Replace gzip/bzip2 with xz in README #150
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Kernel tarballs are only compressed with xz now, gzip and bzip2 are redundant.
|
Linus doesn't accept PRs on GitHub. |
|
Where should I file it? I didn't see any pull request mechanism on kernel.org, and it was only a minor change (doesn't even change code) |
|
@felixphew Linux doesn't have a pull-request mechanism for very specific reasons...most upstream patches will have to be merged upstream by a maintainer you will have to talk to first. There's a great guide on kernelnewbies on how to do this: http://kernelnewbies.org/UpstreamMerge |
|
@felixphew http://www.tuxradar.com/content/newbies-guide-hacking-linux-kernel Is what I used to submit my first patch yesterday! It is a pretty good tutorial. |
|
OK, if I need to go through this much of a process I may as well make some more significant documentation improvements. I'll email the maintainer with a more significant patch soon. |
ffainelli
pushed a commit
to ffainelli/linux
that referenced
this pull request
Jan 27, 2015
Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty torvalds#150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
otavio
referenced
this pull request
in Freescale/linux-fslc
Sep 18, 2015
Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty #150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
otavio
referenced
this pull request
in Freescale/linux-fslc
Sep 29, 2015
Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty #150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
linux4kix
referenced
this pull request
in SolidRun/linux-fslc
Oct 5, 2015
Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty Freescale#150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
mk01
referenced
this pull request
in mk01/linux-fslc
Oct 18, 2015
Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty Freescale#150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
mk01
referenced
this pull request
in mk01/linux-fslc
Nov 3, 2015
Upstream-commit: cc08d25 Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty Freescale#150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
mk01
referenced
this pull request
in mk01/linux-fslc
Jan 11, 2016
Upstream-commit: cc08d25 Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty Freescale#150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
mk01
referenced
this pull request
in mk01/linux-fslc
Jan 11, 2016
Upstream-commit: cc08d25 Enable kernel config "CONFIG_HAVE_DMA_API_DEBUG", FEC have kernel warning: [ 6.650444] fec 2188000.ethernet: DMA-API: device driver tries to free DMA memory it has not allocated [ 6.664289] Modules linked in: [ 6.667378] CPU: 0 PID: 3 Comm: ksoftirqd/0 Not tainted 3.19.0-rc4-00688-g8834016-dirty Freescale#150 [ 6.675841] Hardware name: Freescale i.MX6 SoloX (Device Tree) [ 6.681698] Backtrace: [ 6.684189] [<80011e3c>] (dump_backtrace) from [<80011fdc>] (show_stack+0x18/0x1c) [ 6.691789] r6:80890154 r5:00000000 r4:00000000 r3:00000000 [ 6.697533] [<80011fc4>] (show_stack) from [<806d2d88>] (dump_stack+0x80/0x9c) [ 6.704799] [<806d2d08>] (dump_stack) from [<8002a4e4>] (warn_slowpath_common+0x7c/0xb4) [ 6.712917] r5:00000445 r4:00000000 [ 6.716544] [<8002a468>] (warn_slowpath_common) from [<8002a5c0>] (warn_slowpath_fmt+0x38/0x40) [ 6.725265] r8:809a2ee8 r7:00000000 r6:00000000 r5:00000000 r4:00000042 [ 6.732087] [<8002a58c>] (warn_slowpath_fmt) from [<802d6268>] (check_unmap+0x86c/0x98c) [ 6.740202] r3:808c79bc r2:8089060c [ 6.743826] [<802d59fc>] (check_unmap) from [<802d65e4>] (debug_dma_unmap_page+0x80/0x88) [ 6.752029] r10:00000000 r9:00000000 r8:00000000 r7:00000001 r6:be12a410 r5:00000000 [ 