- 20 5月, 2009 15 次提交
-
-
git://git.kernel.dk/linux-2.6-block由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.dk/linux-2.6-block: cdrom: beyond ARRAY_SIZE of viocd_diskinfo xen/blkfront: fix warning when deleting gendisk on unplug/shutdown xen/blkfront: allow xenbus state transition to Closing->Closed when not Connected
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: cifs: fix pointer initialization and checks in cifs_follow_symlink (try #4)
-
由 Roel Kluin 提交于
Do not go beyond ARRAY_SIZE of viocd_diskinfo Signed-off-by: NRoel Kluin <roel.kluin@gmail.com> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-2.6: mfd: pcf50633: fix unsafe disable_irq() mfd: Keep a cache of WM8350 volatile values
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: ipv4: make default for INET_LRO consistent with help text net: fix skb_seq_read returning wrong offset/length for page frag data pkt_sched: gen_estimator: use 64 bit intermediate counters for bps be2net: add two new pci device ids to pci device table sch_teql: should not dereference skb after ndo_start_xmit() tcp: fix MSG_PEEK race check Doc: fixed descriptions on /proc/sys/net/core/* and /proc/sys/net/unix/* Neterion: *FIFO1_DMA_ERR set twice, should 2nd be *FIFO2_DMA_ERR? mv643xx_eth: fix PPC DMA breakage bonding: fix link down handling in 802.3ad mode bridge: fix initial packet flood if !STP bridge: relay bridge multicast pkgs if !STP NET: Meth: Fix unsafe mix of irq and non-irq spinlocks. mlx4_en: Fix not deleted napi structures ipconfig: handle case of delayed DHCP server netpoll: don't dereference NULL dev from np wimax/i2400m: fix device crash: fix optimization in _roq_queue_update_ws
-
由 Linus Torvalds 提交于
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: TPM: get_event_name stack corruption
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip由 Linus Torvalds 提交于
* 'core/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: futex: setup writeable mapping for futex ops which modify user space data
-
由 Eric Paris 提交于
get_event_name uses sprintf to fill a buffer declared on the stack. It fills the buffer 2 bytes at a time. What the code doesn't take into account is that sprintf(buf, "%02x", data) actually writes 3 bytes. 2 bytes for the data and then it nul terminates the string. Since we declare buf to be 40 characters long and then we write 40 bytes of data into buf sprintf is going to write 41 characters. The fix is to leave room in buf for the nul terminator. Signed-off-by: NEric Paris <eparis@redhat.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Thomas Gleixner 提交于
The futex code installs a read only mapping via get_user_pages_fast() even if the futex op function has to modify user space data. The eventual fault was fixed up by futex_handle_fault() which walked the VMA with mmap_sem held. After the cleanup patches which removed the mmap_sem dependency of the futex code commit 4dc5b7a36a49eff97050894cf1b3a9a02523717 (futex: clean up fault logic) removed the private VMA walk logic from the futex code. This change results in a stale RO mapping which is not fixed up. Instead of reintroducing the previous fault logic we set up the mapping in get_user_pages_fast() read/write for all operations which modify user space data. Also handle private futexes in the same way and make the current unconditional access_ok(VERIFY_WRITE) depend on the futex op. Reported-by: NAndreas Schwab <schwab@linux-m68k.org> Signed-off-by: NThomas Gleixner <tglx@linutronix.de> CC: stable@kernel.org
-
由 Nico Schottelius 提交于
Produce correct output for - tagged commit (v2.6.30-rc6) - past tagged commit (v2.6.30-rc5-299-g7c7327d9) - no tag Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Nelson Castillo 提交于
Without this change Openmoko Freerunner (GTA02) bootstrap will deadlock. As pointed out in other patches this issue is in the wild since the merge of: : commit 3aa551c9 : Author: Thomas Gleixner <tglx@linutronix.de> : Date: Mon Mar 23 18:28:15 2009 +0100 : : genirq: add threaded interrupt handler support : : Add support for threaded interrupt handlers Signed-off-by: NNelson Castillo <arhuaco@freaks-unidos.net> Cc: Ingo Molnar <mingo@elte.hu> Cc: <balajirrao@openmoko.org> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
