Re: [PATCH V7] i2c: tegra: remove BUG, BUG_ON

From: Bitan Biswas
Date: Tue Jun 18 2019 - 00:34:28 EST



On 6/17/19 12:28 PM, Dmitry Osipenko wrote:
17.06.2019 21:41, Bitan Biswas ÐÐÑÐÑ:


On 6/17/19 5:13 AM, Dmitry Osipenko wrote:
17.06.2019 8:09, Bitan Biswas ÐÐÑÐÑ:
Remove BUG, BUG_ON as it makes system usable:
 - Remove redundant BUG_ON calls or replace with WARN_ON_ONCE
ÂÂÂ as needed.
 - Remove BUG() and mask Rx interrupt similar as Tx
ÂÂÂ for message fully sent case.
 - Add caller error handling and WARN_ON_ONCE check for non-zero
ÂÂÂ rx_fifo_avail in tegra_i2c_empty_rx_fifo() after all processing.

The commit message should describe motivation of the change and not the change itself,
unless it's some additional information which is required for better understanding of
the code.

In yours case it could be something like that:

ÂÂÂÂ The usage of BUG() macro is generally discouraged in kernel, unless
ÂÂÂÂ it's a problem that results in a physical damage or loss of data.
ÂÂÂÂ This patch removes unnecessary BUG() macros and replaces the rest
ÂÂÂÂ with a warnings.
I shall update as per above comments.


Signed-off-by: Bitan Biswas <bbiswas@xxxxxxxxxx>
---
 drivers/i2c/busses/i2c-tegra.c | 45 ++++++++++++++++++++++++++++++++++--------
 1 file changed, 37 insertions(+), 8 deletions(-)

diff --git a/drivers/i2c/busses/i2c-tegra.c b/drivers/i2c/busses/i2c-tegra.c
index 4dfb4c1..b155b61 100644
--- a/drivers/i2c/busses/i2c-tegra.c
+++ b/drivers/i2c/busses/i2c-tegra.c
@@ -73,6 +73,7 @@
 #define I2C_ERR_NO_ACK BIT(0)
 #define I2C_ERR_ARBITRATION_LOST BIT(1)
 #define I2C_ERR_UNKNOWN_INTERRUPT BIT(2)
+#define I2C_ERR_RX_BUFFER_OVERFLOWÂÂÂÂÂÂÂ BIT(3)
  #define PACKET_HEADER0_HEADER_SIZE_SHIFT 28
 #define PACKET_HEADER0_PACKET_ID_SHIFT 16
@@ -515,7 +516,11 @@ static int tegra_i2c_empty_rx_fifo(struct tegra_i2c_dev *i2c_dev)
ÂÂÂÂÂÂ * prevent overwriting past the end of buf
ÂÂÂÂÂÂ */
ÂÂÂÂÂ if (rx_fifo_avail > 0 && buf_remaining > 0) {
-ÂÂÂÂÂÂÂ BUG_ON(buf_remaining > 3);
+ÂÂÂÂÂÂÂ /*
+ÂÂÂÂÂÂÂÂ * buf_remaining > 3 check not needed as rx_fifo_avail == 0
+ÂÂÂÂÂÂÂÂ * when (words_to_transfer was > rx_fifo_avail) earlier
+ÂÂÂÂÂÂÂÂ * in this function.
+ÂÂÂÂÂÂÂÂ */
ÂÂÂÂÂÂÂÂÂ val = i2c_readl(i2c_dev, I2C_RX_FIFO);
ÂÂÂÂÂÂÂÂÂ val = cpu_to_le32(val);
ÂÂÂÂÂÂÂÂÂ memcpy(buf, &val, buf_remaining);
@@ -523,7 +528,15 @@ static int tegra_i2c_empty_rx_fifo(struct tegra_i2c_dev *i2c_dev)
ÂÂÂÂÂÂÂÂÂ rx_fifo_avail--;
ÂÂÂÂÂ }
 - BUG_ON(rx_fifo_avail > 0 && buf_remaining > 0);
+ÂÂÂ if ((!(i2c_dev->msg_buf_remaining)) &&

The RX FIFO shall be drained completely no matter what.

Hence why the "i2c_dev->msg_buf_remaining" checking is needed here?
I moved the part of below condition in Patch V6 to function tegra_i2c_empty_rx_fifo:

+ÂÂÂÂÂÂÂÂÂÂÂ err_val = tegra_i2c_empty_rx_fifo(i2c_dev);
+ÂÂÂÂÂÂÂÂÂÂÂ if ((!(i2c_dev->msg_buf_remaining)) &&

Let's move this check into tegra_i2c_empty_rx_fifo() and return -EINVAL for that case.
This will make code to look cleaner.

Is above condition not needed?

Let's put it at the very beginning. This may give a bit more information about the
problem by knowing if the offending overflow happens after or during of the buffer's
fill up.

static int tegra_i2c_empty_rx_fifo(struct tegra_i2c_dev *i2c_dev)
{
u32 val;
int rx_fifo_avail;
u8 *buf = i2c_dev->msg_buf;
size_t buf_remaining = i2c_dev->msg_buf_remaining;
int words_to_transfer;

if (WARN_ON(!i2c_dev->msg_buf_remaining))
return -EINVAL;
...

OK

In general, the original logic should be preserved during of refactoring. In this case
we are keeping the original check and then also making it a bit more informative.

I feel the msg_buf_remaining check was not there in original code. The corresponding line was probably the following checking for error when (buf_remaining > 0) after all work in the function tegra_i2c_empty_rx_fifo()

https://elixir.bootlin.com/linux/v5.2-rc5/source/drivers/i2c/busses/i2c-tegra.c#L536





Secondly, in the future please don't add parens where they are not needed. In this
case parens around !i2c_dev->msg_buf_remaining are not needed at all.

I shall look out for similar unnecessary parentheses and update the patch.

Yes, please clean up all the occurrences in the code if there are any. And please do
it in a separate patch.

I reviewed the source for unnecessary parentheses and do not find any. Hence not planning to push any patch. Let me know if I missed a case.

-Thanks,
Bitan