add ra8871 ra8873 ra8876 ra8877 support to fbtft #326

mountainH · 2016-09-26T09:46:16Z

add ra8871 ra8873 ra8876 ra8877 driver to fbtft

remove lkl_[create|stop]_syscall_thread from Makefile

Fix the following crash in the new cgroup stat keeping code: Freeing unused kernel memory: 856K Write protecting the kernel read-only data: 8192k Freeing unused kernel memory: 1104K Freeing unused kernel memory: 588K page:ffffea000005d8c0 count:2 mapcount:1 mapping: (null) index:0x0 flags: 0x800000000000801(locked|reserved) raw: 0800000000000801 0000000000000000 0000000000000000 0000000200000000 raw: ffffea000005d8e0 ffffea000005d8e0 0000000000000000 0000000000000000 page dumped because: not cgrouped, will crash BUG: unable to handle kernel NULL pointer dereference at 00000000000004d8 IP: page_add_file_rmap+0x56/0xf0 PGD 0 P4D 0 Oops: 0000 [#1] SMP CPU: 0 PID: 1 Comm: init Not tainted 4.12.0-rc2-00065-g390160f076be-dirty torvalds#326 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-20170228_101828-anatol 04/01/2014 task: ffff88007d380000 task.stack: ffffc9000031c000 RIP: 0010:page_add_file_rmap+0x56/0xf0 RSP: 0000:ffffc9000031fd88 EFLAGS: 00010202 RAX: 0000000000000000 RBX: ffffea000005d8c0 RCX: 0000000000000006 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88007ffde000 RBP: ffffc9000031fd98 R08: 0000000000000003 R09: 0000000000000000 R10: ffffc9000031fd18 R11: 0000000000000000 R12: ffff88007ffdfab8 R13: ffffea000005d8c0 R14: ffff88007c76d508 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000004d8 CR3: 000000007c76c000 CR4: 00000000000006b0 Call Trace: alloc_set_pte+0xb5/0x2f0 finish_fault+0x2b/0x50 __handle_mm_fault+0x3e5/0xb90 handle_mm_fault+0x284/0x340 __do_page_fault+0x1fb/0x410 do_page_fault+0xc/0x10 page_fault+0x22/0x30 This is a special page being faulted, and these will never be charged to a cgroup. Assume the root cgroup for uncharged pages to fix this. Link: http://lkml.kernel.org/r/[email protected] Signed-off-by: Johannes Weiner <[email protected]> Cc: Josef Bacik <[email protected]> Cc: Michal Hocko <[email protected]> Cc: Vladimir Davydov <[email protected]> Cc: Rik van Riel <[email protected]> Cc: Tony Lindgren <[email protected]> Cc: Russell King <[email protected]> Cc: Yury Norov <[email protected]> Cc: Stephen Rothwell <[email protected]> Signed-off-by: Andrew Morton <[email protected]>

Bug 326: Watchdog and Kernel reset should boot to u-boot Misconfiguration of UART baud-rate hides all u-boot messages. Root Cause: u-boot expects UART clock to be 24MHz, but kernel sets it to be 1.846 MHz. Hence the clock divisor derived by u-boot will be incorrect. Solution: let kernel not change UART clock, and hard-code baud-rate in DTS. Change-Id: Ieaf01f9be3ac85244b456546ea16f24f8396cf00 Signed-off-by: Wei-Chung Wen <[email protected]> Related work items: torvalds#326

While building ipv6 datagram we currently allow arbitrary large extheaders, even beyond pmtu size. The syzbot has found a way to exploit the above to trigger the following splat: kernel BUG at ./include/linux/skbuff.h:2073! invalid opcode: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 1 PID: 4230 Comm: syzkaller672661 Not tainted 4.16.0-rc2+ torvalds#326 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__skb_pull include/linux/skbuff.h:2073 [inline] RIP: 0010:__ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: 0018:ffff8801bc18f0f0 EFLAGS: 00010293 RAX: ffff8801b17400c0 RBX: 0000000000000738 RCX: ffffffff84f01828 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801b415ac18 RBP: ffff8801bc18f360 R08: ffff8801b4576844 R09: 0000000000000000 R10: ffff8801bc18f380 R11: ffffed00367aee4e R12: 00000000000000d6 R13: ffff8801b415a740 R14: dffffc0000000000 R15: ffff8801b45767c0 FS: 0000000001535880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000002000b000 CR3: 00000001b4123001 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ip6_finish_skb include/net/ipv6.h:969 [inline] udp_v6_push_pending_frames+0x269/0x3b0 net/ipv6/udp.c:1073 udpv6_sendmsg+0x2a96/0x3400 net/ipv6/udp.c:1343 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x320/0x8b0 net/socket.c:2046 __sys_sendmmsg+0x1ee/0x620 net/socket.c:2136 SYSC_sendmmsg net/socket.c:2167 [inline] SyS_sendmmsg+0x35/0x60 net/socket.c:2162 do_syscall_64+0x280/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4404c9 RSP: 002b:00007ffdce35f948 EFLAGS: 00000217 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004404c9 RDX: 0000000000000003 RSI: 0000000020001f00 RDI: 0000000000000003 RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 R10: 0000000020000080 R11: 0000000000000217 R12: 0000000000401df0 R13: 0000000000401e80 R14: 0000000000000000 R15: 0000000000000000 Code: ff e8 1d 5e b9 fc e9 15 e9 ff ff e8 13 5e b9 fc e9 44 e8 ff ff e8 29 5e b9 fc e9 c0 e6 ff ff e8 3f f3 80 fc 0f 0b e8 38 f3 80 fc <0f> 0b 49 8d 87 80 00 00 00 4d 8d 87 84 00 00 00 48 89 85 20 fe RIP: __skb_pull include/linux/skbuff.h:2073 [inline] RSP: ffff8801bc18f0f0 RIP: __ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: ffff8801bc18f0f0 As stated by RFC 7112 section 5: When a host fragments an IPv6 datagram, it MUST include the entire IPv6 Header Chain in the First Fragment. So this patch addresses the issue dropping datagrams with excessive extheader length. It also updates the error path to report to the calling socket nonnegative pmtu values. The issue apparently predates git history. v1 -> v2: cleanup error path, as per Eric's suggestion Fixes: 1da177e ("Linux-2.6.12-rc2") Reported-by: [email protected] Signed-off-by: Paolo Abeni <[email protected]> Reviewed-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]>

