- 23 Nov, 2008 4 commits
-
-
Frederic Weisbecker authored
Impact: fix a crash While I killed the cat process, I got sometimes the following (but rare) crash: [ 65.689027] Pid: 2969, comm: cat Not tainted (2.6.28-rc6-tip #83) AMILO Li 2727 [ 65.689027] EIP: 0060:[<00000000>] EFLAGS: 00010082 CPU: 1 [ 65.689027] EIP is at 0x0 [ 65.689027] EAX: 00000000 EBX: f66cd780 ECX: c019a64a EDX: f66cd780 [ 65.689027] ESI: 00000286 EDI: f66cd780 EBP: f630be2c ESP: f630be24 [ 65.689027] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 [ 65.689027] Process cat (pid: 2969, ti=f630a000 task=f66cd780 task.ti=f630a000) [ 65.689027] Stack: [ 65.689027] 00000012 f630bd54 f630be7c c012c853 00000000 c0133cc9 f66cda54 f630be5c [ 65.689027] f630be68 f66cda54 f66cd88c f66cd878 f7070000 00000001 f630be90 c0135dbc [ 65.689027] f614a614 f630be68 f630be68 f65ba200 00000002 f630bf10 f630be90 c012cad6 [ 65.689027] Call Trace: [ 65.689027] [<c012c853>] ? do_exit+0x603/0x850 [ 65.689027] [<c0133cc9>] ? next_signal+0x9/0x40 [ 65.689027] [<c0135dbc>] ? dequeue_signal+0x8c/0x180 [ 65.689027] [<c012cad6>] ? do_group_exit+0x36/0x90 [ 65.689027] [<c013709c>] ? get_signal_to_deliver+0x20c/0x390 [ 65.689027] [<c0102b69>] ? do_notify_resume+0x99/0x8b0 [ 65.689027] [<c02e6d1a>] ? tty_ldisc_deref+0x5a/0x80 [ 65.689027] [<c014db9b>] ? trace_hardirqs_on+0xb/0x10 [ 65.689027] [<c02e6d1a>] ? tty_ldisc_deref+0x5a/0x80 [ 65.689027] [<c02e39b0>] ? n_tty_write+0x0/0x340 [ 65.689027] [<c02e1812>] ? redirected_tty_write+0x82/0x90 [ 65.689027] [<c019ee99>] ? vfs_write+0x99/0xd0 [ 65.689027] [<c02e1790>] ? redirected_tty_write+0x0/0x90 [ 65.689027] [<c019f342>] ? sys_write+0x42/0x70 [ 65.689027] [<c01035ca>] ? work_notifysig+0x13/0x19 [ 65.689027] Code: Bad EIP value. [ 65.689027] EIP: [<00000000>] 0x0 SS:ESP 0068:f630be24 This is because on do_exit(), kfree is called to free the return addresses stack but kfree is traced and stored its return address in this stack. This patch fixes it. Signed-off-by:
Frederic Weisbecker <fweisbec@gmail.com> Signed-off-by:
Ingo Molnar <mingo@elte.hu>
-
Ingo Molnar authored
Impact: cleanup Eliminate #ifdefs in core code by using empty inline functions. Signed-off-by: -
Frederic Weisbecker authored
Impact: use deeper function tracing depth safely Some tests showed that function return tracing needed a more deeper depth of function calls. But it could be unsafe to store these return addresses to the stack. So these arrays will now be allocated dynamically into task_struct of current only when the tracer is activated. Typical scheme when tracer is activated: - allocate a return stack for each task in global list. - fork: allocate the return stack for the newly created task - exit: free return stack of current - idle init: same as fork I chose a default depth of 50. I don't have overruns anymore. Signed-off-by:
-
Ingo Molnar authored
-
- 21 Nov, 2008 2 commits
-
-
Liming Wang authored
Impact: make output of stack_trace complete if buffer overruns When read buffer overruns, the output of stack_trace isn't complete. When printing records with seq_printf in t_show, if the read buffer has overruned by the current record, then this record won't be printed to user space through read buffer, it will just be dropped in this printing. When next printing, t_start should return the "*pos"th record, which is the one dropped by previous printing, but it just returns (m->private + *pos)th record. Here we use a more sane method to implement seq_operations which can be found in kernel code. Thus we needn't initialize m->private. About testing, it's not easy to overrun read buffer, but we can use seq_printf to print more padding bytes in t_show, then it's easy to check whether or not records are lost. This commit has been tested on both condition of overrun and non overrun. Signed-off-by:
Liming Wang <liming.wang@windriver.com> Acked-by:
Steven Rostedt <rostedt@goodmis.org> Signed-off-by:
-
Linus Torvalds authored
* master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] 5330/1: mach-pxa: Fixup reset for systems using reboot=cold or other strings [ARM] pxa: fix incorrect PCMCIA PSKTSEL pin configuration for spitz [ARM] pxa: fix I2C controller device being registered twice on Akita pxafb: only initialize the smart panel thread when dealing with a smartpanel pxafb: introduce LCD_TYPE_MASK and use it.