6.759967] r4:00000042 [ 6.762538] [<802d6564>] (debug_dma_unmap_page) from [<80440248>] (fec_enet_rx_napi+0x7ec/0xb9c) [ 6.771345] r7:00000400 r6:be3e4000 r5:bf08fa20 r4:be036000 [ 6.777094] [<8043fa5c>] (fec_enet_rx_napi) from [<8056ae24>] (net_rx_action+0x134/0x324) [ 6.785297] r10:be089e60 r9:80998180 r8:ffff8d68 r7:0000012c r6:00000040 r5:00000001 [ 6.793239] r4:be036718 [ 6.795801] [<8056acf0>] (net_rx_action) from [<8002db24>] (__do_softirq+0x138/0x2d0) [ 6.803655] r10:00000003 r9:00000003 r8:80996378 r7:8099c080 r6:00000100 r5:8099c08c [ 6.811593] r4:00000000 [ 6.814157] [<8002d9ec>] (__do_softirq) from [<8002dd00>] (run_ksoftirqd+0x44/0x5c) [ 6.821836] r10:00000000 r9:00000000 r8:809b133c r7:00000000 r6:00000001 r5:00000000 [ 6.829775] r4:be027e80 [ 6.832346] [<8002dcbc>] (run_ksoftirqd) from [<80048290>] (smpboot_thread_fn+0x154/0x1c4) [ 6.840649] [<8004813c>] (smpboot_thread_fn) from [<80044780>] (kthread+0xdc/0xf8) [ 6.848224] r10:00000000 r8:00000000 r7:8004813c r6:be027e80 r5:be027ec0 r4:00000000 [ 6.856179] [<800446a4>] (kthread) from [<8000ebc8>] (ret_from_fork+0x14/0x2c) [ 6.863425] r7:00000000 r6:00000000 r5:800446a4 r4:be027ec0 [ 6.869156] ---[ end trace 861cf914d2461a8b ]--- There have one bug in .fec_enet_tx_queue() function to unmap the DMA memory: For SG or TSO, get one buffer descriptor and then unmap the related DMA memory, and then get the next buffer descriptor, loop to while() to check "TX_READY". If "TX_READY" bit still __IS__ existed in the BD (The next fraglist or next TSO packet is not transmited complitely), exit the current clean work. When the next work is triggered, it still repeat above step with the same BD. The potential issue is that unmap the same DMA memory for multiple times. The patch fix the clean work for SG and TSO packet. Reported-by: Anand Moon <[email protected]> Reported-by: Christian Gmeiner <[email protected]> Signed-off-by: Fugang Duan <[email protected]> Signed-off-by: David S. Miller <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Apr 27, 2022
… abort commit 23e3d7f upstream. we got issue as follows: [ 72.796117] EXT4-fs error (device sda): ext4_journal_check_start:83: comm fallocate: Detected aborted journal [ 72.826847] EXT4-fs (sda): Remounting filesystem read-only fallocate: fallocate failed: Read-only file system [ 74.791830] jbd2_journal_commit_transaction: jh=0xffff9cfefe725d90 bh=0x0000000000000000 end delay [ 74.793597] ------------[ cut here ]------------ [ 74.794203] kernel BUG at fs/jbd2/transaction.c:2063! [ 74.794886] invalid opcode: 0000 [#1] PREEMPT SMP PTI [ 74.795533] CPU: 4 PID: 2260 Comm: jbd2/sda-8 Not tainted 5.17.0-rc8-next-20220315-dirty torvalds#150 [ 74.798327] RIP: 0010:__jbd2_journal_unfile_buffer+0x3e/0x60 [ 74.801971] RSP: 0018:ffffa828c24a3cb8 EFLAGS: 00010202 [ 74.802694] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.803601] RDX: 0000000000000001 RSI: ffff9cfefe725d90 RDI: ffff9cfefe725d90 [ 74.804554] RBP: ffff9cfefe725d90 R08: 0000000000000000 R09: ffffa828c24a3b20 [ 74.805471] R10: 0000000000000001 R11: 0000000000000001 R12: ffff9cfefe725d90 [ 74.806385] R13: ffff9cfefe725d98 R14: 0000000000000000 R15: ffff9cfe833a4d00 [ 74.807301] FS: 0000000000000000(0000) GS:ffff9d01afb00000(0000) knlGS:0000000000000000 [ 74.808338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.809084] CR2: 00007f2b81bf4000 CR3: 0000000100056000 CR4: 00000000000006e0 [ 74.810047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.810981] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.811897] Call Trace: [ 74.812241] <TASK> [ 74.812566] __jbd2_journal_refile_buffer+0x12f/0x180 [ 74.813246] jbd2_journal_refile_buffer+0x4c/0xa0 [ 