[RFC][CFT] signal handling fixes

[RFC][CFT] signal handling fixes

[Al Viro]

	Back in 2012 or so I'd found a bunch of fun issues with multiple
pending signals on a lot of architectures.  m68k looked scarier than
usual (due to the combination of variable-sized exception frames with the
way kernel stack pointer is handled by the hardware), but I'd convinced
myself that it had been correct.

	Unfortunately, I was wrong - handling of multiple pending signals
does *not* work correctly there.

	Some background: wrt exception stack frames m68k variants fall
into 3 groups -
	1) 68000 and near relatives (all non-MMU): push 32bit PC, then
push 16bit SR.
	2) everything later than that, except for coldfire: push a
variable amount of auxillary data (used for insn restart, among other
things), then 16bit value encoding the format (upper 4 bits) and vector
(lower 12), then same as for (1) - 32bit PC and 16bit SR.  Size of
variable part depends upon the frame type (upper 4 bits of frame/vector
word).	Note that CPU32 falls into that group, even though it's non-MMU.
	3) coldfire (both MMU and non-MMU): push 32bit PC, then 16bit SR,
then 16bit word superficially similar to format/vector combination on (2).

	Handling of (2) is complicated, since we need the right frame
type when we go from kernel to userland.  In particular, we want format 0
(8-byte) for entering a signal handler, no matter how did we enter the
kernel when we caught the signal.  Conversely, when we return from signal
handler, we have format 0 on kernel entry (sigreturn(2) is a syscall) and
we need whatever frame we used to have back when we'd caught the signal.

	The monumentally unpleasant part is that we *must* leave the
kernel mode with the same value of kernel stack pointer we had on entry.
Crossing from user to kernel mode does not set the kernel stack pointer
to known value - its value is kept since the last time we'd left the
kernel mode.

	The sigreturn part is ugly as hell.  Signal delivery avoids
quite that level of nastiness by the following trick: there's an int
(stkadj, initially 0) between the exception frame and the rest of pt_regs.
On the way back from exception we pop the registers, then add stkadj +
4 to stack pointer before doing RTE.  Normally stkadj remains zero;
if we need to shrink the exception stack frame, we put the minimal one
over the aux data and store the offset into stkadj.  When on the way out
we pop our way through the registers, we'll end up with stack pointer
pointing to stkadj (4 bytes below the original exception stack frame)
and once we add 4 + stkadj to stack pointer, we have the minimal exception
stack frame on top of stack and RTE does the right thing.

	The problem with that trick is that exception stack frame in
pt_regs is no longer valid; in the best case regs->format will match
the original exception stack frame format and in the worst case it'll
be overwritten by bits 31..28 of signal handler address (if aux data
used to be 4 bytes long).

	ptrace get_regs()/set_regs() takes that effect into account when
accessing PC and SR; unfortunately, setup_frame() and setup_rt_frame()
do not.  That's not a problem for the first signal - ->stkadj is still
0 at that point.  However, if we end up building multiple sigframes,
we might get screwed.  Not hard to fix, thankfully...

	Another bug is on the sigreturn side of things, and that one is
my fault - in bd6f56a75bb2 ("m68k: Missing syscall_trace() on sigreturn")
I'd missed the fact that we'd just relocated pt_regs, without having
updated ->thread.esp0.

	These two are, IMO, -stable fodder.  The third one isn't -
it cleans sigreturn, hopefully making it less convoluted.  Instead of
doing unnatural things to C stack frames, call chain, etc. we let the
asm wrapper of {rt_,}sigreturn(2) do the following:
	reserve a gap on stack, sufficiently large to hold any aux data
	then call the C side of things, passing pt_regs and switch_stack
pointers to it, same as we do now if C part decides to insert aux data,
	it can simply use memmove
to shift switch_stack + pt_regs and memcpy whatever's needed into the
created gap.  Then we can return without any kind of magic - the C part
of stack is intact.  Just return the new location of switch_stack +
pt_regs to the (asm) caller, so it could set stack pointer to it.

	The series is on top of 5.14-rc1; it lives in
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #untested.m68k
Individual patches in followups...

	_Very_ lightly tested on aranym; no real hardware to test it on.
Any help with review and testing would be very welcome.

PS:  FWIW, ifdefs in arch/m68k/kernel/signal.c are wrong - it's not !MMU
vs. coldfire/MMU vs. classic/MMU.  It's actually 68000 vs. coldfire vs.
everything else.  These days it's nearly correct, but only because on MMU
variants of coldfire we never see exception stack frames with type other
than 4 - it's controlled by alignment of kernel stack pointer on those,
and it's under the kernel control, so it's always 32bit-aligned.  It used
to be more serious back when we had 68360 support - that's !MMU and exception
stack frames are like those on 68020, unless I'm misreading their manual...

[PATCH 1/3] m68k: handle arrivals of multiple signals correctly

[Al Viro]

When we have several pending signals, have entered with the kernel
with large exception frame *and* have already built at least one
sigframe, regs->stkadj is going to be non-zero and regs->format/sr/pc
are going to be junk - the real values are in shifted exception stack
frame we'd built when putting together the first sigframe.

If that happens, subsequent sigframes are going to be garbage.
Not hard to fix - just need to find the "adjusted" frame first
and look for format/vector/sr/pc in it.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
 arch/m68k/kernel/signal.c | 88 ++++++++++++++++++++++-------------------------
 1 file changed, 42 insertions(+), 46 deletions(-)

diff --git a/arch/m68k/kernel/signal.c b/arch/m68k/kernel/signal.c
index 8f215e79e70e..cd11eb101eac 100644
--- a/arch/m68k/kernel/signal.c
+++ b/arch/m68k/kernel/signal.c
@@ -447,7 +447,7 @@ static inline void save_fpu_state(struct sigcontext *sc, struct pt_regs *regs)
 
 	if (CPU_IS_060 ? sc->sc_fpstate[2] : sc->sc_fpstate[0]) {
 		fpu_version = sc->sc_fpstate[0];
-		if (CPU_IS_020_OR_030 &&
+		if (CPU_IS_020_OR_030 && !regs->stkadj &&
 		    regs->vector >= (VEC_FPBRUC * 4) &&
 		    regs->vector <= (VEC_FPNAN * 4)) {
 			/* Clear pending exception in 68882 idle frame */
@@ -510,7 +510,7 @@ static inline int rt_save_fpu_state(struct ucontext __user *uc, struct pt_regs *
 		if (!(CPU_IS_060 || CPU_IS_COLDFIRE))
 			context_size = fpstate[1];
 		fpu_version = fpstate[0];
-		if (CPU_IS_020_OR_030 &&
+		if (CPU_IS_020_OR_030 && !regs->stkadj &&
 		    regs->vector >= (VEC_FPBRUC * 4) &&
 		    regs->vector <= (VEC_FPNAN * 4)) {
 			/* Clear pending exception in 68882 idle frame */
@@ -832,18 +832,24 @@ asmlinkage int do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
 	return 0;
 }
 
+static inline struct pt_regs *rte_regs(struct pt_regs *regs)
+{
+	return (void *)regs + regs->stkadj;
+}
+
 static void setup_sigcontext(struct sigcontext *sc, struct pt_regs *regs,
 			     unsigned long mask)
 {
+	struct pt_regs *tregs = rte_regs(regs);
 	sc->sc_mask = mask;
 	sc->sc_usp = rdusp();
 	sc->sc_d0 = regs->d0;
 	sc->sc_d1 = regs->d1;
 	sc->sc_a0 = regs->a0;
 	sc->sc_a1 = regs->a1;
-	sc->sc_sr = regs->sr;
-	sc->sc_pc = regs->pc;
-	sc->sc_formatvec = regs->format << 12 | regs->vector;
+	sc->sc_sr = tregs->sr;
+	sc->sc_pc = tregs->pc;
+	sc->sc_formatvec = tregs->format << 12 | tregs->vector;
 	save_a5_state(sc, regs);
 	save_fpu_state(sc, regs);
 }
@@ -851,6 +857,7 @@ static void setup_sigcontext(struct sigcontext *sc, struct pt_regs *regs,
 static inline int rt_setup_ucontext(struct ucontext __user *uc, struct pt_regs *regs)
 {
 	struct switch_stack *sw = (struct switch_stack *)regs - 1;
+	struct pt_regs *tregs = rte_regs(regs);
 	greg_t __user *gregs = uc->uc_mcontext.gregs;
 	int err = 0;
 
@@ -871,9 +878,9 @@ static inline int rt_setup_ucontext(struct ucontext __user *uc, struct pt_regs *
 	err |= __put_user(sw->a5, &gregs[13]);
 	err |= __put_user(sw->a6, &gregs[14]);
 	err |= __put_user(rdusp(), &gregs[15]);
-	err |= __put_user(regs->pc, &gregs[16]);
-	err |= __put_user(regs->sr, &gregs[17]);
-	err |= __put_user((regs->format << 12) | regs->vector, &uc->uc_formatvec);
+	err |= __put_user(tregs->pc, &gregs[16]);
+	err |= __put_user(tregs->sr, &gregs[17]);
+	err |= __put_user((tregs->format << 12) | tregs->vector, &uc->uc_formatvec);
 	err |= rt_save_fpu_state(uc, regs);
 	return err;
 }
@@ -890,13 +897,14 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set,
 			struct pt_regs *regs)
 {
 	struct sigframe __user *frame;
-	int fsize = frame_extra_sizes(regs->format);
+	struct pt_regs *tregs = rte_regs(regs);
+	int fsize = frame_extra_sizes(tregs->format);
 	struct sigcontext context;
 	int err = 0, sig = ksig->sig;
 
 	if (fsize < 0) {
 		pr_debug("setup_frame: Unknown frame format %#x\n",
-			 regs->format);
+			 tregs->format);
 		return -EFAULT;
 	}
 
@@ -907,7 +915,7 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set,
 
 	err |= __put_user(sig, &frame->sig);
 
-	err |= __put_user(regs->vector, &frame->code);
+	err |= __put_user(tregs->vector, &frame->code);
 	err |= __put_user(&frame->sc, &frame->psc);
 
 	if (_NSIG_WORDS > 1)
@@ -934,33 +942,27 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set,
 	push_cache ((unsigned long) &frame->retcode);
 
 	/*
-	 * Set up registers for signal handler.  All the state we are about
-	 * to destroy is successfully copied to sigframe.
-	 */
-	wrusp ((unsigned long) frame);
-	regs->pc = (unsigned long) ksig->ka.sa.sa_handler;
-	adjustformat(regs);
-
-	/*
 	 * This is subtle; if we build more than one sigframe, all but the
 	 * first one will see frame format 0 and have fsize == 0, so we won't
 	 * screw stkadj.
 	 */
-	if (fsize)
+	if (fsize) {
 		regs->stkadj = fsize;
-
-	/* Prepare to skip over the extra stuff in the exception frame.  */
-	if (regs->stkadj) {
-		struct pt_regs *tregs =
-			(struct pt_regs *)((ulong)regs + regs->stkadj);
+		tregs = rte_regs(regs);
 		pr_debug("Performing stackadjust=%04lx\n", regs->stkadj);
-		/* This must be copied with decreasing addresses to
-                   handle overlaps.  */
 		tregs->vector = 0;
 		tregs->format = 0;
-		tregs->pc = regs->pc;
 		tregs->sr = regs->sr;
 	}
+
+	/*
+	 * Set up registers for signal handler.  All the state we are about
+	 * to destroy is successfully copied to sigframe.
+	 */
+	wrusp ((unsigned long) frame);
+	tregs->pc = (unsigned long) ksig->ka.sa.sa_handler;
+	adjustformat(regs);
+
 	return 0;
 }
 
@@ -968,7 +970,8 @@ static int setup_rt_frame(struct ksignal *ksig, sigset_t *set,
 			   struct pt_regs *regs)
 {
 	struct rt_sigframe __user *frame;
-	int fsize = frame_extra_sizes(regs->format);
+	struct pt_regs *tregs = rte_regs(regs);
+	int fsize = frame_extra_sizes(tregs->format);
 	int err = 0, sig = ksig->sig;
 
 	if (fsize < 0) {
@@ -1019,33 +1022,26 @@ static int setup_rt_frame(struct ksignal *ksig, sigset_t *set,
 	push_cache ((unsigned long) &frame->retcode);
 
 	/*
-	 * Set up registers for signal handler.  All the state we are about
-	 * to destroy is successfully copied to sigframe.
-	 */
-	wrusp ((unsigned long) frame);
-	regs->pc = (unsigned long) ksig->ka.sa.sa_handler;
-	adjustformat(regs);
-
-	/*
 	 * This is subtle; if we build more than one sigframe, all but the
 	 * first one will see frame format 0 and have fsize == 0, so we won't
 	 * screw stkadj.
 	 */
-	if (fsize)
+	if (fsize) {
 		regs->stkadj = fsize;
-
-	/* Prepare to skip over the extra stuff in the exception frame.  */
-	if (regs->stkadj) {
-		struct pt_regs *tregs =
-			(struct pt_regs *)((ulong)regs + regs->stkadj);
+		tregs = rte_regs(regs);
 		pr_debug("Performing stackadjust=%04lx\n", regs->stkadj);
-		/* This must be copied with decreasing addresses to
-                   handle overlaps.  */
 		tregs->vector = 0;
 		tregs->format = 0;
-		tregs->pc = regs->pc;
 		tregs->sr = regs->sr;
 	}
+
+	/*
+	 * Set up registers for signal handler.  All the state we are about
+	 * to destroy is successfully copied to sigframe.
+	 */
+	wrusp ((unsigned long) frame);
+	tregs->pc = (unsigned long) ksig->ka.sa.sa_handler;
+	adjustformat(regs);
 	return 0;
 }
 
-- 
2.11.0

[PATCH 2/3] m68k: update ->thread.esp0 before calling syscall_trace() in ret_from_signal

[Al Viro]

We get there when sigreturn has performed obscene acts on kernel stack;
in particular, the location of pt_regs has shifted.  We are about to call
syscall_trace(), which might stop for tracer.  If that happens, we'd better
have task_pt_regs() returning correct result...

Fucked-up-by: Al Viro <viro@zeniv.linux.org.uk>
Fixes: bd6f56a75bb2 ("m68k: Missing syscall_trace() on sigreturn")
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
 arch/m68k/kernel/entry.S | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/m68k/kernel/entry.S b/arch/m68k/kernel/entry.S
index 9dd76fbb7c6b..ff9e842cec0f 100644
--- a/arch/m68k/kernel/entry.S
+++ b/arch/m68k/kernel/entry.S
@@ -186,6 +186,8 @@ ENTRY(ret_from_signal)
 	movel	%curptr@(TASK_STACK),%a1
 	tstb	%a1@(TINFO_FLAGS+2)
 	jge	1f
+	lea	%sp@(SWITCH_STACK_SIZE),%a1
+	movel	%a1,%curptr@(TASK_THREAD+THREAD_ESP0)
 	jbsr	syscall_trace
 1:	RESTORE_SWITCH_STACK
 	addql	#4,%sp
-- 
2.11.0

[PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Al Viro]

sigreturn has to deal with an unpleasant problem - exception stack frames
have different sizes, depending upon the exception (and processor model, as
well) and variable-sized part of exception frame may contain information
needed for instruction restart.  So when signal handler terminates and calls
sigreturn to resume the execution at the place where we'd been when we caught
the signal, it has to rearrange the frame at the bottom of kernel stack.
Worse, it might need to open a gap in the kernel stack, shifting pt_regs
towards lower addresses.

Doing that from C is insane - we'd need to shift stack frames (return addresses,
local variables, etc.) of C call chain, right under the nose of compiler and
hope it won't fall apart horribly.  What had been actually done is only slightly
less insane - an inline asm in mangle_kernel_stack() moved the stuff around,
then reset stack pointer and jumped to label in asm glue.

However, we can avoid all that mess if the asm wrapper we have to use anyway
would reserve some space on the stack between switch_stack and the C stack
frame of do_{rt_,}sigreturn().   Then C part can simply memmove() pt_regs +
switch_stack, memcpy() the variable part of exception frame into the opened
gap - all of that without inline asm, buggering C call chain, magical jumps
to asm labels, etc.

Asm wrapper would need to know where the moved switch_stack has ended up -
it might have been shifted into the gap we'd reserved before do_rt_sigreturn()
call.  That's where it needs to set the stack pointer to.  So let the C part
return just that and be done with that.