-
- 20 Nov, 2008 34 commits
-
-
Linus Torvalds authored
-
git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6Linus Torvalds authored
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6: [IA64] xen: fix xen_get_eflags. [IA64] ia64/pv_ops/pv_cpu_ops: fix _IA64_REG_IP case. [IA64] remove duplicate include iommu.h [IA64] use mprintk instead of printk, in ia64_mca_modify_original_stack [IA64] Rationalize kernel mode alignment checking
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6: USB: ACE1001 patch for cp2101.c USB: usbmon: fix read(2) USB: gadget rndis: send notifications USB: gadget rndis: stop windows self-immolation USB: storage: update unusual_devs entries for Nokia 5300 and 5310 USB: storage: updates unusual_devs entry for the Nokia 6300 usb: musb: fix bug in musb_schedule USB: fix SB700 usb subsystem hang bug
-
Isaku Yamahata authored
fix xen_get_eflags. It doesn't take any argument. Signed-off-by:
Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by:
Tony Luck <tony.luck@intel.com>
-
Isaku Yamahata authored
pv_cpu_ops.getreg(_IA64_REG_IP) returned constant. But the returned ip valued should be the one in the caller, not of the callee. This patch fixes that. Signed-off-by:
-
Huang Weiyi authored
arch/ia64/kernel/pci-dma.c only needs to include iommu once. Signed-off-by:
Huang Weiyi <weiyi.huang@gmail.com> Signed-off-by:
-
Hidetoshi Seto authored
Using printk from MCA/INIT context is unsafe since it can cause deadlock. The ia64_mca_modify_original_stack is called from both of mca handler and init handler, so it should use mprintk instead of printk. Signed-off-by:
Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com> Signed-off-by:
-
Tony Luck authored
Itanium processors can handle some misaligned data accesses. They also provide a mode where all such accesses are forced to trap. The kernel was schizophrenic about use of this mode: * Base kernel code ran in permissive mode where the only traps generated were from those cases that the h/w could not handle. * Interrupt, syscall and trap code ran in strict mode where all unaligned accesses caused traps to the 0x5a00 unaligned reference vector. Use strict alignment checking throughout the kernel, but make sure that we continue to let user mode use more relaxed mode as the default. Signed-off-by: -
Matthew Wilcox authored
When we migrate an interrupt from one CPU to another, we set the move_in_progress flag and clean up the vectors later once they're not being used. If you're unlucky and call destroy_irq() before the vectors become un-used, the move_in_progress flag is never cleared, which causes the interrupt to become unusable. This was discovered by Jesse Brandeburg for whom it manifested as an MSI-X device refusing to use MSI-X mode when the driver was unloaded and reloaded repeatedly. Signed-off-by:
Matthew Wilcox <willy@linux.intel.com> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Trond Myklebust authored
Fix a regression reported by Max Kellermann whereby kernel profiling showed that his clients were spending 45% of their time in rpcauth_lookup_credcache. It turns out that although his processes had identical uid/gid/groups, generic_match() was failing to detect this, because the task->group_info pointers were not shared. This again lead to the creation of a huge number of identical credentials at the RPC layer. The regression is fixed by comparing the contents of task->group_info if the actual pointers are not identical. Signed-off-by:
Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] Do not attempt to close invalidated file handles [CIFS] fix check for dead tcon in smb_init
