffff89642bfde8>] kthread+0xf4/0xfc
[ 10.103533] [<ffffff8964284dd0>] ret_from_fork+0x10/0x40
[ 10.103538] Code: 36380080 d5384100 f9400800 940256af (d4210000)
[ 10.103544] ---[ end trace 01d13094a4f88e3d ]---
