Fold it into memblock_x86_find_in_range(), and change bad_addr_size()
to check_reserve_memblock().

So whole memblock_x86_find_in_range_size() code is more readable.
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
LKML-Reference: <4CAA4DEC.4000401@kernel.org>
Signed-off-by: NH. Peter Anvin <hpa@zytor.com>

When trying to find huge range for crashkernel, get

[    0.000000] ------------[ cut here ]------------
[    0.000000] WARNING: at arch/x86/mm/memblock.c:248 memblock_x86_reserve_range+0x40/0x7a()
[    0.000000] Hardware name: Sun Fire x4800
[    0.000000] memblock_x86_reserve_range: wrong range [0xffffffff37000000, 0x137000000)
[    0.000000] Modules linked in:
[    0.000000] Pid: 0, comm: swapper Not tainted 2.6.36-rc5-tip-yh-01876-g1cac214-dirty #59
[    0.000000] Call Trace:
[    0.000000]  [<ffffffff82816f7e>] ? memblock_x86_reserve_range+0x40/0x7a
[    0.000000]  [<ffffffff81078c2d>] warn_slowpath_common+0x85/0x9e
[    0.000000]  [<ffffffff81078d38>] warn_slowpath_fmt+0x6e/0x70
[    0.000000]  [<ffffffff8281e77c>] ? memblock_find_region+0x40/0x78
[    0.000000]  [<ffffffff8281eb1f>] ? memblock_find_base+0x9a/0xb9
[    0.000000]  [<ffffffff82816f7e>] memblock_x86_reserve_range+0x40/0x7a
[    0.000000]  [<ffffffff8280452c>] setup_arch+0x99d/0xb2a
[    0.000000]  [<ffffffff810a3e02>] ? trace_hardirqs_off+0xd/0xf
[    0.000000]  [<ffffffff81cec7d8>] ? _raw_spin_unlock_irqrestore+0x3d/0x4c
[    0.000000]  [<ffffffff827ffcec>] start_kernel+0xde/0x3f1
[    0.000000]  [<ffffffff827ff2d4>] x86_64_start_reservations+0xa0/0xa4
[    0.000000]  [<ffffffff827ff3de>] x86_64_start_kernel+0x106/0x10d
[    0.000000] ---[ end trace a7919e7f17c0a725 ]---
[    0.000000] Reserving 8192MB of memory at 17592186041200MB for crashkernel (System RAM: 526336MB)

This is caused by a wraparound in the test due to size > end;
explicitly check for this condition and fail.
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
LKML-Reference: <4CAA4DD3.1080401@kernel.org>
Signed-off-by: NH. Peter Anvin <hpa@zytor.com>

Originally the only early reserved range that is overlapped with high
pages is "KVA RAM", but we already do remove that from the active ranges.

However, It turns out Xen could have that kind of overlapping to support memory
ballooning.x

So we need to make add_highpage_with_active_regions() to subtract
memblock reserved just like low ram; this is the proper design anyway.

In this patch, refactering get_freel_all_memory_range() to make it can
be used by add_highpage_with_active_regions().  Also we don't need to
remove "KVA RAM" from active ranges.
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
LKML-Reference: <4CABB183.1040607@kernel.org>
Signed-off-by: NH. Peter Anvin <hpa@zytor.com>

Cai Qian found crashkernel is broken with the x86 memblock changes.

1. crashkernel=128M@32M always reported that range is used, even if
   the first kernel is small and does not usethat range

2. we always got following report when using "kexec -p"
	Could not find a free area of memory of a000 bytes...
	locate_hole failed

The root cause is that generic memblock_find_in_range() will try to
allocate from the top of the range, whereas the kexec code was written
assuming that allocation was always near the bottom and that it could
blindly extend memory upward.  Unfortunately the kexec code doesn't
have a system for requesting the range that it really needs, so this
is subject to probabilistic failures.

This patch hacks around the problem by limiting the target range
heuristically to below the traditional bzImage max range.  This number
is arbitrary and not always correct, and a much better result would be
obtained by having kexec communicate this number based on the kernel
header information and any appropriate command line options.
Reported-and-Bisected-by: NCAI Qian <caiqian@redhat.com>
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
LKML-Reference: <4CABAF2A.5090501@kernel.org>
Cc: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: NH. Peter Anvin <hpa@zytor.com>

Stephen Rothwell reported this build failure:

  arch/arm/mm/init.c: In function 'arm_memory_present':
  arch/arm/mm/init.c:260: warning: ISO C90 forbids mixed declarations and code

Caused by commit 719c1514 ("memblock/arm: Use new accessors")
which forgot a closing brace on a new for_each_memblock() in
arm_memory_present().
Reported-by: NStephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Russell King <linux@arm.linux.org.uk>
LKML-Reference: <4C91C544.5050907@kernel.org>
Signed-off-by: NIngo Molnar <mingo@elte.hu>

Stephen found a bunch of section mismatch warnings with the
new memblock changes.