由 Mark Brown 提交于
Due to the way that the WM8350 audio driver handles CODEC_ENA many of the WM8350 audio registers are marked as volatile when they aren't actually so. Allow the audio driver to see a cache of these values for inspection during interrupt context. To do this we need to stop satisfying any bits from volatile registers from cache - there's no real benefit from doing so anyway, we did the read already. Signed-off-by: NMark Brown <broonie@opensource.wolfsonmicro.com> Signed-off-by: NSamuel Ortiz <sameo@linux.intel.com>
-
git://git.monstr.eu/linux-2.6-microblaze由 Linus Torvalds 提交于
* 'fixes-for-linus' of git://git.monstr.eu/linux-2.6-microblaze: microblaze: Fix kind-of-intr checking against number of interrupts microblaze: Update Microblaze defconfig
-
git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6: regulator: da903x: add missing __devexit_p()
-
由 Linus Torvalds 提交于
Martin Knoblauch reports that trying to build 2.6.30-rc6-git3 with RHEL4.3 userspace (gcc (GCC) 3.4.5 20051201 (Red Hat 3.4.5-2)) causes an internal compiler error (ICE): drivers/char/random.c: In function `get_random_int': drivers/char/random.c:1672: error: unrecognizable insn: (insn 202 148 150 0 /scratch/build/linux-2.6.30-rc6-git3/arch/x86/include/asm/tsc.h:23 (set (reg:SI 0 ax [91]) (subreg:SI (plus:DI (plus:DI (reg:DI 0 ax [88]) (subreg:DI (reg:SI 6 bp) 0)) (const_int -4 [0xfffffffffffffffc])) 0)) -1 (nil) (nil)) drivers/char/random.c:1672: internal compiler error: in extract_insn, at recog.c:2083 and after some debugging it turns out that it's due to the code trying to figure out the rough value of the current stack pointer by taking an address of an uninitialized variable and casting that to an integer. This is clearly a compiler bug, but it's not worth fighting - while the current stack kernel pointer might be somewhat hard to predict in user space, it's also not generally going to change for a lot of the call chains for a particular process. So just drop it, and mumble some incoherent curses at the compiler. Tested-by: NMartin Knoblauch <spamtrap@knobisoft.de> Cc: Matt Mackall <mpm@selenic.com> Cc: Ingo Molnar <mingo@elte.hu> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 19 5月, 2009 14 次提交
-
-
由 Jeff Layton 提交于
This is the third respin of the patch posted yesterday to fix the error handling in cifs_follow_symlink. It also includes a fix for a bogus NULL pointer check in CIFSSMBQueryUnixSymLink that Jeff Moyer spotted. It's possible for CIFSSMBQueryUnixSymLink to return without setting target_path to a valid pointer. If that happens then the current value to which we're initializing this pointer could cause an oops when it's kfree'd. This patch is a little more comprehensive than the last patches. It reorganizes cifs_follow_link a bit for (hopefully) better readability. It should also eliminate the uneeded allocation of full_path on servers without unix extensions (assuming they can get to this point anyway, of which I'm not convinced). On a side note, I'm not sure I agree with the logic of enabling this query even when unix extensions are disabled on the client. It seems like that should disable this as well. But, changing that is outside the scope of this fix, so I've left it alone for now. Reported-by: NJeff Moyer <jmoyer@redhat.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Reviewed-by: NJeff Moyer <jmoyer@redhat.com> Reviewed-by: NChristoph Hellwig <hch@inraded.com> Signed-off-by: NSteve French <sfrench@us.ibm.com>
-
由 Ian Campbell 提交于