While we are at it, the call of berr_040cleanup() we need to do when
returning via 68040 bus error exception frame can be moved into C part
as well.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
 arch/m68k/68000/entry.S       |   3 --
 arch/m68k/coldfire/entry.S    |   3 --
 arch/m68k/include/asm/traps.h |   4 ++
 arch/m68k/kernel/entry.S      |  55 ++++++++++-----------
 arch/m68k/kernel/signal.c     | 111 ++++++++++++++++--------------------------
 5 files changed, 71 insertions(+), 105 deletions(-)

diff --git a/arch/m68k/68000/entry.S b/arch/m68k/68000/entry.S
index 259b3661b614..cce465e850fe 100644
--- a/arch/m68k/68000/entry.S
+++ b/arch/m68k/68000/entry.S
@@ -25,7 +25,6 @@
 .globl system_call
 .globl resume
 .globl ret_from_exception
-.globl ret_from_signal
 .globl sys_call_table
 .globl bad_interrupt
 .globl inthandler1
@@ -59,8 +58,6 @@ do_trace:
 	subql	#4,%sp			/* dummy return address */
 	SAVE_SWITCH_STACK
 	jbsr	syscall_trace_leave
-
-ret_from_signal:
 	RESTORE_SWITCH_STACK
 	addql	#4,%sp
 	jra	ret_from_exception
diff --git a/arch/m68k/coldfire/entry.S b/arch/m68k/coldfire/entry.S
index d43a02795a4a..68adb7b5b296 100644
--- a/arch/m68k/coldfire/entry.S
+++ b/arch/m68k/coldfire/entry.S
@@ -51,7 +51,6 @@ sw_usp:
 .globl system_call
 .globl resume
 .globl ret_from_exception
-.globl ret_from_signal
 .globl sys_call_table
 .globl inthandler
 
@@ -98,8 +97,6 @@ ENTRY(system_call)
 	subql	#4,%sp			/* dummy return address */
 	SAVE_SWITCH_STACK
 	jbsr	syscall_trace_leave
-
-ret_from_signal:
 	RESTORE_SWITCH_STACK
 	addql	#4,%sp
 
diff --git a/arch/m68k/include/asm/traps.h b/arch/m68k/include/asm/traps.h
index 4aff3358fbaf..a9d5c1c870d3 100644
--- a/arch/m68k/include/asm/traps.h
+++ b/arch/m68k/include/asm/traps.h
@@ -267,6 +267,10 @@ struct frame {
     } un;
 };
 
+#ifdef CONFIG_M68040
+asmlinkage void berr_040cleanup(struct frame *fp);
+#endif
+
 #endif /* __ASSEMBLY__ */
 
 #endif /* _M68K_TRAPS_H */
diff --git a/arch/m68k/kernel/entry.S b/arch/m68k/kernel/entry.S
index ff9e842cec0f..8fa9822b5922 100644
--- a/arch/m68k/kernel/entry.S
+++ b/arch/m68k/kernel/entry.S
@@ -78,20 +78,38 @@ ENTRY(__sys_clone3)
 
 ENTRY(sys_sigreturn)
 	SAVE_SWITCH_STACK
-	movel	%sp,%sp@-		  | switch_stack pointer
-	pea	%sp@(SWITCH_STACK_SIZE+4) | pt_regs pointer
+	movel	%sp,%a1			  	| switch_stack pointer
+	lea	%sp@(SWITCH_STACK_SIZE),%a0	| pt_regs pointer
+	lea     %sp@(-84),%sp			| leave a gap
+	movel	%a1,%sp@-
+	movel	%a0,%sp@-
 	jbsr	do_sigreturn
-	addql	#8,%sp
-	RESTORE_SWITCH_STACK
-	rts
+	jra	1f				| shared with rt_sigreturn()
 
 ENTRY(sys_rt_sigreturn)
 	SAVE_SWITCH_STACK
-	movel	%sp,%sp@-		  | switch_stack pointer
-	pea	%sp@(SWITCH_STACK_SIZE+4) | pt_regs pointer
+	movel	%sp,%a1			  	| switch_stack pointer
+	lea	%sp@(SWITCH_STACK_SIZE),%a0	| pt_regs pointer
+	lea     %sp@(-84),%sp			| leave a gap
+	movel	%a1,%sp@-
+	movel	%a0,%sp@-
+	| stack contents:
+	|   [original pt_regs address] [original switch_stack address]
+	|   [gap] [switch_stack] [pt_regs] [exception frame]
 	jbsr	do_rt_sigreturn
-	addql	#8,%sp
+
+1:
+	| stack contents now:
+	|   [original pt_regs address] [original switch_stack address]
+	|   [unused part of the gap] [moved switch_stack] [moved pt_regs]
+	|   [replacement exception frame]
+	| return value of do_{rt_,}sigreturn() points to moved switch_stack.
+
+	movel	%d0,%sp				| discard the leftover junk
 	RESTORE_SWITCH_STACK
+	| stack contents now is just [syscall return address] [pt_regs] [frame]
+	| return pt_regs.d0
+	movel	%sp@(PT_OFF_D0+4),%d0
 	rts
 
 ENTRY(buserr)
@@ -182,27 +200,6 @@ do_trace_exit:
 	addql	#4,%sp
 	jra	.Lret_from_exception
 
-ENTRY(ret_from_signal)
-	movel	%curptr@(TASK_STACK),%a1
-	tstb	%a1@(TINFO_FLAGS+2)
-	jge	1f
-	lea	%sp@(SWITCH_STACK_SIZE),%a1
-	movel	%a1,%curptr@(TASK_THREAD+THREAD_ESP0)
-	jbsr	syscall_trace
-1:	RESTORE_SWITCH_STACK
-	addql	#4,%sp
-/* on 68040 complete pending writebacks if any */
-#ifdef CONFIG_M68040
-	bfextu	%sp@(PT_OFF_FORMATVEC){#0,#4},%d0
-	subql	#7,%d0				| bus error frame ?
-	jbne	1f
-	movel	%sp,%sp@-
-	jbsr	berr_040cleanup
-	addql	#4,%sp
-1:
-#endif
-	jra	.Lret_from_exception
-
 ENTRY(system_call)
 	SAVE_ALL_SYS
 
diff --git a/arch/m68k/kernel/signal.c b/arch/m68k/kernel/signal.c
index cd11eb101eac..338817d0cb3f 100644
--- a/arch/m68k/kernel/signal.c
+++ b/arch/m68k/kernel/signal.c
@@ -641,56 +641,35 @@ static inline void siginfo_build_tests(void)
 static int mangle_kernel_stack(struct pt_regs *regs, int formatvec,
 			       void __user *fp)
 {
-	int fsize = frame_extra_sizes(formatvec >> 12);
-	if (fsize < 0) {
+	int extra = frame_extra_sizes(formatvec >> 12);
+	char buf[sizeof_field(struct frame, un)];
+
+	if (extra < 0) {
 		/*
 		 * user process trying to return with weird frame format
 		 */
 		pr_debug("user process returning with weird frame format\n");
-		return 1;
+		return -1;
 	}
-	if (!fsize) {
-		regs->format = formatvec >> 12;
-		regs->vector = formatvec & 0xfff;
-	} else {
-		struct switch_stack *sw = (struct switch_stack *)regs - 1;
-		/* yes, twice as much as max(sizeof(frame.un.fmt<x>)) */
-		unsigned long buf[sizeof_field(struct frame, un) / 2];
-
-		/* that'll make sure that expansion won't crap over data */
-		if (copy_from_user(buf + fsize / 4, fp, fsize))
-			return 1;
-
-		/* point of no return */
-		regs->format = formatvec >> 12;
-		regs->vector = formatvec & 0xfff;
-#define frame_offset (sizeof(struct pt_regs)+sizeof(struct switch_stack))
-		__asm__ __volatile__ (
-#ifdef CONFIG_COLDFIRE
-			 "   movel %0,%/sp\n\t"
-			 "   bra ret_from_signal\n"
-#else
-			 "   movel %0,%/a0\n\t"
-			 "   subl %1,%/a0\n\t"     /* make room on stack */
-			 "   movel %/a0,%/sp\n\t"  /* set stack pointer */
-			 /* move switch_stack and pt_regs */
-			 "1: movel %0@+,%/a0@+\n\t"
-			 "   dbra %2,1b\n\t"
-			 "   lea %/sp@(%c3),%/a0\n\t" /* add offset of fmt */
-			 "   lsrl  #2,%1\n\t"
-			 "   subql #1,%1\n\t"
-			 /* copy to the gap we'd made */
-			 "2: movel %4@+,%/a0@+\n\t"
-			 "   dbra %1,2b\n\t"
-			 "   bral ret_from_signal\n"
+	if (extra && copy_from_user(buf, fp, extra))
+		return -1;
+	regs->format = formatvec >> 12;
+	regs->vector = formatvec & 0xfff;
+	if (extra) {
+		void *p = (struct switch_stack *)regs - 1;
+		struct frame *new = (void *)regs - extra;
+		int size = sizeof(struct pt_regs)+sizeof(struct switch_stack);
+
+		memmove(p - extra, p, size);
+		memcpy(p - extra + size, buf, extra);
+		current->thread.esp0 = (unsigned long)&new->ptregs;
+#ifdef CONFIG_M68040
+		/* on 68040 complete pending writebacks if any */
+		if (new->ptregs.format == 7) // bus error frame
+			berr_040cleanup(new);
 #endif
-			 : /* no outputs, it doesn't ever return */
-			 : "a" (sw), "d" (fsize), "d" (frame_offset/4-1),
-			   "n" (frame_offset), "a" (buf + fsize/4)
-			 : "a0");
-#undef frame_offset
 	}
-	return 0;
+	return extra;
 }
 
 static inline int
@@ -698,7 +677,6 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *usc, void __u
 {
 	int formatvec;
 	struct sigcontext context;
-	int err = 0;
 
 	siginfo_build_tests();
 
@@ -707,7 +685,7 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *usc, void __u
 
 	/* get previous context */
 	if (copy_from_user(&context, usc, sizeof(context)))
-		goto badframe;
+		return -1;
 
 	/* restore passed registers */
 	regs->d0 = context.sc_d0;
@@ -720,15 +698,10 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *usc, void __u
 	wrusp(context.sc_usp);
 	formatvec = context.sc_formatvec;
 
-	err = restore_fpu_state(&context);
-
-	if (err || mangle_kernel_stack(regs, formatvec, fp))
-		goto badframe;
-
-	return 0;
+	if (restore_fpu_state(&context))
+		return -1;
 
-badframe:
-	return 1;
+	return mangle_kernel_stack(regs, formatvec, fp);
 }
 
 static inline int
@@ -745,7 +718,7 @@ rt_restore_ucontext(struct pt_regs *regs, struct switch_stack *sw,
 
 	err = __get_user(temp, &uc->uc_mcontext.version);
 	if (temp != MCONTEXT_VERSION)
-		goto badframe;
+		return -1;
 	/* restore passed registers */
 	err |= __get_user(regs->d0, &gregs[0]);
 	err |= __get_user(regs->d1, &gregs[1]);
@@ -774,22 +747,17 @@ rt_restore_ucontext(struct pt_regs *regs, struct switch_stack *sw,
 	err |= restore_altstack(&uc->uc_stack);
 
 	if (err)
-		goto badframe;
-
-	if (mangle_kernel_stack(regs, temp, &uc->uc_extra))
-		goto badframe;
+		return -1;
 
-	return 0;
-
-badframe:
-	return 1;
+	return mangle_kernel_stack(regs, temp, &uc->uc_extra);
 }
 
-asmlinkage int do_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
+asmlinkage void *do_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
 {
 	unsigned long usp = rdusp();
 	struct sigframe __user *frame = (struct sigframe __user *)(usp - 4);
 	sigset_t set;
+	int size;
 
 	if (!access_ok(frame, sizeof(*frame)))
 		goto badframe;
@@ -801,20 +769,22 @@ asmlinkage int do_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
 
 	set_current_blocked(&set);
 
-	if (restore_sigcontext(regs, &frame->sc, frame + 1))
+	size = restore_sigcontext(regs, &frame->sc, frame + 1);
+	if (size < 0)
 		goto badframe;
-	return regs->d0;
+	return (void *)sw - size;
 
 badframe:
 	force_sig(SIGSEGV);
-	return 0;
+	return sw;
 }
 
-asmlinkage int do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
+asmlinkage void *do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
 {
 	unsigned long usp = rdusp();
 	struct rt_sigframe __user *frame = (struct rt_sigframe __user *)(usp - 4);
 	sigset_t set;
+	int size;
 
 	if (!access_ok(frame, sizeof(*frame)))
 		goto badframe;
@@ -823,13 +793,14 @@ asmlinkage int do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
 
 	set_current_blocked(&set);
 
-	if (rt_restore_ucontext(regs, sw, &frame->uc))
+	size = rt_restore_ucontext(regs, sw, &frame->uc);
+	if (size < 0)
 		goto badframe;
-	return regs->d0;
+	return (void *)sw - size;
 
 badframe:
 	force_sig(SIGSEGV);
-	return 0;
+	return sw;
 }
 
 static inline struct pt_regs *rte_regs(struct pt_regs *regs)
-- 
2.11.0

Re: [RFC][CFT] signal handling fixes

[Finn Thain]

On Sun, 25 Jul 2021, Al Viro wrote:

> 
> 	The series is on top of 5.14-rc1; it lives in
> git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #untested.m68k
> Individual patches in followups...
> 
> 	_Very_ lightly tested on aranym; no real hardware to test it on.
> Any help with review and testing would be very welcome.
> 

I can test this branch on a Motorola 68040 machine I have here. Can you 
advise how to get decent code coverage? Maybe there's a package out there 
with a signal-heavy test suite? Maybe I need a break point in a signal 
handler? Or perhaps just send ^C to a process running under strace?

Re: [RFC][CFT] signal handling fixes

[Al Viro]

On Tue, Jul 27, 2021 at 08:21:52PM +1000, Finn Thain wrote:
> On Sun, 25 Jul 2021, Al Viro wrote:
> 
> > 
> > 	The series is on top of 5.14-rc1; it lives in
> > git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #untested.m68k
> > Individual patches in followups...
> > 
> > 	_Very_ lightly tested on aranym; no real hardware to test it on.
> > Any help with review and testing would be very welcome.
> > 
> 
> I can test this branch on a Motorola 68040 machine I have here. Can you 
> advise how to get decent code coverage? Maybe there's a package out there 
> with a signal-heavy test suite? Maybe I need a break point in a signal 
> handler? Or perhaps just send ^C to a process running under strace?

Generally, SIGINT is not the best insertion vector...

Set a handler of e.g. SIGALRM with sigaction(), with a couple of other signals
in sa_mask (e.g. SIGUSR1 and SIGUSR2).  With raise() on those inside the
SIGALRM handler - then they will become deliverable on return from handler.
And have SIGUSR1 and SIGUSR2 handlers print siginfo and ucontext contents
(have them set with SA_SIGINFO in sa_flags, look at the second and third
arguments of sighandler).

Use alarm(2) to arrange for SIGALRM and sit in a tight loop - that'll give you
delivery on return from interrupt.  Alternatively, raise(SIGALRM) will give
you delivery on return from trap.  And making that a SIGBUS handler instead,
mmapping a file, truncating it to 0 and dereferencing something in mmapped
area will give you delivery on return from access error trap.  Division by
zero (and insertion handler on SIGFPE) ought to give you a type 2 exception
stack frame (4 bytes of aux data, that makes shifted exception frame bugger
format and vector fields of the original).

FWIW, the third argument of handler points to
struct ucontext {
        unsigned long     uc_flags;
        struct ucontext  *uc_link;
        stack_t           uc_stack;
        struct mcontext   uc_mcontext;
        unsigned long     uc_filler[80];
        sigset_t          uc_sigmask;   /* mask last for extensibility */
};
and type/vector is stored in uc_filler[54] (216 bytes into the array), with
aux data from exception stack frame starting from uc_filler[55].

Re: [RFC][CFT] signal handling fixes

[Finn Thain]

On Tue, 27 Jul 2021, Al Viro wrote:

> On Tue, Jul 27, 2021 at 08:21:52PM +1000, Finn Thain wrote:
> > On Sun, 25 Jul 2021, Al Viro wrote:
> > 
> > > 
> > > 	The series is on top of 5.14-rc1; it lives in
> > > git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #untested.m68k
> > > Individual patches in followups...
> > > 
> > > 	_Very_ lightly tested on aranym; no real hardware to test it on.
> > > Any help with review and testing would be very welcome.
> > > 
> > 
> > I can test this branch on a Motorola 68040 machine I have here. Can you 
> > advise how to get decent code coverage? Maybe there's a package out there 
> > with a signal-heavy test suite? Maybe I need a break point in a signal 
> > handler? Or perhaps just send ^C to a process running under strace?
> 
> Generally, SIGINT is not the best insertion vector...
> 

True. I see that 'man 7 signal' says that SIGQUIT will produce a coredump. 
Would that contain anything of interest?

> Set a handler of e.g. SIGALRM with sigaction(), with a couple of other signals
> in sa_mask (e.g. SIGUSR1 and SIGUSR2).  With raise() on those inside the
> SIGALRM handler - then they will become deliverable on return from handler.
> And have SIGUSR1 and SIGUSR2 handlers print siginfo and ucontext contents
> (have them set with SA_SIGINFO in sa_flags, look at the second and third
> arguments of sighandler).
> 
> Use alarm(2) to arrange for SIGALRM and sit in a tight loop - that'll give you
> delivery on return from interrupt.  Alternatively, raise(SIGALRM) will give
> you delivery on return from trap.  And making that a SIGBUS handler instead,
> mmapping a file, truncating it to 0 and dereferencing something in mmapped
> area will give you delivery on return from access error trap.  Division by
> zero (and insertion handler on SIGFPE) ought to give you a type 2 exception
> stack frame (4 bytes of aux data, that makes shifted exception frame bugger
> format and vector fields of the original).
> 
> FWIW, the third argument of handler points to
> struct ucontext {
>         unsigned long     uc_flags;
>         struct ucontext  *uc_link;
>         stack_t           uc_stack;
>         struct mcontext   uc_mcontext;
>         unsigned long     uc_filler[80];
>         sigset_t          uc_sigmask;   /* mask last for extensibility */
> };
> and type/vector is stored in uc_filler[54] (216 bytes into the array), with
> aux data from exception stack frame starting from uc_filler[55].
> 

OK, give me a week or so and I'll see what I can come up with. 

Re: [RFC][CFT] signal handling fixes

[Finn Thain]

[-- Attachment #1: Type: text/plain, Size: 3830 bytes --]

Hi Al,

On Tue, 27 Jul 2021, Al Viro wrote:

> Set a handler of e.g. SIGALRM with sigaction(), with a couple of other 
> signals in sa_mask (e.g. SIGUSR1 and SIGUSR2).  With raise() on those 
> inside the SIGALRM handler - then they will become deliverable on return 
> from handler. And have SIGUSR1 and SIGUSR2 handlers print siginfo and 
> ucontext contents (have them set with SA_SIGINFO in sa_flags, look at 
> the second and third arguments of sighandler).
> 
> Use alarm(2) to arrange for SIGALRM and sit in a tight loop - that'll 
> give you delivery on return from interrupt.  Alternatively, 
> raise(SIGALRM) will give you delivery on return from trap.  And making 
> that a SIGBUS handler instead, mmapping a file, truncating it to 0 and 
> dereferencing something in mmapped area will give you delivery on return 
> from access error trap.  Division by zero (and insertion handler on 
> SIGFPE) ought to give you a type 2 exception stack frame (4 bytes of aux 
> data, that makes shifted exception frame bugger format and vector fields 
> of the original).
> 
> FWIW, the third argument of handler points to
> struct ucontext {
>         unsigned long     uc_flags;
>         struct ucontext  *uc_link;
>         stack_t           uc_stack;
>         struct mcontext   uc_mcontext;
>         unsigned long     uc_filler[80];
>         sigset_t          uc_sigmask;   /* mask last for extensibility */
> };
> and type/vector is stored in uc_filler[54] (216 bytes into the array), 
> with aux data from exception stack frame starting from uc_filler[55].
> 

I wrote the attached program to implement those tests. I linked it 
statically and ran it under "setarch m68k --addr-no-randomize" on three 
systems: Aranym, Qemu and Quadra 630. On each system I tested two builds, 
1) stock 5.14.0-rc4 and 2) your "untested.m68k" branch rebased onto same.

Everything appears to work normally. I didn't see differences in ucontext 
data between mainline build and patched builds, that is, after omitting 
"random" differences that always occur from one test run to the next.

(Despite my attempt to avoid random addresses, repeating any test produced 
some "random" values in uc_filler. I didn't try to find out what these 
values represent. They appear in both builds.)

Do I need to run the program under gdb or strace to see the effect of your 
changes?

BTW, I did see some differences between the Motorola 68040 and the 
emulated 68040 CPUs.

On the Motorola CPU, uc_filler[54] is 0x00000078 for the signals delivered 
on return from interrupt, but Qemu has 0x00000064 and Aranym has either 
0x00000070 or 0x00000114.

