| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes
Merge "Fixes for omaps for v4.3-rc cycle" from Tony Lindgren:
- Fix oops with LPAE and moew than 2GB of memory by enabling
ZONE_DMA for LPAE. Probably no need for stable on this one as we
only recently ran into this with the mainline kernel
- Fix imprecise external abort caused by bogus SRAM init. This affects
dm814x recently merged, so no need for stable on this one AFAIK
* tag 'omap-for-v4.3/fixes-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
ARM: OMAP2+: Fix imprecise external abort caused by bogus SRAM init
ARM: OMAP2+: Fix oops with LPAE and more than 2GB of memory
|
|
cgwb_bdi_destroy()
a20135ffbc44 ("writeback: don't drain bdi_writeback_congested on bdi
destruction") added rbtree_postorder_for_each_entry_safe() which is
used to remove all entries; however, according to Cody, the iterator
isn't safe against operations which may rebalance the tree. Fix it by
switching to repeatedly removing rb_first() until empty.
Signed-off-by: Tejun Heo <[email protected]>
Reported-by: Cody P Schafer <[email protected]>
Fixes: a20135ffbc44 ("writeback: don't drain bdi_writeback_congested on bdi destruction")
Link: http://lkml.kernel.org/g/[email protected]
Signed-off-by: Jens Axboe <[email protected]>
|
|
Signed-off-by: Axel Lin <[email protected]>
Tested-by: Adam Thomson <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
Cc: [email protected]
|
|
Neither the rockchip i2s nor the rockchip spdif binding support child
devices so #address-cells and #size-cells properties aren't required.
Remove these from the bindings.
Signed-off-by: Sjoerd Simons <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function rather than
installing a list constraint with a single value. Since
snd_pcm_hw_constraint_single() sets a static constraint while
snd_pcm_hw_constraint_list() sets a dynamic constraint the former is
slightly more efficient and it also needs less code.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Vinod Koul <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function rather than
installing a list constraint with a single value. Since
snd_pcm_hw_constraint_single() sets a static constraint while
snd_pcm_hw_constraint_list() sets a dynamic constraint the former is
slightly more efficient and it also needs less code.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Vinod Koul <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function rather than
installing a list constraint with a single value. Since
snd_pcm_hw_constraint_single() sets a static constraint while
snd_pcm_hw_constraint_list() sets a dynamic constraint the former is
slightly more efficient and it also needs less code.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Vinod Koul <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function rather than
installing a list constraint with a single value. Since
snd_pcm_hw_constraint_single() sets a static constraint while
snd_pcm_hw_constraint_list() sets a dynamic constraint the former is
slightly more efficient and it also needs less code.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Vinod Koul <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer and is slightly shorter.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer and is slightly shorter.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Jarkko Nikula <[email protected]>
Tested-by: Jarkko Nikula <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer and is slightly shorter.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Jarkko Nikula <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer and is slightly shorter.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer and is slightly shorter.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Peter Ujfalusi <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Use the new snd_pcm_hw_constraint_single() helper function instead of
calling snd_pcm_hw_constraint_minmax() with the same value for min and max
to install a constraint that limits the possible configuration values to a
single value. Using snd_pcm_hw_constraint_single() makes the indented
result clearer.
While we are at it also fix some code style issues in the affected lines.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
The recommended and most efficient way to constraint a configuration
parameter to a single value is to set the minimum and maximum allowed
values to the same value, i.e. calling snd_pcm_hw_constraint_minmax() with
the same value for min and max.
It is not necessarily obvious though that this is the approach that should
be taken and some drivers have come up with other ways of solving this
problem, e.g. installing a list constraint with a single item. List
constraints are dynamic constraints though and hence less efficient than
the static min-max constraint.
This patch introduces a new helper function called
snd_pcm_hw_constraint_single() which only takes a single value has the same
effect as calling snd_pcm_hw_constraint_minmax() with the same values for
min and max. But it is hopefully semantically more expressive, making it
clear that this is the preferred way of setting a single value constraint.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Acked-by: Mark Brown <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
The register value to enable gpio2 was incorrect. So fix it.
