I often test new versions of glibc by doing:
LD_LIBRARY_PATH=/XXX/lib /XXX/lib/ld.so.1 <binary>
One test case ended up SEGV'ing. Upon closer inspection ld.so was loaded
at 0x8000000 (128MB) with the heap right after it. Since we normally
link binaries at 0x10000000 (256MB) we only had about 128MB of space for
the heap:
00100000-00103000 r-xp 00100000 00:00 0 [vdso]
08000000-0801e000 r-xp 00000000 00:01 33079 /lib/ld-2.5.so
0802d000-0802f000 rwxp 0001d000 00:01 33079 /lib/ld-2.5.so
0802f000-08050000 rwxp 0802f000 00:00 0 [heap]
0fe91000-0ffd9000 r-xp 00000000 00:01 33082 /lib/libc-2.5.so
0ffd9000-0ffe8000 ---p 00148000 00:01 33082 /lib/libc-2.5.so
0ffe8000-0ffea000 r--p 00147000 00:01 33082 /lib/libc-2.5.so
0ffea000-0ffed000 rwxp 00149000 00:01 33082 /lib/libc-2.5.so
10000000-10004000 r-xp 00000000 00:01 76 /bin/sleep
10013000-10014000 rwxp 00003000 00:01 76 /bin/sleep
ffb41000-ffb56000 rw-p ffb41000 00:00 0 [stack]
One way to fix this is move ELF_ET_DYN_BASE from 0x08000000 to 0x20000000.
This allows 128MB for the binary (hopefully enough for even the most
crazy c++ apps), and with our current layout we will grow the heap up
and the stack down, allowing potentially gigabytes of heap:
00100000-00103000 r-xp 00100000 00:00 0 [vdso]
0fe8a000-0ffd3000 r-xp 00000000 00:01 3350 /lib/tls/libc-2.3.6.so
0ffd3000-0ffe3000 ---p 00149000 00:01 3350 /lib/tls/libc-2.3.6.so
0ffe3000-0ffea000 r--p 00149000 00:01 3350 /lib/tls/libc-2.3.6.so
0ffea000-0ffee000 rwxp 00150000 00:01 3350 /lib/tls/libc-2.3.6.so
10000000-10004000 r-xp 00000000 00:01 76 /bin/sleep
10013000-10014000 rwxp 00003000 00:01 76 /bin/sleep
20000000-20018000 r-xp 00000000 00:01 3478 /lib/ld-2.3.6.so
20028000-20029000 r--p 00018000 00:01 3478 /lib/ld-2.3.6.so
20029000-2002a000 rwxp 00019000 00:01 3478 /lib/ld-2.3.6.so
2002a000-2004b000 rwxp 2002a000 00:00 0 [heap]
ffd67000-ffd7c000 rw-p ffd67000 00:00 0 [stack]
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
The current PDA code, which went in in post 2.6.19 has a flaw in that it
doesn't correctly cycle the GDT and %GS segment through the boot PDA,
the CPU PDA and finally the per-cpu PDA.
The bug generally doesn't show up if the boot CPU id is zero, but
everything falls apart for a non zero boot CPU id. The basically kills
voyager which is perfectly capable of doing non zero CPU id boots, so
voyager currently won't boot without this.
The fix is to be careful and actually do the GDT setups correctly.
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Cc: Andi Kleen <ak@suse.de>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
hid-core.c: Adds GTCO CalComp Interwrite IPanel PIDs to blacklist
HID: put usb_interface instead of usb_device into hid->dev to fix udevinfo breakage
HID: add missing RX, RZ and RY enum values to hid-debug output
HID: hid/hid-input.c doesn't need to include linux/usb/input.h
HID: compilation fix when DEBUG_DATA is defined
HID: proper LED-mapping for SpaceNavigator
HID: update MAINTAINERS entry for USB-HID
HID: GEYSER4_ISO needs quirk
HID: fix some ARM builds due to HID brokenness - make USB_HID depend on INPUT
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
[POWERPC] Update defconfigs
[POWERPC] atomic_dec_if_positive sign extension fix
[POWERPC] Fix OF node refcnt underflow in 836x and 832x platform code
[POWERPC] Make it blatantly clear; mpc5200 device tree is not yet stable
[POWERPC] Fix broken DMA on non-LPAR pSeries
[POWERPC] Fix cell's mmio nvram to properly parse device tree
[POWERPC] Remove bogus sanity check in pci -> OF node code
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/v4l-dvb:
V4L/DVB (5023): Fix compilation on ppc32 architecture
V4L/DVB (5071): Tveeprom: autodetect LG TAPC G701D as tuner type 37
V4L/DVB (5069): Fix bttv and friends on 64bit machines with lots of memory
V4L/DVB (5033): MSI TV@nywhere Plus fixes
V4L/DVB (5029): Ks0127 status flags
V4L/DVB (5024): Fix quickcam communicator driver for big endian architectures
V4L/DVB (5021): Cx88xx: Fix lockup on suspend
V4L/DVB (5020): Fix: disable interrupts while at KM_BOUNCE_READ
V4L/DVB (5019): Fix the frame->grabstate update in read() entry point.