Another discrepancy is uc_filler[55..67] for the SIGBUS case:

Motorola:
000000d0    ffffffff ffffffff 00007008 effffc90    ..........p.....
000000e0    05210001 00210001 c0000000 00985fec    .!...!........_.
000000f0    0000001e 8006aeae 80000e94 0000001e    ................
00000100    00000004 00000000 00008001 574c0080    ............WL..

Aranym:
000000d0    ffffffff ffffffff 00007008 c0000000    ..........p.....
000000e0    05210000 00000000 c0000000 c0000000    .!..............
000000f0    8000817c 00000000 00000000 00000000    ...|............
00000100    00000000 00000000 00000000 00000000    ................

Qemu:
000000d0    ffffffff ffffffff 00007008 c0000000    ..........p.....
000000e0    05210000 00000000 c0000000 c0000000    .!..............
000000f0    00000000 00000000 00000000 00000000    ................
00000100    00000000 00000000 00000000 00000000    ................

The other signals don't show discrepancies in uc_filler across CPU types 
(that is, after omitting "random" values).

I wonder whether the deviation in emulator behaviour could have 
consequences. E.g. I have heard a bug report relating to gdb under 
qemu-system-m68k. Perhaps there's a connection.

[-- Attachment #2: Type: application/octet-stream, Size: 16732 bytes --]

main: raise(SIGALRM)
handler: si_signo 14, si_code  -6, si_addr 0x0000016b, uc_mcontext 000000020000000000000002effffb880000000000000008000000000000000100000000effffc088004a16cefffff628000817c000000008006a000effffdbceffffb7480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffb6c8006ae908006b28f00000000000003ffeffffb6c80049d0b8006ae9080008a8aeffffb6c8006ae900062a81ceffffc8080008a9eeffffb6c80049d0beffffc9000000000effffc08effffea0efccdc01efffff628000511eeffffc08
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x0000016b, uc_mcontext 000000020000000000000002effffb880000000000000008000000000000000100000000effffc088004a16cefffff628000817c000000008006a000effffdbceffffb7480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffb6c8006ae908006b28f00000000000003ffeffffb6c80049d0b8006ae9080008a8aeffffb6c8006ae900062a81ceffffc8080008a9eeffffb6c80049d0beffffc9000000000effffc08effffea0efccdc01efffff628000511eeffffc08
handler: si_signo 12, si_code  -6, si_addr 0x0000016b, uc_mcontext 000000020000000000000002effffb880000000000000008000000000000000100000000effffc088004a16cefffff628000817c000000008006a000effffdbceffffb7480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffb6c8006ae908006b28f00000000000003ffeffffb6c80049d0b8006ae9080008a8aeffffb6c8006ae900062a81ceffffc8080008a9eeffffb6c80049d0beffffc9000000000effffc08effffea0efccdc01efffff628000511eeffffc08
main: alarm(2)
handler: si_signo 14, si_code 128, si_addr 0x00000000, uc_mcontext 000000020000000000000002effffe98effffea0efccdc01000000030000000100000000800734808006ae9fefffff628000817c00000000c014d000effffdbceffffc9480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efccdc0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000070ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0062a81c80015736effffe98effffea0efccdc01efffff62c014d000800004428000046a000000028006ae900000000feffffc90effffdbc8000070e00000002
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x0000016b, uc_mcontext 000000020000000000000002effffe98effffea0efccdc01000000030000000100000000800734808006ae9fefffff628000817c00000000c014d000effffdbceffffc9480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efccdc0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000070ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0062a81c80015736effffe98effffea0efccdc01efffff62c014d000800004428000046a000000028006ae900000000feffffc90effffdbc8000070e00000002
handler: si_signo 12, si_code  -6, si_addr 0x0000016b, uc_mcontext 000000020000000000000002effffe98effffea0efccdc01000000030000000100000000800734808006ae9fefffff628000817c00000000c014d000effffdbceffffc9480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efccdc0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000070ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0062a81c80015736effffe98effffea0efccdc01efffff62c014d000800004428000046a000000028006ae900000000feffffc90effffdbc8000070e00000002
main: divide by zero
handler: si_signo  8, si_code   1, si_addr 0x8000074a, uc_mcontext 00000002000000150000000200000000effffea0efccdc01000000030000000100000000800734808006aea5efffff628000817c00000000c014d000effffdbceffffc948000074e000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efccdc0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006aea58006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff000020148000074affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0062a81c80015736effffe98effffea0efccdc01efffff62c014d000800004428000046a000000028006ae9000000015effffc90effffdbc8000074400000002
main: read pointer 0xc0000000
handler: si_signo  7, si_code   2, si_addr 0xc0000000, uc_mcontext 000000020000001e0000000200000001effffea0efccdc01000000030000000100000000c00000008006aeaeefffff628000817c00000000c014d000effffdbceffffc94800007fa000000010000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000001effffea0efccdc0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006aeae8006b28f8006ae908006b28f00000000000000000000000000000000000000000000000000000000000000000000a2f8000000008006a0008002478080024802ffffffff000000008002486600000001ffffffffefccdc01000000030000000100000000efffff628000817c00000000c014d000effffdbc00000003800632e60000000000000000000000c2000000030000001a1a8f26cbffffffffffffffffffffffff00007008c00000000521000000000000c0000000c00000008000817c00000000000000000000000000000000000000000000000000000000efffff62c014d000800004428000046a000000028006ae900000001eeffffc8ceffffdbc800007f20000000280049d41
[    0.000000] Linux version 5.14.0-rc4-multi-00003-g420aec9e726e (fthain@nippy) (m68k-linux-gnu-gcc (btc) 6.4.0, GNU ld (btc) 2.28) #1 Sun Aug 8 11:25:50 AEST 2021
[    0.000000] Saving 222 bytes of bootinfo
[    0.000000] printk: console [debug0] enabled
[    0.000000] printk: debug: ignoring loglevel setting.
[    0.000000] Atari hardware found: VIDEL STDMA-SCSI ST_MFP YM2149 PCM CODEC DSP56K SCC ANALOG_JOY BLITTER IDE TT_CLK FDC_SPEED
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x0000008fffffffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x0000000000dfffff]
[    0.000000]   node   0: [mem 0x0000000001000000-0x0000000008ffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000008ffffff]
[    0.000000] NatFeats found (ARAnyM, 1.0)
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0 
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 36028
[    0.000000] Kernel command line: debug=par console=tty0 ignore_loglevel initcall_blacklist=ide_falcon_driver_init,nfhd_init ro init=/start.sh root=/dev/sda6 BOOT_IMAGE=vmlinux
[    0.000000] blacklisting initcall ide_falcon_driver_init
[    0.000000] blacklisting initcall nfhd_init
[    0.000000] Unknown command line parameters: initcall_blacklist=ide_falcon_driver_init BOOT_IMAGE=vmlinux
[    0.000000] Dentry cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.000000] Inode-cache hash table entries: 16384 (order: 4, 65536 bytes, linear)
[    0.000000] Sorting __ex_table...
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 136960K/145408K available (4145K kernel code, 527K rwdata, 892K rodata, 148K init, 171K bss, 8448K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] NR_IRQS: 200
[    0.000000] clocksource: mfp: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 77769386670404 ns
[    0.000000] Console: colour dummy device 80x25
[    0.000000] printk: console [tty0] enabled
[    0.000000] Calibrating delay loop... 113.04 BogoMIPS (lpj=565248)
[    0.100000] pid_max: default: 32768 minimum: 301
[    0.100000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.100000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.110000] devtmpfs: initialized
[    0.120000] random: get_random_u32 called from bucket_table_alloc.isra.30+0x70/0x1a6 with crng_init=0
[    0.120000] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.120000] futex hash table entries: 256 (order: -1, 3072 bytes, linear)
[    0.130000] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.130000] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.130000] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.190000] wait_for_initramfs() called before rootfs_initcalls
[    0.290000] SCSI subsystem initialized
[    0.290000] libata version 3.00 loaded.
[    0.300000] clocksource: Switched to clocksource mfp
[    0.430000] NET: Registered PF_INET protocol family
[    0.430000] IP idents hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    0.440000] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear)
[    0.440000] TCP established hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    0.440000] TCP bind hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    0.440000] TCP: Hash tables configured (established 2048 bind 2048)
[    0.440000] UDP hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.440000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.450000] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    0.460000] RPC: Registered named UNIX socket transport module.
[    0.460000] RPC: Registered udp transport module.
[    0.460000] RPC: Registered tcp transport module.
[    0.460000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    0.460000] initcall nfhd_init blacklisted
[    0.460000] nfeth: API 5
[    0.470000] workingset: timestamp_bits=30 max_order=16 bucket_order=0
[    0.590000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 252)
[    0.600000] atafb atafb: phys_screen_base 708000 screen_len 311296
[    0.600000] atafb atafb: Determined 640x480, depth 4
[    0.600000] atafb atafb:    virtual 640x972
[    0.610000] Console: switching to colour frame buffer device 80x30
[    0.620000] fb0: frame buffer device, using 304K of video memory
[    0.630000] pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@kernel.crashing.org>)
[    0.630000] Non-volatile memory driver v1.3
[    0.660000] brd: module loaded
[    0.940000] scsi host0: Atari native SCSI, irq 15, io_port 0x0, base 0x0, can_queue 1, cmd_per_lun 2, sg_tablesize 1, this_id 7, flags { }
[    1.910000] random: fast init done
[    2.740000] atari-falcon-ide atari-falcon-ide: Atari Falcon and Q40/Q60 PATA controller
[    2.780000] scsi host1: pata_falcon
[    2.790000] ata1: PATA max PIO4 cmd 0xfff00000 ctl 0xfff00038 no IRQ, using PIO polling
[    2.830000] aoe: AoE v85 initialised.
[    2.850000] mousedev: PS/2 mouse device common for all mice
[    3.110000] input: Atari Keyboard as /devices/virtual/input/input0
[    3.120000] ata1.00: ATA-2: master, , max PIO2
[    3.140000] ata1.00: 7841232 sectors, multi 0: LBA 
[    3.160000] ata1.01: ATA-2: slave, , max PIO2
[    3.180000] ata1.01: 322560 sectors, multi 0: LBA 
[    3.200000] ata1.00: configured for PIO
[    3.220000] ata1.01: configured for PIO
[    3.230000] scsi 1:0:0:0: Direct-Access     ATA      master           n/a  PQ: 0 ANSI: 5
[    3.260000] sd 1:0:0:0: Attached scsi generic sg0 type 0
[    3.280000] sd 1:0:0:0: [sda] 7841232 512-byte logical blocks: (4.01 GB/3.74 GiB)
[    3.300000] sd 1:0:0:0: [sda] Write Protect is off
[    3.330000] sd 1:0:0:0: [sda] Mode Sense: 00 3a 00 00
[    3.340000] scsi 1:0:1:0: Direct-Access     ATA      slave            n/a  PQ: 0 ANSI: 5
[    3.370000] sd 1:0:1:0: [sdb] 322560 512-byte logical blocks: (165 MB/158 MiB)
[    3.390000] sd 1:0:1:0: Attached scsi generic sg1 type 0
[    3.410000] sd 1:0:1:0: [sdb] Write Protect is off
[    3.430000] sd 1:0:1:0: [sdb] Mode Sense: 00 3a 00 00
[    3.450000] sd 1:0:1:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[    3.490000] sd 1:0:0:0: [sda] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[    3.550000] sd 1:0:1:0: [sdb] Attached SCSI disk
[    3.570000]  sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7
[    3.620000] sd 1:0:0:0: [sda] Attached SCSI disk
[    3.710000] rtc-generic rtc-generic: registered as rtc0
[    3.720000] NET: Registered PF_PACKET protocol family
[    3.760000] EXT4-fs (sda6): mounting ext2 file system using the ext4 subsystem
[    3.820000] EXT4-fs (sda6): mounted filesystem without journal. Opts: (null). Quota mode: disabled.
[    3.860000] VFS: Mounted root (ext2 filesystem) readonly on device 8:6.
[    3.880000] Freeing unused kernel image (initmem) memory: 148K
[    3.890000] This architecture does not have kernel memory protection.
[    3.920000] Run /start.sh as init process
[    3.940000]   with arguments:
[    3.960000]     /start.sh
[    3.970000]   with environment:
[    4.000000]     HOME=/
[    4.020000]     TERM=linux
[    4.040000]     initcall_blacklist=ide_falcon_driver_init
[    4.050000]     BOOT_IMAGE=vmlinux
[   18.780000] random: crng init done
[   23.870000] EXT4-fs (sda6): re-mounted. Opts: (null). Quota mode: disabled.

[-- Attachment #3: Type: application/octet-stream, Size: 17702 bytes --]

main: raise(SIGALRM)
handler: si_signo 14, si_code  -6, si_addr 0x000001a0, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9f8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae90001db2a1effffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efb23d01efffff9f8000511eeffffc48
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x000001a0, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9f8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae90001db2a1effffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efb23d01efffff9f8000511eeffffc48
handler: si_signo 12, si_code  -6, si_addr 0x000001a0, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9f8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae90001db2a1effffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efb23d01efffff9f8000511eeffffc48
main: alarm(2)
handler: si_signo 14, si_code 128, si_addr 0x00000000, uc_mcontext 000000020000000000000002effffed8effffee0efb23d01000000030000000100000000800734808006ae9fefffff9f8000817c00000000c014d000effffdfceffffcd480000728000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb23d0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000078ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001db2a180015736effffed8effffee0efb23d01efffff9fc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x000001a0, uc_mcontext 000000020000000000000002effffed8effffee0efb23d01000000030000000100000000800734808006ae9fefffff9f8000817c00000000c014d000effffdfceffffcd480000728000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb23d0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000078ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001db2a180015736effffed8effffee0efb23d01efffff9fc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: si_signo 12, si_code  -6, si_addr 0x000001a0, uc_mcontext 000000020000000000000002effffed8effffee0efb23d01000000030000000100000000800734808006ae9fefffff9f8000817c00000000c014d000effffdfceffffcd480000728000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb23d0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000078ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001db2a180015736effffed8effffee0efb23d01efffff9fc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
main: divide by zero
handler: si_signo  8, si_code   1, si_addr 0x8000074a, uc_mcontext 00000002000000150000000200000000effffee0efb23d01000000030000000100000000800734808006aea5efffff9f8000817c00000000c014d000effffdfceffffcd48000074e000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb23d0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006aea58006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff000020148000074affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff001db2a180015736effffed8effffee0efb23d01efffff9fc014d000800004428000046a000000028006ae9000000015effffcd0effffdfc8000074400000002
main: read pointer 0xc0000000
handler: si_signo  7, si_code   2, si_addr 0xc0000000, uc_mcontext 000000020000001e0000000200000001effffee0efb23d01000000030000000100000000c00000008006aeaeefffff9f8000817c00000000c014d000effffdfceffffcd4800007fa000000010000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000001effffee0efb23d0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006aeae8006b28f8006ae908006b28f00000000000000000000000000000000000000000000000000000000000000000000a2f8000000008006a0008002478080024802ffffffff000000008002486600000001ffffffffefb23d01000000030000000100000000efffff9f8000817c00000000c014d000effffdfc00000003800632e60000000000000000000000c200000003000000221567db33ffffffffffffffffffffffff00007008effffc900521000100210001c000000000985fec0000001e8006aeae80000e940000001e000000040000000000008001574c0080efffff9fc014d000800004428000046a000000028006ae900000001eeffffccceffffdfc800007f20000000280049d41
[    0.000000] Linux version 5.14.0-rc4-multi-00003-g420aec9e726e (fthain@nippy) (m68k-linux-gnu-gcc (btc) 6.4.0, GNU ld (btc) 2.28) #1 Sun Aug 8 11:25:50 AEST 2021
[    0.000000] Saving 402 bytes of bootinfo
[    0.000000] Detected Macintosh model: 98
[    0.000000]  Penguin bootinfo data:
[    0.000000]  Video: addr 0xf9001000 row 0x280 depth 8 dimensions 640 x 480
[    0.000000]  Videological 0xf0001000 phys. 0xf9001000, SCC at 0x50f0c020
[    0.000000]  Boottime: 0xa4f93fab GMTBias: 0x0
[    0.000000]  Machine ID: 98 CPUid: 0x2 memory size: 0x84
[    0.000000] Apple Macintosh Quadra 630
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x00000083ffffffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x00000000083fffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x00000000083fffff]
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0 
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 33495
[    0.000000] Kernel command line: root=/dev/sda6 console=tty0 console=ttyS0 init=/start.sh
[    0.000000] Dentry cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.000000] Inode-cache hash table entries: 16384 (order: 4, 65536 bytes, linear)
[    0.000000] Sorting __ex_table...
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 127792K/135168K available (4145K kernel code, 527K rwdata, 892K rodata, 148K init, 171K bss, 7376K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] NR_IRQS: 200
[    0.000000] clocksource: via1: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 2439823894983 ns
[    0.000000] Console: colour dummy device 80x25
[    0.010000] printk: console [tty0] enabled
[    0.200000] printk: console [ttyS0] enabled
[    0.210000] Calibrating delay loop... 21.55 BogoMIPS (lpj=107776)
[    0.320000] pid_max: default: 32768 minimum: 301
[    0.340000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.360000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.410000] devtmpfs: initialized
[    0.450000] random: get_random_u32 called from bucket_table_alloc.isra.30+0x70/0x1a6 with crng_init=0
[    0.480000] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.490000] futex hash table entries: 256 (order: -1, 3072 bytes, linear)
[    0.510000] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.530000] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.540000] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.800000] wait_for_initramfs() called before rootfs_initcalls
[    1.550000] NuBus: Scanning NuBus slots.
[    1.560000] SCSI subsystem initialized
[    1.610000] libata version 3.00 loaded.
[    1.640000] clocksource: Switched to clocksource via1
[    2.490000] NET: Registered PF_INET protocol family
[    2.500000] IP idents hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    2.540000] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear)
[    2.560000] random: fast init done
[    2.560000] TCP established hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    2.570000] TCP bind hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    2.580000] TCP: Hash tables configured (established 2048 bind 2048)
[    2.590000] UDP hash table entries: 256 (order: 0, 4096 bytes, linear)
[    2.600000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes, linear)
[    2.610000] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    2.650000] RPC: Registered named UNIX socket transport module.
[    2.660000] RPC: Registered udp transport module.
[    2.670000] RPC: Registered tcp transport module.
[    2.680000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    2.740000] workingset: timestamp_bits=30 max_order=15 bucket_order=0
[    3.170000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
[    3.200000] Monitor sense value = 0x603
[    3.210000] using video mode 13 and color mode 0.
[    3.400000] Console: switching to colour frame buffer device 104x39
[    3.560000] fb0: valkyrie frame buffer device
[    3.580000] pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@kernel.crashing.org>)
[    3.590000] scc.0: ttyS0 at MMIO 0x50f0c022 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    3.610000] scc.1: ttyS1 at MMIO 0x50f0c020 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    3.650000] Non-volatile memory driver v1.3
[    3.830000] brd: module loaded
[    3.840000] Macintosh Cuda and Egret driver.
[    3.960000] mac_esp: using PDMA for controller 0
[    3.970000] mac_esp mac_esp.0: esp0: regs[(ptrval):0] irq[19]
[    3.980000] mac_esp mac_esp.0: esp0: is a ESP236, 16 MHz (ccf=4), SCSI ID 7
[    4.100000] adb device [2]: 2 0x2
[    4.110000] adb device [3]: 3 0x1
[    4.130000] ADB keyboard at 2 has handler 0x3
[    4.130000] Detected ADB keyboard, type ANSI.
[    4.140000] input: ADB keyboard as /devices/virtual/input/input0
[    4.230000] ADB mouse (standard) at 3 has handler 0x2
[    4.240000] input: ADB mouse as /devices/virtual/input/input1
[    7.040000] scsi host0: esp
[    7.090000] scsi 0:0:0:0: Direct-Access      codesrc          SCSI2SD  1.0 PQ: 0 ANSI: 2 CCS
[    7.100000] scsi target0:0:0: Beginning Domain Validation
[    7.130000] scsi target0:0:0: Ending Domain Validation
[    7.220000] scsi 0:0:3:0: CD-ROM            MATSHITA CD-ROM CR-8004   1.1f PQ: 0 ANSI: 2
[    7.230000] scsi target0:0:3: Beginning Domain Validation
[    7.270000] scsi target0:0:3: FAST-5 SCSI 2.1 MB/s ST (472 ns, offset 8)
[    7.290000] scsi target0:0:3: Domain Validation skipping write tests
[    7.300000] scsi target0:0:3: Ending Domain Validation
[    7.430000] sr 0:0:3:0: Power-on or device reset occurred
[    7.510000] sd 0:0:0:0: [sda] 4194303 512-byte logical blocks: (2.15 GB/2.00 GiB)
[    7.530000] sd 0:0:0:0: [sda] Write Protect is off
[    7.540000] sd 0:0:0:0: [sda] Mode Sense: 4b 00 00 08
[    7.550000] sd 0:0:0:0: [sda] Cache data unavailable
[    7.570000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[    7.600000] sr 0:0:3:0: [sr0] scsi-1 drive
[    7.610000] cdrom: Uniform CD-ROM driver Revision: 3.20
[    7.690000] sr 0:0:3:0: Attached scsi CD-ROM sr0
[    7.760000] sd 0:0:0:0: Attached scsi generic sg0 type 0
[    7.790000]  sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7
[    7.810000] sr 0:0:3:0: Attached scsi generic sg1 type 5
[    7.970000] scsi host1: pata_platform
[    8.000000] ata1: PATA max PIO0 mmio cmd 0x50f1a000 ctl 0x50f1a038 irq 62
[    8.020000] Onboard/comm-slot SONIC, revision 0x0004, 16 bit DMA, register offset 0
[    8.030000] SONIC ethernet @50f0a000, MAC 00:a0:40:28:41:a9, IRQ 3
[    8.160000] sd 0:0:0:0: [sda] Attached SCSI disk
[    8.230000] aoe: AoE v85 initialised.
[    8.270000] mousedev: PS/2 mouse device common for all mice
[    8.320000] rtc-generic rtc-generic: registered as rtc0
[    8.340000] NET: Registered PF_PACKET protocol family
[   10.970000] ata1.00: ATA-0: DSAA-3360, 3D1A6QA4, max MWDMA1
[   10.980000] ata1.00: 713472 sectors, multi 0: LBA 
[   10.990000] ata1.00: configured for PIO
[   11.010000] scsi 1:0:0:0: Direct-Access     ATA      DSAA-3360        6QA4 PQ: 0 ANSI: 5
[   11.070000] sd 1:0:0:0: [sdb] 713472 512-byte logical blocks: (365 MB/348 MiB)
[   11.090000] sd 1:0:0:0: Attached scsi generic sg2 type 0
[   11.110000] sd 1:0:0:0: [sdb] Write Protect is off
[   11.130000] sd 1:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[   11.140000] sd 1:0:0:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[   11.220000]  sdb: [mac] sdb1 sdb2 sdb3 sdb4 sdb5 sdb6 sdb7 sdb8
[   11.360000] sd 1:0:0:0: [sdb] Attached SCSI disk
[   11.400000] EXT4-fs (sda6): mounting ext2 file system using the ext4 subsystem
[   11.550000] EXT4-fs (sda6): mounted filesystem without journal. Opts: (null). Quota mode: disabled.
[   11.560000] VFS: Mounted root (ext2 filesystem) readonly on device 8:6.
[   11.570000] Freeing unused kernel image (initmem) memory: 148K
[   11.580000] This architecture does not have kernel memory protection.
[   11.590000] Run /start.sh as init process
[   11.600000]   with arguments:
[   11.600000]     /start.sh
[   11.600000]   with environment:
[   11.600000]     HOME=/
[   11.600000]     TERM=linux
[   23.570000] random: crng init done
[   29.240000] EXT4-fs (sda6): re-mounted. Opts: (null). Quota mode: disabled.