Signed-off-by: Bard Liao <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
|
|
This fixes a bug where it is possible for an off-line CPU to fail to go
into a low-power state (nap/sleep/winkle), and to become unresponsive to
requests from the KVM subsystem to wake up and run a VCPU. What can
happen is that a maskable interrupt of some kind (external, decrementer,
hypervisor doorbell, or HMI) after we have called local_irq_disable() at
the beginning of pnv_smp_cpu_kill_self() and before interrupts are
hard-disabled inside power7_nap/sleep/winkle(). In this situation, the
pending event is marked in the irq_happened flag in the PACA. This
pending event prevents power7_nap/sleep/winkle from going to the
requested low-power state; instead they return immediately. We don't
deal with any of these pending event flags in the off-line loop in
pnv_smp_cpu_kill_self() because power7_nap et al. return 0 in this case,
so we will have srr1 == 0, and none of the processing to clear
interrupts or doorbells will be done.
Usually, the most obvious symptom of this is that a KVM guest will fail
with a console message saying "KVM: couldn't grab cpu N".
This fixes the problem by making sure we handle the irq_happened flags
properly. First, we hard-disable before the off-line loop. Once we have
hard-disabled, the irq_happened flags can't change underneath us. We
unconditionally clear the DEC and HMI flags: there is no processing of
timer interrupts while off-line, and the necessary HMI processing is all
done in lower-level code. We leave the EE and DBELL flags alone for the
first iteration of the loop, so that we won't fail to respond to a
split-core request that came in just before hard-disabling. Within the
loop, we handle external interrupts if the EE bit is set in irq_happened
as well as if the low-power state was interrupted by an external
interrupt. (We don't need to do the msgclr for a pending doorbell in
irq_happened, because doorbells are edge-triggered and don't remain
pending in hardware.) Then we clear both the EE and DBELL flags, and
once clear, they cannot be set again (until this CPU comes online again,
that is).
This also fixes the debug check to not be done when we just ran a KVM
guest or when the sleep didn't happen because of a pending event in
irq_happened.
Signed-off-by: Paul Mackerras <[email protected]>
Signed-off-by: Michael Ellerman <[email protected]>
|
|
POWER8"
This reverts commit 9678cdaae939 ("Use the POWER8 Micro Partition
Prefetch Engine in KVM HV on POWER8") because the original commit had
multiple, partly self-cancelling bugs, that could cause occasional
memory corruption.
In fact the logmpp instruction was incorrectly using register r0 as the
source of the buffer address and operation code, and depending on what
was in r0, it would either do nothing or corrupt the 64k page pointed to
by r0.
The logmpp instruction encoding and the operation code definitions could
be corrected, but then there is the problem that there is no clearly
defined way to know when the hardware has finished writing to the
buffer.
The original commit attempted to work around this by aborting the
write-out before starting the prefetch, but this is ineffective in the
case where the virtual core is now executing on a different physical
core from the one where the write-out was initiated.
These problems plus advice from the hardware designers not to use the
function (since the measured performance improvement from using the
feature was actually mostly negative), mean that reverting the code is
the best option.
Fixes: 9678cdaae939 ("Use the POWER8 Micro Partition Prefetch Engine in KVM HV on POWER8")
Signed-off-by: Paul Mackerras <[email protected]>
Signed-off-by: Michael Ellerman <[email protected]>
|
|
Suppose that we got a data crc error, and it triggers the mmc_reset.
mmc_reset will call mmc_send_status to see if HW reset was supported.
before issue CMD13, it will do retune, and if EMMC was in HS400 mode,
it will reduce frequency to 52Mhz firstly, then results in card init
was doing at 52Mhz.
The mmc_send_status was originally only done for mmc_test, should drop
it. And, rename the "eMMC hardware reset" to "Reset test", as we would
also be able to use the test for SD-cards.