Use __init_memblock to replace __init in memblock.c and remove
__init in memblock.h. We should not use __init in header files.
Reported-by: NStephen Rothwell <sfr@canb.auug.org.au>
Tested-by: NStephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: NYinghai Lu <Yinghai@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
LKML-Reference: <4C912709.2090201@kernel.org>
Signed-off-by: NIngo Molnar <mingo@elte.hu>

Fix memblock API change fallout in the WII code.
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
Cc: linux-mm@kvack.org
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
LKML-Reference: <4C8B2AFA.2000705@kernel.org>
Signed-off-by: NIngo Molnar <mingo@elte.hu>

Adopt Microblaze to the memblock API changes, to fix this
build failure:

  CC      arch/microblaze/mm/init.o
 arch/microblaze/mm/init.c: In function 'mm_cmdline_setup':
 arch/microblaze/mm/init.c:236: error: 'struct memblock_type' has no member named 'region'
 ...
Signed-off-by: NYinghai Lu <yinghai@kernel.org>
Cc: linux-mm@kvack.org
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
LKML-Reference: <4C8B2A9A.1040303@kernel.org>
Signed-off-by: NIngo Molnar <mingo@elte.hu>

Conflicts:
	arch/x86/kernel/trampoline.c
	mm/memblock.c

Merge reason: Resolve the conflicts, update to latest upstream.
Signed-off-by: NIngo Molnar <mingo@elte.hu>

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6:
  firewire: ohci: work around VIA and NEC PHY packet reception bug
  firewire: core: do not use del_timer_sync() in interrupt context
  firewire: net: fix unicast reception RCODE in failure paths
  firewire: sbp2: fix stall with "Unsolicited response"
  firewire: sbp2: fix memory leak in sbp2_cancel_orbs or at send error
  ieee1394: Adjust confusing if indentation

VIA VT6306, VIA VT6308, and NEC OrangeLink controllers do not write
packet event codes for received PHY packets (or perhaps write
evt_no_status, hard to tell).  Work around it by overwriting the
packet's ACK by ack_complete, so that upper layers that listen to PHY
packet reception get to see these packets.

(Also tested:  TI TSB82AA2, TI TSB43AB22/A, TI XIO2213A, Agere FW643,
JMicron JMB381 --- these do not exhibit this bug.)

Clemens proposed a quirks flag for that, IOW whitelist known misbehaving
controllers for this workaround.  Though to me it seems harmless enough
to enable for all controllers.

The log_ar_at_event() debug log will continue to show the original
status from the DMA unit.

Reported-by: Clemens Ladisch <clemens@ladisch.de> (VT6308)
Signed-off-by: NStefan Richter <stefanr@s5r6.in-berlin.de>

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
  net/ipv4: Eliminate kstrdup memory leak
  net/caif/cfrfml.c: use asm/unaligned.h
  ax25: missplaced sock_put(sk)
  qlge: reset the chip before freeing the buffers
  l2tp: test for ethernet header in l2tp_eth_dev_recv()
  tcp: select(writefds) don't hang up when a peer close connection
  tcp: fix three tcp sysctls tuning
  tcp: Combat per-cpu skew in orphan tests.
  pxa168_eth: silence gcc warnings
  pxa168_eth: update call to phy_mii_ioctl()
  pxa168_eth: fix error handling in prope
  pxa168_eth: remove unneeded null check
  phylib: Fix race between returning phydev and calling adjust_link
  caif-driver: add HAS_DMA dependency
  3c59x: Fix deadlock between boomerang_interrupt and boomerang_start_tx
  qlcnic: fix poll implementation
  netxen: fix poll implementation
  bridge: netfilter: fix a memory leak

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vapier/blackfin:
  Blackfin: bf52x/bf54x boards: drop unused nand page size
  Blackfin: punt duplicate SPORT MMR defines

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
  ALSA: pcm: add more format names
  sound: oss: fix uninitialized spinlock
  ALSA: asihpi - Return hw error directly from oustream_write.
  ASoC: soc-core: fix debugfs_pop_time file permissions
  ALSA: hda - Add Sony VAIO quirk for ALC269