On 64-bit machines, if an atomic counter is explicitly set to a
negative value, the atomic_dec_if_positive function will decrement and
store the next smallest value in the atomic counter, contrary to its
intended operation.
The comparison to determine if the decrement will make the result
negative was done by the "addic." instruction, which operates on a
64-bit value, namely the zero-extended word loaded from the atomic
variable. This patch uses an explicit word compare (cmpwi) and
changes the addic. to an addi (also changing "=&r" to "=&b" so that r0
isn't used, and addi doesn't become li).
This also fixes a bug for both 32-bit and 64-bit in that previously
0x80000000 was considered positive, since the result after
decrementing is positive. Now it is considered negative.
Also, I clarify the return value in the comments just to make it clear
that the value returned is always the decremented value, even if that
value is not stored back to the atomic counter.
Signed-off-by: Robert Jennings <rcj@linux.vnet.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
This trivial change adds some missing enum values to the hid-debug output.
Signed-off-by: Simon Budig <simon@budig.de>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
libata didn't used to init qc->dma_dir to any specific value on qc
initialization and command translation path didn't set qc->dma_dir if
the command doesn't need data transfer. This made non-data commands
to have random qc->dma_dir.
This usually doesn't cause problem because LLDs usually check
qc->protocol first and look at qc->dma_dir iff the command needs data
transfer but this doesn't hold for all LLDs.
It might be worthwhile to rename qc->dma_dir to qc->data_dir as we use
the field to tag data direction for both PIO and DMA protocols.
This problem has been spotted by James Bottomley.
Signed-off-by: Tejun Heo <htejun@gmail.com>
Cc: James Bottomley <James.Bottomley@SteelEye.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
There's a problem, pointed by Meelis Roos <mroos@linux.ee>, that, on ppc32 arch,
with some gcc versions (noticed with prerelease 4.1.2 20061115), compilation
fails, due the lack of __ucmpdi2 to do the required 64-bit comparision.
This patch takes some sugestions made by Andrew Morton <akpm@osdl.org>,
Stelian Pop <stelian@popies.net> and Segher Boessenkool <segher@kernel.crashing.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
During development of SDHC support, it was discovered that the definition
for R6 was incorrect. This patch fixes that and patches the drivers that
do switch on the response type.
Signed-off-by: Philip Langdale <philipl@overt.org>
Cc: Alex Dubov <oakad@yahoo.com>
Cc: Pavel Pisa <ppisa@pikron.com>
Signed-off-by: Pierre Ossman <drzeus@drzeus.cx>
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6:
Revert "ACPI: ibm-acpi: make non-generic bay support optional"
ACPI: update MAINTAINERS
ACPI: schedule obsolete features for deletion
ACPI: delete two spurious ACPI messages
ACPI: rename cstate_entry_s to cstate_entry
ACPI: ec: enable printk on cmdline use
ACPI: Altix: ACPI _PRT support
unionfs managed to hit this on s390. Some architectures use __ptr_t in their
FD_ZERO implementation. We don't have a __ptr_t. Switch them over to plain
old void*.
Cc: Richard Henderson <rth@twiddle.net>
Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Josef 'Jeff' Sipek <jsipek@cs.sunysb.edu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Revert bd_mount_mutex back to a semaphore so that xfs_freeze -f /mnt/newtest;
xfs_freeze -u /mnt/newtest works safely and doesn't produce lockdep warnings.
(XFS unlocks the semaphore from a different task, by design. The mutex
code warns about this)
Signed-off-by: Dave Chinner <dgc@sgi.com>
Cc: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
NFS: Fix race in nfs_release_page()
invalidate_inode_pages2() may find the dirty bit has been set on a page
owing to the fact that the page may still be mapped after it was locked.
Only after the call to unmap_mapping_range() are we sure that the page
can no longer be dirtied.
In order to fix this, NFS has hooked the releasepage() method and tries
to write the page out between the call to unmap_mapping_range() and the
call to remove_mapping(). This, however leads to deadlocks in the page
reclaim code, where the page may be locked without holding a reference
to the inode or dentry.
Fix is to add a new address_space_operation, launder_page(), which will
attempt to write out a dirty page without releasing the page lock.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Also, the bare SetPageDirty() can skew all sort of accounting leading to
other nasties.