[-- Attachment #4: Type: application/octet-stream, Size: 17754 bytes --]

main: raise(SIGALRM)
handler: si_signo 14, si_code  -6, si_addr 0x00000183, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9b8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae9000d9b8b4effffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0effedd01efffff9b8000511eeffffc48
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x00000183, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9b8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae9000d9b8b4effffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0effedd01efffff9b8000511eeffffc48
handler: si_signo 12, si_code  -6, si_addr 0x00000183, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9b8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae9000d9b8b4effffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0effedd01efffff9b8000511eeffffc48
main: alarm(2)
handler: si_signo 14, si_code 128, si_addr 0x00000000, uc_mcontext 000000020000000000000002effffed8effffee0effedd01000000030000000100000000800734808006ae9fefffff9b8000817c00000000c014d000effffdfceffffcd480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0effedd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000064ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00d9b8b480015736effffed8effffee0effedd01efffff9bc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x00000183, uc_mcontext 000000020000000000000002effffed8effffee0effedd01000000030000000100000000800734808006ae9fefffff9b8000817c00000000c014d000effffdfceffffcd480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0effedd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000064ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00d9b8b480015736effffed8effffee0effedd01efffff9bc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: si_signo 12, si_code  -6, si_addr 0x00000183, uc_mcontext 000000020000000000000002effffed8effffee0effedd01000000030000000100000000800734808006ae9fefffff9b8000817c00000000c014d000effffdfceffffcd480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0effedd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000064ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00d9b8b480015736effffed8effffee0effedd01efffff9bc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
main: divide by zero
handler: si_signo  8, si_code   1, si_addr 0x8000074a, uc_mcontext 00000002000000150000000200000000effffee0effedd01000000030000000100000000800734808006aea5efffff9b8000817c00000000c014d000effffdfceffffcd48000074a000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0effedd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006aea58006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff000020148000074affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00d9b8b480015736effffed8effffee0effedd01efffff9bc014d000800004428000046a000000028006ae9000000015effffcd0effffdfc8000074400000002
main: read pointer 0xc0000000
handler: si_signo  7, si_code   2, si_addr 0xc0000000, uc_mcontext 000000020000001e0000000200000001effffee0effedd01000000030000000100000000c00000008006aeaeefffff9b8000817c00000000c014d000effffdfceffffcd4800007fa000000010000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000001effffee0effedd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006aeae8006b28f8006ae908006b28f00000000000000000000000000000000000000000000000000000000000000000000a2f8000000008006a0008002478080024802ffffffff000000008002486600000001ffffffffeffedd01000000030000000100000000efffff9b8000817c00000000c014d000effffdfc00000003800632e60000000000000000000000c200000003000000271a9fa4a1ffffffffffffffffffffffff00007008c00000000521000000000000c0000000c00000000000000000000000000000000000000000000000000000000000000000000000efffff9bc014d000800004428000046a000000028006ae900000001eeffffccceffffdfc800007f20000000280049d41
[    0.000000] Linux version 5.14.0-rc4-multi-00003-g420aec9e726e (fthain@nippy) (m68k-linux-gnu-gcc (btc) 6.4.0, GNU ld (btc) 2.28) #1 Sun Aug 8 11:25:50 AEST 2021
[    0.000000] Saving 172 bytes of bootinfo
[    0.000000] Detected Macintosh model: 35
[    0.000000]  Penguin bootinfo data:
[    0.000000]  Video: addr 0xf9001000 row 0x190 depth 4 dimensions 800 x 600
[    0.000000]  Videological 0x0 phys. 0x0, SCC at 0x5000c020
[    0.000000]  Boottime: 0x0 GMTBias: 0x0
[    0.000000]  Machine ID: 35 CPUid: 0x2 memory size: 0x80
[    0.000000] Apple Macintosh Quadra 800
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x0000007fffffffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x0000000007ffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000007ffffff]
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0 
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 32480
[    0.000000] Kernel command line: root=/dev/sda6 console=tty0 console=ttyS0 init=/start.sh 
[    0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes, linear)
[    0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes, linear)
[    0.000000] Sorting __ex_table...
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 123832K/131072K available (4145K kernel code, 527K rwdata, 892K rodata, 148K init, 171K bss, 7240K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] NR_IRQS: 200
[    0.000000] clocksource: via1: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 2439823894983 ns
[    0.000000] Console: colour dummy device 80x25
[    0.010000] printk: console [tty0] enabled
[    0.020000] printk: console [ttyS0] enabled
[    0.020000] Calibrating delay loop... 835.58 BogoMIPS (lpj=4177920)
[    0.060000] pid_max: default: 32768 minimum: 301
[    0.060000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.060000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.100000] devtmpfs: initialized
[    0.110000] random: get_random_u32 called from bucket_table_alloc.isra.30+0x70/0x1a6 with crng_init=0
[    0.120000] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.120000] futex hash table entries: 256 (order: -1, 3072 bytes, linear)
[    0.120000] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.130000] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.130000] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.160000] wait_for_initramfs() called before rootfs_initcalls
[    0.220000] NuBus: Scanning NuBus slots.
[    0.220000] Slot 9: Board resource not found!
[    0.220000] SCSI subsystem initialized
[    0.220000] libata version 3.00 loaded.
[    0.240000] clocksource: Switched to clocksource via1
[    0.280000] NET: Registered PF_INET protocol family
[    0.290000] IP idents hash table entries: 2048 (order: 2, 16384 bytes, linear)
[    0.290000] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear)
[    0.290000] TCP established hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.290000] TCP bind hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.290000] TCP: Hash tables configured (established 1024 bind 1024)
[    0.300000] UDP hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.300000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.300000] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    0.310000] RPC: Registered named UNIX socket transport module.
[    0.310000] RPC: Registered udp transport module.
[    0.310000] RPC: Registered tcp transport module.
[    0.310000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    0.320000] workingset: timestamp_bits=30 max_order=15 bucket_order=0
[    0.340000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
[    0.340000] macfb: framebuffer at 0xf9001000, mapped to 0x(ptrval), size 234k
[    0.340000] macfb: mode is 800x600x4, linelength=400
[    0.360000] Console: switching to colour frame buffer device 100x37
[    0.370000] fb0: DAFB frame buffer device
[    0.370000] pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@kernel.crashing.org>)
[    0.370000] scc.0: ttyS0 at MMIO 0x5000c022 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    0.380000] scc.1: ttyS1 at MMIO 0x5000c020 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    0.390000] Non-volatile memory driver v1.3
[    0.420000] brd: module loaded
[    0.420000] adb: Mac II ADB Driver v1.0 for Unified ADB
[    0.450000] adb device [2]: 2 0x1
[    0.450000] adb device [3]: 3 0x2
[    0.450000] ADB keyboard at 2 has handler 0x3
[    0.450000] Detected ADB keyboard, type ANSI.
[    0.450000] input: ADB keyboard as /devices/virtual/input/input0
[    0.460000] random: fast init done
[    0.460000] ADB mouse (standard) at 3 has handler 0x2
[    0.460000] input: ADB mouse as /devices/virtual/input/input1
[    0.460000] mac_esp: using PDMA for controller 0
[    0.470000] mac_esp mac_esp.0: esp0: regs[(ptrval):0] irq[19]
[    0.480000] mac_esp mac_esp.0: esp0: is a ESP236, 16 MHz (ccf=4), SCSI ID 7
[    3.520000] scsi host0: esp
[    3.540000] scsi 0:0:0:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[    3.550000] scsi target0:0:0: Beginning Domain Validation
[    3.560000] scsi target0:0:0: Domain Validation skipping write tests
[    3.560000] scsi target0:0:0: Ending Domain Validation
[    3.580000] scsi 0:0:1:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[    3.590000] scsi target0:0:1: Beginning Domain Validation
[    3.600000] scsi target0:0:1: Domain Validation skipping write tests
[    3.610000] scsi target0:0:1: Ending Domain Validation
[    3.620000] scsi 0:0:2:0: CD-ROM            QEMU     QEMU CD-ROM      2.5+ PQ: 0 ANSI: 5
[    3.620000] scsi target0:0:2: Beginning Domain Validation
[    3.630000] scsi target0:0:2: Domain Validation skipping write tests
[    3.640000] scsi target0:0:2: Ending Domain Validation
[    3.660000] sr 0:0:2:0: Power-on or device reset occurred
[    3.670000] sr 0:0:2:0: [sr0] scsi3-mmc drive: 16x/50x cd/rw xa/form2 cdda tray
[    3.680000] cdrom: Uniform CD-ROM driver Revision: 3.20
[    3.690000] sd 0:0:0:0: Power-on or device reset occurred
[    3.690000] sd 0:0:1:0: Power-on or device reset occurred
[    3.700000] sd 0:0:1:0: [sdb] 1048576 512-byte logical blocks: (537 MB/512 MiB)
[    3.710000] sd 0:0:1:0: [sdb] Write Protect is off
[    3.710000] sd 0:0:1:0: [sdb] Mode Sense: 63 00 00 08
[    3.710000] sd 0:0:1:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    3.720000] sd 0:0:0:0: [sda] 7841792 512-byte logical blocks: (4.01 GB/3.74 GiB)
[    3.720000] sd 0:0:0:0: [sda] Write Protect is off
[    3.730000] sd 0:0:0:0: [sda] Mode Sense: 63 00 00 08
[    3.730000] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    3.750000]  sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7
[    3.760000] sd 0:0:1:0: [sdb] Attached SCSI disk
[    3.770000] sd 0:0:0:0: [sda] Attached SCSI disk
[    3.780000] sr 0:0:2:0: Attached scsi CD-ROM sr0
[    3.790000] sd 0:0:0:0: Attached scsi generic sg0 type 0
[    3.790000] sd 0:0:1:0: Attached scsi generic sg1 type 0
[    3.800000] sr 0:0:2:0: Attached scsi generic sg2 type 5
[    3.800000] Onboard/comm-slot SONIC, revision 0x0004, 32 bit DMA, register offset 2
[    3.810000] SONIC ethernet @50f0a000, MAC 08:00:07:ff:ee:dd, IRQ 3
[    3.820000] aoe: AoE v85 initialised.
[    3.830000] mousedev: PS/2 mouse device common for all mice
[    3.840000] rtc-generic rtc-generic: registered as rtc0
[    3.850000] NET: Registered PF_PACKET protocol family
[    3.880000] EXT4-fs (sda6): mounting ext2 file system using the ext4 subsystem
[    3.930000] EXT4-fs (sda6): mounted filesystem without journal. Opts: (null). Quota mode: disabled.
[    3.940000] VFS: Mounted root (ext2 filesystem) readonly on device 8:6.
[    3.950000] Freeing unused kernel image (initmem) memory: 148K
[    3.950000] This architecture does not have kernel memory protection.
[    3.960000] Run /start.sh as init process
[    3.960000]   with arguments:
[    3.960000]     /start.sh
[    3.960000]   with environment:
[    3.960000]     HOME=/
[    3.960000]     TERM=linux
[   22.460000] random: crng init done
[   37.040000] EXT4-fs (sda6): re-mounted. Opts: (null). Quota mode: disabled.

