- 07 Dec, 2006 40 commits
-
-
Mika Kukkonen authored
Function v9fs_get_idpool returns int, not u32. Actually it returns -1 on errors, and these two callers check if the value is smaller than 0, which was caught by gcc with extra warning flags. Compile tested only but should be OK, as the value computed in v9fs_get_idpool() is also int. Signed-of-by:
Mika Kukkonen <mikukkon@iki.fi> Cc: Eric Van Hensbergen <ericvh@gmail.com> Cc: Ron Minnich <rminnich@lanl.gov> Cc: Latchesar Ionkov <lucho@ionkov.net> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
Linus Torvalds <torvalds@osdl.org>
-
Randy Dunlap authored
Fix sparse NULL warning; drivers/misc/tifm_core.c:223:17: warning: Using plain integer as NULL pointer Fix style while there. Signed-off-by:
Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by:
-
Eric Sandeen authored
I've been using Steve Grubb's purely evil "fsfuzzer" tool, at http://people.redhat.com/sgrubb/files/fsfuzzer-0.4.tar.gz Basically it makes a filesystem, splats some random bits over it, then tries to mount it and do some simple filesystem actions. At best, the filesystem catches the corruption gracefully. At worst, things spin out of control. As you might guess, we found a couple places in ext4 where things spin out of control :) First, we had a corrupted directory that was never checked for consistency... it was corrupt, and pointed to another bad "entry" of length 0. The for() loop looped forever, since the length of ext4_next_entry(de) was 0, and we kept looking at the same pointer over and over and over and over... I modeled this check and subsequent action on what is done for other directory types in ext4_readdir... (adding this check adds some computational expense; I am testing a followup patch to reduce the number of times we check and re-check these directory entries, in all cases. Thanks for the idea, Andreas). Next we had a root directory inode which had a corrupted size, claimed to be > 200M on a 4M filesystem. There was only really 1 block in the directory, but because the size was so large, readdir kept coming back for more, spewing thousands of printk's along the way. Per Andreas' suggestion, if we're in this read error condition and we're trying to read an offset which is greater than i_blocks worth of bytes, stop trying, and break out of the loop. With these two changes fsfuzz test survives quite well on ext4. Signed-off-by:
Eric Sandeen <sandeen@redhat.com> Cc: <linux-ext4@vger.kernel.org> Signed-off-by:
-
Eric Sandeen authored
I've been using Steve Grubb's purely evil "fsfuzzer" tool, at http://people.redhat.com/sgrubb/files/fsfuzzer-0.4.tar.gz Basically it makes a filesystem, splats some random bits over it, then tries to mount it and do some simple filesystem actions. At best, the filesystem catches the corruption gracefully. At worst, things spin out of control. As you might guess, we found a couple places in ext3 where things spin out of control :) First, we had a corrupted directory that was never checked for consistency... it was corrupt, and pointed to another bad "entry" of length 0. The for() loop looped forever, since the length of ext3_next_entry(de) was 0, and we kept looking at the same pointer over and over and over and over... I modeled this check and subsequent action on what is done for other directory types in ext3_readdir... (adding this check adds some computational expense; I am testing a followup patch to reduce the number of times we check and re-check these directory entries, in all cases. Thanks for the idea, Andreas). Next we had a root directory inode which had a corrupted size, claimed to be > 200M on a 4M filesystem. There was only really 1 block in the directory, but because the size was so large, readdir kept coming back for more, spewing thousands of printk's along the way. Per Andreas' suggestion, if we're in this read error condition and we're trying to read an offset which is greater than i_blocks worth of bytes, stop trying, and break out of the loop. With these two changes fsfuzz test survives quite well on ext3. Signed-off-by:
-
Marcus Meissner authored
Randomizes -pie compiled binaries from 64k (0x10000) up to ELF_ET_DYN_BASE. 0 -> 64k is excluded to allow NULL ptr accesses to fail. Signed-off-by:
Marcus Meissner <meissner@suse.de> Cc: Ingo Molnar <mingo@elte.hu> Cc: Dave Jones <davej@codemonkey.org.uk> Cc: Arjan van de Ven <arjan@linux.intel.com> Signed-off-by:
-
Jarek Poplawski authored
- numeric string size replaced with constant in print_lock_name and print_lockdep_cache, - return on null pointer in print_lock_dependencies, - one more lockdep return with 0 with unlocking fix in mark_lock. Signed-off-by:
Jarek Poplawski <jarkao2@o2.pl> Acked-by:
Ingo Molnar <mingo@elte.hu> Signed-off-by:
-
Jarek Poplawski authored
Here are mainly some lockdep returns with 0 with unlocking fixes. Signed-off-by:
-
Alexey Dobriyan authored
paride_register() returns 1 on success, 0 on failure and module init code looks like static int __init foo_init(void) { return paride_register(&foo) - 1; } which is not what one get used to. Converted to usual 0/-E convention. In case of kbic driver, unwind registration. It was just return (paride_register(&k951)||paride_register(&k971))-1; Signed-off-by:Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
-
Alexey Dobriyan authored
We're about to change the semantics of pi_register()'s return value, so rename it to something else first, so that any unconverted code reliaby breaks. Signed-off-by:
-
Hans-Christian Egtvedt authored
<quote Imre Deak from Thu, 12 Jan 2006 21:18:54 +0200> In order for spi_busnum_to_master to work spi master devices must be linked into the spi_master_class.subsys.kset list. At the moment the default class_obj_subsys.kset is used and we can't enumerate the master devices. </quote> Signed-off-by:
Hans-Christian Egtvedt <hcegtvedt@atmel.com> Cc: David Brownell <david-b@pacbell.net> Signed-off-by:
-
Hans-Christian Egtvedt authored
Correct the following in driver/spi/spi.c in function spi_busnum_to_master: * must allow bus_num 0, the if is really not needed. * correct the name buffer which is too small for bus_num >= 10000. It should be 9 bytes big, not 8. Signed-off-by:
-
Andreas Gruenbacher authored
lock_super() is unnecessary for setting super-block feature flags. Use the provided *_SET_COMPAT_FEATURE() macros as well. Signed-off-by:
Andreas Gruenbacher <agruen@suse.de> Cc: <linux-ext4@vger.kernel.org> Signed-off-by:
-
Paul Jackson authored
A couple of minor code simplifications to the kernel/cpuset.c code. No functional change. Just a little less code and a little more readable. Signed-off-by:
Paul Jackson <pj@sgi.com> Signed-off-by:
-
Jan Engelhardt authored
linux/cdev.h uses struct kobject and other structs and should therefore include them. Currently, a module either needs to add the missing includes itself, or, in case a module includes other headers already, needs to put <linux/cdev.h> last, which goes against a alphabetically-sorted include list. Signed-off-by:
Jan Engelhardt <jengelh@gmx.de> Signed-off-by:
-
Peter Zijlstra authored