Signed-off-by: Chaotian Jing <[email protected]>
Suggested-by: Adrian Hunter <[email protected]>
Fixes: bd11e8bd03ca ("mmc: core: Flag re-tuning is needed on CRC errors")
Signed-off-by: Ulf Hansson <[email protected]>
|
|
Current code will always truncate tailing page if its alloc_start is
smaller than inode size.
For example, the file extent layout is like:
0 4K 8K 16K 32K
|<-----Extent A---------------->|
|<--Inode size: 18K---------->|
But if calling fallocate even for range [0,4K), it will cause btrfs to
re-truncate the range [16,32K), causing COW and a new extent.
0 4K 8K 16K 32K
|///////| <- Fallocate call range
|<-----Extent A-------->|<--B-->|
The cause is quite easy, just a careless btrfs_truncate_inode() in a
else branch without extra judgment.
Fix it by add judgment on whether the fallocate range is beyond isize.
Signed-off-by: Qu Wenruo <[email protected]>
Signed-off-by: Chris Mason <[email protected]>
|
|
The code in stack tracer should not be executed within an NMI as it grabs
spinlocks and stack tracing an NMI gives the possibility of causing a
deadlock. Although this is safe on x86_64, because it does not perform stack
traces when the task struct stack is not in use (interrupts and NMIs), it
may be an issue for NMIs on i386 and other archs that use the same stack as
the NMI.
Signed-off-by: Steven Rostedt <[email protected]>
|
|
When discussing the patches to demux ids in rdma_cm instead of ib_cm, it
was decided that it is best to use the P_Key value in the packet headers.
However, the mlx5 and ipath drivers are currently unable to send correct
P_Key values in GMP headers. They always send using a single P_Key that is
set during the GSI QP initialization.
Change the rdma_cm code to look at the P_Key value that is part of the
packet payload as a workaround. Once the drivers are fixed this patch can
be reverted.
Fixes: 4c21b5bcef73 ("IB/cma: Add net_dev and private data checks to
RDMA CM")
Signed-off-by: Haggai Eran <[email protected]>
Signed-off-by: Doug Ledford <[email protected]>
|
|
Allocating a workqueue might fail, which wasn't checked so far and would
lead to NULL ptr derefs when an attempt to use it was made.
Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Doug Ledford <[email protected]>
|
|
If the lookup of a listening ID failed for an AF_IB request, the code
would try to call dev_put() on a NULL net_dev.
Fixes: be688195bd08 ("IB/cma: Fix net_dev reference leak with failed
requests")
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Haggai Eran <[email protected]>
Signed-off-by: Doug Ledford <[email protected]>
|
|
When using ifup/ifdown while executing enum_netdev_ipv4_ips,
ifa could become invalid and cause use after free error.
Fixing it by protecting with RCU lock.
Fixes: 03db3a2d81e6 ('IB/core: Add RoCE GID table management')
Signed-off-by: Matan Barak <[email protected]>
Signed-off-by: Doug Ledford <[email protected]>
|
|
We currently do a single update of the vgic state when the distributor
enable/disable control register is accessed and then bypass updating the
state for as long as the distributor remains disabled.
This is incorrect, because updating the state does not consider the
distributor enable bit, and this you can end up in a situation where an
interrupt is marked as pending on the CPU interface, but not pending on
the distributor, which is an impossible state to be in, and triggers a
warning. Consider for example the following sequence of events:
1. An interrupt is marked as pending on the distributor
- the interrupt is also forwarded to the CPU interface
2. The guest turns off the distributor (it's about to do a reboot)
- we stop updating the CPU interface state from now on
3. The guest disables the pending interrupt
- we remove the pending state from the distributor, but don't touch
the CPU interface, see point 2.
Since the distributor disable bit really means that no interrupts should
be forwarded to the CPU interface, we modify the code to keep updating
the internal VGIC state, but always set the CPU interface pending bits
to zero when the distributor is disabled.