74.813869] jbd2_journal_commit_transaction.cold+0xa1/0x148 [ 74.817550] kjournald2+0xf8/0x3e0 [ 74.819056] kthread+0x153/0x1c0 [ 74.819963] ret_from_fork+0x22/0x30 Above issue may happen as follows: write truncate kjournald2 generic_perform_write ext4_write_begin ext4_walk_page_buffers do_journal_get_write_access ->add BJ_Reserved list ext4_journalled_write_end ext4_walk_page_buffers write_end_fn ext4_handle_dirty_metadata ***************JBD2 ABORT************** jbd2_journal_dirty_metadata -> return -EROFS, jh in reserved_list jbd2_journal_commit_transaction while (commit_transaction->t_reserved_list) jh = commit_transaction->t_reserved_list; truncate_pagecache_range do_invalidatepage ext4_journalled_invalidatepage jbd2_journal_invalidatepage journal_unmap_buffer __dispose_buffer __jbd2_journal_unfile_buffer jbd2_journal_put_journal_head ->put last ref_count __journal_remove_journal_head bh->b_private = NULL; jh->b_bh = NULL; jbd2_journal_refile_buffer(journal, jh); bh = jh2bh(jh); ->bh is NULL, later will trigger null-ptr-deref journal_free_journal_head(jh); After commit 96f1e09, we no longer hold the j_state_lock while iterating over the list of reserved handles in jbd2_journal_commit_transaction(). This potentially allows the journal_head to be freed by journal_unmap_buffer while the commit codepath is also trying to free the BJ_Reserved buffers. Keeping j_state_lock held while trying extends hold time of the lock minimally, and solves this issue. Fixes: 96f1e09("jbd2: avoid long hold times of j_state_lock while committing a transaction") Signed-off-by: Ye Bin <[email protected]> Reviewed-by: Jan Kara <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Theodore Ts'o <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Apr 27, 2022
… abort commit 23e3d7f upstream. we got issue as follows: [ 72.796117] EXT4-fs error (device sda): ext4_journal_check_start:83: comm fallocate: Detected aborted journal [ 72.826847] EXT4-fs (sda): Remounting filesystem read-only fallocate: fallocate failed: Read-only file system [ 74.791830] jbd2_journal_commit_transaction: jh=0xffff9cfefe725d90 bh=0x0000000000000000 end delay [ 74.793597] ------------[ cut here ]------------ [ 74.794203] kernel BUG at fs/jbd2/transaction.c:2063! [ 74.794886] invalid opcode: 0000 [#1] PREEMPT SMP PTI [ 74.795533] CPU: 4 PID: 2260 Comm: jbd2/sda-8 Not tainted 5.17.0-rc8-next-20220315-dirty torvalds#150 [ 74.798327] RIP: 0010:__jbd2_journal_unfile_buffer+0x3e/0x60 [ 74.801971] RSP: 0018:ffffa828c24a3cb8 EFLAGS: 00010202 [ 74.802694] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.803601] RDX: 0000000000000001 RSI: ffff9cfefe725d90 RDI: ffff9cfefe725d90 [ 74.804554] RBP: ffff9cfefe725d90 R08: 0000000000000000 R09: ffffa828c24a3b20 [ 74.805471] R10: 0000000000000001 R11: 0000000000000001 R12: ffff9cfefe725d90 [ 74.806385] R13: ffff9cfefe725d98 R14: 0000000000000000 R15: ffff9cfe833a4d00 [ 74.807301] FS: 0000000000000000(0000) GS:ffff9d01afb00000(0000) knlGS:0000000000000000 [ 74.808338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.809084] CR2: 00007f2b81bf4000 CR3: 0000000100056000 CR4: 00000000000006e0 [ 74.810047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.810981] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.811897] Call Trace: [ 74.812241] <TASK> [ 74.812566] __jbd2_journal_refile_buffer+0x12f/0x180 [ 74.813246] jbd2_journal_refile_buffer+0x4c/0xa0 [ 74.813869] jbd2_journal_commit_transaction.cold+0xa1/0x148 [ 74.817550] kjournald2+0xf8/0x3e0 [ 74.819056] kthread+0x153/0x1c0 [ 74.819963] ret_from_fork+0x22/0x30 Above issue may happen as follows: write truncate kjournald2 generic_perform_write ext4_write_begin ext4_walk_page_buffers do_journal_get_write_access ->add BJ_Reserved list ext4_journalled_write_end ext4_walk_page_buffers write_end_fn ext4_handle_dirty_metadata ***************JBD2 ABORT************** jbd2_journal_dirty_metadata -> return -EROFS, jh in reserved_list jbd2_journal_commit_transaction while (commit_transaction->t_reserved_list) jh = commit_transaction->t_reserved_list; truncate_pagecache_range do_invalidatepage ext4_journalled_invalidatepage jbd2_journal_invalidatepage journal_unmap_buffer __dispose_buffer __jbd2_journal_unfile_buffer jbd2_journal_put_journal_head ->put last ref_count __journal_remove_journal_head bh->b_private = NULL; jh->b_bh = NULL; jbd2_journal_refile_buffer(journal, jh); bh = jh2bh(jh); ->bh is NULL, later will trigger null-ptr-deref journal_free_journal_head(jh); After commit 96f1e09, we no longer hold the j_state_lock while iterating over the list of reserved handles in jbd2_journal_commit_transaction(). This potentially allows the journal_head to be freed by journal_unmap_buffer while the commit codepath is also trying to free the BJ_Reserved buffers. Keeping j_state_lock held while trying extends hold time of the lock minimally, and solves this issue. Fixes: 96f1e09("jbd2: avoid long hold times of j_state_lock while committing a transaction") Signed-off-by: Ye Bin <[email protected]> Reviewed-by: Jan Kara <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Theodore Ts'o <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Apr 27, 2022
… abort commit 23e3d7f upstream. we got issue as follows: [ 72.796117] EXT4-fs error (device sda): ext4_journal_check_start:83: comm fallocate: Detected aborted journal [ 72.826847] EXT4-fs (sda): Remounting filesystem read-only fallocate: fallocate failed: Read-only file system [ 74.791830] jbd2_journal_commit_transaction: jh=0xffff9cfefe725d90 bh=0x0000000000000000 end delay [ 74.793597] ------------[ cut here ]------------ [ 74.794203] kernel BUG at fs/jbd2/transaction.c:2063! [ 74.794886] invalid opcode: 0000 [#1] PREEMPT SMP PTI [ 74.795533] CPU: 4 PID: 2260 Comm: jbd2/sda-8 Not tainted 5.17.0-rc8-next-20220315-dirty torvalds#150 [ 74.798327] RIP: 0010:__jbd2_journal_unfile_buffer+0x3e/0x60 [ 74.801971] RSP: 0018:ffffa828c24a3cb8 EFLAGS: 00010202 [ 74.802694] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.803601] RDX: 0000000000000001 RSI: ffff9cfefe725d90 RDI: ffff9cfefe725d90 [ 74.804554] RBP: ffff9cfefe725d90 R08: 0000000000000000 R09: ffffa828c24a3b20 [ 74.805471] R10: 0000000000000001 R11: 0000000000000001 R12: ffff9cfefe725d90 [ 74.806385] R13: ffff9cfefe725d98 R14: 0000000000000000 R15: ffff9cfe833a4d00 [ 74.807301] FS: 0000000000000000(0000) GS:ffff9d01afb00000(0000) knlGS:0000000000000000 [ 74.808338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.809084] CR2: 00007f2b81bf4000 CR3: 0000000100056000 CR4: 00000000000006e0 [ 74.810047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.810981] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.811897] Call Trace: [ 74.812241] <TASK> [ 74.812566] __jbd2_journal_refile_buffer+0x12f/0x180 [ 74.813246] jbd2_journal_refile_buffer+0x4c/0xa0 [ 74.813869] jbd2_journal_commit_transaction.cold+0xa1/0x148 [ 74.817550] kjournald2+0xf8/0x3e0 [ 74.819056] kthread+0x153/0x1c0 [ 74.819963] ret_from_fork+0x22/0x30 Above issue may happen as follows: write truncate kjournald2 generic_perform_write ext4_write_begin ext4_walk_page_buffers do_journal_get_write_access ->add BJ_Reserved list ext4_journalled_write_end ext4_walk_page_buffers write_end_fn ext4_handle_dirty_metadata ***************JBD2 ABORT************** jbd2_journal_dirty_metadata -> return -EROFS, jh in reserved_list jbd2_journal_commit_transaction while (commit_transaction->t_reserved_list) jh = commit_transaction->t_reserved_list; truncate_pagecache_range do_invalidatepage ext4_journalled_invalidatepage jbd2_journal_invalidatepage journal_unmap_buffer __dispose_buffer __jbd2_journal_unfile_buffer jbd2_journal_put_journal_head ->put last ref_count __journal_remove_journal_head bh->b_private = NULL; jh->b_bh = NULL; jbd2_journal_refile_buffer(journal, jh); bh = jh2bh(jh); ->bh is NULL, later will trigger null-ptr-deref journal_free_journal_head(jh); After commit 96f1e09, we no longer hold the j_state_lock while iterating over the list of reserved handles in jbd2_journal_commit_transaction(). This potentially allows the journal_head to be freed by journal_unmap_buffer while the commit codepath is also trying to free the BJ_Reserved buffers. Keeping j_state_lock held while trying extends hold time of the lock minimally, and solves this issue. Fixes: 96f1e09("jbd2: avoid long hold times of j_state_lock while committing a transaction") Signed-off-by: Ye Bin <[email protected]> Reviewed-by: Jan Kara <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Theodore Ts'o <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Apr 27, 2022
… abort commit 23e3d7f upstream. we got issue as follows: [ 72.796117] EXT4-fs error (device sda): ext4_journal_check_start:83: comm fallocate: Detected aborted journal [ 72.826847] EXT4-fs (sda): Remounting filesystem read-only fallocate: fallocate failed: Read-only file system [ 74.791830] jbd2_journal_commit_transaction: jh=0xffff9cfefe725d90 bh=0x0000000000000000 end delay [ 74.793597] ------------[ cut here ]------------ [ 74.794203] kernel BUG at fs/jbd2/transaction.c:2063! [ 74.794886] invalid opcode: 0000 [#1] PREEMPT SMP PTI [ 74.795533] CPU: 4 PID: 2260 Comm: jbd2/sda-8 Not tainted 5.17.0-rc8-next-20220315-dirty torvalds#150 [ 74.798327] RIP: 0010:__jbd2_journal_unfile_buffer+0x3e/0x60 [ 74.801971] RSP: 0018:ffffa828c24a3cb8 EFLAGS: 00010202 [ 74.802694] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 74.803601] RDX: 0000000000000001 RSI: ffff9cfefe725d90 RDI: ffff9cfefe725d90 [ 74.804554] RBP: ffff9cfefe725d90 R08: 0000000000000000 R09: ffffa828c24a3b20 [ 74.805471] R10: 0000000000000001 R11: 0000000000000001 R12: ffff9cfefe725d90 [ 74.806385] R13: ffff9cfefe725d98 R14: 0000000000000000 R15: ffff9cfe833a4d00 [ 74.807301] FS: 0000000000000000(0000) GS:ffff9d01afb00000(0000) knlGS:0000000000000000 [ 74.808338] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.809084] CR2: 00007f2b81bf4000 CR3: 0000000100056000 CR4: 00000000000006e0 [ 74.810047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.810981] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.811897] Call Trace: [ 74.812241] <TASK> [ 74.812566] __jbd2_journal_refile_buffer+0x12f/0x180 [ 74.813246] jbd2_journal_refile_buffer+0x4c/0xa0 [ 74.813869] jbd2_journal_commit_transaction.cold+0xa1/0x148 [ 74.817550] kjournald2+0xf8/0x3e0 [ 74.819056] kthread+0x153/0x1c0 [ 74.819963] ret_from_fork+0x22/0x30 Above issue may happen as follows: write truncate kjournald2 generic_perform_write ext4_write_begin ext4_walk_page_buffers do_journal_get_write_access ->add BJ_Reserved list ext4_journalled_write_end ext4_walk_page_buffers write_end_fn ext4_handle_dirty_metadata ***************JBD2 ABORT************** jbd2_journal_dirty_metadata -> return -EROFS, jh in reserved_list jbd2_journal_commit_transaction while (commit_transaction->t_reserved_list) jh = commit_transaction->t_reserved_list; truncate_pagecache_range do_invalidatepage ext4_journalled_invalidatepage jbd2_journal_invalidatepage journal_unmap_buffer __dispose_buffer __jbd2_journal_unfile_buffer jbd2_journal_put_journal_head ->put last ref_count __journal_remove_journal_head