rmmod/3080 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: (proc_subdir_lock){--..}, at: [<c04a33b0>] remove_proc_entry+0x40/0x191 and this task is already holding: (ide_lock){++..}, at: [<c05651a2>] ide_unregister_subdriver+0x39/0xc8 which would create a new lock dependency: (ide_lock){++..} -> (proc_subdir_lock){--..} but this new dependency connects a hard-irq-safe lock: (ide_lock){++..} ... which became hard-irq-safe at: [<c043c458>] lock_acquire+0x4b/0x6b [<c06129d7>] _spin_lock_irqsave+0x22/0x32 [<c0567870>] ide_intr+0x17/0x1a9 [<c044eb31>] handle_IRQ_event+0x20/0x4d [<c044ebf2>] __do_IRQ+0x94/0xef [<c0406771>] do_IRQ+0x9e/0xbd to a hard-irq-unsafe lock: (proc_subdir_lock){--..} ... which became hard-irq-unsafe at: ... [<c043c458>] lock_acquire+0x4b/0x6b [<c06126ab>] _spin_lock+0x19/0x28 [<c04a32f2>] xlate_proc_name+0x1b/0x99 [<c04a3547>] proc_create+0x46/0xdf [<c04a3642>] create_proc_entry+0x62/0xa5 [<c07c1972>] proc_misc_init+0x1c/0x1d2 [<c07c1844>] proc_root_init+0x4c/0xe9 [<c07ad703>] start_kernel+0x294/0x3b3 Move ide_remove_proc_entries() out from under ide_lock; there is nothing that indicates that this is needed. In specific, the call to ide_add_proc_entries() is unprotected, and there is nothing else in the file using the respective ->proc fields. Also the lock order around destroy_proc_ide_interface() suggests this. Alan sayeth: proc_ide_write_settings walks the setting list under ide_setting_sem, read ditto. remove_proc_entry is doing proc side housekeeping. Looks fine to me, although that old code is such a mess anything could be going on. Signed-off-by:Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Signed-off-by:
-
Alan Cox authored
Jeff noted that the via driver returned an error to an unsigned int in a a case where errors are not permitted. Move the check down earlier so we can handle it properly. Not as pretty but it works this way and avoids hacking up ugly stuff in the legacy ide core. Signed-off-by:
Alan Cox <alan@redhat.com> Cc: Jeff Garzik <jeff@garzik.org> Signed-off-by:
-
Suzuki K P authored
One of our test team hit a reiserfs_panic while running fsstress tests on 2.6.19-rc1. The message looks like : REISERFS: panic(device Null superblock): reiserfs[5676]: assertion !(p->path_length != 1 ) failed at fs/reiserfs/stree.c:397:reiserfs_check_path: path not properly relsed. The backtrace looked : kernel BUG in reiserfs_panic at fs/reiserfs/prints.c:361! .reiserfs_check_path+0x58/0x74 .reiserfs_get_block+0x1444/0x1508 .__block_prepare_write+0x1c8/0x558 .block_prepare_write+0x34/0x64 .reiserfs_prepare_write+0x118/0x1d0 .generic_file_buffered_write+0x314/0x82c .__generic_file_aio_write_nolock+0x350/0x3e0 .__generic_file_write_nolock+0x78/0xb0 .generic_file_write+0x60/0xf0 .reiserfs_file_write+0x198/0x2038 .vfs_write+0xd0/0x1b4 .sys_write+0x4c/0x8c syscall_exit+0x0/0x4 Upon debugging I found that the restart_transaction was not releasing the path if the th->refcount was > 1. /*static*/ int restart_transaction(struct reiserfs_transaction_handle *th, struct inode *inode, struct path *path) { [...] /* we cannot restart while nested */ if (th->t_refcount > 1) { <<- Path is not released in this case! return 0; } pathrelse(path); <<- Path released here. [...] This could happen in such a situation : In reiserfs/inode.c: reiserfs_get_block() :: if (repeat == NO_DISK_SPACE || repeat == QUOTA_EXCEEDED) { /* restart the transaction to give the journal a chance to free ** some blocks. releases the path, so we have to go back to ** research if we succeed on the second try */ SB_JOURNAL(inode->i_sb)->j_next_async_flush = 1; -->> retval = restart_transaction(th, inode, &path); <<-- We are supposed to release the path, no matter we succeed or fail. But if the th->refcount is > 1, the path is still valid. And, if (retval) goto failure; repeat = _allocate_block(th, block, inode, &allocated_block_nr, NULL, create); If the above allocate_block fails with NO_DISK_SPACE or QUOTA_EXCEEDED, we would have path which is not released. if (repeat != NO_DISK_SPACE && repeat != QUOTA_EXCEEDED) { goto research; } if (repeat == QUOTA_EXCEEDED) retval = -EDQUOT; else retval = -ENOSPC; goto