1. 16 Apr, 2008 9 commits
    • Li Zefan's avatar
      memcg: fix oops in oom handling · e115f2d8
      Li Zefan authored
      When I used a test program to fork mass processes and immediately move them to
      a cgroup where the memory limit is low enough to trigger oom kill, I got oops:
      
      BUG: unable to handle kernel NULL pointer dereference at 0000000000000808
      IP: [<ffffffff8045c47f>] _spin_lock_irqsave+0x8/0x18
      PGD 4c95f067 PUD 4406c067 PMD 0
      Oops: 0002 [1] SMP
      CPU 2
      Modules linked in:
      
      Pid: 11973, comm: a.out Not tainted 2.6.25-rc7 #5
      RIP: 0010:[<ffffffff8045c47f>]  [<ffffffff8045c47f>] _spin_lock_irqsave+0x8/0x18
      RSP: 0018:ffff8100448c7c30  EFLAGS: 00010002
      RAX: 0000000000000202 RBX: 0000000000000009 RCX: 000000000001c9f3
      RDX: 0000000000000100 RSI: 0000000000000001 RDI: 0000000000000808
      RBP: ffff81007e444080 R08: 0000000000000000 R09: ffff8100448c7900
      R10: ffff81000105f480 R11: 00000100ffffffff R12: ffff810067c84140
      R13: 0000000000000001 R14: ffff8100441d0018 R15: ffff81007da56200
      FS:  00007f70eb1856f0(0000) GS:ffff81007fbad3c0(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
      CR2: 0000000000000808 CR3: 000000004498a000 CR4: 00000000000006e0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      Process a.out (pid: 11973, threadinfo ffff8100448c6000, task ffff81007da533e0)
      Stack:  ffffffff8023ef5a 00000000000000d0 ffffffff80548dc0 00000000000000d0
       ffff810067c84140 ffff81007e444080 ffffffff8026cef9 00000000000000d0
       ffff8100441d0000 00000000000000d0 ffff8100441d0000 ffff8100505445c0
      Call Trace:
       [<ffffffff8023ef5a>] ? force_sig_info+0x25/0xb9
       [<ffffffff8026cef9>] ? oom_kill_task+0x77/0xe2
       [<ffffffff8026d696>] ? mem_cgroup_out_of_memory+0x55/0x67
       [<ffffffff802910ad>] ? mem_cgroup_charge_common+0xec/0x202
       [<ffffffff8027997b>] ? handle_mm_fault+0x24e/0x77f
       [<ffffffff8022c4af>] ? default_wake_function+0x0/0xe
       [<ffffffff8027a17a>] ? get_user_pages+0x2ce/0x3af
       [<ffffffff80290fee>] ? mem_cgroup_charge_common+0x2d/0x202
       [<ffffffff8027a441>] ? make_pages_present+0x8e/0xa4
       [<ffffffff8027d1ab>] ? mmap_region+0x373/0x429
       [<ffffffff8027d7eb>] ? do_mmap_pgoff+0x2ff/0x364
       [<ffffffff80210471>] ? sys_mmap+0xe5/0x111
       [<ffffffff8020bfc9>] ? tracesys+0xdc/0xe1
      
      Code: 00 00 01 48 8b 3c 24 e9 46 d4 dd ff f0 ff 07 48 8b 3c 24 e9 3a d4 dd ff fe 07 48 8b 3c 24 e9 2f d4 dd ff 9c 58 fa ba 00 01 00 00 <f0> 66 0f c1 17 38 f2 74 06 f3 90 8a 17 eb f6 c3 fa b8 00 01 00
      RIP  [<ffffffff8045c47f>] _spin_lock_irqsave+0x8/0x18
       RSP <ffff8100448c7c30>
      CR2: 0000000000000808
      ---[ end trace c3702fa668021ea4 ]---
      
      It's reproducable in a x86_64 box, but doesn't happen in x86_32.
      