[-- Attachment #5: Type: application/octet-stream, Size: 16712 bytes --]

main: raise(SIGALRM)
handler: si_signo 14, si_code  -6, si_addr 0x0000016c, uc_mcontext 000000020000000000000002effffb880000000000000008000000000000000100000000effffc088004a16cefffff628000817c000000008006a000effffdbceffffb7480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffb6c8006ae908006b28f00000000000003ffeffffb6c80049d0b8006ae9080008a8aeffffb6c8006ae9000132d6beffffc8080008a9eeffffb6c80049d0beffffc9000000000effffc08effffea0efbd5c01efffff628000511eeffffc08
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x0000016c, uc_mcontext 000000020000000000000002effffb880000000000000008000000000000000100000000effffc088004a16cefffff628000817c000000008006a000effffdbceffffb7480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffb6c8006ae908006b28f00000000000003ffeffffb6c80049d0b8006ae9080008a8aeffffb6c8006ae9000132d6beffffc8080008a9eeffffb6c80049d0beffffc9000000000effffc08effffea0efbd5c01efffff628000511eeffffc08
handler: si_signo 12, si_code  -6, si_addr 0x0000016c, uc_mcontext 000000020000000000000002effffb880000000000000008000000000000000100000000effffc088004a16cefffff628000817c000000008006a000effffdbceffffb7480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffb6c8006ae908006b28f00000000000003ffeffffb6c80049d0b8006ae9080008a8aeffffb6c8006ae9000132d6beffffc8080008a9eeffffb6c80049d0beffffc9000000000effffc08effffea0efbd5c01efffff628000511eeffffc08
main: alarm(2)
handler: si_signo 14, si_code 128, si_addr 0x00000000, uc_mcontext 000000020000000000000002effffe98effffea0efbd5c01000000030000000100000000800734808006ae9fefffff628000817c00000000c014d000effffdbceffffc9480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efbd5c0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000114ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00132d6b80015736effffe98effffea0efbd5c01efffff62c014d000800004428000046a000000028006ae900000000feffffc90effffdbc8000070e00000002
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x0000016c, uc_mcontext 000000020000000000000002effffe98effffea0efbd5c01000000030000000100000000800734808006ae9fefffff628000817c00000000c014d000effffdbceffffc9480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efbd5c0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000114ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00132d6b80015736effffe98effffea0efbd5c01efffff62c014d000800004428000046a000000028006ae900000000feffffc90effffdbc8000070e00000002
handler: si_signo 12, si_code  -6, si_addr 0x0000016c, uc_mcontext 000000020000000000000002effffe98effffea0efbd5c01000000030000000100000000800734808006ae9fefffff628000817c00000000c014d000effffdbceffffc9480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efbd5c0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000114ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00132d6b80015736effffe98effffea0efbd5c01efffff62c014d000800004428000046a000000028006ae900000000feffffc90effffdbc8000070e00000002
main: divide by zero
handler: si_signo  8, si_code   1, si_addr 0x8000074a, uc_mcontext 00000002000000150000000200000000effffea0efbd5c01000000030000000100000000800734808006aea5efffff628000817c00000000c014d000effffdbceffffc948000074e000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffe98effffea0efbd5c0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006aea58006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc46effffe98effffea0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff000020148000074affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00132d6b80015736effffe98effffea0efbd5c01efffff62c014d000800004428000046a000000028006ae9000000015effffc90effffdbc8000074400000002
main: read pointer 0xc0000000
handler: si_signo  7, si_code   2, si_addr 0xc0000000, uc_mcontext 000000020000001e0000000200000001effffea0efbd5c01000000030000000100000000c00000008006aeaeefffff628000817c00000000c014d000effffdbceffffc94800007fa000000010000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000001effffea0efbd5c0100000003efffff628000817cfbad80018006ae908006ae908006ae908006ae908006aeae8006b28f8006ae908006b28f00000000000000000000000000000000000000000000000000000000000000000000a2f8000000008006a0008002478080024802ffffffff000000008002486600000001ffffffffefbd5c01000000030000000100000000efffff628000817c00000000c014d000effffdbc00000003800632e60000000000000000000000c20000000300000017087ca396ffffffffffffffffffffffff00007008c00000000521000000000000c0000000c00000008000817c00000000000000000000000000000000000000000000000000000000efffff62c014d000800004428000046a000000028006ae900000001eeffffc8ceffffdbc800007f20000000280049d41
[    0.000000] Linux version 5.14.0-rc4-multi (fthain@nippy) (m68k-linux-gnu-gcc (btc) 6.4.0, GNU ld (btc) 2.28) #2 Sun Aug 8 12:16:06 AEST 2021
[    0.000000] Saving 222 bytes of bootinfo
[    0.000000] printk: console [debug0] enabled
[    0.000000] printk: debug: ignoring loglevel setting.
[    0.000000] Atari hardware found: VIDEL STDMA-SCSI ST_MFP YM2149 PCM CODEC DSP56K SCC ANALOG_JOY BLITTER IDE TT_CLK FDC_SPEED
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x0000008fffffffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x0000000000dfffff]
[    0.000000]   node   0: [mem 0x0000000001000000-0x0000000008ffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000008ffffff]
[    0.000000] NatFeats found (ARAnyM, 1.0)
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0 
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 36028
[    0.000000] Kernel command line: debug=par console=tty0 ignore_loglevel initcall_blacklist=ide_falcon_driver_init,nfhd_init ro init=/start.sh root=/dev/sda6 BOOT_IMAGE=vmlinux
[    0.000000] blacklisting initcall ide_falcon_driver_init
[    0.000000] blacklisting initcall nfhd_init
[    0.000000] Unknown command line parameters: initcall_blacklist=ide_falcon_driver_init BOOT_IMAGE=vmlinux
[    0.000000] Dentry cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.000000] Inode-cache hash table entries: 16384 (order: 4, 65536 bytes, linear)
[    0.000000] Sorting __ex_table...
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 136960K/145408K available (4145K kernel code, 527K rwdata, 892K rodata, 148K init, 171K bss, 8448K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] NR_IRQS: 200
[    0.000000] clocksource: mfp: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 77769386670404 ns
[    0.000000] Console: colour dummy device 80x25
[    0.000000] printk: console [tty0] enabled
[    0.000000] Calibrating delay loop... 112.02 BogoMIPS (lpj=560128)
[    0.080000] pid_max: default: 32768 minimum: 301
[    0.080000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.080000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.090000] devtmpfs: initialized
[    0.100000] random: get_random_u32 called from bucket_table_alloc.isra.30+0x70/0x1a6 with crng_init=0
[    0.100000] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.110000] futex hash table entries: 256 (order: -1, 3072 bytes, linear)
[    0.110000] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.110000] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.110000] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.170000] wait_for_initramfs() called before rootfs_initcalls
[    0.270000] SCSI subsystem initialized
[    0.280000] libata version 3.00 loaded.
[    0.280000] clocksource: Switched to clocksource mfp
[    0.430000] NET: Registered PF_INET protocol family
[    0.430000] IP idents hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    0.430000] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear)
[    0.430000] TCP established hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    0.440000] TCP bind hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    0.440000] TCP: Hash tables configured (established 2048 bind 2048)
[    0.440000] UDP hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.440000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.440000] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    0.440000] RPC: Registered named UNIX socket transport module.
[    0.450000] RPC: Registered udp transport module.
[    0.450000] RPC: Registered tcp transport module.
[    0.450000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    0.450000] initcall nfhd_init blacklisted
[    0.450000] nfeth: API 5
[    0.460000] workingset: timestamp_bits=30 max_order=16 bucket_order=0
[    0.580000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 252)
[    0.580000] atafb atafb: phys_screen_base 708000 screen_len 311296
[    0.580000] atafb atafb: Determined 640x480, depth 4
[    0.590000] atafb atafb:    virtual 640x972
[    0.600000] Console: switching to colour frame buffer device 80x30
[    0.610000] fb0: frame buffer device, using 304K of video memory
[    0.610000] pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@kernel.crashing.org>)
[    0.620000] Non-volatile memory driver v1.3
[    0.650000] brd: module loaded
[    0.930000] scsi host0: Atari native SCSI, irq 15, io_port 0x0, base 0x0, can_queue 1, cmd_per_lun 2, sg_tablesize 1, this_id 7, flags { }
[    1.900000] random: fast init done
[    2.720000] atari-falcon-ide atari-falcon-ide: Atari Falcon and Q40/Q60 PATA controller
[    2.750000] scsi host1: pata_falcon
[    2.770000] ata1: PATA max PIO4 cmd 0xfff00000 ctl 0xfff00038 no IRQ, using PIO polling
[    2.810000] aoe: AoE v85 initialised.
[    2.840000] mousedev: PS/2 mouse device common for all mice
[    3.110000] input: Atari Keyboard as /devices/virtual/input/input0
[    3.120000] ata1.00: ATA-2: master, , max PIO2
[    3.140000] ata1.00: 7841232 sectors, multi 0: LBA 
[    3.170000] ata1.01: ATA-2: slave, , max PIO2
[    3.180000] ata1.01: 322560 sectors, multi 0: LBA 
[    3.200000] ata1.00: configured for PIO
[    3.210000] ata1.01: configured for PIO
[    3.240000] scsi 1:0:0:0: Direct-Access     ATA      master           n/a  PQ: 0 ANSI: 5
[    3.260000] sd 1:0:0:0: [sda] 7841232 512-byte logical blocks: (4.01 GB/3.74 GiB)
[    3.280000] sd 1:0:0:0: Attached scsi generic sg0 type 0
[    3.300000] sd 1:0:0:0: [sda] Write Protect is off
[    3.330000] sd 1:0:0:0: [sda] Mode Sense: 00 3a 00 00
[    3.340000] scsi 1:0:1:0: Direct-Access     ATA      slave            n/a  PQ: 0 ANSI: 5
[    3.370000] sd 1:0:0:0: [sda] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[    3.420000] sd 1:0:1:0: Attached scsi generic sg1 type 0
[    3.440000] sd 1:0:1:0: [sdb] 322560 512-byte logical blocks: (165 MB/158 MiB)
[    3.460000] sd 1:0:1:0: [sdb] Write Protect is off
[    3.480000] sd 1:0:1:0: [sdb] Mode Sense: 00 3a 00 00
[    3.510000] sd 1:0:1:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[    3.570000]  sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7
[    3.590000] sd 1:0:1:0: [sdb] Attached SCSI disk
[    3.630000] sd 1:0:0:0: [sda] Attached SCSI disk
[    3.680000] rtc-generic rtc-generic: registered as rtc0
[    3.690000] NET: Registered PF_PACKET protocol family
[    3.720000] EXT4-fs (sda6): mounting ext2 file system using the ext4 subsystem
[    3.790000] EXT4-fs (sda6): mounted filesystem without journal. Opts: (null). Quota mode: disabled.
[    3.830000] VFS: Mounted root (ext2 filesystem) readonly on device 8:6.
[    3.850000] Freeing unused kernel image (initmem) memory: 148K
[    3.870000] This architecture does not have kernel memory protection.
[    3.900000] Run /start.sh as init process
[    3.910000]   with arguments:
[    3.940000]     /start.sh
[    3.950000]   with environment:
[    3.970000]     HOME=/
[    4.000000]     TERM=linux
[    4.010000]     initcall_blacklist=ide_falcon_driver_init
[    4.020000]     BOOT_IMAGE=vmlinux
[   15.900000] random: crng init done
[   20.580000] EXT4-fs (sda6): re-mounted. Opts: (null). Quota mode: disabled.

[-- Attachment #6: Type: application/octet-stream, Size: 17682 bytes --]

main: raise(SIGALRM)
handler: si_signo 14, si_code  -6, si_addr 0x000001a5, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9f8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae9000f9aa4beffffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efa9dd01efffff9f8000511eeffffc48
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x000001a5, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9f8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae9000f9aa4beffffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efa9dd01efffff9f8000511eeffffc48
handler: si_signo 12, si_code  -6, si_addr 0x000001a5, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9f8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae9000f9aa4beffffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efa9dd01efffff9f8000511eeffffc48
main: alarm(2)
handler: si_signo 14, si_code 128, si_addr 0x00000000, uc_mcontext 000000020000000000000002effffed8effffee0efa9dd01000000030000000100000000800734808006ae9fefffff9f8000817c00000000c014d000effffdfceffffcd480000728000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efa9dd0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000078ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00f9aa4b80015736effffed8effffee0efa9dd01efffff9fc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x000001a5, uc_mcontext 000000020000000000000002effffed8effffee0efa9dd01000000030000000100000000800734808006ae9fefffff9f8000817c00000000c014d000effffdfceffffcd480000728000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efa9dd0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000078ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00f9aa4b80015736effffed8effffee0efa9dd01efffff9fc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: si_signo 12, si_code  -6, si_addr 0x000001a5, uc_mcontext 000000020000000000000002effffed8effffee0efa9dd01000000030000000100000000800734808006ae9fefffff9f8000817c00000000c014d000effffdfceffffcd480000728000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efa9dd0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000078ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00f9aa4b80015736effffed8effffee0efa9dd01efffff9fc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
main: divide by zero
handler: si_signo  8, si_code   1, si_addr 0x8000074a, uc_mcontext 00000002000000150000000200000000effffee0efa9dd01000000030000000100000000800734808006aea5efffff9f8000817c00000000c014d000effffdfceffffcd48000074e000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efa9dd0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006aea58006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff000020148000074affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00f9aa4b80015736effffed8effffee0efa9dd01efffff9fc014d000800004428000046a000000028006ae9000000015effffcd0effffdfc8000074400000002
main: read pointer 0xc0000000
handler: si_signo  7, si_code   2, si_addr 0xc0000000, uc_mcontext 000000020000001e0000000200000001effffee0efa9dd01000000030000000100000000c00000008006aeaeefffff9f8000817c00000000c014d000effffdfceffffcd4800007fa000000010000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000001effffee0efa9dd0100000003efffff9f8000817cfbad80018006ae908006ae908006ae908006ae908006aeae8006b28f8006ae908006b28f00000000000000000000000000000000000000000000000000000000000000000000a2f8000000008006a0008002478080024802ffffffff000000008002486600000001ffffffffefa9dd01000000030000000100000000efffff9f8000817c00000000c014d000effffdfc00000003800632e60000000000000000000000c2000000030000002000433a84ffffffffffffffffffffffff00007008effffc900521000100210001c000000000973fec0000001e8006aeae80000e940000001e000000040000000000008001574c0080efffff9fc014d000800004428000046a000000028006ae900000001eeffffccceffffdfc800007f20000000280049d41
[    0.000000] Linux version 5.14.0-rc4-multi (fthain@nippy) (m68k-linux-gnu-gcc (btc) 6.4.0, GNU ld (btc) 2.28) #2 Sun Aug 8 12:16:06 AEST 2021
[    0.000000] Saving 402 bytes of bootinfo
[    0.000000] Detected Macintosh model: 98
[    0.000000]  Penguin bootinfo data:
[    0.000000]  Video: addr 0xf9001000 row 0x280 depth 8 dimensions 640 x 480
[    0.000000]  Videological 0xf0001000 phys. 0xf9001000, SCC at 0x50f0c020
[    0.000000]  Boottime: 0xa4f93f32 GMTBias: 0x0
[    0.000000]  Machine ID: 98 CPUid: 0x2 memory size: 0x84
[    0.000000] Apple Macintosh Quadra 630
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x00000083ffffffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x00000000083fffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x00000000083fffff]
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0 
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 33495
[    0.000000] Kernel command line: root=/dev/sda6 console=tty0 console=ttyS0 init=/start.sh
[    0.000000] Dentry cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.000000] Inode-cache hash table entries: 16384 (order: 4, 65536 bytes, linear)
[    0.000000] Sorting __ex_table...
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 127792K/135168K available (4145K kernel code, 527K rwdata, 892K rodata, 148K init, 171K bss, 7376K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] NR_IRQS: 200
[    0.000000] clocksource: via1: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 2439823894983 ns
[    0.000000] Console: colour dummy device 80x25
[    0.010000] printk: console [tty0] enabled
[    0.200000] printk: console [ttyS0] enabled
[    0.200000] Calibrating delay loop... 21.55 BogoMIPS (lpj=107776)
[    0.310000] pid_max: default: 32768 minimum: 301
[    0.330000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.350000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.400000] devtmpfs: initialized
[    0.440000] random: get_random_u32 called from bucket_table_alloc.isra.30+0x70/0x1a6 with crng_init=0
[    0.470000] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.480000] futex hash table entries: 256 (order: -1, 3072 bytes, linear)
[    0.500000] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.520000] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.530000] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.790000] wait_for_initramfs() called before rootfs_initcalls
[    1.540000] NuBus: Scanning NuBus slots.
[    1.560000] SCSI subsystem initialized
[    1.610000] libata version 3.00 loaded.
[    1.640000] clocksource: Switched to clocksource via1
[    2.500000] NET: Registered PF_INET protocol family
[    2.520000] IP idents hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    2.540000] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear)
[    2.550000] TCP established hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    2.560000] random: fast init done
[    2.560000] TCP bind hash table entries: 2048 (order: 1, 8192 bytes, linear)
[    2.580000] TCP: Hash tables configured (established 2048 bind 2048)
[    2.590000] UDP hash table entries: 256 (order: 0, 4096 bytes, linear)
[    2.600000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes, linear)
[    2.610000] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    2.640000] RPC: Registered named UNIX socket transport module.
[    2.650000] RPC: Registered udp transport module.
[    2.660000] RPC: Registered tcp transport module.
[    2.670000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    2.730000] workingset: timestamp_bits=30 max_order=15 bucket_order=0
[    3.170000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
[    3.200000] Monitor sense value = 0x603
[    3.210000] using video mode 13 and color mode 0.
[    3.400000] Console: switching to colour frame buffer device 104x39
[    3.570000] fb0: valkyrie frame buffer device
[    3.580000] pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@kernel.crashing.org>)
[    3.590000] scc.0: ttyS0 at MMIO 0x50f0c022 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    3.630000] scc.1: ttyS1 at MMIO 0x50f0c020 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    3.670000] Non-volatile memory driver v1.3
[    3.850000] brd: module loaded
[    3.860000] Macintosh Cuda and Egret driver.
[    3.980000] mac_esp: using PDMA for controller 0
[    3.990000] mac_esp mac_esp.0: esp0: regs[(ptrval):0] irq[19]
[    4.000000] mac_esp mac_esp.0: esp0: is a ESP236, 16 MHz (ccf=4), SCSI ID 7
[    4.110000] adb device [2]: 2 0x2
[    4.120000] adb device [3]: 3 0x1
[    4.140000] ADB keyboard at 2 has handler 0x3
[    4.140000] Detected ADB keyboard, type ANSI.
[    4.160000] input: ADB keyboard as /devices/virtual/input/input0
[    4.260000] ADB mouse (standard) at 3 has handler 0x2
[    4.260000] input: ADB mouse as /devices/virtual/input/input1
[    7.040000] scsi host0: esp
[    7.090000] scsi 0:0:0:0: Direct-Access      codesrc          SCSI2SD  1.0 PQ: 0 ANSI: 2 CCS
[    7.100000] scsi target0:0:0: Beginning Domain Validation
[    7.120000] scsi target0:0:0: Ending Domain Validation
[    7.220000] scsi 0:0:3:0: CD-ROM            MATSHITA CD-ROM CR-8004   1.1f PQ: 0 ANSI: 2
[    7.230000] scsi target0:0:3: Beginning Domain Validation
[    7.260000] scsi target0:0:3: FAST-5 SCSI 2.1 MB/s ST (472 ns, offset 8)
[    7.280000] scsi target0:0:3: Domain Validation skipping write tests
[    7.290000] scsi target0:0:3: Ending Domain Validation
[    7.430000] sr 0:0:3:0: Power-on or device reset occurred
[    7.510000] sd 0:0:0:0: [sda] 4194303 512-byte logical blocks: (2.15 GB/2.00 GiB)
[    7.530000] sd 0:0:0:0: [sda] Write Protect is off
[    7.540000] sd 0:0:0:0: [sda] Mode Sense: 4b 00 00 08
[    7.540000] sd 0:0:0:0: [sda] Cache data unavailable
[    7.550000] sd 0:0:0:0: [sda] Assuming drive cache: write through
[    7.580000] sr 0:0:3:0: [sr0] scsi-1 drive
[    7.590000] cdrom: Uniform CD-ROM driver Revision: 3.20
[    7.670000] sr 0:0:3:0: Attached scsi CD-ROM sr0
[    7.720000] sd 0:0:0:0: Attached scsi generic sg0 type 0
[    7.770000] sr 0:0:3:0: Attached scsi generic sg1 type 5
[    7.820000]  sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7
[    7.890000] scsi host1: pata_platform
[    8.010000] ata1: PATA max PIO0 mmio cmd 0x50f1a000 ctl 0x50f1a038 irq 62
[    8.030000] Onboard/comm-slot SONIC, revision 0x0004, 16 bit DMA, register offset 0
[    8.040000] SONIC ethernet @50f0a000, MAC 00:a0:40:28:41:a9, IRQ 3
[    8.100000] sd 0:0:0:0: [sda] Attached SCSI disk
[    8.220000] aoe: AoE v85 initialised.
[    8.250000] mousedev: PS/2 mouse device common for all mice
[    8.300000] rtc-generic rtc-generic: registered as rtc0
[    8.330000] NET: Registered PF_PACKET protocol family
[   11.270000] ata1.00: ATA-0: DSAA-3360, 3D1A6QA4, max MWDMA1
[   11.280000] ata1.00: 713472 sectors, multi 0: LBA 
[   11.290000] ata1.00: configured for PIO
[   11.310000] scsi 1:0:0:0: Direct-Access     ATA      DSAA-3360        6QA4 PQ: 0 ANSI: 5
[   11.380000] sd 1:0:0:0: Attached scsi generic sg2 type 0
[   11.400000] sd 1:0:0:0: [sdb] 713472 512-byte logical blocks: (365 MB/348 MiB)
[   11.420000] sd 1:0:0:0: [sdb] Write Protect is off
[   11.430000] sd 1:0:0:0: [sdb] Mode Sense: 00 3a 00 00
[   11.440000] sd 1:0:0:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
[   11.520000]  sdb: [mac] sdb1 sdb2 sdb3 sdb4 sdb5 sdb6 sdb7 sdb8
[   11.660000] sd 1:0:0:0: [sdb] Attached SCSI disk
[   11.700000] EXT4-fs (sda6): mounting ext2 file system using the ext4 subsystem
[   11.850000] EXT4-fs (sda6): mounted filesystem without journal. Opts: (null). Quota mode: disabled.
[   11.860000] VFS: Mounted root (ext2 filesystem) readonly on device 8:6.
[   11.890000] Freeing unused kernel image (initmem) memory: 148K
[   11.910000] This architecture does not have kernel memory protection.
[   11.920000] Run /start.sh as init process
[   11.930000]   with arguments:
[   11.930000]     /start.sh
[   11.930000]   with environment:
[   11.930000]     HOME=/
[   11.930000]     TERM=linux
[   20.190000] random: crng init done
[   26.730000] EXT4-fs (sda6): re-mounted. Opts: (null). Quota mode: disabled.