-
git://ftp.linux-mips.org/pub/scm/upstream-linusLinus Torvalds authored
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: MIPS: csrc-r4k: Fix declaration depending on the wrong CONFIG_ symbol. MIPS: csrc-r4k: Fix spelling mistake. MIPS: RB532: Provide functions for gpio configuration MIPS: IP22: Make indy_sc_ops variable static MIPS: RB532: GPIO register offsets are relative to GPIOBASE MIPS: Malta: Fix include paths in malta-amon.c
-
Linus Torvalds authored
Merge branch 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: intel-iommu: fix compile warnings
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (23 commits) net: fix tiny output corruption of /proc/net/snmp6 atl2: don't request irq on resume if netif running ipv6: use seq_release_private for ip6mr.c /proc entries pkt_sched: fix missing check for packet overrun in qdisc_dump_stab() smc911x: Fix printf format typo in smc911x driver. asix: Fix asix-based cards connecting to 10/100Mbs LAN. mv643xx_eth: fix recycle check bound mv643xx_eth: fix the order of mdiobus_{unregister, free}() calls sh: sh_eth: Update to change of mii_bus TPROXY: supply a struct flowi->flags argument in inet_sk_rebuild_header() TPROXY: fill struct flowi->flags in udp_sendmsg() net: ipg.c fix bracing on endian swapping phylib: Fix auto-negotiation restart avoidance net: jme.c rxdesc.flags is __le16, other missing endian swaps phylib: fix phy name example in documentation net: Do not fire linkwatch events until the device is registered. phonet: fix compilation with gcc-3.4 ixgbe: fix compilation with gcc-3.4 pktgen: fix multiple queue warning net: fix ip_mr_init() error path ...
-
Linus Torvalds authored
Merge branch 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: ftrace: fix dyn ftrace filter selection ftrace: make filtered functions effective on setting ftrace: fix set_ftrace_filter trace: introduce missing mutex_unlock() tracing: kernel/trace/trace.c: introduce missing kfree()
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: uaccess_64: fix return value in __copy_from_user() x86: quirk for reboot stalls on a Dell Optiplex 330
-
Helge Deller authored
Commit 81e192d6 ("parisc: convert to generic compat_sys_ptrace") introduced a bug which segfaults the parisc 64bit kernel when stracing 32bit applications: Kernel Fault: Code=15 regs=00000000bafa42b0 (Addr=00000001baf5ab57) YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI PSW: 00001000000001101111111100001011 Tainted: G W r00-03 000000ff0806ff0b 000000004068edc0 00000000401203f8 00000000fb3e2508 r04-07 0000000040686dc0 00000000baf5a800 fffffffffffffffc fffffffffb3e2508 r08-11 00000000baf5a800 000000000004b068 00000000000402b0 0000000000040d68 r12-15 0000000000042a9c 0000000000040a9c 0000000000040d60 0000000000042e9c r16-19 000000000004b060 000000000004b058 0000000000042d9c ffffffffffffffff r20-23 000000000800000b 0000000000000000 000000000800000b fffffffffb3e2508 r24-27 00000000fffffffc 0000000000000003 00000000fffffffc 0000000040686dc0 r28-31 00000001baf5a7ff 00000000bafa4280 00000000bafa42b0 00000000000001d7 sr00-03 0000000000fca000 0000000000000000 0000000000000000 0000000000fca000 sr04-07 0000000000000000 0000000000000000 0000000000000000 0000000000000000 IASQ: 0000000000000000 0000000000000000 IAOQ: 0000000040120400 0000000040120404 IIR: 4b9a06b0 ISR: 0000000000000000 IOR: 00000001baf5ab57 CPU: 0 CR30: 00000000bafa4000 CR31: 00000000d22344e0 ORIG_R28: 00000000fb3e2248 IAOQ[0]: compat_arch_ptrace+0xb8/0x160 IAOQ[1]: compat_arch_ptrace+0xbc/0x160 RP(r2): compat_arch_ptrace+0xb0/0x160 