Currently blkfront gives a warning when hot unplugging due to calling del_gendisk() with interrupts disabled (due to blkif_io_lock). WARNING: at kernel/softirq.c:124 local_bh_enable+0x36/0x84() Modules linked in: xenfs xen_netfront ext3 jbd mbcache xen_blkfront Pid: 13, comm: xenwatch Not tainted 2.6.29-xs5.5.0.13 #3 Call Trace: [<c012611c>] warn_slowpath+0x80/0xb6 [<c0104cf1>] xen_sched_clock+0x16/0x63 [<c0104710>] xen_force_evtchn_callback+0xc/0x10 [<c0104e32>] check_events+0x8/0xe [<c0104d9b>] xen_restore_fl_direct_end+0x0/0x1 [<c0103749>] xen_mc_flush+0x10a/0x13f [<c0105bd2>] __switch_to+0x114/0x14e [<c011d92b>] dequeue_task+0x62/0x70 [<c0123b6f>] finish_task_switch+0x2b/0x84 [<c0299877>] schedule+0x66d/0x6e7 [<c0104710>] xen_force_evtchn_callback+0xc/0x10 [<c0104710>] xen_force_evtchn_callback+0xc/0x10 [<c012a642>] local_bh_enable+0x36/0x84 [<c022f9a7>] sk_filter+0x57/0x5c [<c0233dae>] netlink_broadcast+0x1d5/0x315 [<c01c6371>] kobject_uevent_env+0x28d/0x331 [<c01e7ead>] device_del+0x10f/0x120 [<c01e7ec6>] device_unregister+0x8/0x10 [<c015f86d>] bdi_unregister+0x2d/0x39 [<c01bf6f4>] unlink_gendisk+0x23/0x3e [<c01ac946>] del_gendisk+0x7b/0xe7 [<d0828c19>] blkfront_closing+0x28/0x6e [xen_blkfront] [<d082900c>] backend_changed+0x3ad/0x41d [xen_blkfront] We can fix this by calling del_gendisk() later in blkfront_closing, after releasing blkif_io_lock. Since the queue is stopped during the interrupts disabled phase I don't think there is any danger of an event occuring between releasing the blkif_io_lock and deleting the disk. Signed-off-by: NIan Campbell <ian.campbell@citrix.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 Ian Campbell 提交于
This situation can occur when attempting to attach a block device whose backend is an empty physical CD-ROM driver. The backend in this case will go directly from the Initialising state to Closing->Closed. Previously this would result in a NULL pointer deref on info->gd (xenbus_dev_fatal does not return as a1a15ac5 seems to expect) Cc: stable@kernel.org Signed-off-by: NIan Campbell <ian.campbell@citrix.com> Acked-by: NJeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 Frans Pop 提交于
Commit e81963b1 ("ipv4: Make INET_LRO a bool instead of tristate.") changed this config from tristate to bool. Add default so that it is consistent with the help text. Signed-off-by: NFrans Pop <elendil@planet.nl> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Thomas Chenault 提交于
When called with a consumed value that is less than skb_headlen(skb) bytes into a page frag, skb_seq_read() incorrectly returns an offset/length relative to skb->data. Ensure that data which should come from a page frag does. Signed-off-by: NThomas Chenault <thomas_chenault@dell.com> Tested-by: NShyam Iyer <shyam_iyer@dell.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Frank Filz 提交于
The problem is that permission checking is skipped if atomic open is possible, but when exec opens a file, it just opens it O_READONLY which means EXEC permission will not be checked at that time. This problem is observed by the following sequence (executed as root): mount -t nfs4 server:/ /mnt4 echo "ls" >/mnt4/foo chmod 744 /mnt4/foo su guest -c "mnt4/foo" Signed-off-by: NFrank Filz <ffilzlnx@us.ibm.com> Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> Cc: stable@kernel.org Tested-by: NEugene Teo <eugeneteo@kernel.sg> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Eric Dumazet 提交于
gen_estimator can overflow bps (bytes per second) with Gb links, while it was designed with a u32 API, with a theorical limit of 34360Mbit (2^32 bytes) Using 64 bit intermediate avbps/brate counters can allow us to reach this theorical limit. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NJarek Poplawski <jarkao2@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ajit Khaparde 提交于
Signed-off-by: NAjit Khaparde <ajitk@serverengines.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric Dumazet 提交于
It is illegal to dereference a skb after a successful ndo_start_xmit() call. We must store skb length in a local variable instead. Bug was introduced in 2.6.27 by commit 0abf77e5 (net_sched: Add accessor function for packet length for qdiscs) Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ilpo Järvinen 提交于
Commit 518a09ef (tcp: Fix recvmsg MSG_PEEK influence of blocking behavior) lets the loop run longer than the race check did previously expect, so we need to be more careful with this check and consider the work we have been doing. I tried my best to deal with urg hole madness too which happens here: if (!sock_flag(sk, SOCK_URGINLINE)) { ++*seq; ... by using additional offset by one but I certainly have very little interest in testing that part. Signed-off-by: NIlpo Järvinen <ilpo.jarvinen@helsinki.fi> Tested-by: NFrans Pop <elendil@planet.nl> Tested-by: NIan Zimmermann <itz@buug.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc由 Linus Torvalds 提交于