failure; [...] failure: [...] reiserfs_check_path(&path); << Panics here ! Attached here is a patch which could fix the issue. fix reiserfs/inode.c : restart_transaction() to release the path in all cases. The restart_transaction() doesn't release the path when the the journal handle has a refcount > 1. This would trigger a reiserfs_panic() if we encounter an -ENOSPC / -EDQUOT in reiserfs_get_block(). Signed-off-by:Suzuki K P <suzuki@in.ibm.com> Cc: "Vladimir V. Saveliev" <vs@namesys.com> Cc: <reiserfs-dev@namesys.com> Cc: Jeff Mahoney <jeffm@suse.com> Acked-by:
Jan Kara <jack@suse.cz> Signed-off-by:
-
Ralf Baechle authored
The new shared APM emulation just like its ARM and MIPS predecessors uses pm_suspend() which was only exported on SH. Move export to close to it's definition where it really should be anyway. Signed-off-by:
Ralf Baechle <ralf@linux-mips.org> Cc: Russell King <rmk@arm.linux.org.uk> Cc: Paul Mundt <lethal@linux-sh.org> Signed-off-by:
-
Filipe authored
Documentation update, adding references to CFQ scheduler and to another document about selecting IO Schedulers. Signed-off-by:
Filipe Lautert <filipe@icewall.org> Cc: Jens Axboe <jens.axboe@oracle.com> Signed-off-by:
-
Tejun Heo authored
free_fdtable_rc() schedules timer to reschedule fddef->wq if schedule_work() on it returns 0. However, schedule_work() guarantees that the target work is executed at least once after the scheduling regardless of its return value. 0 return simply means that the work was already pending and thus no further action was required. Another problem is that it used contant '5' as @expires argument to mod_timer(). Kill unnecessary fddef->timer. Signed-off-by:
Tejun Heo <htejun@gmail.com> Cc: Dipankar Sarma <dipankar@in.ibm.com> Signed-off-by:
-
Ingo Molnar authored
Add SysRq-X support: show blocked (TASK_UNINTERRUPTIBLE) tasks only. Useful for debugging IO stalls. Signed-off-by:
-
Miklos Szeredi authored
Randy Dunlap wote: > Should FUSE depend on BLOCK? Without that and with BLOCK=n, I get: > > inode.c:(.text+0x3acc5): undefined reference to `sb_set_blocksize' > inode.c:(.text+0x3a393): undefined reference to `get_sb_bdev' > fs/built-in.o:(.data+0xd718): undefined reference to `kill_block_super Most fuse filesystems work fine without block device support, so I think a better solution is to disable the 'fuseblk' filesystem type if BLOCK=n. Signed-off-by:
Miklos Szeredi <miklos@szeredi.hu> Acked-by:
-
Miklos Szeredi authored
Add a DESTROY operation for block device based filesystems. With the help of this operation, such a filesystem can flush dirty data to the device synchronously before the umount returns. This is needed in situations where the filesystem is assumed to be clean immediately after unmount (e.g. ejecting removable media). Signed-off-by:
-
Miklos Szeredi authored
Add support for the BMAP operation for block device based filesystems. This is needed to support swap-files and lilo. Signed-off-by:
-
Miklos Szeredi authored
Add 'blksize' option for block device based filesystems. During initialization this is used to set the block size on the device and the super block. The default block size is 512bytes. Signed-off-by:
-
Miklos Szeredi authored
I never intended this, but people started using fuse to implement block device based "real" filesystems (ntfs-3g, zfs). The following four patches add better support for these kinds of filesystems. Unlike "normal" fuse filesystems, using this feature should require superuser privileges (enforced by the fusermount utility). Thanks to Szabolcs Szakacsits for the input and testing. This patch adds a 'fuseblk' filesystem type, which is only different from the 'fuse' filesystem type in how the 'dev_name' mount argument is interpreted. Signed-off-by:
-
Miklos Szeredi authored
Remove unneeded code from fuse_dentry_revalidate(). This made some sense while the validity time could wrap around, but now it's a very obvious no-op. Signed-off-by:
-
Miklos Szeredi authored
Add a flag to the RELEASE message which specifies that a FLUSH operation should be performed as well. This interface update is needed for the FreeBSD port, and doesn't actually touch the Linux implementation at all. Also rename the unused 'flush_flags' in the FLUSH message to 'unused'. Signed-off-by:
-
Jan Engelhardt authored
Change the signature of i_size_read(), IMINOR() and IMAJOR() because they, or the functions they call, will never modify the argument. Signed-off-by:
-
Jeff Garzik authored
Signed-off-by:
Jeff Garzik <jeff@garzik.org> Cc: David Brownell <david-b@pacbell.net> Signed-off-by:
-
Jeff Garzik authored
Propagate copy_to/from_user() errors back through callers. Signed-off-by:
-
Jeff Garzik authored
Signed-off-by:
-
Jeff Garzik authored
Signed-off-by:
-
Jeff Garzik authored
i2o_scsi: handle sysfs failure i2o_device: * convert i2o_device_add() to return integer error code rather than pointer. Fortunately -nobody- checks the return code of this function, so changing has nil impact. * handle errors thrown by device_register() More work in i2o_device remains. Signed-off-by:
-
Adam B. Jerome authored
This patch addresses incorrect symbol type information reported through /proc/kallsyms. A lowercase character should designate the symbol as local (or non-exported). An uppercase character should designate the symbol as global (or external). Without this patch, some non-exported symbols are incorrectly assigned an upper-case designation in /proc/kallsyms. This patch corrects this condition by converting non-exported symbols types to lower case when appropriate and eliminates the superfluous upcase_if_global function Signed-off-by:
Adam B. Jerome <abj@novell.com> Signed-off-by:
-
Pekka Enberg authored
Update ext4_statfs to return an FSID that is a 64 bit XOR of the 128 bit filesystem UUID as suggested by Andreas Dilger. See the following Bugzilla entry for details: http://bugzilla.kernel.org/show_bug.cgi?id=136 Cc: Andreas Dilger <adilger@clusterfs.com> Cc: Stephen Tweedie <sct@redhat.com> Signed-off-by:
Pekka Enberg <penberg@cs.helsinki.fi> Signed-off-by:
-
Pekka Enberg authored
Update ext3_statfs to return an FSID that is a 64 bit XOR of the 128 bit filesystem UUID as suggested by Andreas Dilger. See the following Bugzilla entry for details: http://bugzilla.kernel.org/show_bug.cgi?id=136 Cc: Andreas Dilger <adilger@clusterfs.com> Cc: Stephen Tweedie <sct@redhat.com> Signed-off-by:
-
Pekka Enberg authored
Update ext2_statfs to return an FSID that is a 64 bit XOR of the 128 bit filesystem UUID as suggested by Andreas Dilger. See the following Bugzilla entry for details: http://bugzilla.kernel.org/show_bug.cgi?id=136 Cc: Andreas Dilger <adilger@clusterfs.com> Cc: Stephen Tweedie <sct@redhat.com> Signed-off-by:
-
Stas Sergeev authored
Make access(X_OK) take the "noexec" mount option into account. Signed-off-by:
Stas Sergeev <stsp@aknet.ru> Cc: Jakub Jelinek <jakub@redhat.com> Cc: Arjan van de Ven <arjan@infradead.org> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Hugh Dickins <hugh@veritas.com> Cc: Ulrich Drepper <drepper@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
-
Peter Zijlstra authored
Stick NFS sockets in their own class to avoid some lockdep warnings. NFS sockets are never exposed to user-space, and will hence not trigger certain code paths that would otherwise pose deadlock scenarios. [akpm@osdl.org: cleanups] Signed-off-by:
Steven Dickson <SteveD@redhat.com> Acked-by:
Neil Brown <neilb@suse.de> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by:
-