      This is because tsk->sighand is not guarded by RCU, so we have to
      hold tasklist_lock, just as what out_of_memory() does.
      Signed-off-by: default avatarLi Zefan <lizf@cn.fujitsu>
      Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
      Acked-by: default avatarBalbir Singh <balbir@linux.vnet.ibm.com>
      Cc: Pavel Emelianov <xemul@openvz.org>
      Cc: Paul Menage <menage@google.com>
      Cc: Oleg Nesterov <oleg@tv-sign.ru>
      Cc: David Rientjes <rientjes@cs.washington.edu>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e115f2d8
    • Kay Sievers's avatar
      serial: fix platform driver hotplug/coldplug · e169c139
      Kay Sievers authored
      Since 43cc71ee, the platform modalias is
      prefixed with "platform:".  Add MODULE_ALIAS() to the hotpluggable serial
      platform drivers, to re-enable auto loading.
      
      NOTE that Kconfig for some of these drivers doesn't allow modular builds, and
      thus doesn't match the driver source's unload support.  Presumably their
      unload code is buggy and/or weakly tested...
      
      [dbrownell@users.sourceforge.net: more drivers, registration fixes]
      Signed-off-by: default avatarKay Sievers <kay.sievers@vrfy.org>
      Signed-off-by: default avatarDavid Brownell <dbrownell@users.sourceforge.net>
      Acked-by: default avatarPeter Korsgaard <jacmet@sunsite.dk>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e169c139
    • Kay Sievers's avatar
      pcmcia: fix platform driver hotplug/coldplug · 12c2c019
      Kay Sievers authored
      Since 43cc71ee, the platform modalias is
      prefixed with "platform:".  Add MODULE_ALIAS() to the hotpluggable PCMCIA
      platform drivers, to re-enable auto loading.
      
      [dbrownell@users.sourceforge.net: registration fixes]
      Signed-off-by: default avatarKay Sievers <kay.sievers@vrfy.org>
      Signed-off-by: default avatarDavid Brownell <dbrownell@users.sourceforge.net>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      12c2c019
    • Kay Sievers's avatar
      misc: fix platform driver hotplug/coldplug · d6c23850
      Kay Sievers authored
      Since 43cc71ee, the platform modalias is
      prefixed with "platform:".  Add MODULE_ALIAS() to the hotpluggable 'misc'
      platform drivers, to re-enable auto loading.
      
      [dbrownell@users.sourceforge.net:  bugfix, registration fixes]
      Signed-off-by: default avatarKay Sievers <kay.sievers@vrfy.org>
      Signed-off-by: default avatarDavid Brownell <dbrownell@users.sourceforge.net>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      d6c23850
    • Alexey Dobriyan's avatar
      fbdev: fix /proc/fb oops after module removal · c43f89c2
      Alexey Dobriyan authored
      /proc/fb is not removed during rmmod.
      
      Steps to reproduce:
      