[-- Attachment #7: Type: application/octet-stream, Size: 17734 bytes --]

main: raise(SIGALRM)
handler: si_signo 14, si_code  -6, si_addr 0x00000182, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9b8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae900020768aeffffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efb8fd01efffff9b8000511eeffffc48
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x00000182, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9b8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae900020768aeffffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efb8fd01efffff9b8000511eeffffc48
handler: si_signo 12, si_code  -6, si_addr 0x00000182, uc_mcontext 000000020000000000000002effffbc80000000000000008000000000000000100000000effffc488004a16cefffff9b8000817c000000008006a000effffdfceffffbb480005172000000080000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 410000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000808000d9beeffffbac8006ae908006b28f00000000000003ffeffffbac80049d0b8006ae9080008a8aeffffbac8006ae900020768aeffffcc080008a9eeffffbac80049d0beffffcd000000000effffc48effffee0efb8fd01efffff9b8000511eeffffc48
main: alarm(2)
handler: si_signo 14, si_code 128, si_addr 0x00000000, uc_mcontext 000000020000000000000002effffed8effffee0efb8fd01000000030000000100000000800734808006ae9fefffff9b8000817c00000000c014d000effffdfceffffcd480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb8fd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000064ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0020768a80015736effffed8effffee0efb8fd01efffff9bc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: raise(SIGUSR1), raise(SIGUSR2)
handler: si_signo 10, si_code  -6, si_addr 0x00000182, uc_mcontext 000000020000000000000002effffed8effffee0efb8fd01000000030000000100000000800734808006ae9fefffff9b8000817c00000000c014d000effffdfceffffcd480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb8fd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000064ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0020768a80015736effffed8effffee0efb8fd01efffff9bc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
handler: si_signo 12, si_code  -6, si_addr 0x00000182, uc_mcontext 000000020000000000000002effffed8effffee0efb8fd01000000030000000100000000800734808006ae9fefffff9b8000817c00000000c014d000effffdfceffffcd480000726000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb8fd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006ae9f8006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff00000064ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0020768a80015736effffed8effffee0efb8fd01efffff9bc014d000800004428000046a000000028006ae900000000feffffcd0effffdfc8000070e00000002
main: divide by zero
handler: si_signo  8, si_code   1, si_addr 0x8000074a, uc_mcontext 00000002000000150000000200000000effffee0efb8fd01000000030000000100000000800734808006aea5efffff9b8000817c00000000c014d000effffdfceffffcd48000074a000000040000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000000effffed8effffee0efb8fd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006aea58006b28f8006ae908006b28f0000000000000000000000000000000000000000ffffffff00000000ffffffff0000ffff00000000ffffffffffffffffffffffffffffffff00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80019028effffc86effffed8effffee0800632e6000000007ffffffffffffffeffffffffffffffffffffffffffffffffffffffff000020148000074affffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0020768a80015736effffed8effffee0efb8fd01efffff9bc014d000800004428000046a000000028006ae9000000015effffcd0effffdfc8000074400000002
main: read pointer 0xc0000000
handler: si_signo  7, si_code   2, si_addr 0xc0000000, uc_mcontext 000000020000001e0000000200000001effffee0efb8fd01000000030000000100000000c00000008006aeaeefffff9b8000817c00000000c014d000effffdfceffffcd4800007fa000000010000000000000000000000007fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff7fff0000ffffffffffffffff, __glibc_reserved1 4100000000000001effffee0efb8fd0100000003efffff9b8000817cfbad80018006ae908006ae908006ae908006ae908006aeae8006b28f8006ae908006b28f00000000000000000000000000000000000000000000000000000000000000000000a2f8000000008006a0008002478080024802ffffffff000000008002486600000001ffffffffefb8fd01000000030000000100000000efffff9b8000817c00000000c014d000effffdfc00000003800632e60000000000000000000000c2000000030000002115bf38cbffffffffffffffffffffffff00007008c00000000521000000000000c0000000c00000000000000000000000000000000000000000000000000000000000000000000000efffff9bc014d000800004428000046a000000028006ae900000001eeffffccceffffdfc800007f20000000280049d41
[    0.000000] Linux version 5.14.0-rc4-multi (fthain@nippy) (m68k-linux-gnu-gcc (btc) 6.4.0, GNU ld (btc) 2.28) #2 Sun Aug 8 12:16:06 AEST 2021
[    0.000000] Saving 172 bytes of bootinfo
[    0.000000] Detected Macintosh model: 35
[    0.000000]  Penguin bootinfo data:
[    0.000000]  Video: addr 0xf9001000 row 0x190 depth 4 dimensions 800 x 600
[    0.000000]  Videological 0x0 phys. 0x0, SCC at 0x5000c020
[    0.000000]  Boottime: 0x0 GMTBias: 0x0
[    0.000000]  Machine ID: 35 CPUid: 0x2 memory size: 0x80
[    0.000000] Apple Macintosh Quadra 800
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x0000007fffffffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x0000000007ffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000000000-0x0000000007ffffff]
[    0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[    0.000000] pcpu-alloc: [0] 0 
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 32480
[    0.000000] Kernel command line: root=/dev/sda6 console=tty0 console=ttyS0 init=/start.sh 
[    0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes, linear)
[    0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes, linear)
[    0.000000] Sorting __ex_table...
[    0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.000000] Memory: 123832K/131072K available (4145K kernel code, 527K rwdata, 892K rodata, 148K init, 171K bss, 7240K reserved, 0K cma-reserved)
[    0.000000] SLUB: HWalign=16, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.000000] NR_IRQS: 200
[    0.000000] clocksource: via1: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 2439823894983 ns
[    0.010000] Console: colour dummy device 80x25
[    0.010000] printk: console [tty0] enabled
[    0.040000] printk: console [ttyS0] enabled
[    0.040000] Calibrating delay loop... 847.05 BogoMIPS (lpj=4235264)
[    0.140000] pid_max: default: 32768 minimum: 301
[    0.140000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.140000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.180000] devtmpfs: initialized
[    0.190000] random: get_random_u32 called from bucket_table_alloc.isra.30+0x70/0x1a6 with crng_init=0
[    0.200000] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    0.200000] futex hash table entries: 256 (order: -1, 3072 bytes, linear)
[    0.200000] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    0.210000] DMA: preallocated 128 KiB GFP_KERNEL pool for atomic allocations
[    0.210000] DMA: preallocated 128 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations
[    0.240000] wait_for_initramfs() called before rootfs_initcalls
[    0.290000] NuBus: Scanning NuBus slots.
[    0.300000] Slot 9: Board resource not found!
[    0.300000] SCSI subsystem initialized
[    0.300000] libata version 3.00 loaded.
[    0.310000] clocksource: Switched to clocksource via1
[    0.360000] NET: Registered PF_INET protocol family
[    0.370000] IP idents hash table entries: 2048 (order: 2, 16384 bytes, linear)
[    0.370000] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 4096 bytes, linear)
[    0.370000] TCP established hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.370000] TCP bind hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    0.370000] TCP: Hash tables configured (established 1024 bind 1024)
[    0.380000] UDP hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.380000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes, linear)
[    0.380000] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    0.380000] RPC: Registered named UNIX socket transport module.
[    0.380000] RPC: Registered udp transport module.
[    0.380000] RPC: Registered tcp transport module.
[    0.380000] RPC: Registered tcp NFSv4.1 backchannel transport module.
[    0.390000] workingset: timestamp_bits=30 max_order=15 bucket_order=0
[    0.420000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 253)
[    0.420000] macfb: framebuffer at 0xf9001000, mapped to 0x(ptrval), size 234k
[    0.420000] macfb: mode is 800x600x4, linelength=400
[    0.440000] Console: switching to colour frame buffer device 100x37
[    0.450000] fb0: DAFB frame buffer device
[    0.450000] pmac_zilog: 0.6 (Benjamin Herrenschmidt <benh@kernel.crashing.org>)
[    0.450000] scc.0: ttyS0 at MMIO 0x5000c022 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    0.450000] scc.1: ttyS1 at MMIO 0x5000c020 (irq = 4, base_baud = 230400) is a Z85c30 ESCC - Serial port
[    0.460000] Non-volatile memory driver v1.3
[    0.490000] brd: module loaded
[    0.490000] adb: Mac II ADB Driver v1.0 for Unified ADB
[    0.510000] adb device [2]: 2 0x1
[    0.510000] adb device [3]: 3 0x2
[    0.510000] ADB keyboard at 2 has handler 0x3
[    0.510000] Detected ADB keyboard, type ANSI.
[    0.520000] input: ADB keyboard as /devices/virtual/input/input0
[    0.520000] random: fast init done
[    0.520000] ADB mouse (standard) at 3 has handler 0x2
[    0.520000] input: ADB mouse as /devices/virtual/input/input1
[    0.530000] mac_esp: using PDMA for controller 0
[    0.530000] mac_esp mac_esp.0: esp0: regs[(ptrval):0] irq[19]
[    0.540000] mac_esp mac_esp.0: esp0: is a ESP236, 16 MHz (ccf=4), SCSI ID 7
[    3.600000] scsi host0: esp
[    3.630000] scsi 0:0:0:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[    3.630000] scsi target0:0:0: Beginning Domain Validation
[    3.640000] scsi target0:0:0: Domain Validation skipping write tests
[    3.650000] scsi target0:0:0: Ending Domain Validation
[    3.660000] scsi 0:0:1:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[    3.670000] scsi target0:0:1: Beginning Domain Validation
[    3.670000] scsi target0:0:1: Domain Validation skipping write tests
[    3.680000] scsi target0:0:1: Ending Domain Validation
[    3.690000] scsi 0:0:2:0: CD-ROM            QEMU     QEMU CD-ROM      2.5+ PQ: 0 ANSI: 5
[    3.690000] scsi target0:0:2: Beginning Domain Validation
[    3.700000] scsi target0:0:2: Domain Validation skipping write tests
[    3.700000] scsi target0:0:2: Ending Domain Validation
[    3.730000] sr 0:0:2:0: Power-on or device reset occurred
[    3.740000] sr 0:0:2:0: [sr0] scsi3-mmc drive: 16x/50x cd/rw xa/form2 cdda tray
[    3.740000] cdrom: Uniform CD-ROM driver Revision: 3.20
[    3.750000] sd 0:0:0:0: Power-on or device reset occurred
[    3.750000] sd 0:0:1:0: Power-on or device reset occurred
[    3.760000] sd 0:0:1:0: [sdb] 1048576 512-byte logical blocks: (537 MB/512 MiB)
[    3.770000] sd 0:0:1:0: [sdb] Write Protect is off
[    3.770000] sd 0:0:1:0: [sdb] Mode Sense: 63 00 00 08
[    3.770000] sd 0:0:1:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    3.780000] sd 0:0:0:0: [sda] 7841792 512-byte logical blocks: (4.01 GB/3.74 GiB)
[    3.780000] sd 0:0:0:0: [sda] Write Protect is off
[    3.790000] sd 0:0:0:0: [sda] Mode Sense: 63 00 00 08
[    3.790000] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    3.810000]  sda: [mac] sda1 sda2 sda3 sda4 sda5 sda6 sda7
[    3.820000] sd 0:0:0:0: [sda] Attached SCSI disk
[    3.830000] sr 0:0:2:0: Attached scsi CD-ROM sr0
[    3.840000] sd 0:0:1:0: [sdb] Attached SCSI disk
[    3.850000] sd 0:0:0:0: Attached scsi generic sg0 type 0
[    3.850000] sd 0:0:1:0: Attached scsi generic sg1 type 0
[    3.860000] sr 0:0:2:0: Attached scsi generic sg2 type 5
[    3.870000] Onboard/comm-slot SONIC, revision 0x0004, 32 bit DMA, register offset 2
[    3.870000] SONIC ethernet @50f0a000, MAC 08:00:07:ff:ee:dd, IRQ 3
[    3.890000] aoe: AoE v85 initialised.
[    3.900000] mousedev: PS/2 mouse device common for all mice
[    3.910000] rtc-generic rtc-generic: registered as rtc0
[    3.920000] NET: Registered PF_PACKET protocol family
[    3.940000] EXT4-fs (sda6): mounting ext2 file system using the ext4 subsystem
[    3.990000] EXT4-fs (sda6): mounted filesystem without journal. Opts: (null). Quota mode: disabled.
[    3.990000] VFS: Mounted root (ext2 filesystem) readonly on device 8:6.
[    4.000000] Freeing unused kernel image (initmem) memory: 148K
[    4.000000] This architecture does not have kernel memory protection.
[    4.010000] Run /start.sh as init process
[    4.010000]   with arguments:
[    4.010000]     /start.sh
[    4.010000]   with environment:
[    4.010000]     HOME=/
[    4.010000]     TERM=linux
[   24.780000] random: crng init done
[   31.000000] EXT4-fs (sda6): re-mounted. Opts: (null). Quota mode: disabled.

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #8: Type: text/x-c; NAME=sig.c, Size: 2678 bytes --]

#include <fcntl.h>
#include <signal.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/mman.h>
#include <sys/ucontext.h>
#include <unistd.h>

static int dnprintf(int fd, const char *fmt, ...)
{
	va_list ap;
#define BUFSIZE 1024
	static char buf[BUFSIZE];
	va_start(ap, fmt);
	vsnprintf(buf, BUFSIZE, fmt, ap);
	va_end(ap);
	return write(fd, buf, strnlen(buf, BUFSIZE));
}

static void write_hex(int fd, void *p, unsigned int n)
{
	while (n--) {
		unsigned int i = *(unsigned char *)p++;
		dnprintf(fd, "%02x", i & 0xff);
	}
}

static volatile sig_atomic_t done;

static void handler(int sig, siginfo_t *info, void *ucontext)
{
	ucontext_t *uc = ucontext;

	dnprintf(2, "%s: si_signo %2d, si_code %3d, si_addr 0x%08x, ",
	       __func__, info->si_signo, info->si_code, info->si_addr);
	dnprintf(2, "uc_mcontext ");
	write_hex(2, &uc->uc_mcontext, sizeof(uc->uc_mcontext));
	dnprintf(2, ", __glibc_reserved1 ");
	write_hex(2, &uc->__glibc_reserved1, sizeof(uc->__glibc_reserved1));
	dnprintf(2, "\n");

	switch (sig) {
	case SIGALRM:
		// Arrange for signal delivery on return from handler
		dnprintf(2, "%s: raise(SIGUSR1), raise(SIGUSR2)\n", __func__);
		raise(SIGUSR1);
		raise(SIGUSR2);
		break;
	case SIGUSR1:
	case SIGUSR2:
		// Nothing to do
		break;
	case SIGFPE:
		// Fix up divisor
		uc->uc_mcontext.gregs[2] = 1; // REG_D2
		break;
	case SIGBUS:
		// Give up
		raise(SIGABRT);
	}
	done = 1;
}

int main(void)
{
	sigset_t mask;
	sigfillset(&mask);

	struct sigaction sa = {
		.sa_sigaction = handler,
		.sa_mask = mask,
		.sa_flags = SA_SIGINFO,
	};
	sigaction(SIGALRM, &sa, NULL);
	sigaction(SIGUSR1, &sa, NULL);
	sigaction(SIGUSR2, &sa, NULL);
	sigaction(SIGFPE, &sa, NULL);
	sigaction(SIGBUS, &sa, NULL);

	// Arrange for signal delivery on return from trap
	dnprintf(2, "%s: raise(SIGALRM)\n", __func__);
	raise(SIGALRM);

	// Signal delivery on return from interrupt
	dnprintf(2, "%s: alarm(2)\n", __func__);
	alarm(2);
	done = 0;
	while (!done)
		continue;

	// Signal delivery on return from exception
	dnprintf(2, "%s: divide by zero\n", __func__);
	asm("clrl  %%d2       \n\
	     divsl %%d2,%%d1  \n\
	     " : : : "d1", "d2");

	// Signal delivery on return from fault
	char pattern[] = "/tmp/sigXXXXXX";
	int fd = mkstemp(pattern);
	if (fd == -1)
		return 1;
	unlink(pattern);
	volatile char *addr = mmap(NULL, getpagesize(), PROT_READ | PROT_WRITE,
	                           MAP_PRIVATE, fd, 0);
	if (addr == (char *)-1)
		return 2;
	dnprintf(2, "%s: read pointer %p\n", __func__, addr);
	*addr;
}

Re: [PATCH 1/3] m68k: handle arrivals of multiple signals correctly

[Michael Schmitz]

Hi Al,

On 26/07/21 5:19 am, Al Viro wrote:
> When we have several pending signals, have entered with the kernel
> with large exception frame *and* have already built at least one
> sigframe, regs->stkadj is going to be non-zero and regs->format/sr/pc
> are going to be junk - the real values are in shifted exception stack
> frame we'd built when putting together the first sigframe.
>
> If that happens, subsequent sigframes are going to be garbage.
> Not hard to fix - just need to find the "adjusted" frame first
> and look for format/vector/sr/pc in it.
>
> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Looks good to me. What's more, it fixes a number of long standing issues 
dating back to the 4.10 ages - see discussions at:

https://lore.kernel.org/r/7517d306-21ad-daa1-a2fb-b273211cb588@gmail.com

https://lore.kernel.org/r/ed2ca322-b957-cd52-8d2f-a8edd2785625@linux-m68k.org

- so should be applied to -stable IMO.

Tested by me on 68030 - Finn Thain did some testing on 68040 and might 
add his own tag.

Tested-by: Michael Schmitz <schmitzmic@gmail.com>

Reviewed-by: Michael Schmitz <schmitzmic@gmail.com>

> ---
>   arch/m68k/kernel/signal.c | 88 ++++++++++++++++++++++-------------------------
>   1 file changed, 42 insertions(+), 46 deletions(-)
>
> diff --git a/arch/m68k/kernel/signal.c b/arch/m68k/kernel/signal.c
> index 8f215e79e70e..cd11eb101eac 100644
> --- a/arch/m68k/kernel/signal.c
> +++ b/arch/m68k/kernel/signal.c
> @@ -447,7 +447,7 @@ static inline void save_fpu_state(struct sigcontext *sc, struct pt_regs *regs)
>   
>   	if (CPU_IS_060 ? sc->sc_fpstate[2] : sc->sc_fpstate[0]) {
>   		fpu_version = sc->sc_fpstate[0];
> -		if (CPU_IS_020_OR_030 &&
> +		if (CPU_IS_020_OR_030 && !regs->stkadj &&
>   		    regs->vector >= (VEC_FPBRUC * 4) &&
>   		    regs->vector <= (VEC_FPNAN * 4)) {
>   			/* Clear pending exception in 68882 idle frame */
> @@ -510,7 +510,7 @@ static inline int rt_save_fpu_state(struct ucontext __user *uc, struct pt_regs *
>   		if (!(CPU_IS_060 || CPU_IS_COLDFIRE))
>   			context_size = fpstate[1];
>   		fpu_version = fpstate[0];
> -		if (CPU_IS_020_OR_030 &&
> +		if (CPU_IS_020_OR_030 && !regs->stkadj &&
>   		    regs->vector >= (VEC_FPBRUC * 4) &&
>   		    regs->vector <= (VEC_FPNAN * 4)) {
>   			/* Clear pending exception in 68882 idle frame */
> @@ -832,18 +832,24 @@ asmlinkage int do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
>   	return 0;
>   }
>   
> +static inline struct pt_regs *rte_regs(struct pt_regs *regs)
> +{
> +	return (void *)regs + regs->stkadj;
> +}
> +
>   static void setup_sigcontext(struct sigcontext *sc, struct pt_regs *regs,
>   			     unsigned long mask)
>   {
> +	struct pt_regs *tregs = rte_regs(regs);
>   	sc->sc_mask = mask;
>   	sc->sc_usp = rdusp();
>   	sc->sc_d0 = regs->d0;
>   	sc->sc_d1 = regs->d1;
>   	sc->sc_a0 = regs->a0;
>   	sc->sc_a1 = regs->a1;
> -	sc->sc_sr = regs->sr;
> -	sc->sc_pc = regs->pc;
> -	sc->sc_formatvec = regs->format << 12 | regs->vector;
> +	sc->sc_sr = tregs->sr;
> +	sc->sc_pc = tregs->pc;
> +	sc->sc_formatvec = tregs->format << 12 | tregs->vector;
>   	save_a5_state(sc, regs);
>   	save_fpu_state(sc, regs);
>   }
> @@ -851,6 +857,7 @@ static void setup_sigcontext(struct sigcontext *sc, struct pt_regs *regs,
>   static inline int rt_setup_ucontext(struct ucontext __user *uc, struct pt_regs *regs)
>   {
>   	struct switch_stack *sw = (struct switch_stack *)regs - 1;
> +	struct pt_regs *tregs = rte_regs(regs);
>   	greg_t __user *gregs = uc->uc_mcontext.gregs;
>   	int err = 0;
>   
> @@ -871,9 +878,9 @@ static inline int rt_setup_ucontext(struct ucontext __user *uc, struct pt_regs *
>   	err |= __put_user(sw->a5, &gregs[13]);
>   	err |= __put_user(sw->a6, &gregs[14]);
>   	err |= __put_user(rdusp(), &gregs[15]);
> -	err |= __put_user(regs->pc, &gregs[16]);
> -	err |= __put_user(regs->sr, &gregs[17]);
> -	err |= __put_user((regs->format << 12) | regs->vector, &uc->uc_formatvec);
> +	err |= __put_user(tregs->pc, &gregs[16]);
> +	err |= __put_user(tregs->sr, &gregs[17]);
> +	err |= __put_user((tregs->format << 12) | tregs->vector, &uc->uc_formatvec);
>   	err |= rt_save_fpu_state(uc, regs);
>   	return err;
>   }
> @@ -890,13 +897,14 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set,
>   			struct pt_regs *regs)
>   {
>   	struct sigframe __user *frame;
> -	int fsize = frame_extra_sizes(regs->format);
> +	struct pt_regs *tregs = rte_regs(regs);
> +	int fsize = frame_extra_sizes(tregs->format);
>   	struct sigcontext context;
>   	int err = 0, sig = ksig->sig;
>   
>   	if (fsize < 0) {
>   		pr_debug("setup_frame: Unknown frame format %#x\n",
> -			 regs->format);
> +			 tregs->format);
>   		return -EFAULT;
>   	}
>   
> @@ -907,7 +915,7 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set,
>   
>   	err |= __put_user(sig, &frame->sig);
>   
> -	err |= __put_user(regs->vector, &frame->code);
> +	err |= __put_user(tregs->vector, &frame->code);
>   	err |= __put_user(&frame->sc, &frame->psc);
>   
>   	if (_NSIG_WORDS > 1)
> @@ -934,33 +942,27 @@ static int setup_frame(struct ksignal *ksig, sigset_t *set,
>   	push_cache ((unsigned long) &frame->retcode);
>   
>   	/*
> -	 * Set up registers for signal handler.  All the state we are about
> -	 * to destroy is successfully copied to sigframe.
> -	 */
> -	wrusp ((unsigned long) frame);
> -	regs->pc = (unsigned long) ksig->ka.sa.sa_handler;
> -	adjustformat(regs);
> -
> -	/*
>   	 * This is subtle; if we build more than one sigframe, all but the
>   	 * first one will see frame format 0 and have fsize == 0, so we won't
>   	 * screw stkadj.
>   	 */
> -	if (fsize)
> +	if (fsize) {
>   		regs->stkadj = fsize;
> -
> -	/* Prepare to skip over the extra stuff in the exception frame.  */
> -	if (regs->stkadj) {
> -		struct pt_regs *tregs =
> -			(struct pt_regs *)((ulong)regs + regs->stkadj);
> +		tregs = rte_regs(regs);
>   		pr_debug("Performing stackadjust=%04lx\n", regs->stkadj);
> -		/* This must be copied with decreasing addresses to
> -                   handle overlaps.  */
>   		tregs->vector = 0;
>   		tregs->format = 0;
> -		tregs->pc = regs->pc;
>   		tregs->sr = regs->sr;
>   	}
> +
> +	/*
> +	 * Set up registers for signal handler.  All the state we are about
> +	 * to destroy is successfully copied to sigframe.
> +	 */
> +	wrusp ((unsigned long) frame);
> +	tregs->pc = (unsigned long) ksig->ka.sa.sa_handler;
> +	adjustformat(regs);
> +
>   	return 0;
>   }
>   
> @@ -968,7 +970,8 @@ static int setup_rt_frame(struct ksignal *ksig, sigset_t *set,
>   			   struct pt_regs *regs)
>   {
>   	struct rt_sigframe __user *frame;
> -	int fsize = frame_extra_sizes(regs->format);
> +	struct pt_regs *tregs = rte_regs(regs);
> +	int fsize = frame_extra_sizes(tregs->format);
>   	int err = 0, sig = ksig->sig;
>   
>   	if (fsize < 0) {
> @@ -1019,33 +1022,26 @@ static int setup_rt_frame(struct ksignal *ksig, sigset_t *set,
>   	push_cache ((unsigned long) &frame->retcode);
>   
>   	/*
> -	 * Set up registers for signal handler.  All the state we are about
> -	 * to destroy is successfully copied to sigframe.
> -	 */
> -	wrusp ((unsigned long) frame);
> -	regs->pc = (unsigned long) ksig->ka.sa.sa_handler;
> -	adjustformat(regs);
> -
> -	/*
>   	 * This is subtle; if we build more than one sigframe, all but the
>   	 * first one will see frame format 0 and have fsize == 0, so we won't
>   	 * screw stkadj.
>   	 */
> -	if (fsize)
> +	if (fsize) {
>   		regs->stkadj = fsize;
> -
> -	/* Prepare to skip over the extra stuff in the exception frame.  */
> -	if (regs->stkadj) {
> -		struct pt_regs *tregs =
> -			(struct pt_regs *)((ulong)regs + regs->stkadj);
> +		tregs = rte_regs(regs);
>   		pr_debug("Performing stackadjust=%04lx\n", regs->stkadj);
> -		/* This must be copied with decreasing addresses to
> -                   handle overlaps.  */
>   		tregs->vector = 0;
>   		tregs->format = 0;
> -		tregs->pc = regs->pc;
>   		tregs->sr = regs->sr;
>   	}
> +
> +	/*
> +	 * Set up registers for signal handler.  All the state we are about
> +	 * to destroy is successfully copied to sigframe.
> +	 */
> +	wrusp ((unsigned long) frame);
> +	tregs->pc = (unsigned long) ksig->ka.sa.sa_handler;
> +	adjustformat(regs);
>   	return 0;
>   }
>   

Re: [PATCH 2/3] m68k: update ->thread.esp0 before calling syscall_trace() in ret_from_signal

[Michael Schmitz]

Hi Al,

On 26/07/21 5:19 am, Al Viro wrote:
> We get there when sigreturn has performed obscene acts on kernel stack;
> in particular, the location of pt_regs has shifted.  We are about to call
> syscall_trace(), which might stop for tracer.  If that happens, we'd better
> have task_pt_regs() returning correct result...
>
> Fucked-up-by: Al Viro <viro@zeniv.linux.org.uk>
> Fixes: bd6f56a75bb2 ("m68k: Missing syscall_trace() on sigreturn")
> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Looking good also, and should go to -stable.

Tested-by: Michael Schmitz <schmitzmic@gmail.com>

Reviewed-by: Michael Schmitz <schmitzmic@gmail.com>

> ---
>   arch/m68k/kernel/entry.S | 2 ++
>   1 file changed, 2 insertions(+)
>
> diff --git a/arch/m68k/kernel/entry.S b/arch/m68k/kernel/entry.S
> index 9dd76fbb7c6b..ff9e842cec0f 100644
> --- a/arch/m68k/kernel/entry.S
> +++ b/arch/m68k/kernel/entry.S
> @@ -186,6 +186,8 @@ ENTRY(ret_from_signal)
>   	movel	%curptr@(TASK_STACK),%a1
>   	tstb	%a1@(TINFO_FLAGS+2)
>   	jge	1f
> +	lea	%sp@(SWITCH_STACK_SIZE),%a1
> +	movel	%a1,%curptr@(TASK_THREAD+THREAD_ESP0)
>   	jbsr	syscall_trace
>   1:	RESTORE_SWITCH_STACK
>   	addql	#4,%sp

Re: [PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Michael Schmitz]

Hi Al,

On 26/07/21 5:20 am, Al Viro wrote:
> sigreturn has to deal with an unpleasant problem - exception stack frames
> have different sizes, depending upon the exception (and processor model, as
> well) and variable-sized part of exception frame may contain information
> needed for instruction restart.  So when signal handler terminates and calls
> sigreturn to resume the execution at the place where we'd been when we caught
> the signal, it has to rearrange the frame at the bottom of kernel stack.
> Worse, it might need to open a gap in the kernel stack, shifting pt_regs
> towards lower addresses.
>
> Doing that from C is insane - we'd need to shift stack frames (return addresses,
> local variables, etc.) of C call chain, right under the nose of compiler and
> hope it won't fall apart horribly.  What had been actually done is only slightly
> less insane - an inline asm in mangle_kernel_stack() moved the stuff around,
> then reset stack pointer and jumped to label in asm glue.
>
> However, we can avoid all that mess if the asm wrapper we have to use anyway
> would reserve some space on the stack between switch_stack and the C stack
> frame of do_{rt_,}sigreturn().   Then C part can simply memmove() pt_regs +
> switch_stack, memcpy() the variable part of exception frame into the opened
> gap - all of that without inline asm, buggering C call chain, magical jumps
> to asm labels, etc.
>
> Asm wrapper would need to know where the moved switch_stack has ended up -
> it might have been shifted into the gap we'd reserved before do_rt_sigreturn()
> call.  That's where it needs to set the stack pointer to.  So let the C part
> return just that and be done with that.
>
> While we are at it, the call of berr_040cleanup() we need to do when
> returning via 68040 bus error exception frame can be moved into C part
> as well.
>
> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

This one's a little harder - you use a 84 byte gap on each sigreturn, no 
matter what the frame size we need to restore. The original 
mangle_kernel_stack() only makes room on the stack when it has no other 
option (using twice as much size - correct me if I'm wrong).

Ideally, we'd only leave a gap for mangle_kernel_stack() to use if the 
frame size requires us to do so. Working that out in asm glue would be 
sufficiently convoluted as to cancel out the benefits of cleaning up the 
C sigreturn part. Probably not worth it.

Looking at how likely it is that we'll see multiple pending signals, I'd 
say from the frequency of the resulting panic messages in the past four 
years it's quite rare. I've never seen these faults on anything but a 
fully loaded system running some sort of stress test. OTOH, the 
pathological case of exception frame (mid-instruction access fault) is 
expected when we might want to send a segfault signal, which may happen 
anytime.

On balance, I think the extra stack use will occur rare enough and the 
benefit of cleaning up mangle_kernel_stack() outweighs that.

Tested-by: Michael Schmitz <schmitzmic@gmail.com>

Reviewed-by: Michael Schmitz <schmitzmic@gmail.com>



> ---
>   arch/m68k/68000/entry.S       |   3 --
>   arch/m68k/coldfire/entry.S    |   3 --
>   arch/m68k/include/asm/traps.h |   4 ++
>   arch/m68k/kernel/entry.S      |  55 ++++++++++-----------
>   arch/m68k/kernel/signal.c     | 111 ++++++++++++++++--------------------------
>   5 files changed, 71 insertions(+), 105 deletions(-)
>
> diff --git a/arch/m68k/68000/entry.S b/arch/m68k/68000/entry.S
> index 259b3661b614..cce465e850fe 100644
> --- a/arch/m68k/68000/entry.S
> +++ b/arch/m68k/68000/entry.S
> @@ -25,7 +25,6 @@
>   .globl system_call
>   .globl resume
>   .globl ret_from_exception
> -.globl ret_from_signal
>   .globl sys_call_table
>   .globl bad_interrupt
>   .globl inthandler1
> @@ -59,8 +58,6 @@ do_trace:
>   	subql	#4,%sp			/* dummy return address */
>   	SAVE_SWITCH_STACK
>   	jbsr	syscall_trace_leave
> -
> -ret_from_signal:
>   	RESTORE_SWITCH_STACK
>   	addql	#4,%sp
>   	jra	ret_from_exception
> diff --git a/arch/m68k/coldfire/entry.S b/arch/m68k/coldfire/entry.S
> index d43a02795a4a..68adb7b5b296 100644
> --- a/arch/m68k/coldfire/entry.S
> +++ b/arch/m68k/coldfire/entry.S
> @@ -51,7 +51,6 @@ sw_usp:
>   .globl system_call
>   .globl resume
>   .globl ret_from_exception
> -.globl ret_from_signal
>   .globl sys_call_table
>   .globl inthandler
>   
> @@ -98,8 +97,6 @@ ENTRY(system_call)
>   	subql	#4,%sp			/* dummy return address */
>   	SAVE_SWITCH_STACK
>   	jbsr	syscall_trace_leave
> -
> -ret_from_signal:
>   	RESTORE_SWITCH_STACK
>   	addql	#4,%sp
>   
> diff --git a/arch/m68k/include/asm/traps.h b/arch/m68k/include/asm/traps.h
> index 4aff3358fbaf..a9d5c1c870d3 100644
> --- a/arch/m68k/include/asm/traps.h
> +++ b/arch/m68k/include/asm/traps.h
> @@ -267,6 +267,10 @@ struct frame {
>       } un;
>   };
>   
> +#ifdef CONFIG_M68040
> +asmlinkage void berr_040cleanup(struct frame *fp);
> +#endif
> +
>   #endif /* __ASSEMBLY__ */
>   
>   #endif /* _M68K_TRAPS_H */
> diff --git a/arch/m68k/kernel/entry.S b/arch/m68k/kernel/entry.S
> index ff9e842cec0f..8fa9822b5922 100644
> --- a/arch/m68k/kernel/entry.S
> +++ b/arch/m68k/kernel/entry.S
> @@ -78,20 +78,38 @@ ENTRY(__sys_clone3)
>   
>   ENTRY(sys_sigreturn)
>   	SAVE_SWITCH_STACK
> -	movel	%sp,%sp@-		  | switch_stack pointer
> -	pea	%sp@(SWITCH_STACK_SIZE+4) | pt_regs pointer
> +	movel	%sp,%a1			  	| switch_stack pointer
> +	lea	%sp@(SWITCH_STACK_SIZE),%a0	| pt_regs pointer
> +	lea     %sp@(-84),%sp			| leave a gap
> +	movel	%a1,%sp@-
> +	movel	%a0,%sp@-
>   	jbsr	do_sigreturn
> -	addql	#8,%sp
> -	RESTORE_SWITCH_STACK
> -	rts
> +	jra	1f				| shared with rt_sigreturn()
>   
>   ENTRY(sys_rt_sigreturn)
>   	SAVE_SWITCH_STACK
> -	movel	%sp,%sp@-		  | switch_stack pointer
> -	pea	%sp@(SWITCH_STACK_SIZE+4) | pt_regs pointer
> +	movel	%sp,%a1			  	| switch_stack pointer
> +	lea	%sp@(SWITCH_STACK_SIZE),%a0	| pt_regs pointer
> +	lea     %sp@(-84),%sp			| leave a gap
> +	movel	%a1,%sp@-
> +	movel	%a0,%sp@-
> +	| stack contents:
> +	|   [original pt_regs address] [original switch_stack address]
> +	|   [gap] [switch_stack] [pt_regs] [exception frame]
>   	jbsr	do_rt_sigreturn
> -	addql	#8,%sp
> +
> +1:
> +	| stack contents now:
> +	|   [original pt_regs address] [original switch_stack address]
> +	|   [unused part of the gap] [moved switch_stack] [moved pt_regs]
> +	|   [replacement exception frame]
> +	| return value of do_{rt_,}sigreturn() points to moved switch_stack.
> +
> +	movel	%d0,%sp				| discard the leftover junk
>   	RESTORE_SWITCH_STACK
> +	| stack contents now is just [syscall return address] [pt_regs] [frame]
> +	| return pt_regs.d0
> +	movel	%sp@(PT_OFF_D0+4),%d0
>   	rts
>   
>   ENTRY(buserr)
> @@ -182,27 +200,6 @@ do_trace_exit:
>   	addql	#4,%sp
>   	jra	.Lret_from_exception
>   
> -ENTRY(ret_from_signal)
> -	movel	%curptr@(TASK_STACK),%a1
> -	tstb	%a1@(TINFO_FLAGS+2)
> -	jge	1f
> -	lea	%sp@(SWITCH_STACK_SIZE),%a1
> -	movel	%a1,%curptr@(TASK_THREAD+THREAD_ESP0)
> -	jbsr	syscall_trace
> -1:	RESTORE_SWITCH_STACK
> -	addql	#4,%sp
> -/* on 68040 complete pending writebacks if any */
> -#ifdef CONFIG_M68040
> -	bfextu	%sp@(PT_OFF_FORMATVEC){#0,#4},%d0
> -	subql	#7,%d0				| bus error frame ?
> -	jbne	1f
> -	movel	%sp,%sp@-
> -	jbsr	berr_040cleanup
> -	addql	#4,%sp
> -1:
> -#endif
> -	jra	.Lret_from_exception
> -
>   ENTRY(system_call)
>   	SAVE_ALL_SYS
>   
> diff --git a/arch/m68k/kernel/signal.c b/arch/m68k/kernel/signal.c
> index cd11eb101eac..338817d0cb3f 100644
> --- a/arch/m68k/kernel/signal.c
> +++ b/arch/m68k/kernel/signal.c
> @@ -641,56 +641,35 @@ static inline void siginfo_build_tests(void)
>   static int mangle_kernel_stack(struct pt_regs *regs, int formatvec,
>   			       void __user *fp)
>   {
> -	int fsize = frame_extra_sizes(formatvec >> 12);
> -	if (fsize < 0) {
> +	int extra = frame_extra_sizes(formatvec >> 12);
> +	char buf[sizeof_field(struct frame, un)];
> +
> +	if (extra < 0) {
>   		/*
>   		 * user process trying to return with weird frame format
>   		 */
>   		pr_debug("user process returning with weird frame format\n");
> -		return 1;
> +		return -1;
>   	}
> -	if (!fsize) {
> -		regs->format = formatvec >> 12;
> -		regs->vector = formatvec & 0xfff;
> -	} else {
> -		struct switch_stack *sw = (struct switch_stack *)regs - 1;
> -		/* yes, twice as much as max(sizeof(frame.un.fmt<x>)) */
> -		unsigned long buf[sizeof_field(struct frame, un) / 2];
> -
> -		/* that'll make sure that expansion won't crap over data */
> -		if (copy_from_user(buf + fsize / 4, fp, fsize))
> -			return 1;
> -
> -		/* point of no return */
> -		regs->format = formatvec >> 12;
> -		regs->vector = formatvec & 0xfff;
> -#define frame_offset (sizeof(struct pt_regs)+sizeof(struct switch_stack))
> -		__asm__ __volatile__ (
> -#ifdef CONFIG_COLDFIRE
> -			 "   movel %0,%/sp\n\t"
> -			 "   bra ret_from_signal\n"
> -#else
> -			 "   movel %0,%/a0\n\t"
> -			 "   subl %1,%/a0\n\t"     /* make room on stack */
> -			 "   movel %/a0,%/sp\n\t"  /* set stack pointer */
> -			 /* move switch_stack and pt_regs */
> -			 "1: movel %0@+,%/a0@+\n\t"
> -			 "   dbra %2,1b\n\t"
> -			 "   lea %/sp@(%c3),%/a0\n\t" /* add offset of fmt */
> -			 "   lsrl  #2,%1\n\t"
> -			 "   subql #1,%1\n\t"
> -			 /* copy to the gap we'd made */
> -			 "2: movel %4@+,%/a0@+\n\t"
> -			 "   dbra %1,2b\n\t"
> -			 "   bral ret_from_signal\n"
> +	if (extra && copy_from_user(buf, fp, extra))
> +		return -1;
> +	regs->format = formatvec >> 12;
> +	regs->vector = formatvec & 0xfff;
> +	if (extra) {
> +		void *p = (struct switch_stack *)regs - 1;
> +		struct frame *new = (void *)regs - extra;
> +		int size = sizeof(struct pt_regs)+sizeof(struct switch_stack);
> +
> +		memmove(p - extra, p, size);
> +		memcpy(p - extra + size, buf, extra);
> +		current->thread.esp0 = (unsigned long)&new->ptregs;
> +#ifdef CONFIG_M68040
> +		/* on 68040 complete pending writebacks if any */
> +		if (new->ptregs.format == 7) // bus error frame
> +			berr_040cleanup(new);
>   #endif
> -			 : /* no outputs, it doesn't ever return */
> -			 : "a" (sw), "d" (fsize), "d" (frame_offset/4-1),
> -			   "n" (frame_offset), "a" (buf + fsize/4)
> -			 : "a0");
> -#undef frame_offset
>   	}
> -	return 0;
> +	return extra;
>   }
>   
>   static inline int
> @@ -698,7 +677,6 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *usc, void __u
>   {
>   	int formatvec;
>   	struct sigcontext context;
> -	int err = 0;
>   
>   	siginfo_build_tests();
>   
> @@ -707,7 +685,7 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *usc, void __u
>   
>   	/* get previous context */
>   	if (copy_from_user(&context, usc, sizeof(context)))
> -		goto badframe;
> +		return -1;
>   
>   	/* restore passed registers */
>   	regs->d0 = context.sc_d0;
> @@ -720,15 +698,10 @@ restore_sigcontext(struct pt_regs *regs, struct sigcontext __user *usc, void __u
>   	wrusp(context.sc_usp);
>   	formatvec = context.sc_formatvec;
>   
> -	err = restore_fpu_state(&context);
> -
> -	if (err || mangle_kernel_stack(regs, formatvec, fp))
> -		goto badframe;
> -
> -	return 0;
> +	if (restore_fpu_state(&context))
> +		return -1;
>   
> -badframe:
> -	return 1;
> +	return mangle_kernel_stack(regs, formatvec, fp);
>   }
>   
>   static inline int
> @@ -745,7 +718,7 @@ rt_restore_ucontext(struct pt_regs *regs, struct switch_stack *sw,
>   
>   	err = __get_user(temp, &uc->uc_mcontext.version);
>   	if (temp != MCONTEXT_VERSION)
> -		goto badframe;
> +		return -1;
>   	/* restore passed registers */
>   	err |= __get_user(regs->d0, &gregs[0]);
>   	err |= __get_user(regs->d1, &gregs[1]);
> @@ -774,22 +747,17 @@ rt_restore_ucontext(struct pt_regs *regs, struct switch_stack *sw,
>   	err |= restore_altstack(&uc->uc_stack);
>   
>   	if (err)
> -		goto badframe;
> -
> -	if (mangle_kernel_stack(regs, temp, &uc->uc_extra))
> -		goto badframe;
> +		return -1;
>   
> -	return 0;
> -
> -badframe:
> -	return 1;
> +	return mangle_kernel_stack(regs, temp, &uc->uc_extra);
>   }
>   
> -asmlinkage int do_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
> +asmlinkage void *do_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
>   {
>   	unsigned long usp = rdusp();
>   	struct sigframe __user *frame = (struct sigframe __user *)(usp - 4);
>   	sigset_t set;
> +	int size;
>   
>   	if (!access_ok(frame, sizeof(*frame)))
>   		goto badframe;
> @@ -801,20 +769,22 @@ asmlinkage int do_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
>   
>   	set_current_blocked(&set);
>   
> -	if (restore_sigcontext(regs, &frame->sc, frame + 1))
> +	size = restore_sigcontext(regs, &frame->sc, frame + 1);
> +	if (size < 0)
>   		goto badframe;
> -	return regs->d0;
> +	return (void *)sw - size;
>   
>   badframe:
>   	force_sig(SIGSEGV);
> -	return 0;
> +	return sw;
>   }
>   
> -asmlinkage int do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
> +asmlinkage void *do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
>   {
>   	unsigned long usp = rdusp();
>   	struct rt_sigframe __user *frame = (struct rt_sigframe __user *)(usp - 4);
>   	sigset_t set;
> +	int size;
>   
>   	if (!access_ok(frame, sizeof(*frame)))
>   		goto badframe;
> @@ -823,13 +793,14 @@ asmlinkage int do_rt_sigreturn(struct pt_regs *regs, struct switch_stack *sw)
>   
>   	set_current_blocked(&set);
>   
> -	if (rt_restore_ucontext(regs, sw, &frame->uc))
> +	size = rt_restore_ucontext(regs, sw, &frame->uc);
> +	if (size < 0)
>   		goto badframe;
> -	return regs->d0;
> +	return (void *)sw - size;
>   
>   badframe:
>   	force_sig(SIGSEGV);
> -	return 0;
> +	return sw;
>   }
>   
>   static inline struct pt_regs *rte_regs(struct pt_regs *regs)

Re: [PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Al Viro]

On Thu, Sep 16, 2021 at 11:35:05AM +1200, Michael Schmitz wrote:

> This one's a little harder - you use a 84 byte gap on each sigreturn, no
> matter what the frame size we need to restore. The original
> mangle_kernel_stack() only makes room on the stack when it has no other
> option (using twice as much size - correct me if I'm wrong).
> 
> Ideally, we'd only leave a gap for mangle_kernel_stack() to use if the frame
> size requires us to do so. Working that out in asm glue would be
> sufficiently convoluted as to cancel out the benefits of cleaning up the C
> sigreturn part. Probably not worth it.

You'd need to
	* load the frame type from sigcontext (and deal with EFAULT, etc.)
	* make decision based on that
	* pass the type down into sigreturn(), so we wouldn't run into
mismatches.

And all that just to avoid a single "subtract a constant from stack pointer"
insn.  We are on a very shallow kernel stack here - it's a syscall entry,
after all.  And the stack footprint of do_sigreturn() is fairly small - e.g.
stat(2) eats a lot more.

We are not initializing the gap either - it's just reserved on stack; we only
access it if we need to enlarge the stack frame.

IOW, what would be the benefit of trying to avoid unconditional gap there?

Re: [PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Michael Schmitz]

Hi Al,

On 16/09/21 12:19, Al Viro wrote:
> On Thu, Sep 16, 2021 at 11:35:05AM +1200, Michael Schmitz wrote:
>
>> This one's a little harder - you use a 84 byte gap on each sigreturn, no
>> matter what the frame size we need to restore. The original
>> mangle_kernel_stack() only makes room on the stack when it has no other
>> option (using twice as much size - correct me if I'm wrong).
>>
>> Ideally, we'd only leave a gap for mangle_kernel_stack() to use if the frame
>> size requires us to do so. Working that out in asm glue would be
>> sufficiently convoluted as to cancel out the benefits of cleaning up the C
>> sigreturn part. Probably not worth it.
>
> You'd need to
> 	* load the frame type from sigcontext (and deal with EFAULT, etc.)
> 	* make decision based on that
> 	* pass the type down into sigreturn(), so we wouldn't run into
> mismatches.
>
> And all that just to avoid a single "subtract a constant from stack pointer"
> insn.  We are on a very shallow kernel stack here - it's a syscall entry,
> after all.  And the stack footprint of do_sigreturn() is fairly small - e.g.
> stat(2) eats a lot more.

Thanks, that's what I was wondering. Not worth the extra complexity then.

>
> We are not initializing the gap either - it's just reserved on stack; we only
> access it if we need to enlarge the stack frame.
>
> IOW, what would be the benefit of trying to avoid unconditional gap there?

Avoiding a kernel stack overflow - there are comments in the code that 
warn against that, but those may be largely historic...

Cheers,

	Michael

Re: [PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Al Viro]

On Thu, Sep 16, 2021 at 12:53:53PM +1200, Michael Schmitz wrote:
> > You'd need to
> > 	* load the frame type from sigcontext (and deal with EFAULT, etc.)
> > 	* make decision based on that
> > 	* pass the type down into sigreturn(), so we wouldn't run into
> > mismatches.
> > 
> > And all that just to avoid a single "subtract a constant from stack pointer"
> > insn.  We are on a very shallow kernel stack here - it's a syscall entry,
> > after all.  And the stack footprint of do_sigreturn() is fairly small - e.g.
> > stat(2) eats a lot more.
> 
> Thanks, that's what I was wondering. Not worth the extra complexity then.
> 
> > 
> > We are not initializing the gap either - it's just reserved on stack; we only
> > access it if we need to enlarge the stack frame.
> > 
> > IOW, what would be the benefit of trying to avoid unconditional gap there?
> 
> Avoiding a kernel stack overflow - there are comments in the code that warn
> against that, but those may be largely historic...

This is syscall entry; moreover, it critically relies upon the fixed stack
layout - type 0 exception frame + pt_regs + switch_stack + (now) gap.
Followed by fairly shallow C call chain.  I suspect that the deepest you
can get there is when you get an unmapped page when reading the sigframe
and go into page fault handling, with call chain going into some filesystem's
->readpage().  If it was that close to stack overflow, we'd see them all
the time in e.g. random net ioctl doing copy_from_user() - that's going
to be deeper.  Or in stat(2), for that matter.

Re: [PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Michael Schmitz]

Hi Al,

On 16/09/21 15:21, Al Viro wrote:
> On Thu, Sep 16, 2021 at 12:53:53PM +1200, Michael Schmitz wrote:
>>> IOW, what would be the benefit of trying to avoid unconditional gap there?
>>
>> Avoiding a kernel stack overflow - there are comments in the code that warn
>> against that, but those may be largely historic...
>
> This is syscall entry; moreover, it critically relies upon the fixed stack
> layout - type 0 exception frame + pt_regs + switch_stack + (now) gap.

AFAIR, the concerns in the comments I saw were about interrupts - come 
to think of it, back in the early days, we used to have 'fast' and 
'slow' interrupt handlers, with much of the heavy lifting done in the 
handler, and slow interrupts allowed to lower the IPL. Probably no 
longer relevant.

> Followed by fairly shallow C call chain.  I suspect that the deepest you
> can get there is when you get an unmapped page when reading the sigframe
> and go into page fault handling, with call chain going into some filesystem's
> ->readpage().  If it was that close to stack overflow, we'd see them all
> the time in e.g. random net ioctl doing copy_from_user() - that's going
> to be deeper.  Or in stat(2), for that matter.

Your points are well taken - I can see now that my concerns are without 
merit.

The only question that remains is whether the third patch can also go to 
-stable. Most of my testing was with all three patches applied, I can 
drop the third one and retest if you're worries the third one is not 
appropriate for -stable.

Cheers,

	Michael

Re: [RFC][CFT] signal handling fixes

[Finn Thain]

On Sun, 25 Jul 2021, Al Viro wrote:

> ...
> 
> PS:  FWIW, ifdefs in arch/m68k/kernel/signal.c are wrong - it's not !MMU 
> vs. coldfire/MMU vs. classic/MMU.  It's actually 68000 vs. coldfire vs. 
> everything else.  These days it's nearly correct, but only because on 
> MMU variants of coldfire we never see exception stack frames with type 
> other than 4 - it's controlled by alignment of kernel stack pointer on 
> those, and it's under the kernel control, so it's always 32bit-aligned.  
> It used to be more serious back when we had 68360 support - that's !MMU 
> and exception stack frames are like those on 68020, unless I'm 
> misreading their manual...
> 

I don't claim to understand this code but CPU32 cores appear to be 
unsupported on either #ifdef branch: the MMU branch due to CACR and CAAR 
used in push_cache(), and the !MMU branch due to frame format $4 used in 
adjust_format().

The CPU32 Reference Manual appendix says these chips only supports control 
registers SFC, DFC, VBR and stack frame formats $0, $2, $C. 
https://www.nxp.com/files-static/microcontrollers/doc/ref_manual/CPU32RM.pdf

Re: [PATCH 3/3] m68k: leave stack mangling to asm wrapper of sigreturn()

[Al Viro]

On Thu, Sep 16, 2021 at 05:02:22PM +1200, Michael Schmitz wrote:

> The only question that remains is whether the third patch can also go to
> -stable. Most of my testing was with all three patches applied, I can drop
> the third one and retest if you're worries the third one is not appropriate
> for -stable.

	Up to m68k folks, really.  The current mainline mangle_kernel_stack()
is, er, not nice and the entire area is delicate enough as it is (witness the
bugs dealt with in the rest of the series), but strictly speaking the third
patch is not fixing any functional bugs.

Re: [RFC][CFT] signal handling fixes

[Geert Uytterhoeven]

Hi Finn,

On Thu, Sep 16, 2021 at 11:03 AM Finn Thain <fthain@linux-m68k.org> wrote:
> On Sun, 25 Jul 2021, Al Viro wrote:
> > ...
> >
> > PS:  FWIW, ifdefs in arch/m68k/kernel/signal.c are wrong - it's not !MMU
> > vs. coldfire/MMU vs. classic/MMU.  It's actually 68000 vs. coldfire vs.
> > everything else.  These days it's nearly correct, but only because on
> > MMU variants of coldfire we never see exception stack frames with type
> > other than 4 - it's controlled by alignment of kernel stack pointer on
> > those, and it's under the kernel control, so it's always 32bit-aligned.
> > It used to be more serious back when we had 68360 support - that's !MMU
> > and exception stack frames are like those on 68020, unless I'm
> > misreading their manual...
> >
>
> I don't claim to understand this code but CPU32 cores appear to be
> unsupported on either #ifdef branch: the MMU branch due to CACR and CAAR
> used in push_cache(), and the !MMU branch due to frame format $4 used in
> adjust_format().
>
> The CPU32 Reference Manual appendix says these chips only supports control
> registers SFC, DFC, VBR and stack frame formats $0, $2, $C.
> https://www.nxp.com/files-static/microcontrollers/doc/ref_manual/CPU32RM.pdf

As of commit a3595962d82495f5 ("m68knommu: remove obsolete 68360
support"), nothing selects MCPU32 anymore.

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Re: [RFC][CFT] signal handling fixes

[Geert Uytterhoeven]

On Sun, Jul 25, 2021 at 7:18 PM Al Viro <viro@zeniv.linux.org.uk> wrote:
>         Back in 2012 or so I'd found a bunch of fun issues with multiple
> pending signals on a lot of architectures.  m68k looked scarier than
> usual (due to the combination of variable-sized exception frames with the
> way kernel stack pointer is handled by the hardware), but I'd convinced
> myself that it had been correct.
>
>         Unfortunately, I was wrong - handling of multiple pending signals
> does *not* work correctly there.

[...]

Thank you, queuing in the m68k branch as fixes.

Gr{oetje,eeting}s,

                        Geert

-- 
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds