From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5B4371BFE00; Wed, 4 Jun 2025 00:58:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1748998721; cv=none; b=Xw+YggyQIMIoZ9Jaj3J6Jcym1wlTrljPWEXJaFDQqiFZU/Bev/2eiUSAH2nXPt64hFIuq38VCnqp6mnq9c4jtY9ZehwvN57+MZ1U2CTSFVf6BQJ+WQxXund6eB+qLfSHJYZk1k37k1HVPzt4lu0XMvqKOx84mDXgVPkNgDyFmm0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1748998721; c=relaxed/simple; bh=dca/qdOQd8trVl3PyThEbwDVoz8kJ2EoR/OfkEaN2sc=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version:Content-Type; b=VeCbf29WoVUP2QX7kWFLZ63F69XL/67SbE+5PxrYMV8sj2lj9BH0pn2ns/cbMXhrN8jKdJx6HZms1otmWtrLATWY13XPqBtCREEyQvvr1FK+CM4GstZd2gdkFWenB/B7TSoPDlit+HRMsuzhUVfi9WND9EXe7kvr7AkmtIhC/iQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=OJpn5CuX; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="OJpn5CuX" Received: by smtp.kernel.org (Postfix) with ESMTPSA id E211CC4CEF1; Wed, 4 Jun 2025 00:58:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1748998720; bh=dca/qdOQd8trVl3PyThEbwDVoz8kJ2EoR/OfkEaN2sc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OJpn5CuXNsE211pylcN76tKLV1TIF+QflLF76rsDMihhwFIInntBhaFPv2Ap8Ye45 hHg7CTDmdfqsb1AoDZ4Rrvee5r5DGqaFpr0mhgoCYiAQX89BVD+AULXC9AwFMO17ZL kkubrYXkFIaJsTD2qjRP1QCICr8IkLyhlnYd+d4rUnKiZ7mtyUfy+Q8TlH8D40ykQt kosrnPCLIVoWaRWSnl28t9++1sVHBs5yE7wUyJB38dAx4YtvL/gZxtjqT/siyb5lLs A78x3/rNdQ7VX5wNb5cyXvK1qHBjyDIql8UQAR3/4h6oiYlSKJMasU6nC1so8mDxrq AiJy98A3JkGOA== From: Sasha Levin To: patches@lists.linux.dev, stable@vger.kernel.org Cc: Rand Deeb , Rinitha S , Tony Nguyen , Sasha Levin , przemyslaw.kitszel@intel.com, intel-wired-lan@lists.osuosl.org Subject: [PATCH AUTOSEL 6.14 093/108] ixgbe: Fix unreachable retry logic in combined and byte I2C write functions Date: Tue, 3 Jun 2025 20:55:16 -0400 Message-Id: <20250604005531.4178547-93-sashal@kernel.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250604005531.4178547-1-sashal@kernel.org> References: <20250604005531.4178547-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore X-stable-base: Linux 6.14.9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Rand Deeb [ Upstream commit cdcb3804eeda24d588348bbab6766cf14fddbeaa ] The current implementation of `ixgbe_write_i2c_combined_generic_int` and `ixgbe_write_i2c_byte_generic_int` sets `max_retry` to `1`, which makes the condition `retry < max_retry` always evaluate to `false`. This renders the retry mechanism ineffective, as the debug message and retry logic are never executed. This patch increases `max_retry` to `3` in both functions, aligning them with the retry logic in `ixgbe_read_i2c_combined_generic_int`. This ensures that the retry mechanism functions as intended, improving robustness in case of I2C write failures. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Rand Deeb Tested-by: Rinitha S (A Contingent worker at Intel) Signed-off-by: Tony Nguyen Signed-off-by: Sasha Levin --- **YES** This commit should be backported to stable kernel trees. Here's my extensive analysis: ## Bug Analysis **Critical Logic Flaw:** The commit fixes a fundamental bug where the retry logic in I2C write functions was completely ineffective. With `max_retry = 1`, the condition `retry < max_retry` would only allow `retry = 0`, meaning the retry loop would never execute more than once, making the entire retry mechanism useless. **Code Impact:** The change from `max_retry = 1` to `max_retry = 3` in both: - `ixgbe_write_i2c_combined_generic_int()` (line ~170) - `ixgbe_write_i2c_byte_generic_int()` (line ~2288) This aligns with the existing `ixgbe_read_i2c_combined_generic_int()` function which already uses `max_retry = 3`. ## Backport Suitability Criteria **1. Fixes Important User-Affecting Bug:** ✓ - I2C write failures directly impact SFP/QSFP module detection and configuration - Affects `ethtool --identify` LED functionality - Can cause intermittent network interface initialization failures - Users would experience unreliable hardware detection and configuration **2. Small and Contained Change:** ✓ - Only changes two integer values from 1 to 3 - No architectural changes or new functionality - Minimal risk of introducing regressions - Affects only the specific I2C write retry mechanism **3. No Side Effects Beyond the Fix:** ✓ - Simply enables existing retry logic to work as intended - Doesn't change the fundamental I2C communication protocol - Maintains consistency with read operations - No new code paths introduced **4. Critical Subsystem Impact:** ✓ - Network driver functionality is critical for system operation - I2C communication is essential for modern network hardware management - Affects Intel ixgbe NICs which are widely deployed in enterprise environments **5. Clear Bug Evidence:** ✓ - Linux Verification Center found this with static analysis (SVACE) - Logic flaw is mathematically provable (retry < 1 never allows retry) - Consistent with similar commits in the pattern (Similar Commit #1 shows retry count adjustments are appropriate for backporting) ## Comparison to Historical Patterns This commit closely matches **Similar Commit #1** (Backport Status: YES) which also modified I2C retry counts in ixgbe. That commit reduced retry counts to avoid regressions, while this one increases retry counts to fix broken logic - both are stability improvements worthy of backporting. Unlike **Similar Commit #2** (Backport Status: NO) which was architectural refactoring, this commit fixes a clear functional defect without introducing new features or code reorganization. ## Risk Assessment **Low Risk:** - Increasing retries from effectively 0 to 3 cannot make things worse - The retry mechanism already existed and was intended to be used - 3 retries aligns with established patterns in the same driver - Intel has tested this change (as indicated by the "Tested- by" tag) **High Impact:** - Fixes complete failure of I2C write retry mechanism - Improves reliability of critical network hardware functionality - Addresses systematic logic flaw affecting all ixgbe deployments This commit represents exactly the type of important, low- risk bug fix that stable trees are designed to receive. drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c index 0a03a8bb5f886..2d54828bdfbbc 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_phy.c @@ -167,7 +167,7 @@ int ixgbe_write_i2c_combined_generic_int(struct ixgbe_hw *hw, u8 addr, u16 reg, u16 val, bool lock) { u32 swfw_mask = hw->phy.phy_semaphore_mask; - int max_retry = 1; + int max_retry = 3; int retry = 0; u8 reg_high; u8 csum; @@ -2285,7 +2285,7 @@ static int ixgbe_write_i2c_byte_generic_int(struct ixgbe_hw *hw, u8 byte_offset, u8 dev_addr, u8 data, bool lock) { u32 swfw_mask = hw->phy.phy_semaphore_mask; - u32 max_retry = 1; + u32 max_retry = 3; u32 retry = 0; int status; -- 2.39.5