      	modprobe fb
      	rmmod fb
      	ls /proc
      
      BUG: unable to handle kernel paging request at ffffffffa0094370
      IP: [<ffffffff802b92a1>] proc_get_inode+0x101/0x130
      PGD 203067 PUD 207063 PMD 17e758067 PTE 0
      Oops: 0000 [1] SMP
      last sysfs file: /sys/devices/pci0000:00/0000:00:1e.0/0000:05:02.0/resource
      CPU 1
      Modules linked in: nf_conntrack_irc xt_state iptable_filter ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack ip_tables x_tables vfat fat usbhid ehci_hcd uhci_hcd usbcore sr_mod cdrom [last unloaded: fb]
      Pid: 21205, comm: ls Not tainted 2.6.25-rc8-mm2 #14
      RIP: 0010:[<ffffffff802b92a1>]  [<ffffffff802b92a1>] proc_get_inode+0x101/0x130
      RSP: 0018:ffff81017c4bfc78  EFLAGS: 00010246
      RAX: 0000000000008000 RBX: ffff8101787f5470 RCX: 0000000048011ccc
      RDX: ffffffffa0094320 RSI: ffff810006ad43b0 RDI: ffff81017fc2cc00
      RBP: ffff81017e450300 R08: 0000000000000002 R09: ffff81017c5d1000
      R10: 0000000000000000 R11: 0000000000000246 R12: ffff81016b903a28
      R13: ffff81017f822020 R14: ffff81017c4bfd58 R15: ffff81017f822020
      FS:  00007f08e71696f0(0000) GS:ffff81017fc06480(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
      CR2: ffffffffa0094370 CR3: 000000017e54a000 CR4: 00000000000006e0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      Process ls (pid: 21205, threadinfo ffff81017c4be000, task ffff81017de48770)
      Stack:  ffff81017c5d1000 00000000ffffffea ffff81017e450300 ffffffff802bdd1e
       ffff81017f802258 ffff81017c4bfe48 ffff81016b903a28 ffff81017f822020
       ffff81017c4bfd48 ffffffff802b9ba0 ffff81016b903a28 ffff81017f802258
      Call Trace:
       [<ffffffff802bdd1e>] ? proc_lookup_de+0x8e/0x100
       [<ffffffff802b9ba0>] ? proc_root_lookup+0x20/0x60
       [<ffffffff802882a7>] ? do_lookup+0x1b7/0x210
       [<ffffffff8028883d>] ? __link_path_walk+0x53d/0x7f0
       [<ffffffff80295eb8>] ? mntput_no_expire+0x28/0x130
       [<ffffffff80288b4a>] ? path_walk+0x5a/0xc0
       [<ffffffff80288dd3>] ? do_path_lookup+0x83/0x1c0
       [<ffffffff80287785>] ? getname+0xe5/0x210
       [<ffffffff80289adb>] ? __user_walk_fd+0x4b/0x80
       [<ffffffff8028236c>] ? vfs_lstat_fd+0x2c/0x70
       [<ffffffff8028bf1e>] ? filldir+0xae/0xf0
       [<ffffffff802b92e9>] ? de_put+0x9/0x50
       [<ffffffff8029633d>] ? mnt_want_write+0x2d/0x80
       [<ffffffff8029339f>] ? touch_atime+0x1f/0x170
       [<ffffffff802b9b1d>] ? proc_root_readdir+0x7d/0xa0
       [<ffffffff802825e7>] ? sys_newlstat+0x27/0x50
       [<ffffffff8028bffb>] ? vfs_readdir+0x9b/0xd0
       [<ffffffff8028c0fe>] ? sys_getdents+0xce/0xe0
       [<ffffffff8020b39b>] ? system_call_after_swapgs+0x7b/0x80
      
      Code: b7 83 b2 00 00 00 25 00 f0 00 00 3d 00 80 00 00 74 19 48 89 93 f0 00 00 00 48 89 df e8 39 9a fd ff 48 89 d8 48 83 c4 08 5b 5d c3 <48> 83 7a 50 00 48 c7 c0 60 16 45 80 48 c7 c2 40 17 45 80 48 0f
      RIP  [<ffffffff802b92a1>] proc_get_inode+0x101/0x130
       RSP <ffff81017c4bfc78>
      CR2: ffffffffa0094370
      ---[ end trace c71hiarjan8ab739 ]---
      Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
      "Antonino A. Daplas" <adaplas@pol.net>
      Cc: <stable@kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      c43f89c2
    • Kay Sievers's avatar
      leds: fix platform driver hotplug/coldplug · 3c4ded97
      Kay Sievers authored
      Since 43cc71ee, the platform
      modalias is prefixed with "platform:". Add MODULE_ALIAS() to the
      hotpluggable platform LED drivers, to re-enable auto loading.
      
      [dbrownell@users.sourceforge.net: more drivers, registration fixes]
      Signed-off-by: default avatarKay Sievers <kay.sievers@vrfy.org>
      Signed-off-by: default avatarDavid Brownell <dbrownell@users.sourceforge.net>
      Acked-by: default avatarRichard Purdie <rpurdie@rpsys.net>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3c4ded97
    • Zhao Yakui's avatar
      rtc: fix the error in the function of cmos_set_alarm · 2b653e06
      Zhao Yakui authored
      There is a bug in the function of cmos_set_alarm.  RTC alarm time for October
      can't be set correctly.
      
      For October: 0x0A will be written into the RTC region (MONTH_ALARM) in current
      kernel.  But in fact 0x10 should be written.  Wildcards are also not handled
      correctly.
      Signed-off-by: default avatarZhao Yakui <yakui.zhao@intel.com>
      Signed-off-by: default avatarZhang Rui <rui.zhang@intel.com>
      Signed-off-by: default avatarDavid Brownell <dbrownell@users.sourceforge.net>
      Cc: Alessandro Zummo <a.zummo@towertech.it>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      2b653e06
    • Kay Sievers's avatar
      mmc: fix platform driver hotplug/coldplug · bc65c724
      Kay Sievers authored
      Since 43cc71ee, the platform modalias is
      prefixed with "platform:".  Add MODULE_ALIAS() to the hotpluggable MMC host
      platform drivers, to re-enable auto loading.
      
      Also, add missing owner declarations in driver init.
      
      [dbrownell@users.sourceforge.net: registration fixes]
      Signed-off-by: default avatarKay Sievers <kay.sievers@vrfy.org>
      Signed-off-by: default avatarDavid Brownell <dbrownell@users.sourceforge.net>
      Acked-by: default avatarPierre Ossman <drzeus@drzeus.cx>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      bc65c724
    • Ingo Molnar's avatar
      mm: sparsemem memory_present() fix · bead9a3a
      Ingo Molnar authored
      Fix memory corruption and crash on 32-bit x86 systems.
      
      If a !PAE x86 kernel is booted on a 32-bit system with more than 4GB of
      RAM, then we call memory_present() with a start/end that goes outside
      the scope of MAX_PHYSMEM_BITS.
      
      That causes this loop to happily walk over the limit of the sparse
      memory section map:
      
          for (pfn = start; pfn < end; pfn += PAGES_PER_SECTION) {
                      unsigned long section = pfn_to_section_nr(pfn);
                      struct mem_section *ms;
      
                      sparse_index_init(section, nid);
                      set_section_nid(section, nid);
      
                      ms = __nr_to_section(section);
                      if (!ms->section_mem_map)
                              ms->section_mem_map = sparse_encode_early_nid(nid) |
      			                                SECTION_MARKED_PRESENT;
      
      'ms' will be out of bounds and we'll corrupt a small amount of memory by
      encoding the node ID and writing SECTION_MARKED_PRESENT (==0x1) over it.
      
      The corruption might happen when encoding a non-zero node ID, or due to
      the SECTION_MARKED_PRESENT which is 0x1:
      
      	mmzone.h:#define	SECTION_MARKED_PRESENT	(1UL<<0)
      
      The fix is to sanity check anything the architecture passes to
      sparsemem.
      
      This bug seems to be rather old (as old as sparsemem support itself),
      but the exact incarnation depended on random details like configs, which
      made this bug more prominent in v2.6.25-to-be.
      
      An additional enhancement might be to print a warning about ignored or
      trimmed memory ranges.
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
      Tested-by: default avatarChristoph Lameter <clameter@sgi.com>
      Cc: Pekka Enberg <penberg@cs.helsinki.fi>
      Cc: Mel Gorman <mel@csn.ul.ie>
      Cc: Nick Piggin <npiggin@suse.de>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Rafael J. Wysocki <rjw@sisk.pl>
      Cc: Yinghai Lu <Yinghai.Lu@sun.com>
      Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      bead9a3a
  2. 15 Apr, 2008 7 commits
  3. 14 Apr, 2008 18 commits
  4. 13 Apr, 2008 6 commits