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc: powerpc: Explicit alignment for .data.cacheline_aligned powerpc/ps3: Update ps3_defconfig powerpc/ftrace: Fix constraint to be early clobber powerpc/ftrace: Use pr_devel() in ftrace.c powerpc: Do not assert pte_locked for hugepage PTE entries
-
由 Linus Torvalds 提交于
Merge branches 'sched-fixes-for-linus-2' and 'core-fixes-for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'sched-fixes-for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: sched: Fix fallback sched_clock()'s offset when using jiffies * 'core-fixes-for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: lockdep: increase MAX_LOCKDEP_ENTRIES and MAX_LOCKDEP_CHAINS
-
由 Linus Torvalds 提交于
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: Fix performance regression caused by paravirt_ops on native kernels xen: use header for EXPORT_SYMBOL_GPL x86, 32-bit: fix kernel_trap_sp() x86: fix percpu_{to,from}_op() x86: mtrr: Fix high_width computation when phys-addr is >= 44bit x86: Fix false positive section mismatch warnings in the apic code
-
由 Linus Torvalds 提交于
Merge branch 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: tracing: Append prompt in /debug/tracing/README file x86/function-graph: fix constraint for recording old return value
-
- 18 5月, 2009 11 次提交
-
-
由 David Woodhouse 提交于
Commit c45d6320 ("fix reference counting of ftdi_private") stopped ftdi_sio_port_remove() from directly freeing the port-private data, with the intention if the port was still open, it would be freed when ftdi_close() is eventually called and releases the last refcount on the structure. That's all very well, but ftdi_sio_port_remove() still contains a call to usb_set_serial_port_data(port, NULL) -- so by the time we get to ftdi_close() for the port which was unplugged, it _still_ oopses on dereferencing that NULL pointer, as it did before (and does in 2.6.29). The fix is just not to clear the private data in ftdi_sio_port_remove(). Then the refcount is properly reduced to zero when the final kref_put() happens in ftdi_close(). Remove a bogus comment too, while we're at it. And stop doing things inside "if (priv)" -- it must _always_ be there. Based loosely on an earlier patch by Daniel Mack, and suggestions by Alan Stern. Signed-off-by: NDavid Woodhouse <David.Woodhouse@intel.com> Tested-by: NDaniel Mack <daniel@caiaq.de> Cc: stable@kernel.org Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Peter Korsgaard 提交于
Commit 5b7f3a50 (fix dataflash 64-bit divisions) unfortunately introduced a typo. Erase addr and len were swapped in the pageaddr calculation, causing the wrong sectors to get erased. Signed-off-by: NPeter Korsgaard <jacmet@sunsite.dk> Acked-by: NArtem Bityutskiy <Artem.Bityutskiy@nokia.com> Signed-off-by: NDavid Woodhouse <David.Woodhouse@intel.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Roel Kluin 提交于
`local_add_unless(x, y, z)' will be expanded to `(&(x)->y, (y), (x))', but `&(x)->y' should be `&(x)->a' Signed-off-by: NRoel Kluin <roel.kluin@gmail.com> Cc: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Michal Simek 提交于
+ Fix typographic fault. Signed-off-by: NMichal Simek <monstr@monstr.eu>
-
由 Michal Simek 提交于
Signed-off-by: NMichal Simek <monstr@monstr.eu>
-
由 Mike Frysinger 提交于
The remove function uses __devexit, so the .remove assignment needs __devexit_p() to fix a build error with hotplug disabled. Signed-off-by: NMike Frysinger <vapier@gentoo.org> CC: Liam Girdwood <lrg@slimlogic.co.uk> CC: Mike Rapoport <mike@compulab.co.il> CC: Eric Miao <eric.miao@marvell.com> Acked-by: NEric Miao <eric.y.miao@gmail.com> Signed-off-by: NLiam Girdwood <lrg@slimlogic.co.uk>
-
由 Benjamin Herrenschmidt 提交于
I don't think anything guarantees that the objects in data.page_aligned are a multiple of PAGE_SIZE, thus the section may end on any boundary. So the following section, .data.cacheline_aligned needs an explicit alignment. Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
