Re: [RFC] m68k: Fix dead code in bus_error030()

[Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx>]

On Mon, 5 Mar 2018, I wrote:

> The only sensible place for the !(mmusr & MMU_I) test is inside the
> (mmusr & (MMU_I | MMU_WP)) branch. It is redundant when used in the
> else branch.
>
> Moreover, when used in the else branch it defeats the remaining
> conditionals. Hence the (mmusr & (MMU_B|MMU_L|MMU_S)) branch is
> unreachable, along with the final else branch.
>
> Make the dead code live again.
>
> I mentioned this dead code some time ago. It's still only a
> theoretical bug, but maybe it's possible to evade a signal in the
> (ssw & RM) case?
>
> ---
>
> See also
> http://lkml.kernel.org/r/alpine.LNX.2.00.1402211323140.7194@nippy.intranet
>
> Does anyone have test cases for these exceptions?
>
>
> diff --git a/arch/m68k/kernel/traps.c b/arch/m68k/kernel/traps.c
> index c1cc4e99aa94..506e5500fa44 100644
> --- a/arch/m68k/kernel/traps.c
> +++ b/arch/m68k/kernel/traps.c
> @@ -561,9 +561,9 @@ static inline void bus_error030 (struct frame *fp)
>  			   handled. */
>  			if (do_page_fault (&fp->ptregs, addr, errorcode) < 0)
>  				return;
> -		} else if (!(mmusr & MMU_I)) {
>  			/* probably a 020 cas fault */
> -			if (!(ssw & RM) && send_fault_sig(&fp->ptregs) > 0)
> +			if (!(mmusr & MMU_I) && !(ssw & RM) &&
> +			    send_fault_sig(&fp->ptregs) > 0)
>  				pr_err("unexpected bus error (%#x,%#x)\n", ssw,
>  				       mmusr);
>  		} else if (mmusr & (MMU_B|MMU_L|MMU_S)) {


Stan has just tested this patch on a PowerBook 170. It crashed during the
first mac_scsi Pseudo DMA transfer (see below).

I don't think it follows that the patch is wrong. Bus errors are normal 
during PDMA transfers (and 0x50006060 is the correct fault address).

Roman Zippel once wrote a patch for the '040 bus error handler to 
accomodate PDMA for mac_esp. Perhaps there is an equivalent patch for 
'030.


ABCFGHIJK
Linux version 4.15.0-mac-00077-g1ccf28318731 (fthain@nippy) (gcc version 4.4.6 (btc)) #1 Tue Mar 6 10:21:37 AEDT 2018
Saving 402 bytes of bootinfo
debug: ignoring loglevel setting.
bootconsole [debug0] enabled
Detected Macintosh model: 21
 Penguin bootinfo data:
 Video: addr 0xfee08000 row 0x50 depth 1 dimensions 640 x 400
 Videological 0xf0208000 phys. 0xfee08000, SCC at 0x50f04000
 Boottime: 0x5a9d8f1b GMTBias: 0xfffffe5c
 Machine ID: 21 CPUid: 0x1 memory size: 0x8
VIA2 vDirA is 0x00
VIA2 vPCR is 0x00
Apple Macintosh PowerBook 170
On node 0 totalpages: 2048
  DMA zone: 18 pages used for memmap
  DMA zone: 0 pages reserved
  DMA zone: 2048 pages, LIFO batch:0
random: fast init done
pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
pcpu-alloc: [0] 0
Built 1 zonelists, mobility grouping off.  Total pages: 2030
Kernel command line: root=/dev/sdb9 console=tty0 console=ttyS0,9600n8 ignore_loglevel earlyprintk init=/bin/sh ro
Dentry cache hash table entries: 1024 (order: 0, 4096 bytes)
Inode-cache hash table entries: 1024 (order: 0, 4096 bytes)
Sorting __ex_table...
Memory: 3612K/8192K available (3333K kernel code, 256K rwdata, 728K rodata, 116K init, 136K bss, 4580K reserved, 0K cma-reserved)
Virtual kernel memory layout:
    vector  : 0x00419be4 - 0x00419fe4   (   1 KiB)
    kmap    : 0xd0000000 - 0xf0000000   ( 512 MiB)
    vmalloc : 0x01000000 - 0xd0000000   (3312 MiB)
    lowmem  : 0x00000000 - 0x00800000   (   8 MiB)
      .init : 0x(ptrval) - 0x(ptrval)   ( 116 KiB)
      .text : 0x(ptrval) - 0x(ptrval)   (3334 KiB)
      .data : 0x(ptrval) - 0x(ptrval)   ( 985 KiB)
      .bss  : 0x(ptrval) - 0x(ptrval)   ( 137 KiB)
SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=8
NR_IRQS: 72
Console: colour dummy device 80x25
console [tty0] enabled
console [ttyS0] enabled
console [ttyS0] enabled
bootconsole [debug0] disabled
bootconsole [debug0] disabled
Calibrating delay loop... 5.73 BogoMIPS (lpj=28672)
pid_max: default: 32768 minimum: 301
Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
devtmpfs: initialized
clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
futex hash table entries: 256 (order: -1, 3072 bytes)
NET: Registered protocol family 16
NuBus: Scanning NuBus slots.
SCSI subsystem initialized
NET: Registered protocol family 2
TCP established hash table entries: 1024 (order: 0, 4096 bytes)
TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
TCP: Hash tables configured (established 1024 bind 1024)
UDP hash table entries: 256 (order: 0, 4096 bytes)
UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
NET: Registered protocol family 1
RPC: Registered named UNIX socket transport module.
RPC: Registered udp transport module.
RPC: Registered tcp transport module.
RPC: Registered tcp NFSv4.1 backchannel transport module.
workingset: timestamp_bits=27 max_order=10 bucket_order=0
Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
io scheduler noop registered
io scheduler deadline registered (default)
macfb: framebuffer at 0xfee08000, mapped to 0x575ddda6, size 31k
macfb: mode is 640x400x1, linelength=80
Console: switching to mono frame buffer device 80x25
fb0: DDC frame buffer device
pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@xxxxxxxxxxxxxxxxxxx>)
scc.0: ttyS0 at MMIO 0x50f04002 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
scc.1: ttyS1 at MMIO 0x50f04000 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
SWIM floppy driver Version 0.2 (2008-10-30)
SWIM device not found !
brd: module loaded
Warning: no ADB interface detected
Uniform Multi-Platform E-IDE driver
ide-gd driver 1.18
scsi host0: Macintosh NCR5380 SCSI, irq 19, io_port 0x0, base 0x50010000, can_queue 16, cmd_per_lun 2, sg_tablesize 1, this_id 7, flags { }
scsi 0:0:0:0: Direct-Access     SEAGATE  ST9235N          0418 PQ: 0 ANSI: 2 CCS
scsi 0:0:1:0: Direct-Access     IBM-PSG  ST318404LW    !# 3283 PQ: 0 ANSI: 3
weird read access at 0x50006060 from pc 0x23fd50 (ssw is 0x74d)
level 0 mmusr is 0x400
Oops: 00000400
Modules linked in:
PC: [<0023fd50>] NCR5380_main+0xe24/0x18d8
SR: 2704  SP: df2fa5fc  a2: 0049d440
d0: 0000007f    d1: 00001000    d2: 00001000    d3: 005b88ac
d4: 0053fb38    d5: 0053fb2c    a0: 0048a014    a1: 50010050
Process kworker/u2:0 (pid: 5, task=bbb227f7)
Frame format=B ssw=074d isc=20d3 isb=000e daddr=50006060 dobuf=00000000
baddr=0023fd54 dibuf=00000000 ver=f
Stack from 004b3dc0:
        00000000 0058da05 0058da00 004b200c 00000080 0002ab30 00494780 00481014
        0053fb08 0049d440 005b899a 004b200c 00000002 00000002 00000100 00000004
        004b200c 004b200c 0053f914 004b200c 0053fb44 0053f800 0053faf8 00481140
        00000009 00481188 004b3f80 004b200c 00000088 0002ab30 0049d440 0049d46c
        00403adc 004b3e74 0003a7e6 00403b08 00490000 10000009 00481188 004b3f80
        004b040c 00006588 0049d440 00403adc 004b3ed0 00481188 00403adc 0049d67c
Call Trace: [<0002ab30>] worker_enter_idle+0x0/0x162
 [<0002ab30>] worker_enter_idle+0x0/0x162
 [<0003a7e6>] dequeue_task_fair+0x2e/0x154
 [<00006588>] buserr_c+0x4a2/0x646
 [<0002e098>] process_one_work+0x11a/0x342
 [<0033d95e>] __schedule+0x0/0x37c
 [<0002e3da>] worker_thread+0x11a/0x6b2
 [<0003d9cc>] __init_waitqueue_head+0x0/0x12
 [<0002e2c0>] worker_thread+0x0/0x6b2
 [<0033d95e>] __schedule+0x0/0x37c
 [<0033decc>] schedule+0x28/0x9e
 [<0002e2c0>] worker_thread+0x0/0x6b2
 [<0002e2c0>] worker_thread+0x0/0x6b2
 [<00033422>] kthread+0xc6/0xfa
 [<0003335c>] kthread+0x0/0xfa
 [<00002a90>] ret_from_kernel_thread+0xc/0x14
Code: 3001 ea48 6000 0012 20d3 20d3 20d3 20d3 <20d3> 20d3 20d3 20d3 51c8 ffee 3001 e448 0240 0007 6000 0004 20d3 51c8 fffc 0241
Disabling lock debugging due to kernel taint
random: crng init done

-- 
--
To unsubscribe from this list: send the line "unsubscribe linux-m68k" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html