Merge branch 's5p-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung

* 's5p-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung:
  ARM: S5PV310: Fix on Secondary CPU startup
  ARM: S5PV310: Bug fix on uclk1 and sclk_pwm
  ARM: S5PV310: Fix missed uart clocks
  ARM: S5PV310: Should be clk_sclk_apll not clk_mout_apll
  ARM: S5PV310: Fix on PLL setting for S5PV310
  ARM: S5PV310: Add CMU block for S5PV310 Clock
  ARM: S5PV310: Fix on typo irqs.h of S5PV310
  ARM: S5PV310: Fix on default ZRELADDR of ARCH_S5PV310
  ARM: S5PV310: Fix on GPIO base addresses
  ARM: SAMSUNG: Fix on build warning regarding VMALLOC_END type
  ARM: S5P: VMALLOC_END should be unsigned long

* 'for-linus' of git://git.infradead.org/users/eparis/notify:
  fsnotify: drop two useless bools in the fnsotify main loop
  fsnotify: fix list walk order
  fanotify: Return EPERM when a process is not privileged
  fanotify: resize pid and reorder structure
  fanotify: drop duplicate pr_debug statement
  fanotify: flush outstanding perm requests on group destroy
  fsnotify: fix ignored mask handling between inode and vfsmount marks
  fanotify: add MAINTAINERS entry
  fsnotify: reset used_inode and used_vfsmount on each pass
  fanotify: do not dereference inode_mark when it is unset

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6:
  eCryptfs: Fix encrypted file name lookup regression
  ecryptfs: properly mark init functions
  fs/ecryptfs: Return -ENOMEM on memory allocation failure

* 'for-linus' of git://android.git.kernel.org/kernel/tegra:
  arm: tegra: VMALLOC_END should be unsigned long
  arm: tegra: fix compilation of board-harmony.c

* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
  vgaarb: Wrap vga_(get|put) in CONFIG_VGA_ARB
  drm/radeon/kms: add missing scratch update in dp_detect
  drm/modes: Fix CVT-R modeline generation
  drm: fix regression in drm locking since BKL removal.
  drm/radeon/kms: remove stray radeon_i2c_destroy
  drm: mm: fix range restricted allocations
  drm/nouveau: drop drm_global_mutex before sleeping in submission path
  drm: export drm_global_mutex for drivers to use
  drm/nv20: Don't use pushbuf calls on the original nv20.
  drm/nouveau: Fix TMDS on some DCB1.5 boards.
  drm/nouveau: Fix backlight control on PPC machines with an internal TMDS panel.
  drm/nv30: Apply modesetting to the correct slave encoder
  drm/nouveau: Use a helper function to match PCI device/subsystem IDs.
  drm/nv50: add dcb type 14 to enum to prevent compiler complaint

* 'lguest' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
  lguest: Odd Fixes
  lguest: clean up warnings in demonstration launcher.

Merge branch 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6

* 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6:
  OMAP3: PM: ensure IO wakeups are properly disabled
  omap: Fix omap_4430sdp_defconfig for make oldconfig
  omap: Use CONFIG_SMP for test_for_ipi and test_for_ltirq
  omap: Fix sev instruction usage for multi-omap
  OMAP3: Fix a cpu type check problem
  omap3: id: fix 3630 rev detection

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client:
  ceph: fix get_ticket_handler() error handling
  ceph: don't BUG on ENOMEM during mds reconnect
  ceph: ceph_mdsc_build_path() returns an ERR_PTR
  ceph: Fix warnings
  ceph: ceph_get_inode() returns an ERR_PTR
  ceph: initialize fields on new dentry_infos
  ceph: maintain i_head_snapc when any caps are dirty, not just for data
  ceph: fix osd request lru adjustment when sending request
  ceph: don't improperly set dir complete when holding EXCL cap
  mm: exporting account_page_dirty
  ceph: direct requests in snapped namespace based on nonsnap parent
  ceph: queue cap snap writeback for realm children on snap update
  ceph: include dirty xattrs state in snapped caps
  ceph: fix xattr cap writeback
  ceph: fix multiple mds session shutdown

* 'pm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/suspend-2.6:
  PM QoS: Fix inline documentation.
  PM QoS: Fix kzalloc() parameters swapped in pm_qos_power_open()

* 'for-2.6.36' of git://linux-nfs.org/~bfields/linux:
  nfsd: fix NULL dereference in nfsd_statfs()
  nfsd4: fix downgrade/lock logic
  nfsd4: typo fix in find_any_file
  nfsd4: bad BUG() in preprocess_stateid_op

* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
  Cannot allocate memory error on mount
  [CIFS] Eliminate unused variable warning

Fix a comma that got accidentally deleted from sys_osf_statfs() leading to the
following warning:

  arch/alpha/kernel/osf_sys.c: In function 'SYSC_osf_statfs':
  arch/alpha/kernel/osf_sys.c:255: error: syntax error before 'buffer'
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

Stub out vm_get_page_prot() if there's no MMU.