Signed-off-by: Christoffer Dall <[email protected]>
|
|
When a guest reboots or offlines/onlines CPUs, it is not uncommon for it
to clear the pending and active states of an interrupt through the
emulated VGIC distributor. However, since the architected timers are
defined by the architecture to be level triggered and the guest
rightfully expects them to be that, but we emulate them as
edge-triggered, we have to mimic level-triggered behavior for an
edge-triggered virtual implementation.
We currently do not signal the VGIC when the map->active field is true,
because it indicates that the guest has already been signalled of the
interrupt as required. Normally this field is set to false when the
guest deactivates the virtual interrupt through the sync path.
We also need to catch the case where the guest deactivates the interrupt
through the emulated distributor, again allowing guests to boot even if
the original virtual timer signal hit before the guest's GIC
initialization sequence is run.
Reviewed-by: Eric Auger <[email protected]>
Signed-off-by: Christoffer Dall <[email protected]>
|
|
We have an interesting issue when the guest disables the timer interrupt
on the VGIC, which happens when turning VCPUs off using PSCI, for
example.
The problem is that because the guest disables the virtual interrupt at
the VGIC level, we never inject interrupts to the guest and therefore
never mark the interrupt as active on the physical distributor. The
host also never takes the timer interrupt (we only use the timer device
to trigger a guest exit and everything else is done in software), so the
interrupt does not become active through normal means.
The result is that we keep entering the guest with a programmed timer
that will always fire as soon as we context switch the hardware timer
state and run the guest, preventing forward progress for the VCPU.
Since the active state on the physical distributor is really part of the
timer logic, it is the job of our virtual arch timer driver to manage
this state.
The timer->map->active boolean field indicates whether we have signalled
this interrupt to the vgic and if that interrupt is still pending or
active. As long as that is the case, the hardware doesn't have to
generate physical interrupts and therefore we mark the interrupt as
active on the physical distributor.
We also have to restore the pending state of an interrupt that was
queued to an LR but was retired from the LR for some reason, while
remaining pending in the LR.
Cc: Marc Zyngier <[email protected]>
Reported-by: Lorenzo Pieralisi <[email protected]>
Signed-off-by: Christoffer Dall <[email protected]>
|
|
The vgic code on ARM is built for all configurations that enable KVM,
but the parent_data field that it references is only present when
CONFIG_IRQ_DOMAIN_HIERARCHY is set:
virt/kvm/arm/vgic.c: In function 'kvm_vgic_map_phys_irq':
virt/kvm/arm/vgic.c:1781:13: error: 'struct irq_data' has no member named 'parent_data'
This flag is implied by the GIC driver, and indeed the VGIC code only
makes sense if a GIC is present. This changes the CONFIG_KVM symbol
to always select GIC, which avoids the issue.
Fixes: 662d9715840 ("arm/arm64: KVM: Kill CONFIG_KVM_ARM_{VGIC,TIMER}")
Signed-off-by: Arnd Bergmann <[email protected]>
Acked-by: Marc Zyngier <[email protected]>
Signed-off-by: Christoffer Dall <[email protected]>
|
|
Jump to correct label and free kvm_host_cpu_state
Reviewed-by: Wei Huang <[email protected]>
Signed-off-by: Pavel Fedin <[email protected]>
Signed-off-by: Christoffer Dall <[email protected]>
|
|
When lowering a level-triggered line from userspace, we forgot to lower
the pending bit on the emulated CPU interface and we also did not
re-compute the pending_on_cpu bitmap for the CPU affected by the change.
Update vgic_update_irq_pending() to fix the two issues above and also
raise a warning in vgic_quue_irq_to_lr if we encounter an interrupt
pending on a CPU which is neither marked active nor pending.
[ Commit text reworked completely - Christoffer ]
Signed-off-by: Pavel Fedin <[email protected]>
Signed-off-by: Christoffer Dall <[email protected]>
|
|
The implementation of ssm2518_register_volatile always returns false,
this behavior is the same as no .volatile_reg callback implementation
when cache_type != REGCACHE_NONE.