[akpm@osdl.org: cleanup]
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Fix an oops experienced on the Cell architecture when init-time functions,
early_*(), are called at runtime. It alters the call paths to make sure
that the callers explicitly say whether the call is being made on behalf of
a hotplug even, or happening at boot-time.
It has been compile tested on ppc64, ia64, s390, i386 and x86_64.
Acked-by: Arnd Bergmann <arndb@de.ibm.com>
Signed-off-by: Dave Hansen <haveblue@us.ibm.com>
Cc: Yasunori Goto <y-goto@jp.fujitsu.com>
Acked-by: Andy Whitcroft <apw@shadowen.org>
Cc: Christoph Lameter <clameter@engr.sgi.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Acked-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+m is really correct for a RMW instruction, but some older gccs
error out. I finally gave in and ifdefed it.
This fixes compilation errors with some compiler version.
Signed-off-by: Andi Kleen <ak@suse.de>
Revert previous attempts at messing with the linux banner string and
simply use a separate format string for proc.
Signed-off-by: Roman Zippel <zippel@linux-m68k.org>
Acked-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Jean Delvare <khali@linux-fr.org>
Cc: Andrey Borzenkov <arvidjaar@mail.ru>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Andy Whitcroft <apw@shadowen.org>
Cc: Herbert Poetzl <herbert@13thfloor.at>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
IP_CT_TCP_FLAG_CLOSE_INIT is a flag and should have a value of 0x4 instead
of 0x3, which is IP_CT_TCP_FLAG_WINDOW_SCALE | IP_CT_TCP_FLAG_SACK_PERM.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
The included patch translates arpt_counters to xt_counters, making
userspace arptables compile against recent kernels.
Signed-off-by: Bart De Schuymer <bdschuym@pandora.be>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
* 'linus' of master.kernel.org:/pub/scm/linux/kernel/git/perex/alsa:
[ALSA] version 1.0.14rc1
[ALSA] usbaudio - Fix kobject_add() error at reconnection
[ALSA] usb: usbmixer error path fix
[ALSA] _snd_cmipci_uswitch_put doesn't set zero flags
[ALSA] hda-codec - Fix NULL dereference in generic hda code
[ALSA] hda_intel: ALSA HD Audio patch for Intel ICH9
[ALSA] usb-audio: work around wrong frequency in CM6501 descriptors
[ALSA] Fix potential NULL pointer dereference in echoaudio midi
[ALSA] Audio: Add nvidia HD Audio controllers of MCP67 support to hda_intel.c
* 'merge' of master.kernel.org:/pub/scm/linux/kernel/git/paulus/powerpc:
[POWERPC] Fix bugs in the hypervisor call stats code
[POWERPC] Fix corruption in hcall9
[POWERPC] iSeries: fix setup initcall
[POWERPC] iSeries: fix viopath initialisation
[POWERPC] iSeries: fix lpevents initialisation
[POWERPC] iSeries: fix proc/iSeries initialisation
[POWERPC] iSeries: fix mf proc initialisation
[POWERPC] disable PReP and EFIKA during make oldconfig
[POWERPC] Fix mpc52xx serial driver to work for arch/ppc again
[POWERPC] Don't include powerpc/sysdev/rom.o for arch/ppc builds
[POWERPC] Fix mpc52xx fdt to use correct device_type for sound devices
[POWERPC] 52xx: Don't use device_initcall to probe of_platform_bus
[POWERPC] Add legacy iSeries to ppc64_defconfig
[POWERPC] Update ppc64_defconfig
[POWERPC] Fix manual assembly WARN_ON() in enter_rtas().
[POWERPC] Avoid calling get_irq_server() with a real, not virtual irq.
[POWERPC] Fix unbalanced uses of of_node_put
[POWERPC] Fix bogus BUG_ON() in in hugetlb_get_unmapped_area()
There are several places in the futex code where a spin_lock is held
and still uaccesses happen. Deadlocks are avoided by increasing the
preempt count. The pagefault handler will then not take any locks
but will immediately search the fixup tables.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
There were a few issues with the HCALL_STATS code:
- PURR cpu feature checks were backwards
- We iterated one entry off the end of the hcall_stats array
- Remove dead update_hcall_stats() function prototype
I noticed one thing while debugging, and that is we call H_ENTER (to set
up the MMU hashtable in early init) before we have done the cpu fixups.
This means we will execute the PURR SPR reads even on a CPU that isnt
capable of it. I wonder if we can move the CPU feature fixups earlier.
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
Using device_initcall makes it happen for every platform that
compiles this file in. This is really bad, for obvious reasons.
Instead, we use the .init field of the machine description. If
the platform needs the hook to do something specific it can provides
its own function and call mpc52xx_declare_of_platform_devices from
there. If not, the mpc52xx_declare_of_platform_devices function can
directly be used as the init hook.