This was added by commit 804af2cf ("[AGPGART] remove private page
protection map") and is used in commit c07fbfd1 ("fbmem: VM_IO set,
but not propagated") in the fbmem video driver, but the function doesn't
exist on NOMMU, resulting in an undefined symbol at link time.
Signed-off-by: NDavid Howells <dhowells@redhat.com>
Reviewed-by: NKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp:
  amd64_edac: Do not report error overflow as a separate error
  MCE, AMD: Limit MCE decoding to current families for now

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
  Input: pxa27x_keypad - remove input_free_device() in pxa27x_keypad_remove()
  Input: mousedev - fix regression of inverting axes
  Input: uinput - add devname alias to allow module on-demand load
  Input: hil_kbd - fix compile error
  USB: drop tty argument from usb_serial_handle_sysrq_char()
  Input: sysrq - drop tty argument form handle_sysrq()
  Input: sysrq - drop tty argument from sysrq ops handlers

* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev:
  libata-sff: remove harmful BUG_ON from ata_bmdma_qc_issue
  sata_mv: fix broken DSM/TRIM support (v2)
  libata: be less of a drama queen on empty data commands
  [libata] sata_dwc_460ex: signdness bug
  ahci: add HFLAG_YES_FBS and apply it to 88SE9128
  libata: remove no longer needed pata_winbond driver
  pata_cmd64x: revert commit d62f5576

After several hours, kbuild tests hang with anon_vma_prepare() spinning on
a newly allocated anon_vma's lock - on a box with CONFIG_TREE_PREEMPT_RCU=y
(which makes this very much more likely, but it could happen without).

The ever-subtle page_lock_anon_vma() now needs a further twist: since
anon_vma_prepare() and anon_vma_fork() are liable to change the ->root
of a reused anon_vma structure at any moment, page_lock_anon_vma()
needs to check page_mapped() again before succeeding, otherwise
page_unlock_anon_vma() might address a different root->lock.
Signed-off-by: NHugh Dickins <hughd@google.com>
Reviewed-by: NRik van Riel <riel@redhat.com>
Cc: Christoph Lameter <cl@linux.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>

There were some new formats added in commit 15c0cee6 "ALSA: pcm:
Define G723 3-bit and 5-bit formats".  That commit increased
SNDRV_PCM_FORMAT_LAST as well.  My concern is that there are a couple
places which do:

        for (i = 0; i < SNDRV_PCM_FORMAT_LAST; i++) {
                if (dummy->pcm_hw.formats & (1ULL << i))
                        snd_iprintf(buffer, " %s", snd_pcm_format_name(i));
        }

I haven't tested these but it looks like if "i" were equal to
SNDRV_PCM_FORMAT_G723_24 or higher then we might read past the end of
the array.
Signed-off-by: NDan Carpenter <error27@gmail.com>
Signed-off-by: NTakashi Iwai <tiwai@suse.de>

The spinlock lock in sound_timer.c is used without initialization.
Signed-off-by: NAkinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: NTakashi Iwai <tiwai@suse.de>

If hw error is ignored, status is updated with invalid info.
Signed-off-by: NEliot Blennerhassett <eblennerhassett@audioscience.com>
Signed-off-by: NTakashi Iwai <tiwai@suse.de>

The string clone is only used as a temporary copy of the argument val
within the while loop, and so it should be freed before leaving the
function.  The call to strsep, however, modifies clone, so a pointer to the
front of the string is kept in saved_clone, to make it possible to free it.

The sematic match that finds this problem is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@r exists@
local idexpression x;
expression E;
identifier l;
statement S;
@@

*x= \(kasprintf\|kstrdup\)(...);
...
if (x == NULL) S
... when != kfree(x)
    when != E = x
if (...) {
  <... when != kfree(x)
* goto l;
  ...>
* return ...;
}
// </smpl>
Signed-off-by: NJulia Lawall <julia@diku.dk>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The fsnotify main loop has 2 bools which indicated if we processed the
inode or vfsmount mark in that particular pass through the loop.  These
bool can we replaced with the inode_group and vfsmount_group variables
and actually make the code a little easier to understand.
Signed-off-by: NEric Paris <eparis@redhat.com>

Marks were stored on the inode and vfsmonut mark list in order from
highest memory address to lowest memory address.  The code to walk those
lists thought they were in order from lowest to highest with
unpredictable results when trying to match up marks from each.  It was
possible that extra events would be sent to userspace when inode
marks ignoring events wouldn't get matched with the vfsmount marks.

This problem only affected fanotify when using both vfsmount and inode
marks simultaneously.
Signed-off-by: NEric Paris <eparis@redhat.com>