-
由 Geoff Levand 提交于
Refresh and set these options: CONFIG_SYSFS_DEPRECATED_V2: y -> n CONFIG_INPUT_JOYSTICK: y -> n CONFIG_HID_SONY: n -> m CONFIG_RTC_DRV_PS3: - -> m Signed-off-by: NGeoff Levand <geoffrey.levand@am.sony.com> Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
-
由 Steven Rostedt 提交于
After upgrading my distcc boxes from gcc 4.2.2 to 4.4.0, the function graph tracer broke. This was discovered on my x86 boxes. The issue is that gcc used the same register for an output as it did for an input in an asm statement. I first thought this was a bug in gcc and reported it. I was notified that gcc was correct and that the output had to be flagged as an "early clobber". I noticed that powerpc had the same issue and this patch fixes it. Signed-off-by: NSteven Rostedt <rostedt@goodmis.org> Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
-
由 Michael Ellerman 提交于
pr_debug() can now result in code being generated even when #DEBUG is not defined. That's not really desirable in the ftrace code which we want to be snappy. With CONFIG_DYNAMIC_DEBUG=y: size before: text data bss dec hex filename 3334 672 4 4010 faa arch/powerpc/kernel/ftrace.o size after: text data bss dec hex filename 2616 360 4 2980 ba4 arch/powerpc/kernel/ftrace.o Signed-off-by: NMichael Ellerman <michael@ellerman.id.au> Acked-by: NSteven Rostedt <rostedt@goodmis.org> Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
-
由 Mel Gorman 提交于
With CONFIG_DEBUG_VM, an assertion is made when changing the protection flags of a PTE that the PTE is locked. Huge pages use a different pagetable format and the assertion is bogus and will always trigger with a bug looking something like Unable to handle kernel paging request for data at address 0xf1a00235800006f8 Faulting instruction address: 0xc000000000034a80 Oops: Kernel access of bad area, sig: 11 [#1] SMP NR_CPUS=32 NUMA Maple Modules linked in: dm_snapshot dm_mirror dm_region_hash dm_log dm_mod loop evdev ext3 jbd mbcache sg sd_mod ide_pci_generic pata_amd ata_generic ipr libata tg3 libphy scsi_mod windfarm_pid windfarm_smu_sat windfarm_max6690_sensor windfarm_lm75_sensor windfarm_cpufreq_clamp windfarm_core i2c_powermac NIP: c000000000034a80 LR: c000000000034b18 CTR: 0000000000000003 REGS: c000000003037600 TRAP: 0300 Not tainted (2.6.30-rc3-autokern1) MSR: 9000000000009032 <EE,ME,IR,DR> CR: 28002484 XER: 200fffff DAR: f1a00235800006f8, DSISR: 0000000040010000 TASK = c0000002e54cc740[2960] 'map_high_trunca' THREAD: c000000003034000 CPU: 2 GPR00: 4000000000000000 c000000003037880 c000000000895d30 c0000002e5a2e500 GPR04: 00000000a0000000 c0000002edc40880 0000005700000393 0000000000000001 GPR08: f000000011ac0000 01a00235800006e8 00000000000000f5 f1a00235800006e8 GPR12: 0000000028000484 c0000000008dd780 0000000000001000 0000000000000000 GPR16: fffffffffffff000 0000000000000000 00000000a0000000 c000000003037a20 GPR20: c0000002e5f4ece8 0000000000001000 c0000002edc40880 0000000000000000 GPR24: c0000002e5f4ece8 0000000000000000 00000000a0000000 c0000002e5f4ece8 GPR28: 0000005700000393 c0000002e5a2e500 00000000a0000000 c000000003037880 NIP [c000000000034a80] .assert_pte_locked+0xa4/0xd0 LR [c000000000034b18] .ptep_set_access_flags+0x6c/0xb4 Call Trace: [c000000003037880] [c000000003037990] 0xc000000003037990 (unreliable) [c000000003037910] [c000000000034b18] .ptep_set_access_flags+0x6c/0xb4 [c0000000030379b0] [c00000000014bef8] .hugetlb_cow+0x124/0x674 [c000000003037b00] [c00000000014c930] .hugetlb_fault+0x4e8/0x6f8 [c000000003037c00] [c00000000013443c] .handle_mm_fault+0xac/0x828 [c000000003037cf0] [c0000000000340a8] .do_page_fault+0x39c/0x584 [c000000003037e30] [c0000000000057b0] handle_page_fault+0x20/0x5c Instruction dump: 7d29582a 7d200074 7800d182 0b000000 3c004000 3960ffff 780007c6 796b00c4 7d290214 7929a302 1d290068 7d6b4a14 <800b0010> 7c000074 7800d182 0b000000 This patch fixes the problem by not asseting the PTE is locked for VMAs backed by huge pages. Signed-off-by: NMel Gorman <mel@csn.ul.ie> Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
-