Backtrace: [<00000000401612ac>] compat_sys_ptrace+0x15c/0x180 [<0000000040104ef8>] syscall_exit+0x0/0x14 The problem is that compat_arch_ptrace() enters with an addr value of type compat_ulong_t and calls translate_usr_offset() to translate the address offset into a struct pt_regs offset like this: addr = translate_usr_offset(addr) this means that any return value of translate_usr_offset() is stored back as compat_ulong_t type into the addr variable. But since translate_usr_offset() returns -1 for invalid offsets, addr can now get the value 0xffffffff which then fails the next return-value sanity check and thus the kernel tries to access invalid memory: if (addr < 0) break; Fix this bug by modifying translate_usr_offset() to take and return values of type compat_ulong_t, and by returning the value "sizeof(struct pt_regs)" as an error indicator. Additionally change the sanity check to check for return values for >= sizeof(struct pt_regs). This patch survived my compile and run-tests. Signed-off-by:
Helge Deller <deller@gmx.de> Signed-off-by:
-
Steve French authored
If a connection with open file handles has gone down and come back up and reconnected without reopening the file handle yet, do not attempt to send an SMB close request for this handle in cifs_close. We were checking for the connection being invalid in cifs_close but since the connection may have been reconnected we also need to check whether the file handle was marked invalid (otherwise we could close the wrong file handle by accident). Acked-by:
Jeff Layton <jlayton@redhat.com> Signed-off-by:
Steve French <sfrench@us.ibm.com>
-
Ralf Baechle authored
Signed-off-by:Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: -
Phil Sutter authored
As gpiolib doesn't support pin multiplexing, it provides no way to access the GPIOFUNC register. Also there is no support for setting interrupt status and level. These functions provide access to them and are needed by the CompactFlash driver. Signed-off-by:
Phil Sutter <n0-1@freewrt.org> Signed-off-by:
-
Dmitri Vorobiev authored
The indy_sc_ops variable in arch/mips/mm/sc-ip22.c is needlessly defined global, and this patch makes it static. Signed-off-by:
Dmitri Vorobiev <dmitri.vorobiev@movial.fi> Signed-off-by:
-
Florian Fainelli authored
This patch fixes the wrong use of GPIO register offsets in devices.c. To avoid further problems, use gpio_get_value to return the NAND status instead of our own expanded code. Also define the zero offset of the alternate function register to allow consistent access. Signed-off-by:
Florian Fainelli <florian@openwrt.org> Signed-off-by:
-
David Daney authored
On linux-queue, malta doesn't build after the include file relocation. This should fix it. There some occurrences of 'asm-mips' in the comments of quite a few files, but this is the only place I found it in any code. Signed-off-by:
David Daney <ddaney@avtrex.com> Signed-off-by:
-
Alexey Dobriyan authored
Because "name" is static, it can be occasionally be filled with somewhat garbage if two processes read /proc/net/snmp6. Also, remove useless casts and "-1" -- snprintf() correctly terminates it's output. Signed-off-by:
Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Alan Jenkins authored
If the device is suspended with the cable disconnected, then resumed with the cable connected, dev->open is called before resume. During resume, we request an IRQ, but the IRQ was already assigned during dev->open, resulting in the warning shown below. Don't request an IRQ if the device is running. Call Trace: [<c011b89a>] warn_on_slowpath+0x40/0x59 [<c023df15>] raw_pci_read+0x4d/0x55 [<c023dff3>] pci_read+0x1c/0x21 [<c01bcd81>] __pci_find_next_cap_ttl+0x44/0x70 [<c01bce86>] __pci_find_next_cap+0x1a/0x1f [<c01bcef9>] pci_find_capability+0x28/0x2c [<c01c4144>] pci_msi_check_device+0x53/0x62 [<c01c49c2>] pci_enable_msi+0x3a/0x1cd [<e019f17b>] atl2_write_phy_reg+0x40/0x5f [atl2] [<c01061b1>] dma_generic_alloc_coherent+0x0/0xd7 [<e019f107>] atl2_request_irq+0x15/0x49 [atl2] [<e01a1481>] atl2_open+0x20b/0x297 [atl2] [<c024a35c>] dev_open+0x62/0x91 [<c0248b9a>] dev_change_flags+0x93/0x141 [<c024f308>] do_setlink+0x238/0x2d5 [<c02501b2>] rtnl_setlink+0xa9/0xbf [<c0297f0c>] mutex_lock+0xb/0x19 [<c024ffa7>] rtnl_dump_ifinfo+0x0/0x69 [<c0250109>] rtnl_setlink+0x0/0xbf [<c024fe42>] rtnetlink_rcv_msg+0x185/0x19f [<c0240fd1>] sock_rmalloc+0x23/0x57 [<c024fcbd>] rtnetlink_rcv_msg+0x0/0x19f [<c0259457>] netlink_rcv_skb+0x2d/0x71 [<c024fcb7>] rtnetlink_rcv+0x14/0x1a [<c025929e>] netlink_unicast+0x184/0x1e4 [<c025992a>] netlink_sendmsg+0x233/0x240 [<c023f405>] sock_sendmsg+0xb7/0xd0 [<c0129131>] autoremove_wake_function+0x0/0x2b [<c0129131>] autoremove_wake_function+0x0/0x2b [<c0147796>] mempool_alloc+0x2d/0x9e [<c020c923>] scsi_pool_alloc_command+0x35/0x4f [<c0297f0c>] mutex_lock+0xb/0x19 [<c028e867>] unix_stream_recvmsg+0x357/0x3e2 [<c01b81c9>] copy_from_user+0x23/0x4f [<c02452ea>] verify_iovec+0x3e/0x6c [<c023f5ab>] sys_sendmsg+0x18d/0x1f0 [<c023ffa8>] sys_recvmsg+0x146/0x1c8 [<c0240016>] sys_recvmsg+0x1b4/0x1c8 [<c0118f48>] __wake_up+0xf/0x15 [<c02586cd>] netlink_table_ungrab+0x17/0x19 [<c01b83ba>] copy_to_user+0x25/0x3b [<c023fe4a>] move_addr_to_user+0x50/0x68 [<c0240266>] sys_getsockname+0x6f/0x9a [<c0240280>] sys_getsockname+0x89/0x9a [<c015046a>] do_wp_page+0x3ae/0x41a [<c0151525>] handle_mm_fault+0x4c5/0x540 [<c02405d0>] sys_socketcall+0x176/0x1b0 [<c010376d>] sysenter_do_call+0x12/0x21 Signed-off-by:
Alan Jenkins <alan-jenkins@tuffmail.co.uk> Signed-off-by:
Jay Cliburn <jcliburn@gmail.com> Signed-off-by:
-
Benjamin Thery authored
In ip6mr.c, /proc entries /proc/net/ip6_mr_cache and /proc/net/ip6_mr_vif are opened with seq_open_private(), thus seq_release_private() should be used to release them. Should fix a small memory leak. Signed-off-by:
Benjamin Thery <benjamin.thery@bull.net> Signed-off-by:
-
Patrick McHardy authored
nla_nest_start() might return NULL, causing a NULL pointer dereference. Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
-
-
Vernon Sauder authored
Signed-off-by:
Vernon Sauder <VernonInHand@gmail.com> Signed-off-by:
-
Pantelis Koukousoulas authored
Add AX_MEDIUM_ENCK also when speed = 10/100Mbps. This allows my belkin f5d5055 to work with my 100Mbps switch and with an old 10Mbps ISA card. Without this patch, the card is recognized and the interface is brought up fine, but no packets actually flow through the interface. Signed-off-by:
Pantelis Koukousoulas <pktoss@gmail.com> Acked-by:
David Hollis <dhollis@davehollis.com> Signed-off-by:
-
Lennert Buytenhek authored
When mv643xx_eth allocates skbuffs, it adds 'dma_get_cache_alignment() - 1' to the length it needs, so that it can align the skb's ->data pointer to a cache boundary. When checking whether a transmitted skbuff can be reused as a receive buffer, these bytes needs to be included into the minimum bound for the recycle check. Signed-off-by:
Lennert Buytenhek <buytenh@marvell.com> Signed-off-by:
-
Lennert Buytenhek authored
Signed-off-by:
-
Nobuhiro Iwamatsu authored
Update to change of mii_bus interface and fix some warning. Signed-off-by:
Nobuhiro Iwamatsu <iwamatsu.nobuhiro@renesas.com> Signed-off-by:
-
