# git rev-parse -q --verify 8956c582ac6b1693a351230179f898979dd00bdf^{commit} 8956c582ac6b1693a351230179f898979dd00bdf already have revision, skipping fetch # git checkout -q -f -B kisskb 8956c582ac6b1693a351230179f898979dd00bdf # git clean -qxdf # < git log -1 # commit 8956c582ac6b1693a351230179f898979dd00bdf # Author: Christophe Leroy # Date: Sat Oct 5 10:53:29 2024 +0200 # # powerpc/8xx: Fix kernel DTLB miss on dcbz # # Following OOPS is encountered while loading test_bpf module # on powerpc 8xx: # # [ 218.835567] BUG: Unable to handle kernel data access on write at 0xcb000000 # [ 218.842473] Faulting instruction address: 0xc0017a80 # [ 218.847451] Oops: Kernel access of bad area, sig: 11 [#1] # [ 218.852854] BE PAGE_SIZE=16K PREEMPT CMPC885 # [ 218.857207] SAF3000 DIE NOTIFICATION # [ 218.860713] Modules linked in: test_bpf(+) test_module # [ 218.865867] CPU: 0 UID: 0 PID: 527 Comm: insmod Not tainted 6.11.0-s3k-dev-09856-g3de3d71ae2e6-dirty #1280 # [ 218.875546] Hardware name: MIAE 8xx 0x500000 CMPC885 # [ 218.880521] NIP: c0017a80 LR: beab859c CTR: 000101d4 # [ 218.885584] REGS: cac2bc90 TRAP: 0300 Not tainted (6.11.0-s3k-dev-09856-g3de3d71ae2e6-dirty) # [ 218.894308] MSR: 00009032 CR: 55005555 XER: a0007100 # [ 218.901290] DAR: cb000000 DSISR: c2000000 # [ 218.901290] GPR00: 000185d1 cac2bd50 c21b9580 caf7c030 c3883fcc 00000008 cafffffc 00000000 # [ 218.901290] GPR08: 00040000 18300000 20000000 00000004 99005555 100d815e ca669d08 00000369 # [ 218.901290] GPR16: ca730000 00000000 ca2c004c 00000000 00000000 0000035d 00000311 00000369 # [ 218.901290] GPR24: ca732240 00000001 00030ba3 c3800000 00000000 00185d48 caf7c000 ca2c004c # [ 218.941087] NIP [c0017a80] memcpy+0x88/0xec # [ 218.945277] LR [beab859c] test_bpf_init+0x22c/0x3c90 [test_bpf] # [ 218.951476] Call Trace: # [ 218.953916] [cac2bd50] [beab8570] test_bpf_init+0x200/0x3c90 [test_bpf] (unreliable) # [ 218.962034] [cac2bde0] [c0004c04] do_one_initcall+0x4c/0x1fc # [ 218.967706] [cac2be40] [c00a2ec4] do_init_module+0x68/0x360 # [ 218.973292] [cac2be60] [c00a5194] init_module_from_file+0x8c/0xc0 # [ 218.979401] [cac2bed0] [c00a5568] sys_finit_module+0x250/0x3f0 # [ 218.985248] [cac2bf20] [c000e390] system_call_exception+0x8c/0x15c # [ 218.991444] [cac2bf30] [c00120a8] ret_from_syscall+0x0/0x28 # # This happens in the main loop of memcpy() # # ==> c0017a80: 7c 0b 37 ec dcbz r11,r6 # c0017a84: 80 e4 00 04 lwz r7,4(r4) # c0017a88: 81 04 00 08 lwz r8,8(r4) # c0017a8c: 81 24 00 0c lwz r9,12(r4) # c0017a90: 85 44 00 10 lwzu r10,16(r4) # c0017a94: 90 e6 00 04 stw r7,4(r6) # c0017a98: 91 06 00 08 stw r8,8(r6) # c0017a9c: 91 26 00 0c stw r9,12(r6) # c0017aa0: 95 46 00 10 stwu r10,16(r6) # c0017aa4: 42 00 ff dc bdnz c0017a80 # # Commit ac9f97ff8b32 ("powerpc/8xx: Inconditionally use task PGDIR in # DTLB misses") relies on re-reading DAR register to know if an error is # due to a missing copy of a PMD entry in task's PGDIR, allthough DAR # was already read in the exception prolog and copied into thread # struct. This is because is it done very early in the exception and # there are not enough registers available to keep a pointer to thread # struct. # # However, dcbz instruction is buggy and doesn't update DAR register on # fault. That is detected and generates a call to FixupDAR workaround # which updates DAR copy in thread struct but doesn't fix DAR register. # # Let's fix DAR in addition to the update of DAR copy in thread struct. # # Fixes: ac9f97ff8b32 ("powerpc/8xx: Inconditionally use task PGDIR in DTLB misses") # Signed-off-by: Christophe Leroy # Signed-off-by: Michael Ellerman # Link: https://msgid.link/2b851399bd87e81c6ccb87ea3a7a6b32c7aa04d7.1728118396.git.christophe.leroy@csgroup.eu # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux-ld --version # < git log --format=%s --max-count=1 8956c582ac6b1693a351230179f898979dd00bdf # make -s -j 40 ARCH=m68k O=/kisskb/build/powerpc-fixes_defconfig_m68k-gcc8.1 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- defconfig WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [m]: - RESOURCE_KUNIT_TEST [=m] && RUNTIME_TESTING_MENU [=y] && KUNIT [=m] WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [m]: - RESOURCE_KUNIT_TEST [=m] && RUNTIME_TESTING_MENU [=y] && KUNIT [=m] # < make -s -j 40 ARCH=m68k O=/kisskb/build/powerpc-fixes_defconfig_m68k-gcc8.1 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- help # make -s -j 40 ARCH=m68k O=/kisskb/build/powerpc-fixes_defconfig_m68k-gcc8.1 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- olddefconfig WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [m]: - RESOURCE_KUNIT_TEST [=m] && RUNTIME_TESTING_MENU [=y] && KUNIT [=m] WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [m]: - RESOURCE_KUNIT_TEST [=m] && RUNTIME_TESTING_MENU [=y] && KUNIT [=m] # make -s -j 40 ARCH=m68k O=/kisskb/build/powerpc-fixes_defconfig_m68k-gcc8.1 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/m68k-linux/bin/m68k-linux- Completed OK # rm -rf /kisskb/build/powerpc-fixes_defconfig_m68k-gcc8.1 # Build took: 0:01:04.669002