1. 17 Feb, 2011 1 commit
    • Mike Marciniszyn's avatar
      IB/qib: Prevent double completions after a timeout or RNR error · c0af2c05
      Mike Marciniszyn authored
      There is a double completion associated with error handling for RC QPs.
      
      The sequence is:
      
       - The do_rc_ack() routine fields an RNR nack and there are 0
         rnr_retries configured on the QP.
       - qib_error_qp() stops the pending timer
       - qib_rc_send_complete() is called from sdma_complete()
       - qib_rc_send_complete() starts the timer because the msb of the psn
         just completed says an ack is needed.
       - a bunch of flushes occur as ipoib posts WQEs to an error'ed QP
       - rc_timeout() calls qib_restart_rc()
       - qib_restart_rc() calls qib_send_complete() with a
         IB_WC_RETRY_EXC_ERR on a wqe that has already been completed in the
         past
      
      The fix avoids starting the timer since another packet will never
      arrive.
      Signed-off-by: default avatarMike Marciniszyn <mike.marciniszyn@qlogic.com>
      Signed-off-by: default avatarRoland Dreier <roland@purestorage.com>
      c0af2c05
  2. 10 Feb, 2011 1 commit
    • Mike Marciniszyn's avatar
      IB/qib: Fix double add_timer() · 414ed90c
      Mike Marciniszyn authored
      The following panic BUG_ON occurs during qib testing:
      
          Kernel BUG at include/linux/timer.h:82
      
          RIP  [<ffffffff881f7109>] :ib_qib:start_timer+0x73/0x89
           RSP <ffffffff80425bd0>
           <0>Kernel panic - not syncing: Fatal exception
           <0>Dumping qib trace buffer from panic
          qib_set_lid INFO: IB0:1 got a lid: 0xf8
          Done dumping qib trace buffer
          BUG: warning at kernel/panic.c:137/panic() (Tainted: G
      
      The flaw is due to a missing state test when processing responses that
      results in an add_timer() call when the same timer is already queued.
      This code was executing in parallel with a QP destroy on another CPU
      that had changed the state to reset, but the missing test caused to
      response handling code to run on into the panic.
      Signed-off-by: default avatarMike Marciniszyn <mike.marciniszyn@qlogic.com>
      Signed-off-by: default avatarRoland Dreier <roland@purestorage.com>
      414ed90c
  3. 03 Feb, 2011 28 commits
  4. 02 Feb, 2011 1 commit
    • Thomas Gleixner's avatar
      genirq: Prevent irq storm on migration · f1a06390
      Thomas Gleixner authored
      move_native_irq() masks and unmasks the interrupt line
      unconditionally, but the interrupt line might be masked due to a
      threaded oneshot handler in progress. Unmasking the line in that case
      can lead to interrupt storms. Observed on PREEMPT_RT.
      
      Originally-from: Ingo Molnar <mingo@elte.hu>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: stable@kernel.org
      f1a06390
  5. 01 Feb, 2011 6 commits
  6. 31 Jan, 2011 3 commits
    • Linus Torvalds's avatar
      Merge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 · 0fd08c55
      Linus Torvalds authored
      * 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6:
        NFS: NFSv4 readdir loses entries
        NFS: Micro-optimize nfs4_decode_dirent()
        NFS: Fix an NFS client lockdep issue
        NFS construct consistent co_ownerid for v4.1
        NFS: nfs_wcc_update_inode() should set nfsi->attr_gencount
        NFS improve pnfs_put_deviceid_cache debug print
        NFS fix cb_sequence error processing
        NFS do not find client in NFSv4 pg_authenticate
        NLM: Fix "kernel BUG at fs/lockd/host.c:417!" or ".../host.c:283!"
        NFS: Prevent memory allocation failure in nfsacl_encode()
        NFS: nfsacl_{encode,decode} should return signed integer
        NFS: Fix "kernel BUG at fs/nfs/nfs3xdr.c:1338!"
        NFS: Fix "kernel BUG at fs/aio.c:554!"
        NFS4: Avoid potential NULL pointer dereference in decode_and_add_ds().
        NFS: fix handling of malloc failure during nfs_flush_multi()
      0fd08c55
    • Jeff Layton's avatar
      cifs: fix length checks in checkSMB · 6284644e
      Jeff Layton authored
      The cERROR message in checkSMB when the calculated length doesn't match
      the RFC1001 length is incorrect in many cases. It always says that the
      RFC1001 length is bigger than the SMB, even when it's actually the
      reverse.
      
      Fix the error message to say the reverse of what it does now when the
      SMB length goes beyond the end of the received data. Also, clarify the
      error message when the RFC length is too big. Finally, clarify the
      comments to show that the 512 byte limit on extra data at the end of
      the packet is arbitrary.
      Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
      6284644e
    • Linus Torvalds's avatar
      Merge branch 'fixes' of master.kernel.org:/home/rmk/linux-2.6-arm · 7921127e
      Linus Torvalds authored
      * 'fixes' of master.kernel.org:/home/rmk/linux-2.6-arm:
        ARM: smp_on_up: allow non-ARM SMP processors
        ARM: io: ensure inb/outb() et.al. are properly ordered on ARMv6+
        ARM: initrd: disable initrd if passed address overlaps reserved region
        ARM: footbridge: fix debug macros
        ARM: mmci: round down the bytes transferred on error
        ARM: mmci: complete the transaction on error
        ARM: 6642/1: mmci: calculate remaining bytes at error correctly
      7921127e