bh->b_private = NULL; jh->b_bh = NULL; jbd2_journal_refile_buffer(journal, jh); bh = jh2bh(jh); ->bh is NULL, later will trigger null-ptr-deref journal_free_journal_head(jh); After commit 96f1e09, we no longer hold the j_state_lock while iterating over the list of reserved handles in jbd2_journal_commit_transaction(). This potentially allows the journal_head to be freed by journal_unmap_buffer while the commit codepath is also trying to free the BJ_Reserved buffers. Keeping j_state_lock held while trying extends hold time of the lock minimally, and solves this issue. Fixes: 96f1e09("jbd2: avoid long hold times of j_state_lock while committing a transaction") Signed-off-by: Ye Bin <[email protected]> Reviewed-by: Jan Kara <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Theodore Ts'o <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
akiernan
pushed a commit
to zuma-array/linux
that referenced
this pull request
Nov 4, 2022
PD#150078: driver defect clean up: torvalds#14 torvalds#89 torvalds#111 torvalds#124 torvalds#133 torvalds#136 torvalds#137 torvalds#146 torvalds#148 torvalds#150 torvalds#153 Change-Id: I734a66a8b92a0dc57a232879463a3fc074534fa0 Signed-off-by: Zongdong Jiao <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 16, 2023
Because headroom is not passed to page_to_skb(), this causes the shinfo exceeds the range. Then the frags of shinfo are changed by other process. [ 157.724634] stack segment: 0000 [#1] PREEMPT SMP NOPTI [ 157.725358] CPU: 3 PID: 679 Comm: xdp_pass_user_f Tainted: G E 6.2.0+ torvalds#150 [ 157.726401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/4 [ 157.727820] RIP: 0010:skb_release_data+0x11b/0x180 [ 157.728449] Code: 44 24 02 48 83 c3 01 39 d8 7e be 48 89 d8 48 c1 e0 04 41 80 7d 7e 00 49 8b 6c 04 30 79 0c 48 89 ef e8 89 b [ 157.730751] RSP: 0018:ffffc90000178b48 EFLAGS: 00010202 [ 157.731383] RAX: 0000000000000010 RBX: 0000000000000001 RCX: 0000000000000000 [ 157.732270] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888100dd0b00 [ 157.733117] RBP: 5d5d76010f6e2408 R08: ffff888100dd0b2c R09: 0000000000000000 [ 157.734013] R10: ffffffff82effd30 R11: 000000000000a14e R12: ffff88810981ffc0 [ 157.734904] R13: ffff888100dd0b00 R14: 0000000000000002 R15: 0000000000002310 [ 157.735793] FS: 00007f06121d9740(0000) GS:ffff88842fcc0000(0000) knlGS:0000000000000000 [ 157.736794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.737522] CR2: 00007ffd9a56c084 CR3: 0000000104bda001 CR4: 0000000000770ee0 [ 157.738420] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 157.739283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 157.740146] PKRU: 55555554 [ 157.740502] Call Trace: [ 157.740843] <IRQ> [ 157.741117] kfree_skb_reason+0x50/0x120 [ 157.741613] __udp4_lib_rcv+0x52b/0x5e0 [ 157.742132] ip_protocol_deliver_rcu+0xaf/0x190 [ 157.742715] ip_local_deliver_finish+0x77/0xa0 [ 157.743280] ip_sublist_rcv_finish+0x80/0x90 [ 157.743834] ip_list_rcv_finish.constprop.0+0x16f/0x190 [ 157.744493] ip_list_rcv+0x126/0x140 [ 157.744952] __netif_receive_skb_list_core+0x29b/0x2c0 [ 157.745602] __netif_receive_skb_list+0xed/0x160 [ 157.746190] ? udp4_gro_receive+0x275/0x350 [ 157.746732] netif_receive_skb_list_internal+0xf2/0x1b0 [ 157.747398] napi_gro_receive+0xd1/0x210 [ 157.747911] virtnet_receive+0x75/0x1c0 [ 157.748422] virtnet_poll+0x48/0x1b0 [ 157.748878] __napi_poll+0x29/0x1b0 [ 157.749330] net_rx_action+0x27a/0x340 [ 157.749812] __do_softirq+0xf3/0x2fb [ 157.750298] do_softirq+0xa2/0xd0 [ 157.750745] </IRQ> [ 157.751563] <TASK> [ 157.752329] __local_bh_enable_ip+0x6d/0x80 [ 157.753178] virtnet_xdp_set+0x482/0x860 [ 157.754159] ? __pfx_virtnet_xdp+0x10/0x10 [ 157.755129] dev_xdp_install+0xa4/0xe0 [ 157.756033] dev_xdp_attach+0x20b/0x5e0 [ 157.756933] do_setlink+0x82e/0xc90 [ 157.757777] ? __nla_validate_parse+0x12b/0x1e0 [ 157.758744] rtnl_setlink+0xd8/0x170 [ 157.759549] ? mod_objcg_state+0xcb/0x320 [ 157.760328] ? security_capable+0x37/0x60 [ 157.761209] ? security_capable+0x37/0x60 [ 157.762072] rtnetlink_rcv_msg+0x145/0x3d0 [ 157.762929] ? ___slab_alloc+0x327/0x610 [ 157.763754] ? __alloc_skb+0x141/0x170 [ 157.764533] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 157.765422] netlink_rcv_skb+0x58/0x110 [ 157.766229] netlink_unicast+0x21f/0x330 [ 157.766951] netlink_sendmsg+0x240/0x4a0 [ 157.767654] sock_sendmsg+0x93/0xa0 [ 157.768434] ? sockfd_lookup_light+0x12/0x70 [ 157.769245] __sys_sendto+0xfe/0x170 [ 157.770079] ? handle_mm_fault+0xe9/0x2d0 [ 157.770859] ? preempt_count_add+0x51/0xa0 [ 157.771645] ? up_read+0x3c/0x80 [ 157.772340] ? do_user_addr_fault+0x1e9/0x710 [ 157.773166] ? kvm_read_and_reset_apf_flags+0x49/0x60 [ 157.774087] __x64_sys_sendto+0x29/0x30 [ 157.774856] do_syscall_64+0x3c/0x90 [ 157.775518] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.776382] RIP: 0033:0x7f06122def70 Fixes: 18117a8 ("virtio-net: remove xdp related info from page_to_skb()") Signed-off-by: Xuan Zhuo <[email protected]> Acked-by: Michael S. Tsirkin <[email protected]> Signed-off-by: David S. Miller <[email protected]>
mj22226
pushed a commit
to mj22226/linux
that referenced
this pull request
Apr 21, 2023
Because headroom is not passed to page_to_skb(), this causes the shinfo exceeds the range. Then the frags of shinfo are changed by other process. [ 157.724634] stack segment: 0000 [#1] PREEMPT SMP NOPTI [ 157.725358] CPU: 3 PID: 679 Comm: xdp_pass_user_f Tainted: G E 6.2.0+ torvalds#150 [ 157.726401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/4 [ 157.727820] RIP: 0010:skb_release_data+0x11b/0x180 [ 157.728449] Code: 44 24 02 48 83 c3 01 39 d8 7e be 48 89 d8 48 c1 e0 04 41 80 7d 7e 00 49 8b 6c 04 30 79 0c 48 89 ef e8 89 b [ 157.730751] RSP: 0018:ffffc90000178b48 EFLAGS: 00010202 [ 157.731383] RAX: 0000000000000010 RBX: 0000000000000001 RCX: 0000000000000000 [ 157.732270] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888100dd0b00 [ 157.733117] RBP: 5d5d76010f6e2408 R08: ffff888100dd0b2c R09: 0000000000000000 [ 157.734013] R10: ffffffff82effd30 R11: 000000000000a14e R12: ffff88810981ffc0 [ 157.734904] R13: ffff888100dd0b00 R14: 0000000000000002 R15: 0000000000002310 [ 157.735793] FS: 00007f06121d9740(0000) GS:ffff88842fcc0000(0000) knlGS:0000000000000000 [ 157.736794] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.737522] CR2: 00007ffd9a56c084 CR3: 0000000104bda001 CR4: 0000000000770ee0 [ 157.738420] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 157.739283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 157.740146] PKRU: 55555554 [ 157.740502] Call Trace: [ 157.740843] <IRQ> [ 157.741117] kfree_skb_reason+0x50/0x120 [ 157.741613] __udp4_lib_rcv+0x52b/0x5e0 [ 157.742132] ip_protocol_deliver_rcu+0xaf/0x190 [ 157.742715] ip_local_deliver_finish+0x77/0xa0 [ 157.743280] ip_sublist_rcv_finish+0x80/0x90 [ 157.743834] ip_list_rcv_finish.constprop.0+0x16f/0x190 [ 157.744493] ip_list_rcv+0x126/0x140 [ 157.744952] __netif_receive_skb_list_core+0x29b/0x2c0 [ 157.745602] __netif_receive_skb_list+0xed/0x160 [ 157.746190] ? udp4_gro_receive+0x275/0x350 [ 157.746732] netif_receive_skb_list_internal+0xf2/0x1b0 [ 157.747398] napi_gro_receive+0xd1/0x210 [ 157.747911] virtnet_receive+0x75/0x1c0 [ 157.748422] virtnet_poll+0x48/0x1b0 [ 157.748878] __napi_poll+0x29/0x1b0 [ 157.749330] net_rx_action+0x27a/0x340 [ 157.749812] __do_softirq+0xf3/0x2fb [ 157.750298] do_softirq+0xa2/0xd0 [ 157.750745] </IRQ> [ 