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Acked-by: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Paul Mackerras <paulus@samba.org>
When we switched over to the generic BUG mechanism we forgot to change
the assembly code which open-codes a WARN_ON() in enter_rtas(), so the
bug table got corrupted.
This patch provides an EMIT_BUG_ENTRY macro for use in assembly code,
and uses it in entry_64.S. Tested with CONFIG_DEBUG_BUGVERBOSE on ppc64
but not without -- I tried to turn it off but it wouldn't go away; I
suspect Aunt Tillie probably needed it.
This version gets __FILE__ and __LINE__ right in the assembly version --
rather than saying include/asm-powerpc/bug.h line 21 every time which is
a little suboptimal.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
Implement optimized asm version of csum_partial_copy_nocheck,
csum_partial_copy_from_user and csum_and_copy_to_user which can do
calculate and copy in parallel, based on memcpy.S.
Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
fuse does not work on ARM due to cache incoherency issues - fuse wants
to use get_user_pages() to copy data from the current process into
kernel space. However, since this accesses userspace via the kernel
mapping, the kernel mapping can be out of date wrt data written to
userspace.
This can lead to unpredictable behaviour (in the case of fuse) or data
corruption for direct-IO.
This resolves debian bug #402876
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Since get_user_pages() may be used with processes other than the
current process and calls flush_anon_page(), flush_anon_page() has to
cope in some way with non-current processes.
It may not be appropriate, or even desirable to flush a region of
virtual memory cache in the current process when that is different to
the process that we want the flush to occur for.
Therefore, pass the vma into flush_anon_page() so that the architecture
can work out whether the 'vmaddr' is for the current process or not.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
iop33x gpio offset is correct in include/asm-arm/arch-iop33x/iop33x.h, but
include/asm-arm/hardware/iop3xx.h adds 4.
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
o Relocatable bzImage support had got rid of CONFIG_PHYSICAL_START option
thinking that now this option is not required as people can build a
second kernel as relocatable and load it anywhere. So need of compiling
the kernel for a custom address was gone. But Magnus uses vmlinux images
for second kernel in Xen environment and he wants to continue to use
it.
o Restoring the CONFIG_PHYSICAL_START option for the time being. I think
down the line we can get rid of it.
Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Andi Kleen <ak@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
In the kernels later than 2.6.19 there is a regression that makes swsusp
fail if the resume device is not explicitly specified.
It can be fixed by adding an additional parameter to
mm/swapfile.c:swap_type_of() allowing us to pass the (struct block_device
*) corresponding to the first available swap back to the caller.
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Acked-by: Pavel Machek <pavel@ucw.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The current interrupt injection mechanism might delay an interrupt under
the following circumstances:
- if injection fails because the guest is not interruptible (rflags.IF clear,
or after a 'mov ss' or 'sti' instruction). Userspace can check rflags,
but the other cases or not testable under the current API.
- if injection fails because of a fault during delivery. This probably
never happens under normal guests.
- if injection fails due to a physical interrupt causing a vmexit so that
it can be handled by the host.
In all cases the guest proceeds without processing the interrupt, reducing
the interactive feel and interrupt throughput of the guest.
This patch fixes the situation by allowing userspace to request an exit
when the 'interrupt window' opens, so that it can re-inject the interrupt
at the right time. Guest interactivity is very visibly improved.
Signed-off-by: Dor Laor <dor.laor@qumranet.com>
Signed-off-by: Avi Kivity <avi@qumranet.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jeffrey Altman, one of the gatekeepers of OpenAFS (the open source project
which inherited the Transarc/IBM AFS codebase) has requested that the magic
number 0x5346414F (little endian 'OAFS') be allocated for the f_type field
of the fsinfo structure on Linux:
https://lists.openafs.org/pipermail/openafs-info/2006-December/024829.html
Add it to include/linux/magic.h, mostly as a way of publishing this number
and ensuring that no other filesystem accidentally uses it.
Cc: Jeffrey Altman <jaltman@secure-endpoints.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This reverts the new (unambiguous) definition of the TCP `before'
relation. As pointed out in an example by Herbert Xu, there is
existing code which implicitly requires the old definition in order
to work correctly.
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Provide ACPI _PRT support for SN Altix systems.
The SN Altix platform does not conform to the
IOSAPIC IRQ routing model, so a new acpi_irq_model
(ACPI_IRQ_MODEL_PLATFORM) has been defined. The SN
platform specific code sets acpi_irq_model to
this new value, and keys off of it in acpi_register_gsi()
to avoid the iosapic code path.
Signed-off-by: John Keller <jpk@sgi.com>
Signed-off-by: Len Brown <len.brown@intel.com>