Signed-off-by: Axel Lin <[email protected]>
Acked-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
|
|
adau193x_reg_volatile() always return false.
This seems pointless because current code uses REGCACHE_NONE cache_type
which is supposed to be volatile.
Signed-off-by: Axel Lin <[email protected]>
Acked-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
|
|
When MIDI buffer stores two or more MIDI messages, TASCAM driver
transfers asynchronous transactions including one MIDI message and
extra bytes from second MIDI message.
This commit fixes this bug by clearing needless bytes in the buffer. The
consumed bytes are already calculated correctly, thus the sequence of
transactions is already correct.
Signed-off-by: Takashi Sakamoto <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
In transactions for MIDI messages, the first byte is used for label and
the rest is for MIDI bytes. In current code, these are handled correctly,
while there's a small mistake for loop condition to include meaningless
statement.
This commit adds two local variables for them and improve the loop
condition.
Signed-off-by: Takashi Sakamoto <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
intension
In the callback function of asynchronous MIDI port, the intension of some
local variables are not clear.
This commit improves them. The 'len' variable is used to calculate the
number of MIDI bytes including in the transaction. The 'consume' variable
is used to return the actual number of consumed bytes in ALSA MIDI buffer.
Signed-off-by: Takashi Sakamoto <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
In the callback function of asynchronous MIDI port, some local variables
are declared 'unsigned int', while they're assigned to int value of return
from snd_rawmidi_transmit_peek().
This commit fixes the type.
Signed-off-by: Takashi Sakamoto <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
The given buffer to callback function is cleared in caller side.
This commit removes buffer initialization in callee side.
Signed-off-by: Takashi Sakamoto <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
The stack tracer was triggering the WARN_ON() in module.c:
static void module_assert_mutex_or_preempt(void)
{
#ifdef CONFIG_LOCKDEP
if (unlikely(!debug_locks))
return;
WARN_ON(!rcu_read_lock_sched_held() &&
!lockdep_is_held(&module_mutex));
#endif
}
The reason is that the stack tracer traces all function calls, and some of
those calls happen while exiting or entering user space and idle. Some of
these functions are called after RCU had already stopped watching, as RCU
does not watch userspace or idle CPUs.
If a max stack is hit, then the save_stack_trace() is called, which will
check module addresses and call module_assert_mutex_or_preempt(), and then
trigger the warning. Sad part is, the warning itself will also do a stack
trace and tigger the same warning. That probably should be fixed.
The warning was added by 0be964be0d45 "module: Sanitize RCU usage and
locking" but this bug has probably been around longer. But it's unlikely to
cause much harm, but the new warning causes the system to lock up.
Cc: [email protected] # 4.2+
Cc: Peter Zijlstra <[email protected]>
Cc:"Paul E. McKenney" <[email protected]>
Signed-off-by: Steven Rostedt <[email protected]>
|
|
There are 24 EQ registers not 25, I suspect this bug came about because
the registers start at EQ1 not zero. The bug is relatively harmless as
the extra register written is an unused one.
Signed-off-by: Charles Keepax <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
Cc: [email protected]
|
|
The HDA codec driver issues snd_hda_codec_reset() at the error path of
PCM build. This was needed in the earlier code base, but the recent
rewrite to use the standard bus binding made this a deadlock:
modprobe D 0000000000000005 0 720 716 0x00000080
Call Trace:
[<ffffffff816a5dbe>] schedule+0x3e/0x90
[<ffffffff816a61a5>] schedule_preempt_disabled+0x15/0x20
[<ffffffff816a7ae5>] __mutex_lock_slowpath+0xb5/0x120
[<ffffffff816a7b6b>] mutex_lock+0x1b/0x30
[<ffffffff8148656b>] device_release_driver+0x1b/0x30
[<ffffffff81485c15>] bus_remove_device+0x105/0x180
[<ffffffff814822b9>] device_del+0x139/0x260
[<ffffffffa05e0ec5>] snd_hdac_device_unregister+0x25/0x30 [snd_hda_core]
[<ffffffffa074fa6a>] snd_hda_codec_reset+0x2a/0x70 [snd_hda_codec]
[<ffffffffa075007b>] snd_hda_codec_build_pcms+0x18b/0x1b0 [snd_hda_codec]
[<ffffffffa074a44e>] hda_codec_driver_probe+0xbe/0x140 [snd_hda_codec]
[<ffffffff81486ac4>] driver_probe_device+0x1f4/0x460
[<ffffffff81486dc0>] __driver_attach+0x90/0xa0
[<ffffffff81484844>] bus_for_each_dev+0x64/0xa0
[<ffffffff814862de>] driver_attach+0x1e/0x20
[<ffffffff81485e7b>] bus_add_driver+0x1eb/0x280
[<ffffffff81487680>] driver_register+0x60/0xe0
[<ffffffffa074a0da>] __hda_codec_driver_register+0x5a/0x60 [snd_hda_codec]
[<ffffffffa070a01e>] realtek_driver_init+0x1e/0x1000 [snd_hda_codec_realtek]
[<ffffffff810002f3>] do_one_initcall+0xb3/0x200
[<ffffffff816a1fc5>] do_init_module+0x60/0x1f8
[<ffffffff810ee5c3>] load_module+0x1653/0x1bd0
[<ffffffff810eed48>] SYSC_finit_module+0x98/0xc0
[<ffffffff810eed8e>] SyS_finit_module+0xe/0x10
[<ffffffff816aa032>] entry_SYSCALL_64_fastpath+0x16/0x75
The simple fix is just to remove this call, since we don't need to
think about unbinding at there any longer.
Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=948758
Cc: <[email protected]> # v4.1+
Signed-off-by: Takashi Iwai <[email protected]>
|
|
get_wchan() is racy by design, it may access volatile stack
of running task, thus it may access redzone in a stack frame
and cause KASAN to warn about this.
Use READ_ONCE_NOCHECK() to silence these warnings.
Reported-by: Sasha Levin <[email protected]>
Signed-off-by: Andrey Ryabinin <[email protected]>
Cc: Alexander Potapenko <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Andrey Konovalov <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: Denys Vlasenko <[email protected]>
Cc: Dmitry Vyukov <[email protected]>
Cc: Kostya Serebryany <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: Paul E. McKenney <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Wolfram Gloger <[email protected]>
Cc: kasan-dev <[email protected]>
Link: http://lkml.kernel.org/r/[email protected]
Signed-off-by: Ingo Molnar <[email protected]>
|
|
Some code may perform racy by design memory reads. This could be
harmless, yet such code may produce KASAN warnings.
To hide such accesses from KASAN this patch introduces
READ_ONCE_NOCHECK() macro. KASAN will not check the memory
accessed by READ_ONCE_NOCHECK(). The KernelThreadSanitizer
(KTSAN) is going to ignore it as well.
This patch creates __read_once_size_nocheck() a clone of
__read_once_size(). The only difference between them is
'no_sanitized_address' attribute appended to '*_nocheck'
function. This attribute tells the compiler that instrumentation
of memory accesses should not be applied to that function. We
declare it as static '__maybe_unsed' because GCC is not capable
to inline such function:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67368
With KASAN=n READ_ONCE_NOCHECK() is just a clone of READ_ONCE().
Signed-off-by: Andrey Ryabinin <[email protected]>
Cc: Alexander Potapenko <[email protected]>
Cc: Andrew Morton <[email protected]>
Cc: Andrey Konovalov <[email protected]>
Cc: Andy Lutomirski <[email protected]>
Cc: Borislav Petkov <[email protected]>
Cc: Denys Vlasenko <[email protected]>
Cc: Dmitry Vyukov <[email protected]>
Cc: Kostya Serebryany <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: Paul E. McKenney <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Sasha Levin <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Wolfram Gloger <[email protected]>
Cc: kasan-dev <[email protected]>
Link: http://lkml.kernel.org/r/[email protected]
Signed-off-by: Ingo Molnar <[email protected]>
|