157.751563] <TASK> [ 157.752329] __local_bh_enable_ip+0x6d/0x80 [ 157.753178] virtnet_xdp_set+0x482/0x860 [ 157.754159] ? __pfx_virtnet_xdp+0x10/0x10 [ 157.755129] dev_xdp_install+0xa4/0xe0 [ 157.756033] dev_xdp_attach+0x20b/0x5e0 [ 157.756933] do_setlink+0x82e/0xc90 [ 157.757777] ? __nla_validate_parse+0x12b/0x1e0 [ 157.758744] rtnl_setlink+0xd8/0x170 [ 157.759549] ? mod_objcg_state+0xcb/0x320 [ 157.760328] ? security_capable+0x37/0x60 [ 157.761209] ? security_capable+0x37/0x60 [ 157.762072] rtnetlink_rcv_msg+0x145/0x3d0 [ 157.762929] ? ___slab_alloc+0x327/0x610 [ 157.763754] ? __alloc_skb+0x141/0x170 [ 157.764533] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 157.765422] netlink_rcv_skb+0x58/0x110 [ 157.766229] netlink_unicast+0x21f/0x330 [ 157.766951] netlink_sendmsg+0x240/0x4a0 [ 157.767654] sock_sendmsg+0x93/0xa0 [ 157.768434] ? sockfd_lookup_light+0x12/0x70 [ 157.769245] __sys_sendto+0xfe/0x170 [ 157.770079] ? handle_mm_fault+0xe9/0x2d0 [ 157.770859] ? preempt_count_add+0x51/0xa0 [ 157.771645] ? up_read+0x3c/0x80 [ 157.772340] ? do_user_addr_fault+0x1e9/0x710 [ 157.773166] ? kvm_read_and_reset_apf_flags+0x49/0x60 [ 157.774087] __x64_sys_sendto+0x29/0x30 [ 157.774856] do_syscall_64+0x3c/0x90 [ 157.775518] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 157.776382] RIP: 0033:0x7f06122def70 Fixes: 18117a8 ("virtio-net: remove xdp related info from page_to_skb()") Signed-off-by: Xuan Zhuo <[email protected]> Acked-by: Michael S. Tsirkin <[email protected]> Signed-off-by: David S. Miller <[email protected]>
mj22226
pushed a commit
to mj22226/linux
that referenced
this pull request
Jul 30, 2023
Signed-off-by: Ken Wang <[email protected]>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this pull request
May 2, 2024
This registers a breakpoint handler for the new breakpoint type (0x03) inserted by LLVM CLANG for CFI breakpoints. If we are in permissive mode, just print a backtrace and continue. Example with CONFIG_CFI_PERMISSIVE enabled: > echo CFI_FORWARD_PROTO > /sys/kernel/debug/provoke-crash/DIRECT lkdtm: Performing direct entry CFI_FORWARD_PROTO lkdtm: Calling matched prototype ... lkdtm: Calling mismatched prototype ... CFI failure at lkdtm_indirect_call+0x40/0x4c (target: 0x0; expected type: 0x00000000) WARNING: CPU: 1 PID: 112 at lkdtm_indirect_call+0x40/0x4c CPU: 1 PID: 112 Comm: sh Not tainted 6.8.0-rc1+ torvalds#150 Hardware name: ARM-Versatile Express (...) lkdtm: FAIL: survived mismatched prototype function call! lkdtm: Unexpected! This kernel (6.8.0-rc1+ armv7l) was built with CONFIG_CFI_CLANG=y As you can see the LKDTM test fails, but I expect that this would be expected behaviour in the permissive mode. We are currently not implementing target and type for the CFI breakpoint as this requires additional operand bundling compiler extensions. CPUs without breakpoint support cannot handle breakpoints naturally, in these cases the permissive mode will not work, CFI will fall over on an undefined instruction: Internal error: Oops - undefined instruction: 0 [#1] PREEMPT ARM CPU: 0 PID: 186 Comm: ash Tainted: G W 6.9.0-rc1+ torvalds#7 Hardware name: Gemini (Device Tree) PC is at lkdtm_indirect_call+0x38/0x4c LR is at lkdtm_CFI_FORWARD_PROTO+0x30/0x6c This is reasonable I think: it's the best CFI can do to ascertain the the control flow is not broken on these CPUs. Reviewed-by: Kees Cook <[email protected]> Tested-by: Kees Cook <[email protected]> Reviewed-by: Sami Tolvanen <[email protected]> Signed-off-by: Linus Walleij <[email protected]> Signed-off-by: Russell King (Oracle) <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Kernel tarballs are only compressed with xz now, gzip and bzip2 are redundant.