[ Upstream commit 10b8a3d ] While building ipv6 datagram we currently allow arbitrary large extheaders, even beyond pmtu size. The syzbot has found a way to exploit the above to trigger the following splat: kernel BUG at ./include/linux/skbuff.h:2073! invalid opcode: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 1 PID: 4230 Comm: syzkaller672661 Not tainted 4.16.0-rc2+ #326 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__skb_pull include/linux/skbuff.h:2073 [inline] RIP: 0010:__ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: 0018:ffff8801bc18f0f0 EFLAGS: 00010293 RAX: ffff8801b17400c0 RBX: 0000000000000738 RCX: ffffffff84f01828 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801b415ac18 RBP: ffff8801bc18f360 R08: ffff8801b4576844 R09: 0000000000000000 R10: ffff8801bc18f380 R11: ffffed00367aee4e R12: 00000000000000d6 R13: ffff8801b415a740 R14: dffffc0000000000 R15: ffff8801b45767c0 FS: 0000000001535880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000002000b000 CR3: 00000001b4123001 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ip6_finish_skb include/net/ipv6.h:969 [inline] udp_v6_push_pending_frames+0x269/0x3b0 net/ipv6/udp.c:1073 udpv6_sendmsg+0x2a96/0x3400 net/ipv6/udp.c:1343 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x320/0x8b0 net/socket.c:2046 __sys_sendmmsg+0x1ee/0x620 net/socket.c:2136 SYSC_sendmmsg net/socket.c:2167 [inline] SyS_sendmmsg+0x35/0x60 net/socket.c:2162 do_syscall_64+0x280/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4404c9 RSP: 002b:00007ffdce35f948 EFLAGS: 00000217 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004404c9 RDX: 0000000000000003 RSI: 0000000020001f00 RDI: 0000000000000003 RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 R10: 0000000020000080 R11: 0000000000000217 R12: 0000000000401df0 R13: 0000000000401e80 R14: 0000000000000000 R15: 0000000000000000 Code: ff e8 1d 5e b9 fc e9 15 e9 ff ff e8 13 5e b9 fc e9 44 e8 ff ff e8 29 5e b9 fc e9 c0 e6 ff ff e8 3f f3 80 fc 0f 0b e8 38 f3 80 fc <0f> 0b 49 8d 87 80 00 00 00 4d 8d 87 84 00 00 00 48 89 85 20 fe RIP: __skb_pull include/linux/skbuff.h:2073 [inline] RSP: ffff8801bc18f0f0 RIP: __ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: ffff8801bc18f0f0 As stated by RFC 7112 section 5: When a host fragments an IPv6 datagram, it MUST include the entire IPv6 Header Chain in the First Fragment. So this patch addresses the issue dropping datagrams with excessive extheader length. It also updates the error path to report to the calling socket nonnegative pmtu values. The issue apparently predates git history. v1 -> v2: cleanup error path, as per Eric's suggestion Fixes: 1da177e ("Linux-2.6.12-rc2") Reported-by: [email protected] Signed-off-by: Paolo Abeni <[email protected]> Reviewed-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>

[ Upstream commit 10b8a3d ] While building ipv6 datagram we currently allow arbitrary large extheaders, even beyond pmtu size. The syzbot has found a way to exploit the above to trigger the following splat: kernel BUG at ./include/linux/skbuff.h:2073! invalid opcode: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 1 PID: 4230 Comm: syzkaller672661 Not tainted 4.16.0-rc2+ torvalds#326 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__skb_pull include/linux/skbuff.h:2073 [inline] RIP: 0010:__ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: 0018:ffff8801bc18f0f0 EFLAGS: 00010293 RAX: ffff8801b17400c0 RBX: 0000000000000738 RCX: ffffffff84f01828 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801b415ac18 RBP: ffff8801bc18f360 R08: ffff8801b4576844 R09: 0000000000000000 R10: ffff8801bc18f380 R11: ffffed00367aee4e R12: 00000000000000d6 R13: ffff8801b415a740 R14: dffffc0000000000 R15: ffff8801b45767c0 FS: 0000000001535880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000002000b000 CR3: 00000001b4123001 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ip6_finish_skb include/net/ipv6.h:969 [inline] udp_v6_push_pending_frames+0x269/0x3b0 net/ipv6/udp.c:1073 udpv6_sendmsg+0x2a96/0x3400 net/ipv6/udp.c:1343 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x320/0x8b0 net/socket.c:2046 __sys_sendmmsg+0x1ee/0x620 net/socket.c:2136 SYSC_sendmmsg net/socket.c:2167 [inline] SyS_sendmmsg+0x35/0x60 net/socket.c:2162 do_syscall_64+0x280/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4404c9 RSP: 002b:00007ffdce35f948 EFLAGS: 00000217 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004404c9 RDX: 0000000000000003 RSI: 0000000020001f00 RDI: 0000000000000003 RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 R10: 0000000020000080 R11: 0000000000000217 R12: 0000000000401df0 R13: 0000000000401e80 R14: 0000000000000000 R15: 0000000000000000 Code: ff e8 1d 5e b9 fc e9 15 e9 ff ff e8 13 5e b9 fc e9 44 e8 ff ff e8 29 5e b9 fc e9 c0 e6 ff ff e8 3f f3 80 fc 0f 0b e8 38 f3 80 fc <0f> 0b 49 8d 87 80 00 00 00 4d 8d 87 84 00 00 00 48 89 85 20 fe RIP: __skb_pull include/linux/skbuff.h:2073 [inline] RSP: ffff8801bc18f0f0 RIP: __ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: ffff8801bc18f0f0 As stated by RFC 7112 section 5: When a host fragments an IPv6 datagram, it MUST include the entire IPv6 Header Chain in the First Fragment. So this patch addresses the issue dropping datagrams with excessive extheader length. It also updates the error path to report to the calling socket nonnegative pmtu values. The issue apparently predates git history. v1 -> v2: cleanup error path, as per Eric's suggestion Fixes: 1da177e ("Linux-2.6.12-rc2") Reported-by: [email protected] Signed-off-by: Paolo Abeni <[email protected]> Reviewed-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>

commit 10b8a3d upstream. While building ipv6 datagram we currently allow arbitrary large extheaders, even beyond pmtu size. The syzbot has found a way to exploit the above to trigger the following splat: kernel BUG at ./include/linux/skbuff.h:2073! invalid opcode: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 1 PID: 4230 Comm: syzkaller672661 Not tainted 4.16.0-rc2+ torvalds#326 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__skb_pull include/linux/skbuff.h:2073 [inline] RIP: 0010:__ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: 0018:ffff8801bc18f0f0 EFLAGS: 00010293 RAX: ffff8801b17400c0 RBX: 0000000000000738 RCX: ffffffff84f01828 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8801b415ac18 RBP: ffff8801bc18f360 R08: ffff8801b4576844 R09: 0000000000000000 R10: ffff8801bc18f380 R11: ffffed00367aee4e R12: 00000000000000d6 R13: ffff8801b415a740 R14: dffffc0000000000 R15: ffff8801b45767c0 FS: 0000000001535880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000002000b000 CR3: 00000001b4123001 CR4: 00000000001606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ip6_finish_skb include/net/ipv6.h:969 [inline] udp_v6_push_pending_frames+0x269/0x3b0 net/ipv6/udp.c:1073 udpv6_sendmsg+0x2a96/0x3400 net/ipv6/udp.c:1343 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x320/0x8b0 net/socket.c:2046 __sys_sendmmsg+0x1ee/0x620 net/socket.c:2136 SYSC_sendmmsg net/socket.c:2167 [inline] SyS_sendmmsg+0x35/0x60 net/socket.c:2162 do_syscall_64+0x280/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4404c9 RSP: 002b:00007ffdce35f948 EFLAGS: 00000217 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004404c9 RDX: 0000000000000003 RSI: 0000000020001f00 RDI: 0000000000000003 RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8 R10: 0000000020000080 R11: 0000000000000217 R12: 0000000000401df0 R13: 0000000000401e80 R14: 0000000000000000 R15: 0000000000000000 Code: ff e8 1d 5e b9 fc e9 15 e9 ff ff e8 13 5e b9 fc e9 44 e8 ff ff e8 29 5e b9 fc e9 c0 e6 ff ff e8 3f f3 80 fc 0f 0b e8 38 f3 80 fc <0f> 0b 49 8d 87 80 00 00 00 4d 8d 87 84 00 00 00 48 89 85 20 fe RIP: __skb_pull include/linux/skbuff.h:2073 [inline] RSP: ffff8801bc18f0f0 RIP: __ip6_make_skb+0x1ac8/0x2190 net/ipv6/ip6_output.c:1636 RSP: ffff8801bc18f0f0 As stated by RFC 7112 section 5: When a host fragments an IPv6 datagram, it MUST include the entire IPv6 Header Chain in the First Fragment. So this patch addresses the issue dropping datagrams with excessive extheader length. It also updates the error path to report to the calling socket nonnegative pmtu values. The issue apparently predates git history. v1 -> v2: cleanup error path, as per Eric's suggestion Fixes: 1da177e ("Linux-2.6.12-rc2") Reported-by: [email protected] Signed-off-by: Paolo Abeni <[email protected]> Reviewed-by: Eric Dumazet <[email protected]> Signed-off-by: David S. Miller <[email protected]> [bwh: Backported to 3.16: Adjust context, indentation] Signed-off-by: Ben Hutchings <[email protected]>

WARNING: please, no spaces at the start of a line torvalds#250: FILE: kernel/cgroup/cgroup.c:4554: + {$ ERROR: code indent should use tabs where possible torvalds#251: FILE: kernel/cgroup/cgroup.c:4555: + .name = "cpu.pressure",$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: kernel/cgroup/cgroup.c:4555: + .name = "cpu.pressure",$ ERROR: code indent should use tabs where possible torvalds#252: FILE: kernel/cgroup/cgroup.c:4556: + .flags = CFTYPE_NOT_ON_ROOT,$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: kernel/cgroup/cgroup.c:4556: + .flags = CFTYPE_NOT_ON_ROOT,$ ERROR: code indent should use tabs where possible torvalds#253: FILE: kernel/cgroup/cgroup.c:4557: + .seq_show = cgroup_cpu_pressure_show,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: kernel/cgroup/cgroup.c:4557: + .seq_show = cgroup_cpu_pressure_show,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: kernel/cgroup/cgroup.c:4558: + },$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: kernel/cgroup/cgroup.c:4559: + {$ ERROR: code indent should use tabs where possible torvalds#256: FILE: kernel/cgroup/cgroup.c:4560: + .name = "memory.pressure",$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: kernel/cgroup/cgroup.c:4560: + .name = "memory.pressure",$ ERROR: code indent should use tabs where possible torvalds#257: FILE: kernel/cgroup/cgroup.c:4561: + .flags = CFTYPE_NOT_ON_ROOT,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: kernel/cgroup/cgroup.c:4561: + .flags = CFTYPE_NOT_ON_ROOT,$ ERROR: code indent should use tabs where possible torvalds#258: FILE: kernel/cgroup/cgroup.c:4562: + .seq_show = cgroup_memory_pressure_show,$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: kernel/cgroup/cgroup.c:4562: + .seq_show = cgroup_memory_pressure_show,$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: kernel/cgroup/cgroup.c:4563: + },$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: kernel/cgroup/cgroup.c:4564: + {$ ERROR: code indent should use tabs where possible torvalds#261: FILE: kernel/cgroup/cgroup.c:4565: + .name = "io.pressure",$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: kernel/cgroup/cgroup.c:4565: + .name = "io.pressure",$ ERROR: code indent should use tabs where possible torvalds#262: FILE: kernel/cgroup/cgroup.c:4566: + .flags = CFTYPE_NOT_ON_ROOT,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: kernel/cgroup/cgroup.c:4566: + .flags = CFTYPE_NOT_ON_ROOT,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: kernel/cgroup/cgroup.c:4567: + .seq_show = cgroup_io_pressure_show,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: kernel/cgroup/cgroup.c:4567: + .seq_show = cgroup_io_pressure_show,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: kernel/cgroup/cgroup.c:4568: + },$ WARNING: please, no spaces at the start of a line torvalds#322: FILE: kernel/sched/psi.c:424: + cgroup = task->cgroups->dfl_cgrp;$ WARNING: please, no spaces at the start of a line torvalds#323: FILE: kernel/sched/psi.c:425: + while (cgroup && (parent = cgroup_parent(cgroup))) {$ WARNING: suspect code indent for conditional statements (7, 15) torvalds#323: FILE: kernel/sched/psi.c:425: + while (cgroup && (parent = cgroup_parent(cgroup))) { + struct psi_group *group; ERROR: code indent should use tabs where possible torvalds#324: FILE: kernel/sched/psi.c:426: + struct psi_group *group;$ WARNING: please, no spaces at the start of a line torvalds#324: FILE: kernel/sched/psi.c:426: + struct psi_group *group;$ ERROR: code indent should use tabs where possible torvalds#326: FILE: kernel/sched/psi.c:428: + group = cgroup_psi(cgroup);$ WARNING: please, no spaces at the start of a line torvalds#326: FILE: kernel/sched/psi.c:428: + group = cgroup_psi(cgroup);$ ERROR: code indent should use tabs where possible torvalds#327: FILE: kernel/sched/psi.c:429: + psi_group_change(group, cpu, now, clear, set);$ WARNING: please, no spaces at the start of a line torvalds#327: FILE: kernel/sched/psi.c:429: + psi_group_change(group, cpu, now, clear, set);$ ERROR: code indent should use tabs where possible torvalds#329: FILE: kernel/sched/psi.c:431: + cgroup = parent;$ WARNING: please, no spaces at the start of a line torvalds#329: FILE: kernel/sched/psi.c:431: + cgroup = parent;$ WARNING: please, no spaces at the start of a line torvalds#330: FILE: kernel/sched/psi.c:432: + }$ WARNING: braces {} are not necessary for any arm of this statement torvalds#378: FILE: kernel/sched/psi.c:537: + if (task_on_rq_queued(task)) { [...] + } else if (task->in_iowait) { [...] total: 13 errors, 24 warnings, 334 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/psi-cgroup-support.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Johannes Weiner <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>

Writing to the built-in strings arrays doesn't work if driver is loaded as kernel module. This is also considered as a bad pattern. Fix this by adding a call to clk_get() with legacy clock name. This fixes following kernel oops if driver is loaded as module: Unable to handle kernel paging request at virtual address bf047978 pgd = (ptrval) [bf047978] *pgd=59344811, *pte=5903c6df, *ppte=5903c65f Internal error: Oops: 80f [#1] SMP ARM Modules linked in: mc exynosdrm(+) analogix_dp rtc_s3c exynos_ppmu i2c_gpio CPU: 1 PID: 212 Comm: systemd-udevd Not tainted 5.6.0-rc2-next-20200219 torvalds#326 videodev: Linux video capture interface: v2.00 Hardware name: Samsung Exynos (Flattened Device Tree) PC is at exynos_dsi_probe+0x1f0/0x384 [exynosdrm] LR is at exynos_dsi_probe+0x1dc/0x384 [exynosdrm] ... Process systemd-udevd (pid: 212, stack limit = 0x(ptrval)) ... [<bf03cf14>] (exynos_dsi_probe [exynosdrm]) from [<c09b1ca0>] (platform_drv_probe+0x6c/0xa4) [<c09b1ca0>] (platform_drv_probe) from [<c09afcb8>] (really_probe+0x210/0x350) [<c09afcb8>] (really_probe) from [<c09aff74>] (driver_probe_device+0x60/0x1a0) [<c09aff74>] (driver_probe_device) from [<c09b0254>] (device_driver_attach+0x58/0x60) [<c09b0254>] (device_driver_attach) from [<c09b02dc>] (__driver_attach+0x80/0xbc) [<c09b02dc>] (__driver_attach) from [<c09ade00>] (bus_for_each_dev+0x68/0xb4) [<c09ade00>] (bus_for_each_dev) from [<c09aefd8>] (bus_add_driver+0x130/0x1e8) [<c09aefd8>] (bus_add_driver) from [<c09b0d64>] (driver_register+0x78/0x110) [<c09b0d64>] (driver_register) from [<bf038558>] (exynos_drm_init+0xe8/0x11c [exynosdrm]) [<bf038558>] (exynos_drm_init [exynosdrm]) from [<c0302fa8>] (do_one_initcall+0x50/0x220) [<c0302fa8>] (do_one_initcall) from [<c03dd02c>] (do_init_module+0x60/0x210) [<c03dd02c>] (do_init_module) from [<c03dbf44>] (load_module+0x1c0c/0x2310) [<c03dbf44>] (load_module) from [<c03dc85c>] (sys_finit_module+0xac/0xbc) [<c03dc85c>] (sys_finit_module) from [<c0301000>] (ret_fast_syscall+0x0/0x54) Exception stack(0xd979bfa8 to 0xd979bff0) ... ---[ end trace db16efe05faab470 ]--- Signed-off-by: Marek Szyprowski <[email protected]>

Writing to the built-in strings arrays doesn't work if driver is loaded as kernel module. This is also considered as a bad pattern. Fix this by adding a call to clk_get() with legacy clock name. This fixes following kernel oops if driver is loaded as module: Unable to handle kernel paging request at virtual address bf047978 pgd = (ptrval) [bf047978] *pgd=59344811, *pte=5903c6df, *ppte=5903c65f Internal error: Oops: 80f [#1] SMP ARM Modules linked in: mc exynosdrm(+) analogix_dp rtc_s3c exynos_ppmu i2c_gpio CPU: 1 PID: 212 Comm: systemd-udevd Not tainted 5.6.0-rc2-next-20200219 torvalds#326 videodev: Linux video capture interface: v2.00 Hardware name: Samsung Exynos (Flattened Device Tree) PC is at exynos_dsi_probe+0x1f0/0x384 [exynosdrm] LR is at exynos_dsi_probe+0x1dc/0x384 [exynosdrm] ... Process systemd-udevd (pid: 212, stack limit = 0x(ptrval)) ... [<bf03cf14>] (exynos_dsi_probe [exynosdrm]) from [<c09b1ca0>] (platform_drv_probe+0x6c/0xa4) [<c09b1ca0>] (platform_drv_probe) from [<c09afcb8>] (really_probe+0x210/0x350) [<c09afcb8>] (really_probe) from [<c09aff74>] (driver_probe_device+0x60/0x1a0) [<c09aff74>] (driver_probe_device) from [<c09b0254>] (device_driver_attach+0x58/0x60) [<c09b0254>] (device_driver_attach) from [<c09b02dc>] (__driver_attach+0x80/0xbc) [<c09b02dc>] (__driver_attach) from [<c09ade00>] (bus_for_each_dev+0x68/0xb4) [<c09ade00>] (bus_for_each_dev) from [<c09aefd8>] (bus_add_driver+0x130/0x1e8) [<c09aefd8>] (bus_add_driver) from [<c09b0d64>] (driver_register+0x78/0x110) [<c09b0d64>] (driver_register) from [<bf038558>] (exynos_drm_init+0xe8/0x11c [exynosdrm]) [<bf038558>] (exynos_drm_init [exynosdrm]) from [<c0302fa8>] (do_one_initcall+0x50/0x220) [<c0302fa8>] (do_one_initcall) from [<c03dd02c>] (do_init_module+0x60/0x210) [<c03dd02c>] (do_init_module) from [<c03dbf44>] (load_module+0x1c0c/0x2310) [<c03dbf44>] (load_module) from [<c03dc85c>] (sys_finit_module+0xac/0xbc) [<c03dc85c>] (sys_finit_module) from [<c0301000>] (ret_fast_syscall+0x0/0x54) Exception stack(0xd979bfa8 to 0xd979bff0) ... ---[ end trace db16efe05faab470 ]--- Signed-off-by: Marek Szyprowski <[email protected]> Reviewed-by: Andrzej Hajda <[email protected]> Signed-off-by: Inki Dae <[email protected]>

[ Upstream commit c0fd99d ] Writing to the built-in strings arrays doesn't work if driver is loaded as kernel module. This is also considered as a bad pattern. Fix this by adding a call to clk_get() with legacy clock name. This fixes following kernel oops if driver is loaded as module: Unable to handle kernel paging request at virtual address bf047978 pgd = (ptrval) [bf047978] *pgd=59344811, *pte=5903c6df, *ppte=5903c65f Internal error: Oops: 80f [#1] SMP ARM Modules linked in: mc exynosdrm(+) analogix_dp rtc_s3c exynos_ppmu i2c_gpio CPU: 1 PID: 212 Comm: systemd-udevd Not tainted 5.6.0-rc2-next-20200219 torvalds#326 videodev: Linux video capture interface: v2.00 Hardware name: Samsung Exynos (Flattened Device Tree) PC is at exynos_dsi_probe+0x1f0/0x384 [exynosdrm] LR is at exynos_dsi_probe+0x1dc/0x384 [exynosdrm] ... Process systemd-udevd (pid: 212, stack limit = 0x(ptrval)) ... [<bf03cf14>] (exynos_dsi_probe [exynosdrm]) from [<c09b1ca0>] (platform_drv_probe+0x6c/0xa4) [<c09b1ca0>] (platform_drv_probe) from [<c09afcb8>] (really_probe+0x210/0x350) [<c09afcb8>] (really_probe) from [<c09aff74>] (driver_probe_device+0x60/0x1a0) [<c09aff74>] (driver_probe_device) from [<c09b0254>] (device_driver_attach+0x58/0x60) [<c09b0254>] (device_driver_attach) from [<c09b02dc>] (__driver_attach+0x80/0xbc) [<c09b02dc>] (__driver_attach) from [<c09ade00>] (bus_for_each_dev+0x68/0xb4) [<c09ade00>] (bus_for_each_dev) from [<c09aefd8>] (bus_add_driver+0x130/0x1e8) [<c09aefd8>] (bus_add_driver) from [<c09b0d64>] (driver_register+0x78/0x110) [<c09b0d64>] (driver_register) from [<bf038558>] (exynos_drm_init+0xe8/0x11c [exynosdrm]) [<bf038558>] (exynos_drm_init [exynosdrm]) from [<c0302fa8>] (do_one_initcall+0x50/0x220) [<c0302fa8>] (do_one_initcall) from [<c03dd02c>] (do_init_module+0x60/0x210) [<c03dd02c>] (do_init_module) from [<c03dbf44>] (load_module+0x1c0c/0x2310) [<c03dbf44>] (load_module) from [<c03dc85c>] (sys_finit_module+0xac/0xbc) [<c03dc85c>] (sys_finit_module) from [<c0301000>] (ret_fast_syscall+0x0/0x54) Exception stack(0xd979bfa8 to 0xd979bff0) ... ---[ end trace db16efe05faab470 ]--- Signed-off-by: Marek Szyprowski <[email protected]> Reviewed-by: Andrzej Hajda <[email protected]> Signed-off-by: Inki Dae <[email protected]> Signed-off-by: Sasha Levin <[email protected]>

[ Upstream commit c0fd99d ] Writing to the built-in strings arrays doesn't work if driver is loaded as kernel module. This is also considered as a bad pattern. Fix this by adding a call to clk_get() with legacy clock name. This fixes following kernel oops if driver is loaded as module: Unable to handle kernel paging request at virtual address bf047978 pgd = (ptrval) [bf047978] *pgd=59344811, *pte=5903c6df, *ppte=5903c65f Internal error: Oops: 80f [#1] SMP ARM Modules linked in: mc exynosdrm(+) analogix_dp rtc_s3c exynos_ppmu i2c_gpio CPU: 1 PID: 212 Comm: systemd-udevd Not tainted 5.6.0-rc2-next-20200219 #326 videodev: Linux video capture interface: v2.00 Hardware name: Samsung Exynos (Flattened Device Tree) PC is at exynos_dsi_probe+0x1f0/0x384 [exynosdrm] LR is at exynos_dsi_probe+0x1dc/0x384 [exynosdrm] ... Process systemd-udevd (pid: 212, stack limit = 0x(ptrval)) ... [<bf03cf14>] (exynos_dsi_probe [exynosdrm]) from [<c09b1ca0>] (platform_drv_probe+0x6c/0xa4) [<c09b1ca0>] (platform_drv_probe) from [<c09afcb8>] (really_probe+0x210/0x350) [<c09afcb8>] (really_probe) from [<c09aff74>] (driver_probe_device+0x60/0x1a0) [<c09aff74>] (driver_probe_device) from [<c09b0254>] (device_driver_attach+0x58/0x60) [<c09b0254>] (device_driver_attach) from [<c09b02dc>] (__driver_attach+0x80/0xbc) [<c09b02dc>] (__driver_attach) from [<c09ade00>] (bus_for_each_dev+0x68/0xb4) [<c09ade00>] (bus_for_each_dev) from [<c09aefd8>] (bus_add_driver+0x130/0x1e8) [<c09aefd8>] (bus_add_driver) from [<c09b0d64>] (driver_register+0x78/0x110) [<c09b0d64>] (driver_register) from [<bf038558>] (exynos_drm_init+0xe8/0x11c [exynosdrm]) [<bf038558>] (exynos_drm_init [exynosdrm]) from [<c0302fa8>] (do_one_initcall+0x50/0x220) [<c0302fa8>] (do_one_initcall) from [<c03dd02c>] (do_init_module+0x60/0x210) [<c03dd02c>] (do_init_module) from [<c03dbf44>] (load_module+0x1c0c/0x2310) [<c03dbf44>] (load_module) from [<c03dc85c>] (sys_finit_module+0xac/0xbc) [<c03dc85c>] (sys_finit_module) from [<c0301000>] (ret_fast_syscall+0x0/0x54) Exception stack(0xd979bfa8 to 0xd979bff0) ... ---[ end trace db16efe05faab470 ]--- Signed-off-by: Marek Szyprowski <[email protected]> Reviewed-by: Andrzej Hajda <[email protected]> Signed-off-by: Inki Dae <[email protected]> Signed-off-by: Sasha Levin <[email protected]>

[ Upstream commit c0fd99d ] Writing to the built-in strings arrays doesn't work if driver is loaded as kernel module. This is also considered as a bad pattern. Fix this by adding a call to clk_get() with legacy clock name. This fixes following kernel oops if driver is loaded as module: Unable to handle kernel paging request at virtual address bf047978 pgd = (ptrval) [bf047978] *pgd=59344811, *pte=5903c6df, *ppte=5903c65f Internal error: Oops: 80f [#1] SMP ARM Modules linked in: mc exynosdrm(+) analogix_dp rtc_s3c exynos_ppmu i2c_gpio CPU: 1 PID: 212 Comm: systemd-udevd Not tainted 5.6.0-rc2-next-20200219 torvalds#326 videodev: Linux video capture interface: v2.00 Hardware name: Samsung Exynos (Flattened Device Tree) PC is at exynos_dsi_probe+0x1f0/0x384 [exynosdrm] LR is at exynos_dsi_probe+0x1dc/0x384 [exynosdrm] ... Process systemd-udevd (pid: 212, stack limit = 0x(ptrval)) ... [<bf03cf14>] (exynos_dsi_probe [exynosdrm]) from [<c09b1ca0>] (platform_drv_probe+0x6c/0xa4) [<c09b1ca0>] (platform_drv_probe) from [<c09afcb8>] (really_probe+0x210/0x350) [<c09afcb8>] (really_probe) from [<c09aff74>] (driver_probe_device+0x60/0x1a0) [<c09aff74>] (driver_probe_device) from [<c09b0254>] (device_driver_attach+0x58/0x60) [<c09b0254>] (device_driver_attach) from [<c09b02dc>] (__driver_attach+0x80/0xbc) [<c09b02dc>] (__driver_attach) from [<c09ade00>] (bus_for_each_dev+0x68/0xb4) [<c09ade00>] (bus_for_each_dev) from [<c09aefd8>] (bus_add_driver+0x130/0x1e8) [<c09aefd8>] (bus_add_driver) from [<c09b0d64>] (driver_register+0x78/0x110) [<c09b0d64>] (driver_register) from [<bf038558>] (exynos_drm_init+0xe8/0x11c [exynosdrm]) [<bf038558>] (exynos_drm_init [exynosdrm]) from [<c0302fa8>] (do_one_initcall+0x50/0x220) [<c0302fa8>] (do_one_initcall) from [<c03dd02c>] (do_init_module+0x60/0x210) [<c03dd02c>] (do_init_module) from [<c03dbf44>] (load_module+0x1c0c/0x2310) [<c03dbf44>] (load_module) from [<c03dc85c>] (sys_finit_module+0xac/0xbc) [<c03dc85c>] (sys_finit_module) from [<c0301000>] (ret_fast_syscall+0x0/0x54) Exception stack(0xd979bfa8 to 0xd979bff0) ... ---[ end trace db16efe05faab470 ]--- Signed-off-by: Marek Szyprowski <[email protected]> Reviewed-by: Andrzej Hajda <[email protected]> Signed-off-by: Inki Dae <[email protected]> Signed-off-by: Sasha Levin <[email protected]>

BugLink: https://bugs.launchpad.net/bugs/1869061 [ Upstream commit c0fd99d ] Writing to the built-in strings arrays doesn't work if driver is loaded as kernel module. This is also considered as a bad pattern. Fix this by adding a call to clk_get() with legacy clock name. This fixes following kernel oops if driver is loaded as module: Unable to handle kernel paging request at virtual address bf047978 pgd = (ptrval) [bf047978] *pgd=59344811, *pte=5903c6df, *ppte=5903c65f Internal error: Oops: 80f [#1] SMP ARM Modules linked in: mc exynosdrm(+) analogix_dp rtc_s3c exynos_ppmu i2c_gpio CPU: 1 PID: 212 Comm: systemd-udevd Not tainted 5.6.0-rc2-next-20200219 #326 videodev: Linux video capture interface: v2.00 Hardware name: Samsung Exynos (Flattened Device Tree) PC is at exynos_dsi_probe+0x1f0/0x384 [exynosdrm] LR is at exynos_dsi_probe+0x1dc/0x384 [exynosdrm] ... Process systemd-udevd (pid: 212, stack limit = 0x(ptrval)) ... [<bf03cf14>] (exynos_dsi_probe [exynosdrm]) from [<c09b1ca0>] (platform_drv_probe+0x6c/0xa4) [<c09b1ca0>] (platform_drv_probe) from [<c09afcb8>] (really_probe+0x210/0x350) [<c09afcb8>] (really_probe) from [<c09aff74>] (driver_probe_device+0x60/0x1a0) [<c09aff74>] (driver_probe_device) from [<c09b0254>] (device_driver_attach+0x58/0x60) [<c09b0254>] (device_driver_attach) from [<c09b02dc>] (__driver_attach+0x80/0xbc) [<c09b02dc>] (__driver_attach) from [<c09ade00>] (bus_for_each_dev+0x68/0xb4) [<c09ade00>] (bus_for_each_dev) from [<c09aefd8>] (bus_add_driver+0x130/0x1e8) [<c09aefd8>] (bus_add_driver) from [<c09b0d64>] (driver_register+0x78/0x110) [<c09b0d64>] (driver_register) from [<bf038558>] (exynos_drm_init+0xe8/0x11c [exynosdrm]) [<bf038558>] (exynos_drm_init [exynosdrm]) from [<c0302fa8>] (do_one_initcall+0x50/0x220) [<c0302fa8>] (do_one_initcall) from [<c03dd02c>] (do_init_module+0x60/0x210) [<c03dd02c>] (do_init_module) from [<c03dbf44>] (load_module+0x1c0c/0x2310) [<c03dbf44>] (load_module) from [<c03dc85c>] (sys_finit_module+0xac/0xbc) [<c03dc85c>] (sys_finit_module) from [<c0301000>] (ret_fast_syscall+0x0/0x54) Exception stack(0xd979bfa8 to 0xd979bff0) ... ---[ end trace db16efe05faab470 ]--- Signed-off-by: Marek Szyprowski <[email protected]> Reviewed-by: Andrzej Hajda <[email protected]> Signed-off-by: Inki Dae <[email protected]> Signed-off-by: Sasha Levin <[email protected]> Signed-off-by: Kamal Mostafa <[email protected]>

This commit fixes the following checkpatch.pl errors: ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#14: FILE: ./hal/odm_DIG.c:14: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#30: FILE: ./hal/odm_DIG.c:30: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#41: FILE: ./hal/odm_DIG.c:41: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#51: FILE: ./hal/odm_DIG.c:51: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#59: FILE: ./hal/odm_DIG.c:59: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#72: FILE: ./hal/odm_DIG.c:72: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#136: FILE: ./hal/odm_DIG.c:136: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#208: FILE: ./hal/odm_DIG.c:208: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#236: FILE: ./hal/odm_DIG.c:236: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#325: FILE: ./hal/odm_DIG.c:325: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#326: FILE: ./hal/odm_DIG.c:326: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#365: FILE: ./hal/odm_DIG.c:365: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#366: FILE: ./hal/odm_DIG.c:366: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#438: FILE: ./hal/odm_DIG.c:438: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#469: FILE: ./hal/odm_DIG.c:469: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#470: FILE: ./hal/odm_DIG.c:470: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#507: FILE: ./hal/odm_DIG.c:507: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#510: FILE: ./hal/odm_DIG.c:510: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#826: FILE: ./hal/odm_DIG.c:826: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#895: FILE: ./hal/odm_DIG.c:895: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#896: FILE: ./hal/odm_DIG.c:896: + struct false_ALARM_STATISTICS * FalseAlmCnt = &(pDM_Odm->FalseAlmCnt); ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1065: FILE: ./hal/odm_DIG.c:1065: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1081: FILE: ./hal/odm_DIG.c:1081: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1082: FILE: ./hal/odm_DIG.c:1082: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1083: FILE: ./hal/odm_DIG.c:1083: + struct false_ALARM_STATISTICS * pFalseAlmCnt = &(pDM_Odm->FalseAlmCnt); ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1137: FILE: ./hal/odm_DIG.c:1137: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1138: FILE: ./hal/odm_DIG.c:1138: + struct false_ALARM_STATISTICS * FalseAlmCnt = &(pDM_Odm->FalseAlmCnt); ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1198: FILE: ./hal/odm_DIG.c:1198: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1199: FILE: ./hal/odm_DIG.c:1199: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; Signed-off-by: Marco Cesati <[email protected]>

This commit fixes the following checkpatch.pl errors: ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#14: FILE: ./hal/odm_DIG.c:14: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#30: FILE: ./hal/odm_DIG.c:30: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#41: FILE: ./hal/odm_DIG.c:41: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#51: FILE: ./hal/odm_DIG.c:51: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#59: FILE: ./hal/odm_DIG.c:59: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#72: FILE: ./hal/odm_DIG.c:72: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#136: FILE: ./hal/odm_DIG.c:136: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#208: FILE: ./hal/odm_DIG.c:208: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#236: FILE: ./hal/odm_DIG.c:236: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#325: FILE: ./hal/odm_DIG.c:325: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#326: FILE: ./hal/odm_DIG.c:326: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#365: FILE: ./hal/odm_DIG.c:365: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#366: FILE: ./hal/odm_DIG.c:366: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#438: FILE: ./hal/odm_DIG.c:438: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#469: FILE: ./hal/odm_DIG.c:469: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#470: FILE: ./hal/odm_DIG.c:470: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#507: FILE: ./hal/odm_DIG.c:507: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#510: FILE: ./hal/odm_DIG.c:510: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#826: FILE: ./hal/odm_DIG.c:826: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#895: FILE: ./hal/odm_DIG.c:895: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#896: FILE: ./hal/odm_DIG.c:896: + struct false_ALARM_STATISTICS * FalseAlmCnt = &(pDM_Odm->FalseAlmCnt); ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1065: FILE: ./hal/odm_DIG.c:1065: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1081: FILE: ./hal/odm_DIG.c:1081: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1082: FILE: ./hal/odm_DIG.c:1082: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1083: FILE: ./hal/odm_DIG.c:1083: + struct false_ALARM_STATISTICS * pFalseAlmCnt = &(pDM_Odm->FalseAlmCnt); ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1137: FILE: ./hal/odm_DIG.c:1137: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1138: FILE: ./hal/odm_DIG.c:1138: + struct false_ALARM_STATISTICS * FalseAlmCnt = &(pDM_Odm->FalseAlmCnt); ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1198: FILE: ./hal/odm_DIG.c:1198: + struct DM_ODM_T * pDM_Odm = (struct DM_ODM_T *)pDM_VOID; ERROR:POINTER_LOCATION: "foo * bar" should be "foo *bar" torvalds#1199: FILE: ./hal/odm_DIG.c:1199: + struct DIG_T * pDM_DigTable = &pDM_Odm->DM_DigTable; Reviewed-by: Dan Carpenter <[email protected]> Signed-off-by: Marco Cesati <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>

Reorder targets in Rust's Makefile to make second expansion clearly.

"The most effective debugging tool is still careful thought, coupled with judiciously placed print statements." - Brian Kernighan I've been chasing an occasional unmount hangs when running check-parallel for a couple of months now: [95964.140623] Call Trace: [95964.144641] __schedule+0x699/0xb70 [95964.154003] schedule+0x64/0xd0 [95964.156851] xfs_ail_push_all_sync+0x9b/0xf0 [95964.164816] xfs_unmount_flush_inodes+0x41/0x70 [95964.168698] xfs_unmountfs+0x7f/0x170 [95964.171846] xfs_fs_put_super+0x3b/0x90 [95964.175216] generic_shutdown_super+0x77/0x160 [95964.178060] kill_block_super+0x1b/0x40 [95964.180553] xfs_kill_sb+0x12/0x30 [95964.182796] deactivate_locked_super+0x38/0x100 [95964.185735] deactivate_super+0x41/0x50 [95964.188245] cleanup_mnt+0x9f/0x160 [95964.190519] __cleanup_mnt+0x12/0x20 [95964.192899] task_work_run+0x89/0xb0 [95964.195221] resume_user_mode_work+0x4f/0x60 [95964.197931] syscall_exit_to_user_mode+0x76/0xb0 [95964.201003] do_syscall_64+0x74/0x130 $ pstree -N mnt |grep umount |-check-parallel---nsexec---run_test.sh---753---umount It always seems to be generic/753 that triggers this, and repeating a quick group test run triggers it every 10-15 iterations. Hence it generally triggers once up every 30-40 minutes of test time. just running generic/753 by itself or concurrently with a limited group of tests doesn't reproduce this issue at all. Tracing on a hung system shows the AIL repeating every 50ms a log force followed by an attempt to push pinned, aborted inodes from the AIL (trimmed for brevity): xfs_log_force: lsn 0x1c caller xfsaild+0x18e xfs_log_force: lsn 0x0 caller xlog_cil_flush+0xbd xfs_log_force: lsn 0x1c caller xfs_log_force+0x77 xfs_ail_pinned: lip 0xffff88826014afa0 lsn 1/37472 type XFS_LI_INODE flags IN_AIL|ABORTED xfs_ail_pinned: lip 0xffff88814000a708 lsn 1/37472 type XFS_LI_INODE flags IN_AIL|ABORTED xfs_ail_pinned: lip 0xffff88810b850c80 lsn 1/37472 type XFS_LI_INODE flags IN_AIL|ABORTED xfs_ail_pinned: lip 0xffff88810b850af0 lsn 1/37472 type XFS_LI_INODE flags IN_AIL|ABORTED xfs_ail_pinned: lip 0xffff888165cf0a28 lsn 1/37472 type XFS_LI_INODE flags IN_AIL|ABORTED xfs_ail_pinned: lip 0xffff88810b850bb8 lsn 1/37472 type XFS_LI_INODE flags IN_AIL|ABORTED .... The inode log items are marked as aborted, which means that either: a) a transaction commit has occurred, seen an error or shutdown, and called xfs_trans_free_items() to abort the items. This should happen before any pinning of log items occurs. or b) a dirty transaction has been cancelled. This should also happen before any pinning of log items occurs. or c) AIL insertion at journal IO completion is marked as aborted. In this case, the log item is pinned by the CIL until journal IO completes and hence needs to be unpinned. This is then done after the ->iop_committed() callback is run, so the pin count should be balanced correctly. There are no other cases that set XFS_LI_ABORTED for inodes are set, so it's not at all obvious why the item is pinned in the AIL. I added tracing to indicate why the inode item push is returning a XFS_ITEM_PINNED value: xfs_log_force: lsn 0x5e caller xfsaild+0x18e xfs_log_force: lsn 0x0 caller xlog_cil_flush+0xbd xfs_log_force: lsn 0x5e caller xfs_log_force+0x77 xfs_inode_push_stale: ino 0xc4 count 0 pincount 0 iflags 0x86 caller xfsaild+0x432 xfs_ail_pinned: lip 0xffff8882a20d5900 lsn 1/40853 type XFS_LI_INODE flags IN_AIL|ABORTED xfs_inode_push_stale: ino 0xc1 count 0 pincount 0 iflags 0x86 caller xfsaild+0x432 xfs_ail_pinned: lip 0xffff8882a20d5518 lsn 1/40853 type XFS_LI_INODE flags IN_AIL The inode flags are XFS_ISTALE | XFS_IRECLAIMABLE | XFS_IFLUSHING, and this means xfs_inode_push_item() is triggering this code: if (!bp || (ip->i_flags & XFS_ISTALE)) { /* * Inode item/buffer is being aborted due to cluster * buffer deletion. Trigger a log force to have that operation * completed and items removed from the AIL before the next push * attempt. */ >>>>>> trace_xfs_inode_push_stale(ip, _RET_IP_); return XFS_ITEM_PINNED; } XFS_IFLUSHING is set, so there should have been a buffer IO completion that cleared that and removed the inode from the AIL. Inode cluster freeing marks the inode XFS_ISTALE | XFS_IFLUSHING, so this is a valid state for the inode to be in. The inode cluster buffer is not in the AIL, so these inodes should have been removed from the AIL when the inode cluster buffer was aborted and unpinned. However, I'm unclear on how the XFS_LI_ABORTED state is getting set - there are a couple of places this can occur, and both should be triggering the inode cluster buffer to remove the attached inodes from the AIL and drop them. More tracing.... ... and that was unexpected: xfsaild/dm-3-1747912 [047] ...1. 604.344253: xfs_inode_push_pinned: dev 251:3 ino 0x2020082 count 0 pincount 10 iflags 0x4 caller xfsaild+0x432 xfsaild/dm-3-1747912 [047] ...1. 604.344253: xfs_ail_pinned: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL kworker/u259:14-391 [019] ..... 604.366776: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL kworker/16:1H-1600438 [016] ..... 604.366802: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED <...>-382 [021] ..... 604.366849: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED kworker/16:1H-1600438 [016] ..... 604.366866: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED kworker/16:1H-1600438 [016] ..... 604.366969: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED kworker/16:1H-1600438 [016] ..... 604.367005: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED kworker/u258:32-1245394 [021] ..... 604.367054: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED kworker/u259:9-1580996 [023] ..... 604.367109: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED <...>-356 [028] ..... 604.367163: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED <...>-1245384 [028] ..... 604.367213: xlog_ail_insert_abort: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED xfsaild/dm-3-1747912 [047] ...1. 604.396155: xfs_inode_push_stale: dev 251:3 ino 0x2020082 count 0 pincount 0 iflags 0x86 caller xfsaild+0x432 xfsaild/dm-3-1747912 [047] ...1. 604.396156: xfs_ail_pinned: dev 251:3 lip 0xffff88907a7a9838 lsn 1/4199 type XFS_LI_INODE flags IN_AIL|ABORTED There are *10* log item aborts for the inode in question in about 500us. It's one for every pin count, so at least that adds up, but we can only have 4 checkpoints in flight at once because we only have 4 workers, right? Ah - we are limited to *building* 4 checkpoints at once. As soon as the worker commits a checkpoint and releases the iclog, it can start working on the next checkpoint. So we've got 4 checkpoint completions doing insert aborts from journal IO completion (kworker/16:1H-1600438). There are 3 traces that are clearly unbound CIL push kworkers (kworker/u259:14-391 and the like). There are also 3 that are truncated names, but the -XXX is very close to the PIDs of the other unbound push kworkers, so that's probably what they were. This means that during a shutdown we clearly have racing calls to xlog_cil_committed() rather than having them completely serialised by journal IO completion. This means that we may still have a transaction commit in flight that holds a reference to a xfs_buf_log_item (BLI) after CIL insertion. e.g. a synchronous transaction will flush the CIL before the transaction is torn down. The concurrent CIL push then aborts insertion it and drops the commit/AIL reference to the BLI. This can leave the transaction commit context with the last reference to the BLI. The abort of the inode buffer is supposed to abort all the inodes attached to it on journal IO completion. This is done by the xfs_buf_item_unpin() call, but if the last unpin doesn't drop the last reference to the BLI, it doesn't complete the stale inodes attached to it - it leaves that for the last reference. Then when the last reference is released from transaction context (xfs_trans_commit() or xfs_trans_cancel()), we end up here: xfs_trans_free_items() ->iop_release xfs_buf_item_release xfs_buf_item_put if (XFS_LI_ABORTED) xfs_trans_ail_delete xfs_buf_item_relse() And we do not process the inode objects attached to the buffer, even though we've checked if this is an aborted log item on last release. Hence in this case, it would seem that we've released a stale inode buffer with stale inodes attached and in the AIL and haven't aborted the inodes.... OK, let's add an assert: ASSERT(list_empty(&bip->bli_buf->b_li_list)); to the abort case in xfs_buf_item_put().... XFS: Assertion failed: list_empty(&bip->bli_buf->b_li_list), file: fs/xfs/xfs_buf_item.c, line: 561 ------------[ cut here ]------------ kernel BUG at fs/xfs/xfs_message.c:102! Oops: invalid opcode: 0000 [#1] SMP NOPTI CPU: 12 UID: 0 PID: 816468 Comm: kworker/12:53 Not tainted 6.15.0-rc5-dgc+ torvalds#326 PREEMPT(full) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Workqueue: xfs-inodegc/dm-1 xfs_inodegc_worker RIP: 0010:assfail+0x3a/0x40 Code: 89 f1 48 89 fe 48 c7 c7 cf c7 ed 82 48 c7 c2 86 56 e8 82 e8 c8 fc ff ff 80 3d d1 d3 50 03 01 74 09 0f 0b 5d c3 cc cc cc cc cc <0f> 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffc900184e3b40 EFLAGS: 00010246 RAX: a79ae1118c7fdd00 RBX: ffff88812b04ba80 RCX: a79ae1118c7fdd00 RDX: ffffc900184e3a08 RSI: 000000000000000a RDI: ffffffff82edc7cf RBP: ffffc900184e3b40 R08: 0000000000000000 R09: 000000000000000a R10: 0000000000000000 R11: 0000000000000021 R12: 0000000000000024 R13: 0000000000000000 R14: ffff88816a67a750 R15: 000000000000006c FS: 0000000000000000(0000) GS:ffff88889a78a000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbe8536d3dc CR3: 00000008471e7000 CR4: 0000000000350ef0 Call Trace: <TASK> xfs_buf_item_release+0x22c/0x280 xfs_trans_free_items+0x94/0x140 __xfs_trans_commit+0x1e4/0x320 xfs_trans_roll+0x4d/0xe0 xfs_defer_trans_roll+0x83/0x160 xfs_defer_finish_noroll+0x1d1/0x440 xfs_trans_commit+0x46/0x90 xfs_inactive_ifree+0x1b6/0x230 xfs_inactive+0x30e/0x3b0 xfs_inodegc_worker+0xaa/0x180 process_scheduled_works+0x1d6/0x400 worker_thread+0x202/0x2e0 kthread+0x20c/0x240 ret_from_fork+0x3e/0x50 ret_from_fork_asm+0x1a/0x30 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- And there's the smoking gun - the transaction commit holds the last reference to the BLI that still has stale inodes attached to the buffer. ----- The fix for this is not immediately clear. Let's talk to the dog for a bit... We first need to observe that xfs_buf_item_release() must be called with the buffer still locked as one of it's functions is to unlock the buffer after the transaction is committed. Hence we can run operations IO completion/failure routines that require the buffer to be locked from xfs_buf_item_release() context if necessary. However, the locking for stale buffers is different and quite complicated. Stale buffers cover freed metadata extents, so we can't allow them to be accessed for anything until the metadata related to the freeing operation is on stable storage. i.e. the buffer has to remained stale and locked until journal IO completion, not just transaction commit completion. This is what allows metadata freeing transactions to run asynchronously and avoid needing a log force during xfs_trans_commit() context.... This means that the buffer lock context needs to be passed to the last BLI reference. For stale buffers, this is normally the last BLI unpin on journal IO completion. The unpin then processes the stale buffer completion and releases the buffer lock. However, if the unpin from journal IO completion does not hold the last reference, there -must- still be a transaction context that references the BLI, and so the buffer must remain locked until that transaction context is torn down. IOWs, there is an inherent race between journal IO completion and transaction freeing dropping the last reference to a stale buffer. In normal runtime situations, this isn't a problem because because we can't use the reallocated block until the buffer lock has been dropped. Hence we serialise on transaction commit completion rather than journal IO completion. However, in the case of stale inode buffers, this race condition implies we failed to clean up stale inodes attached to the buffer at journal IO completion. This race condition generally doesn't occur because the BLI has already been logged multiple times for unlinked inode list modifications prior to the invalidation. Hence at inode cluster freeing time it often has an elevated pin count because it is in the CIL (and potentially other checkpoints in flight) already. This results in the transaction commit context almost always dropping it's reference first due to how long CIL checkpoint submission and completion takes. Further, xfs_buf_item_release() has an ASSERT that checks the transaction context cleanup is not dropping the last reference to a stale buffer -except- in the case where the BLI has been aborted: /* * Unref the item and unlock the buffer unless held or stale. Stale * buffers remain locked until final unpin unless the bli is freed by * the unref call. The latter implies shutdown because buffer * invalidation dirties the bli and transaction. */ released = xfs_buf_item_put(bip); if (hold || (stale && !released)) return; >>>>> ASSERT(!stale || aborted); xfs_buf_relse(bp); I've never seen that ASSERT trip at runtime for stale && !aborted buffers, so it seems pretty clear that the unpin race only manifests during shutdown conditions when abort conditions are asserted. That's part of the problem - this code acknowledges that a race condition can occur during shutdown, but then asserts that it is benign. This may once have been true, but we've attached inodes being flushed to the buffer for a long time under the guise that buffer IO completion or stale buffer teardown will also complete or abort attached inodes appropriately. The debug ASSERT I added above catches this exact condition - a stale buffer being released from transaction context with stale inodes still attached to it. Hence the way we are processing the last BLI reference in xfs_buf_item_release() needs fixing. xfs_buf_item_put() is needed, but it should not be doing any handling of dirty/stale state. There are only 3 callers, and two of them explicitly only pass clean BLIs to xfs_buf_item_put() to remove them from a transaction context and do not check the return value. These cases do not care if the item is in the AIL or not; buffers that are in the AIL on shutdown will be cleared from the AIL by pushing them. They will get queued for IO, then the IO will get failed and IO completion will remove them from the AIL. Hence these transaction removal cases do not need to care about whether the item is aborted or not - they just need to check if it is in the AIL or not. This state is protected by the buffer lock the caller holds... Hence I think that xfs_buf_item_release needs to look an awful lot like xfs_buf_item_unpin().... <hack hack hack> generic/753 again: XFS: Assertion failed: !(bip->bli_flags & XFS_BLI_DIRTY), file: fs/xfs/xfs_buf_item.c, line: 616 xfs_buf_item_put+0x97/0xf0 xfs_trans_brelse+0x9b/0x1d0 xfs_btree_del_cursor+0x2f/0xc0 xfs_alloc_ag_vextent_near+0x359/0x470 xfs_alloc_vextent_near_bno+0xbc/0x180 xfs_ialloc_ag_alloc+0x6dd/0x7a0 xfs_dialloc+0x38e/0x8e0 xfs_create+0x1d4/0x430 xfs_generic_create+0x141/0x3e0 xfs_vn_mkdir+0x1a/0x30 vfs_mkdir+0xe6/0x190 do_mkdirat+0xaa/0x260 __x64_sys_mkdir+0x2b/0x40 x64_sys_call+0x228f/0x2f60 do_syscall_64+0x68/0x130 But wait, there's more! This is trying to free a buffer that is not dirty in the transaction (XFS_LI_DIRTY on the log item is not set), but the BLI is marked dirty but isn't in the AIL. That, I think, is another shutdown race where an item is in a committing checkpoint (not locked, has a bli reference) at the same time as something reads and then releases the buffer. A shutdown occurs and the committing checkpoint completes, aborts the log item instead of inserting it into the ail, and because it's not the last bli reference is then does nothing else. At this point, the only remaining bli reference is owned by the btree cursor, the BLI is dirty and not stale, and we call xfs_trans_brelse() -> xfs_buf_item_put() to drop the buffer which then would free the BLI directly, even though it is dirty. That triggers the aobve ASSERT. So, in a shutdown state, we can be freeing dirty BLIs from xfs_buf_item_put() via xfs_trans_brelse() and xfs_trans_bdetach(). Yes, the existing code handles this case by considering shutdown state as "aborted", but that's one of the confusions that masks the original bug from the xfs_buf_item_release() path - the buffer may be considered "aborted" in the shutdown case, but we still may have to do cleanup work on it regardless of whether it is in the AIL or not. The question is whether we can get this state occurring with stale inode buffers that have attached stale inodes. It can't happen with xfs_trans_brelse(), as it keeps the buffer attached to the transaction if XFS_BLI_STALE is set. xfs_trans_bdetach() also has an assert that would fire if it was called on a XFS_BLI_DIRTY or XFS_BLI_STALE buffer. Hence I don't think that we can get races with stale buffers here, and so all that needs doing is changing the assert.... Ok, it has survived check-parallel for an hour, so I think that the problem is fixed. Signed-off-by: Dave Chinner <[email protected]>

add ra8871 ra8873 ra8876 ra8877 support

b19af90

add ra8871 ra8873 ra8876 ra8877 driver to fbtft

laijs pushed a commit to laijs/linux that referenced this pull request Feb 16, 2017

Merge pull request torvalds#326 from laijs/lkl/no_syscall_thread

311a4ee

remove lkl_[create|stop]_syscall_thread from Makefile

ojeda added a commit to ojeda/linux that referenced this pull request Jun 3, 2021

Merge pull request torvalds#326 from d0u9/bug/makefile_fix

40fb0c7

Reorder targets in Rust's Makefile to make second expansion clearly.

torvalds closed this Sep 22, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

add ra8871 ra8873 ra8876 ra8877 support to fbtft #326

add ra8871 ra8873 ra8876 ra8877 support to fbtft #326

Uh oh!

mountainH commented Sep 26, 2016

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

add ra8871 ra8873 ra8876 ra8877 support to fbtft #326

add ra8871 ra8873 ra8876 ra8877 support to fbtft #326

Uh oh!

Conversation

mountainH commented Sep 26, 2016

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants