4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx>
[ Upstream commit 5f93d7081a47e1972031ccf57c4b2779eee162fb ]
The BUG_ON assertions I added to the via-macii driver over a decade ago
haven't fired AFAIK. Some can never fire (by inspection). One assertion
checks for a NULL pointer, but that would merely substitute a BUG crash
for an Oops crash. Remove the pointless BUG_ON assertions and replace
the others with a WARN_ON and an array bounds check.
Tested-by: Stan Johnson <userm57@xxxxxxxxx>
Signed-off-by: Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Michael Ellerman <mpe@xxxxxxxxxxxxxx>
Stable-dep-of: d301a71c76ee ("macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"")
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
drivers/macintosh/via-macii.c | 49 +++++------------------------------
1 file changed, 7 insertions(+), 42 deletions(-)
diff --git a/drivers/macintosh/via-macii.c b/drivers/macintosh/via-macii.c
index cf6f7d52d6bee..fc6ad5bf1875a 100644
--- a/drivers/macintosh/via-macii.c
+++ b/drivers/macintosh/via-macii.c
@@ -120,23 +120,6 @@ static int srq_asserted; /* have to poll for the device that asserted it */
static int command_byte; /* the most recent command byte transmitted */
static int autopoll_devs; /* bits set are device addresses to be polled */
-/* Sanity check for request queue. Doesn't check for cycles. */
-static int request_is_queued(struct adb_request *req) {
- struct adb_request *cur;
- unsigned long flags;
- local_irq_save(flags);
- cur = current_req;
- while (cur) {
- if (cur == req) {
- local_irq_restore(flags);
- return 1;
- }
- cur = cur->next;
- }
- local_irq_restore(flags);
- return 0;
-}
-
/* Check for MacII style ADB */
static int macii_probe(void)
{
@@ -213,8 +196,6 @@ static void macii_queue_poll(void)
else
next_device = ffs(autopoll_devs) - 1;
- BUG_ON(request_is_queued(&req));
-
adb_request(&req, NULL, ADBREQ_NOSEND, 1,
ADB_READREG(next_device, 0));
@@ -237,18 +218,13 @@ static int macii_send_request(struct adb_request *req, int sync)
int err;
unsigned long flags;
- BUG_ON(request_is_queued(req));
-
local_irq_save(flags);
err = macii_write(req);
local_irq_restore(flags);
- if (!err && sync) {
- while (!req->complete) {
+ if (!err && sync)
+ while (!req->complete)
macii_poll();
- }
- BUG_ON(request_is_queued(req));
- }
return err;
}
@@ -327,9 +303,6 @@ static int macii_reset_bus(void)
{
static struct adb_request req;
- if (request_is_queued(&req))
- return 0;
-
/* Command = 0, Address = ignored */
adb_request(&req, NULL, 0, 1, ADB_BUSRESET);
@@ -346,10 +319,6 @@ static void macii_start(void)
req = current_req;
- BUG_ON(req == NULL);
-
- BUG_ON(macii_state != idle);
-
/* Now send it. Be careful though, that first byte of the request
* is actually ADB_PACKET; the real data begins at index 1!
* And req->nbytes is the number of bytes of real data plus one.
@@ -387,7 +356,6 @@ static void macii_start(void)
static irqreturn_t macii_interrupt(int irq, void *arg)
{
int x;
- static int entered;
struct adb_request *req;
if (!arg) {
@@ -398,8 +366,6 @@ static irqreturn_t macii_interrupt(int irq, void *arg)
return IRQ_NONE;
}
- BUG_ON(entered++);
-
last_status = status;
status = via[B] & (ST_MASK|CTLR_IRQ);
@@ -408,7 +374,7 @@ static irqreturn_t macii_interrupt(int irq, void *arg)
if (reading_reply) {
reply_ptr = current_req->reply;
} else {
- BUG_ON(current_req != NULL);
+ WARN_ON(current_req);
reply_ptr = reply_buf;
}
@@ -473,8 +439,8 @@ static irqreturn_t macii_interrupt(int irq, void *arg)
case reading:
x = via[SR];
- BUG_ON((status & ST_MASK) == ST_CMD ||
- (status & ST_MASK) == ST_IDLE);
+ WARN_ON((status & ST_MASK) == ST_CMD ||
+ (status & ST_MASK) == ST_IDLE);
/* Bus timeout with SRQ sequence:
* data is "XX FF" while CTLR_IRQ is "L L"
@@ -501,8 +467,8 @@ static irqreturn_t macii_interrupt(int irq, void *arg)
}
}
- if (macii_state == reading) {
- BUG_ON(reply_len > 15);
+ if (macii_state == reading &&
+ reply_len < ARRAY_SIZE(reply_buf)) {
reply_ptr++;
*reply_ptr = x;
reply_len++;
@@ -545,6 +511,5 @@ static irqreturn_t macii_interrupt(int irq, void *arg)
break;
}
- entered--;
return IRQ_HANDLED;
}
--
2.43.0
