All of lore.kernel.org
 help / color / mirror / Atom feed
* Re: [PATCH v4 05/14] platform/x86: dell-wmi-descriptor: split WMI descriptor into it's own driver
From: Andy Shevchenko @ 2017-10-05  5:29 UTC (permalink / raw)
  To: Darren Hart
  Cc: Mario Limonciello, LKML, Platform Driver, Andy Lutomirski,
	quasisec, Pali Rohár, Rafael J. Wysocki, mjg59,
	Christoph Hellwig, Greg KH
In-Reply-To: <20171005010909.GC25018@fury>

On Thu, Oct 5, 2017 at 4:09 AM, Darren Hart <dvhart@infradead.org> wrote:
> On Wed, Oct 04, 2017 at 05:48:31PM -0500, Mario Limonciello wrote:
>> All communication on individual GUIDs should occur in separate drivers.
>> Allowing a driver to communicate with the bus to another GUID is just
>> a hack that discourages drivers to adopt the bus model.
>>
>> The information found from the WMI descriptor driver is now exported
>> for use by other drivers.

> You'll want to add something like:
>
> #ifdef CONFIG_DELL_WMI_DESCRIPTOR_MODULE
>         if (request_module("dell_wmi_descriptor"))
>                 /* FAIL */
> #endif
>
> During init.

I don't think #ifdef is needed.

We may just request module.

But looking in the code it seems that we simple need to select that
module. No request_module will be needed.
Did I miss something?

-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply

* Re: [PATCH 10/13] timer: Remove expires and data arguments from DEFINE_TIMER
From: Greg Kroah-Hartman @ 2017-10-05  5:28 UTC (permalink / raw)
  To: Kees Cook
  Cc: Thomas Gleixner, Andrew Morton, Arnd Bergmann,
	Benjamin Herrenschmidt, Chris Metcalf, Geert Uytterhoeven,
	Guenter Roeck, Harish Patil, Heiko Carstens, James E.J. Bottomley,
	John Stultz, Julian Wiedmann, Kalle Valo, Lai Jiangshan,
	Len Brown, Manish Chopra, Mark Gross, Martin K. Petersen,
	Martin Schwidefsky, Michael Ellerman, Michael Reed, netdev,
	Oleg Nesterov, Paul Mackerras, Pavel Machek, Petr Mladek,
	Rafael J. Wysocki, Ralf Baechle, Sebastian Reichel,
	Stefan Richter, Stephen Boyd, Sudip Mukherjee, Tejun Heo,
	Ursula Braun, Viresh Kumar, Wim Van Sebroeck, linux1394-devel,
	linux-mips, linux-pm, linuxppc-dev, linux-s390, linux-scsi,
	linux-watchdog, linux-wireless, linux-kernel
In-Reply-To: <1507159627-127660-11-git-send-email-keescook@chromium.org>

On Wed, Oct 04, 2017 at 04:27:04PM -0700, Kees Cook wrote:
> Drop the arguments from the macro and adjust all callers with the
> following script:
> 
>   perl -pi -e 's/DEFINE_TIMER\((.*), 0, 0\);/DEFINE_TIMER($1);/g;' \
>     $(git grep DEFINE_TIMER | cut -d: -f1 | sort -u | grep -v timer.h)
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>
> Acked-by: Geert Uytterhoeven <geert@linux-m68k.org> # for m68k parts
> ---
>  arch/arm/mach-ixp4xx/dsmg600-setup.c      | 2 +-
>  arch/arm/mach-ixp4xx/nas100d-setup.c      | 2 +-
>  arch/m68k/amiga/amisound.c                | 2 +-
>  arch/m68k/mac/macboing.c                  | 2 +-
>  arch/mips/mti-malta/malta-display.c       | 2 +-
>  arch/parisc/kernel/pdc_cons.c             | 2 +-
>  arch/s390/mm/cmm.c                        | 2 +-
>  drivers/atm/idt77105.c                    | 4 ++--
>  drivers/atm/iphase.c                      | 2 +-
>  drivers/block/ataflop.c                   | 8 ++++----
>  drivers/char/dtlk.c                       | 2 +-
>  drivers/char/hangcheck-timer.c            | 2 +-
>  drivers/char/nwbutton.c                   | 2 +-
>  drivers/char/rtc.c                        | 2 +-
>  drivers/input/touchscreen/s3c2410_ts.c    | 2 +-
>  drivers/net/cris/eth_v10.c                | 6 +++---
>  drivers/net/hamradio/yam.c                | 2 +-
>  drivers/net/wireless/atmel/at76c50x-usb.c | 2 +-
>  drivers/staging/speakup/main.c            | 2 +-
>  drivers/staging/speakup/synth.c           | 2 +-
>  drivers/tty/cyclades.c                    | 2 +-
>  drivers/tty/isicom.c                      | 2 +-
>  drivers/tty/moxa.c                        | 2 +-
>  drivers/tty/rocket.c                      | 2 +-
>  drivers/tty/vt/keyboard.c                 | 2 +-
>  drivers/tty/vt/vt.c                       | 2 +-
>  drivers/watchdog/alim7101_wdt.c           | 2 +-
>  drivers/watchdog/machzwd.c                | 2 +-
>  drivers/watchdog/mixcomwd.c               | 2 +-
>  drivers/watchdog/sbc60xxwdt.c             | 2 +-
>  drivers/watchdog/sc520_wdt.c              | 2 +-
>  drivers/watchdog/via_wdt.c                | 2 +-
>  drivers/watchdog/w83877f_wdt.c            | 2 +-
>  drivers/xen/grant-table.c                 | 2 +-
>  fs/pstore/platform.c                      | 2 +-
>  include/linux/timer.h                     | 4 ++--
>  kernel/irq/spurious.c                     | 2 +-
>  lib/random32.c                            | 2 +-
>  net/atm/mpc.c                             | 2 +-
>  net/decnet/dn_route.c                     | 2 +-
>  net/ipv6/ip6_flowlabel.c                  | 2 +-
>  net/netrom/nr_loopback.c                  | 2 +-
>  security/keys/gc.c                        | 2 +-
>  sound/oss/midibuf.c                       | 2 +-
>  sound/oss/soundcard.c                     | 2 +-
>  sound/oss/sys_timer.c                     | 2 +-
>  sound/oss/uart6850.c                      | 2 +-
>  47 files changed, 54 insertions(+), 54 deletions(-)

Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

^ permalink raw reply

* Re: [PATCH 10/13] timer: Remove expires and data arguments from DEFINE_TIMER
From: Greg Kroah-Hartman @ 2017-10-05  5:28 UTC (permalink / raw)
  To: Kees Cook
  Cc: Thomas Gleixner, Andrew Morton, Arnd Bergmann,
	Benjamin Herrenschmidt, Chris Metcalf, Geert Uytterhoeven,
	Guenter Roeck, Harish Patil, Heiko Carstens, James E.J. Bottomley,
	John Stultz, Julian Wiedmann, Kalle Valo, Lai Jiangshan,
	Len Brown, Manish Chopra, Mark Gross, Martin K. Petersen, Martin 
In-Reply-To: <1507159627-127660-11-git-send-email-keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>

On Wed, Oct 04, 2017 at 04:27:04PM -0700, Kees Cook wrote:
> Drop the arguments from the macro and adjust all callers with the
> following script:
> 
>   perl -pi -e 's/DEFINE_TIMER\((.*), 0, 0\);/DEFINE_TIMER($1);/g;' \
>     $(git grep DEFINE_TIMER | cut -d: -f1 | sort -u | grep -v timer.h)
> 
> Signed-off-by: Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
> Acked-by: Geert Uytterhoeven <geert-Td1EMuHUCqxL1ZNQvxDV9g@public.gmane.org> # for m68k parts
> ---
>  arch/arm/mach-ixp4xx/dsmg600-setup.c      | 2 +-
>  arch/arm/mach-ixp4xx/nas100d-setup.c      | 2 +-
>  arch/m68k/amiga/amisound.c                | 2 +-
>  arch/m68k/mac/macboing.c                  | 2 +-
>  arch/mips/mti-malta/malta-display.c       | 2 +-
>  arch/parisc/kernel/pdc_cons.c             | 2 +-
>  arch/s390/mm/cmm.c                        | 2 +-
>  drivers/atm/idt77105.c                    | 4 ++--
>  drivers/atm/iphase.c                      | 2 +-
>  drivers/block/ataflop.c                   | 8 ++++----
>  drivers/char/dtlk.c                       | 2 +-
>  drivers/char/hangcheck-timer.c            | 2 +-
>  drivers/char/nwbutton.c                   | 2 +-
>  drivers/char/rtc.c                        | 2 +-
>  drivers/input/touchscreen/s3c2410_ts.c    | 2 +-
>  drivers/net/cris/eth_v10.c                | 6 +++---
>  drivers/net/hamradio/yam.c                | 2 +-
>  drivers/net/wireless/atmel/at76c50x-usb.c | 2 +-
>  drivers/staging/speakup/main.c            | 2 +-
>  drivers/staging/speakup/synth.c           | 2 +-
>  drivers/tty/cyclades.c                    | 2 +-
>  drivers/tty/isicom.c                      | 2 +-
>  drivers/tty/moxa.c                        | 2 +-
>  drivers/tty/rocket.c                      | 2 +-
>  drivers/tty/vt/keyboard.c                 | 2 +-
>  drivers/tty/vt/vt.c                       | 2 +-
>  drivers/watchdog/alim7101_wdt.c           | 2 +-
>  drivers/watchdog/machzwd.c                | 2 +-
>  drivers/watchdog/mixcomwd.c               | 2 +-
>  drivers/watchdog/sbc60xxwdt.c             | 2 +-
>  drivers/watchdog/sc520_wdt.c              | 2 +-
>  drivers/watchdog/via_wdt.c                | 2 +-
>  drivers/watchdog/w83877f_wdt.c            | 2 +-
>  drivers/xen/grant-table.c                 | 2 +-
>  fs/pstore/platform.c                      | 2 +-
>  include/linux/timer.h                     | 4 ++--
>  kernel/irq/spurious.c                     | 2 +-
>  lib/random32.c                            | 2 +-
>  net/atm/mpc.c                             | 2 +-
>  net/decnet/dn_route.c                     | 2 +-
>  net/ipv6/ip6_flowlabel.c                  | 2 +-
>  net/netrom/nr_loopback.c                  | 2 +-
>  security/keys/gc.c                        | 2 +-
>  sound/oss/midibuf.c                       | 2 +-
>  sound/oss/soundcard.c                     | 2 +-
>  sound/oss/sys_timer.c                     | 2 +-
>  sound/oss/uart6850.c                      | 2 +-
>  47 files changed, 54 insertions(+), 54 deletions(-)

Acked-by: Greg Kroah-Hartman <gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>

^ permalink raw reply

* Re: [PATCH 10/13] timer: Remove expires and data arguments from DEFINE_TIMER
From: Greg Kroah-Hartman @ 2017-10-05  5:28 UTC (permalink / raw)
  To: Kees Cook
  Cc: Thomas Gleixner, Andrew Morton, Arnd Bergmann,
	Benjamin Herrenschmidt, Chris Metcalf, Geert Uytterhoeven,
	Guenter Roeck, Harish Patil, Heiko Carstens, James E.J. Bottomley,
	John Stultz, Julian Wiedmann, Kalle Valo, Lai Jiangshan,
	Len Brown, Manish Chopra, Mark Gross, Martin K. Petersen
In-Reply-To: <1507159627-127660-11-git-send-email-keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>

On Wed, Oct 04, 2017 at 04:27:04PM -0700, Kees Cook wrote:
> Drop the arguments from the macro and adjust all callers with the
> following script:
> 
>   perl -pi -e 's/DEFINE_TIMER\((.*), 0, 0\);/DEFINE_TIMER($1);/g;' \
>     $(git grep DEFINE_TIMER | cut -d: -f1 | sort -u | grep -v timer.h)
> 
> Signed-off-by: Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
> Acked-by: Geert Uytterhoeven <geert-Td1EMuHUCqxL1ZNQvxDV9g@public.gmane.org> # for m68k parts
> ---
>  arch/arm/mach-ixp4xx/dsmg600-setup.c      | 2 +-
>  arch/arm/mach-ixp4xx/nas100d-setup.c      | 2 +-
>  arch/m68k/amiga/amisound.c                | 2 +-
>  arch/m68k/mac/macboing.c                  | 2 +-
>  arch/mips/mti-malta/malta-display.c       | 2 +-
>  arch/parisc/kernel/pdc_cons.c             | 2 +-
>  arch/s390/mm/cmm.c                        | 2 +-
>  drivers/atm/idt77105.c                    | 4 ++--
>  drivers/atm/iphase.c                      | 2 +-
>  drivers/block/ataflop.c                   | 8 ++++----
>  drivers/char/dtlk.c                       | 2 +-
>  drivers/char/hangcheck-timer.c            | 2 +-
>  drivers/char/nwbutton.c                   | 2 +-
>  drivers/char/rtc.c                        | 2 +-
>  drivers/input/touchscreen/s3c2410_ts.c    | 2 +-
>  drivers/net/cris/eth_v10.c                | 6 +++---
>  drivers/net/hamradio/yam.c                | 2 +-
>  drivers/net/wireless/atmel/at76c50x-usb.c | 2 +-
>  drivers/staging/speakup/main.c            | 2 +-
>  drivers/staging/speakup/synth.c           | 2 +-
>  drivers/tty/cyclades.c                    | 2 +-
>  drivers/tty/isicom.c                      | 2 +-
>  drivers/tty/moxa.c                        | 2 +-
>  drivers/tty/rocket.c                      | 2 +-
>  drivers/tty/vt/keyboard.c                 | 2 +-
>  drivers/tty/vt/vt.c                       | 2 +-
>  drivers/watchdog/alim7101_wdt.c           | 2 +-
>  drivers/watchdog/machzwd.c                | 2 +-
>  drivers/watchdog/mixcomwd.c               | 2 +-
>  drivers/watchdog/sbc60xxwdt.c             | 2 +-
>  drivers/watchdog/sc520_wdt.c              | 2 +-
>  drivers/watchdog/via_wdt.c                | 2 +-
>  drivers/watchdog/w83877f_wdt.c            | 2 +-
>  drivers/xen/grant-table.c                 | 2 +-
>  fs/pstore/platform.c                      | 2 +-
>  include/linux/timer.h                     | 4 ++--
>  kernel/irq/spurious.c                     | 2 +-
>  lib/random32.c                            | 2 +-
>  net/atm/mpc.c                             | 2 +-
>  net/decnet/dn_route.c                     | 2 +-
>  net/ipv6/ip6_flowlabel.c                  | 2 +-
>  net/netrom/nr_loopback.c                  | 2 +-
>  security/keys/gc.c                        | 2 +-
>  sound/oss/midibuf.c                       | 2 +-
>  sound/oss/soundcard.c                     | 2 +-
>  sound/oss/sys_timer.c                     | 2 +-
>  sound/oss/uart6850.c                      | 2 +-
>  47 files changed, 54 insertions(+), 54 deletions(-)

Acked-by: Greg Kroah-Hartman <gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>

^ permalink raw reply

* [PATCH v4 4/4] app/crypto-perf: fix packet length check
From: Pablo de Lara @ 2017-10-05  5:28 UTC (permalink / raw)
  To: declan.doherty, john.mcnamara; +Cc: dev, Pablo de Lara, stable
In-Reply-To: <20171005052800.12922-1-pablo.de.lara.guarch@intel.com>

When using DES-CBC, packet size has to be multiple
of 8 bytes, but if a list of packets is provided.
the check was not correct.

Fixes: fc4600fb2520 ("app/crypto-perf: add extra option checks")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
---
 app/test-crypto-perf/cperf_options_parsing.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index f3508a4..af81162 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -876,14 +876,26 @@ check_cipher_buffer_length(struct cperf_options *options)
 	if (options->cipher_algo == RTE_CRYPTO_CIPHER_DES_CBC ||
 			options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_CBC ||
 			options->cipher_algo == RTE_CRYPTO_CIPHER_3DES_ECB) {
-		for (buffer_size = options->min_buffer_size;
-				buffer_size < options->max_buffer_size;
-				buffer_size += options->inc_buffer_size) {
+		if (options->inc_buffer_size != 0)
+			buffer_size = options->min_buffer_size;
+		else
+			buffer_size = options->buffer_size_list[0];
+
+		while (buffer_size <= options->max_buffer_size) {
 			if ((buffer_size % DES_BLOCK_SIZE) != 0) {
 				RTE_LOG(ERR, USER1, "Some of the buffer sizes are "
 					"not suitable for the algorithm selected\n");
 				return -EINVAL;
 			}
+
+			if (options->inc_buffer_size != 0)
+				buffer_size += options->inc_buffer_size;
+			else {
+				if (++buffer_size_idx == options->buffer_size_count)
+					break;
+				buffer_size = options->buffer_size_list[buffer_size_idx];
+			}
+
 		}
 	}
 
-- 
2.9.4

^ permalink raw reply related

* [xen-unstable-smoke test] 114028: regressions - FAIL
From: osstest service owner @ 2017-10-05  5:26 UTC (permalink / raw)
  To: xen-devel, osstest-admin

flight 114028 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114028/

Regressions :-(

Tests which did not succeed and are blocking,
including tests which could not be run:
 test-amd64-amd64-libvirt     12 guest-start              fail REGR. vs. 113972
 build-armhf                   6 xen-build                fail REGR. vs. 113972

Tests which did not succeed, but are not blocking:
 test-armhf-armhf-xl           1 build-check(1)               blocked  n/a

version targeted for testing:
 xen                  72b0c19a7040ab8446f16578b094fec8703f8095
baseline version:
 xen                  dbc4b6e13a5d0dd8967cde7ff7000ab1ed88625e

Last test of basis   113972  2017-10-03 21:02:43 Z    1 days
Failing since        113979  2017-10-04 00:10:13 Z    1 days   18 attempts
Testing same since   114015  2017-10-04 18:01:26 Z    0 days    6 attempts

------------------------------------------------------------
People who touched revisions under test:
  Andrew Cooper <andrew.cooper3@citrix.com>
  Bhupinder Thakur <bhupinder.thakur@linaro.org>
  Ian Jackson <ian.jackson@eu.citrix.com>
  Jan Beulich <jbeulich@suse.com>
  Juergen Gross <jgross@suse.com>
  Julien Grall <julien.grall@arm.com>
  Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
  Stefano Stabellini <sstabellini@kernel.org>
  Wei Liu <wei.liu2@citrix.com>

jobs:
 build-amd64                                                  pass    
 build-armhf                                                  fail    
 build-amd64-libvirt                                          pass    
 test-armhf-armhf-xl                                          blocked 
 test-amd64-amd64-xl-qemuu-debianhvm-i386                     pass    
 test-amd64-amd64-libvirt                                     fail    


------------------------------------------------------------
sg-report-flight on osstest.test-lab.xenproject.org
logs: /home/logs/logs
images: /home/logs/images

Logs, config files, etc. are available at
    http://logs.test-lab.xenproject.org/osstest/logs

Explanation of these reports, and of osstest in general, is at
    http://xenbits.xen.org/gitweb/?p=osstest.git;a=blob;f=README.email;hb=master
    http://xenbits.xen.org/gitweb/?p=osstest.git;a=blob;f=README;hb=master

Test harness code can be found at
    http://xenbits.xen.org/gitweb?p=osstest.git;a=summary


Not pushing.

(No revision log; it would be 524 lines long.)

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply

* [PATCH] tune2fs: prevent crash if error in journal recovery
From: eru @ 2017-10-05  5:25 UTC (permalink / raw)
  To: linux-ext4

Prevent coredump if tunefs calls ext2fs_run_ext3_journal(), and this 
then
fails for some reason while calling ext2fs_open2(). Such failure makes
the fs pointer NULL.

Signed-off-by: Erkki Ruohtula <eru@netti.fi>
---

diff --git a/misc/tune2fs.c b/misc/tune2fs.c
index ecba2ea..6538032 100644
--- a/misc/tune2fs.c
+++ b/misc/tune2fs.c
@@ -3367,6 +3367,9 @@ closefs:
  #endif
  	}

-	convert_64bit(fs, feature_64bit);
-	return (ext2fs_close_free(&fs) ? 1 : 0);
+	if (fs) {
+		convert_64bit(fs, feature_64bit);
+		return (ext2fs_close_free(&fs) ? 1 : 0);
+	}
+	return 1;
  }

^ permalink raw reply related

* [PATCH] md: fix deadlock error in recent patch.
From: NeilBrown @ 2017-10-05  5:23 UTC (permalink / raw)
  To: Shaohua Li; +Cc: Linux Raid, Xiao Ni

[-- Attachment #1: Type: text/plain, Size: 1222 bytes --]


A recent patch aimed to cause md_write_start() to fail (rather than
block) when the mddev was suspending, so as to avoid deadlocks.
Unfortunately the test in wait_event() was wrong, and it didn't change
behaviour at all.

We wait_event() must wait until the metadata is written OR the array is
suspending.

Fixes: cc27b0c78c79 ("md: fix deadlock between mddev_suspend() and md_write_start()")
Cc: stable@vger.kernel.org
Reported-by: Xiao Ni <xni@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.com>
---
 drivers/md/md.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/md/md.c b/drivers/md/md.c
index 0ff1bbf6c90e..8b2eb0f4122f 100644
--- a/drivers/md/md.c
+++ b/drivers/md/md.c
@@ -8039,7 +8039,8 @@ bool md_write_start(struct mddev *mddev, struct bio *bi)
 	if (did_change)
 		sysfs_notify_dirent_safe(mddev->sysfs_state);
 	wait_event(mddev->sb_wait,
-		   !test_bit(MD_SB_CHANGE_PENDING, &mddev->sb_flags) && !mddev->suspended);
+		   !test_bit(MD_SB_CHANGE_PENDING, &mddev->sb_flags) ||
+		   mddev->suspended);
 	if (test_bit(MD_SB_CHANGE_PENDING, &mddev->sb_flags)) {
 		percpu_ref_put(&mddev->writes_pending);
 		return false;
-- 
2.14.0.rc0.dirty


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply related

* Re: [PATCH 16/25] xfs: scrub inodes
From: Darrick J. Wong @ 2017-10-05  5:22 UTC (permalink / raw)
  To: Dave Chinner; +Cc: linux-xfs
In-Reply-To: <20171005040452.GM3666@dastard>

On Thu, Oct 05, 2017 at 03:04:52PM +1100, Dave Chinner wrote:
> On Tue, Oct 03, 2017 at 01:42:30PM -0700, Darrick J. Wong wrote:
> > @@ -559,3 +563,64 @@ xfs_scrub_setup_ag_btree(
> >  
> >  	return xfs_scrub_ag_init(sc, sc->sm->sm_agno, &sc->sa);
> >  }
> > +
> > +/*
> > + * Given an inode and the scrub control structure, grab either the
> > + * inode referenced in the control structure or the inode passed in.
> > + * The inode is not locked.
> > + */
> > +int
> > +xfs_scrub_get_inode(
> > +	struct xfs_scrub_context	*sc,
> > +	struct xfs_inode		*ip_in)
> > +{
> > +	struct xfs_mount		*mp = sc->mp;
> > +	struct xfs_inode		*ips = NULL;
> 
> *ip?
> 
> > +	int				error;
> > +
> > +	if (sc->sm->sm_agno || (sc->sm->sm_gen && !sc->sm->sm_ino))
> > +		return -EINVAL;
> 
> What's this checking?

/*
 * Jump out if userspace fed us an AG number or a inode generation
 * without an inode number.  Both indicate that userspace hasn't got a
 * clue.
 */

> > +
> > +	/* We want to scan the inode we already had opened. */
> > +	if (sc->sm->sm_ino == 0 || sc->sm->sm_ino == ip_in->i_ino) {
> > +		sc->ip = ip_in;
> > +		return 0;
> > +	}
> > +
> > +	/* Look up the inode, see if the generation number matches. */
> > +	if (xfs_internal_inum(mp, sc->sm->sm_ino))
> > +		return -ENOENT;
> 
> maybe xfs_internal_inum should be moved to the same place as all the
> inode/agbno/bno verification functions....

Yes.

> > +	error = xfs_iget(mp, NULL, sc->sm->sm_ino, XFS_IGET_UNTRUSTED,
> > +			0, &ips);
> 
> I think we also want XFS_IGET_DONTCACHE here, so we don't trash the
> inode cache with inodes that we use once for scrub and never touch
> again.

I thought about adding this, but if we let the inodes fall out of the
cache now then we'll just have to load them back in for the bmap checks,
right?

> > +	if (error == -ENOENT || error == -EINVAL) {
> > +		/* inode doesn't exist... */
> > +		return -ENOENT;
> > +	} else if (error) {
> > +		trace_xfs_scrub_op_error(sc,
> > +				XFS_INO_TO_AGNO(mp, sc->sm->sm_ino),
> > +				XFS_INO_TO_AGBNO(mp, sc->sm->sm_ino),
> > +				error, __return_address);
> > +		return error;
> > +	}
> > +	if (VFS_I(ips)->i_generation != sc->sm->sm_gen) {
> > +		iput(VFS_I(ips));
> > +		return -ENOENT;
> > +	}
> > +
> > +	sc->ip = ips;
> > +	return 0;
> > +}
> > +
> > +/* Push everything out of the log onto disk. */
> > +int
> > +xfs_scrub_checkpoint_log(
> > +	struct xfs_mount	*mp)
> > +{
> > +	int			error;
> > +
> > +	error = _xfs_log_force(mp, XFS_LOG_SYNC, NULL);
> > +	if (error)
> > +		return error;
> > +	xfs_ail_push_all_sync(mp->m_ail);
> > +	return 0;
> > +}
> 
> Oooo, that's a nasty thing to do on busy systems with large dirty
> logs. I hope this is a "last resort" kind of thing....

It is; we only do this if the inobt says there's an inode there and the
inode verifiers fail.

> > +/* Set us up with an inode. */
> 
> What state are we trying to get the inode into here? We grab all the
> various locks, but we can still have data changing via mmap pages
> that are already faulted in and delalloc extents in the incore
> extent list that aren't reflected on disk...
> 
> A comment explaining what we expect here would be nice.

/* 
 * Grab total control of the inode metadata.  It doesn't matter here if
 * the file data is still changing, we just want exclusive access to the
 * metadata.
 */

> > +int
> > +xfs_scrub_setup_inode(
> > +	struct xfs_scrub_context	*sc,
> > +	struct xfs_inode		*ip)
> > +{
> > +	struct xfs_mount		*mp = sc->mp;
> > +	int				error;
> > +
> > +	/*
> > +	 * Try to get the inode.  If the verifiers fail, we try again
> > +	 * in raw mode.
> > +	 */
> > +	error = xfs_scrub_get_inode(sc, ip);
> > +	switch (error) {
> > +	case 0:
> > +		break;
> > +	case -EFSCORRUPTED:
> > +	case -EFSBADCRC:
> > +		return xfs_scrub_checkpoint_log(mp);
> > +	default:
> > +		return error;
> > +	}
> > +
> > +	/* Got the inode, lock it and we're ready to go. */
> > +	sc->ilock_flags = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL;
> > +	xfs_ilock(sc->ip, sc->ilock_flags);
> > +	error = xfs_scrub_trans_alloc(sc->sm, mp, &sc->tp);
> > +	if (error)
> > +		goto out_unlock;
> > +	sc->ilock_flags |= XFS_ILOCK_EXCL;
> > +	xfs_ilock(sc->ip, XFS_ILOCK_EXCL);
> 
> Should the inode be joined to the transaction so that cancelling the
> transaction unlocks the inode? Then the need for the ilock_flags
> variable goes away....

This is the confluence of two semi-icky things: first, some of the
scrubbers (particularly the dir and parent pointer scrubbers) will need
to drop the ILOCK for short periods of time; later on, repair will want
to keep the inode locked across all the repair transactions, so it makes
more sense to control the lock and unlock directly.

> > +
> > +	return error;
> > +out_unlock:
> > +	xfs_iunlock(sc->ip, sc->ilock_flags);
> > +	if (sc->ip != ip)
> > +		iput(VFS_I(sc->ip));
> > +	sc->ip = NULL;
> > +	return error;
> > +}
> > +
> > +/* Inode core */
> > +
> > +/* Scrub an inode. */
> > +int
> > +xfs_scrub_inode(
> > +	struct xfs_scrub_context	*sc)
> > +{
> > +	struct xfs_imap			imap;
> > +	struct xfs_dinode		di;
> > +	struct xfs_mount		*mp = sc->mp;
> > +	struct xfs_buf			*bp = NULL;
> > +	struct xfs_dinode		*dip;
> > +	xfs_ino_t			ino;
> > +	size_t				fork_recs;
> > +	unsigned long long		isize;
> > +	uint64_t			flags2;
> > +	uint32_t			nextents;
> > +	uint32_t			extsize;
> > +	uint32_t			cowextsize;
> > +	uint16_t			flags;
> > +	uint16_t			mode;
> > +	bool				has_shared;
> > +	int				error = 0;
> > +
> > +	/* Did we get the in-core inode, or are we doing this manually? */
> > +	if (sc->ip) {
> > +		ino = sc->ip->i_ino;
> > +		xfs_inode_to_disk(sc->ip, &di, 0);
> > +		dip = &di;
> > +	} else {
> > +		/* Map & read inode. */
> > +		ino = sc->sm->sm_ino;
> > +		error = xfs_imap(mp, sc->tp, ino, &imap, XFS_IGET_UNTRUSTED);
> > +		if (error == -EINVAL) {
> > +			/*
> > +			 * Inode could have gotten deleted out from under us;
> > +			 * just forget about it.
> > +			 */
> > +			error = -ENOENT;
> > +			goto out;
> > +		}
> > +		if (!xfs_scrub_op_ok(sc, XFS_INO_TO_AGNO(mp, ino),
> > +				XFS_INO_TO_AGBNO(mp, ino), &error))
> > +			goto out;
> > +
> > +		error = xfs_trans_read_buf(mp, sc->tp, mp->m_ddev_targp,
> > +				imap.im_blkno, imap.im_len, XBF_UNMAPPED, &bp,
> > +				NULL);
> > +		if (!xfs_scrub_op_ok(sc, XFS_INO_TO_AGNO(mp, ino),
> > +				XFS_INO_TO_AGBNO(mp, ino), &error))
> > +			goto out;
> > +
> > +		/* Is this really an inode? */
> > +		bp->b_ops = &xfs_inode_buf_ops;
> > +		dip = xfs_buf_offset(bp, imap.im_boffset);
> > +		if (!xfs_dinode_verify(mp, ino, dip) ||
> > +		    !xfs_dinode_good_version(mp, dip->di_version)) {
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +			goto out;
> > +		}
> > +
> > +		/* ...and is it the one we asked for? */
> > +		if (be32_to_cpu(dip->di_gen) != sc->sm->sm_gen) {
> > +			error = -ENOENT;
> > +			goto out;
> > +		}
> > +	}
> 
> Can we factor the manual mapping into a separate function? Just
> makes it a bit cleaner and gets rid of a bunch of local variables
> from this function that are just used to map and read the inode.
> 
> ANd reading on and getting ahead of the code, could we split it
> further into
> 
> 	<setup dip>
> 
> 	xfs_scrub_dinode(sc, ino, dip, bp);
> 
> 	<do live incore inode stuff>

Yes, good plan.

> > +
> > +	flags = be16_to_cpu(dip->di_flags);
> > +	if (dip->di_version >= 3)
> > +		flags2 = be64_to_cpu(dip->di_flags2);
> > +	else
> > +		flags2 = 0;
> > +
> > +	/* di_mode */
> > +	mode = be16_to_cpu(dip->di_mode);
> > +	if (mode & ~(S_IALLUGO | S_IFMT))
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +	/* v1/v2 fields */
> > +	switch (dip->di_version) {
> > +	case 1:
> > +		if (dip->di_nlink != 0)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +		if (dip->di_mode == 0 && sc->ip)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +		if (dip->di_projid_lo != 0 || dip->di_projid_hi != 0)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> 
> We don't really support v1 inode format anymore - we convert it to
> version 2 automatically in xfs_inode_from_disk() so the in-memory
> inode is always v2 or v3, never v1. And when we write it back out,
> we write it as a v2 inode, never as a v1 inode.
> 
> Hence I'm not sure whether we should be worrying about scrubbing
> such inodes - they are going to be in an ever shrinking minority
> of filesystems. At minimum, they should always return "preen".

Ok.  I figured that we might end up at "v1 => preen" but decided to play
this straight until we got to review.

> > +	case 2:
> > +	case 3:
> > +		if (dip->di_onlink != 0)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +		if (dip->di_mode == 0 && sc->ip)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +		if (dip->di_projid_hi != 0 &&
> > +		    !xfs_sb_version_hasprojid32bit(&mp->m_sb))
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	default:
> > +		ASSERT(0);
> 
> If we don't understand the version, it's corrupt.

Yikes an assert.  Will replace that stat!

> > +		break;
> > +	}
> > +
> > +	/*
> > +	 * di_uid/di_gid -- -1 isn't invalid, but there's no way that
> > +	 * userspace could have created that.
> > +	 */
> > +	if (dip->di_uid == cpu_to_be32(-1U) ||
> > +	    dip->di_gid == cpu_to_be32(-1U))
> > +		xfs_scrub_ino_set_warning(sc, bp);
> > +
> > +	/* di_format */
> > +	switch (dip->di_format) {
> > +	case XFS_DINODE_FMT_DEV:
> > +		if (!S_ISCHR(mode) && !S_ISBLK(mode) &&
> > +		    !S_ISFIFO(mode) && !S_ISSOCK(mode))
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_LOCAL:
> > +		if (!S_ISDIR(mode) && !S_ISLNK(mode))
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_EXTENTS:
> > +		if (!S_ISREG(mode) && !S_ISDIR(mode) && !S_ISLNK(mode))
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_BTREE:
> > +		if (!S_ISREG(mode) && !S_ISDIR(mode))
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_UUID:
> > +	default:
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	}
> > +
> > +	/* di_size */
> > +	isize = be64_to_cpu(dip->di_size);
> > +	if (isize & (1ULL << 63))
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> 
> Should we be checking against the on disk format size, or the
> mounted filesystem maximum size (i.e. mp->m_super->s_maxbytes)?
> 32 or 64 bit systems are going to have different maximum valid file
> sizes..

It's perfectly valid to 'truncate -s $((2 ** 60) foofile' so the only
thing we can really check for here is that the upper bit isn't set
(because the VFS does not check, but barfs on, files with that large of
a size).

> Directories have a maximum bound size, too - the data space, leaf
> space and freespace space, each of which are 32GB in size, IIRC.
> 
> And symlinks have a different maximum size, too.

Fair enough, I'll expand the i_size checks, though ISTR the verifiers
now check that for us.

> > +	if (!S_ISDIR(mode) && !S_ISREG(mode) && !S_ISLNK(mode) && isize != 0)
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> 
> > +
> > +	/* di_nblocks */
> > +	if (flags2 & XFS_DIFLAG2_REFLINK) {
> > +		; /* nblocks can exceed dblocks */
> > +	} else if (flags & XFS_DIFLAG_REALTIME) {
> > +		if (be64_to_cpu(dip->di_nblocks) >=
> > +		    mp->m_sb.sb_dblocks + mp->m_sb.sb_rblocks)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> 
> That doesn't seem right. the file can be on either the data or the
> rt device, so the maximum file blocks is the size of one device or
> the other, not both combined.

di_nblocks is the sum of (data blocks + bmbt blocks + attr blocks),
right?  So in theory if you had a rt file with 1000 data blocks, 10 bmbt
blocks to map the data blocks, and 100 attr blocks then di_nblocks has
to be 1110.

> > +	} else {
> > +		if (be64_to_cpu(dip->di_nblocks) >= mp->m_sb.sb_dblocks)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +	}
> > +
> > +	/* di_extsize */
> > +	extsize = be32_to_cpu(dip->di_extsize);
> > +	if (flags & (XFS_DIFLAG_EXTSIZE | XFS_DIFLAG_EXTSZINHERIT)) {
> > +		if (extsize <= 0 || extsize > MAXEXTLEN)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +		if (!(flags & XFS_DIFLAG_REALTIME) &&
> > +		    extsize > mp->m_sb.sb_agblocks / 2)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +	} else {
> > +		if (extsize != 0)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +	}
> 
> There more to validating the extentsize hints than this. From
> xfs_ioctl_setattr_check_extsize():
> 
> /*
>  * extent size hint validation is somewhat cumbersome. Rules are:
>  *
>  * 1. extent size hint is only valid for directories and regular files
>  * 2. FS_XFLAG_EXTSIZE is only valid for regular files
>  * 3. FS_XFLAG_EXTSZINHERIT is only valid for directories.
>  * 4. can only be changed on regular files if no extents are allocated
>  * 5. can be changed on directories at any time
>  * 6. extsize hint of 0 turns off hints, clears inode flags.
>  * 7. Extent size must be a multiple of the appropriate block size.
>  * 8. for non-realtime files, the extent size hint must be limited
>  *    to half the AG size to avoid alignment extending the extent beyond the
>  *    limits of the AG.
>  */
> 
> Maybe there's some commonality between these two functions...

Definitely, will refactor both.

> > +
> > +	/* di_flags */
> > +	if ((flags & XFS_DIFLAG_IMMUTABLE) && (flags & XFS_DIFLAG_APPEND))
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +	if ((flags & XFS_DIFLAG_FILESTREAM) && (flags & XFS_DIFLAG_REALTIME))
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> 
> What about project id flags?
> 
> Also, there are flags that are allowed only on regular files, and
> there are flags that are only allowed on directories. Those should
> probably also be checked for preening.

<nod> Some of these are checked by the dinode verifier, but there needs
to be a comment (or more comment) explaining that.

> > +
> > +	/* di_nextents */
> > +	nextents = be32_to_cpu(dip->di_nextents);
> > +	fork_recs =  XFS_DFORK_DSIZE(dip, mp) / sizeof(struct xfs_bmbt_rec);
> > +	switch (dip->di_format) {
> > +	case XFS_DINODE_FMT_EXTENTS:
> > +		if (nextents > fork_recs)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_BTREE:
> > +		if (nextents <= fork_recs)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_LOCAL:
> > +	case XFS_DINODE_FMT_DEV:
> > +	case XFS_DINODE_FMT_UUID:
> > +	default:
> > +		if (nextents != 0)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	}
> > +
> > +	/* di_anextents */
> > +	nextents = be16_to_cpu(dip->di_anextents);
> > +	fork_recs =  XFS_DFORK_ASIZE(dip, mp) / sizeof(struct xfs_bmbt_rec);
> > +	switch (dip->di_aformat) {
> > +	case XFS_DINODE_FMT_EXTENTS:
> > +		if (nextents > fork_recs)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_BTREE:
> > +		if (nextents <= fork_recs)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	case XFS_DINODE_FMT_LOCAL:
> > +	case XFS_DINODE_FMT_DEV:
> > +	case XFS_DINODE_FMT_UUID:
> > +	default:
> > +		if (nextents != 0)
> > +			xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +		break;
> > +	}
> 
> Don't we need a check here first to see whether an attribute fork
> exists or not?

Do you mean the xfs_inode_fork, or something else?

XFS_DFORK_ASIZE returns zero if !XFS_DFORK_Q which in turn is based on
di_forkoff so we're really only checking that di_aformat makes sense
given the number of extents and the size of the attr fork area.

We're not actually checking anything in the attr fork; that's a
different scrubber.

> > +
> > +	/* di_forkoff */
> > +	if (XFS_DFORK_APTR(dip) >= (char *)dip + mp->m_sb.sb_inodesize)
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +	if (dip->di_anextents != 0 && dip->di_forkoff == 0)
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> > +
> > +	/* di_aformat */
> > +	if (dip->di_aformat != XFS_DINODE_FMT_LOCAL &&
> > +	    dip->di_aformat != XFS_DINODE_FMT_EXTENTS &&
> > +	    dip->di_aformat != XFS_DINODE_FMT_BTREE)
> > +		xfs_scrub_ino_set_corrupt(sc, ino, bp);
> 
> Shouldn't this come before we use dip->di_aformat in a switch
> statement?

Yes.  Good catch.

> Hmmm - aren't we missing the same checks for the data fork?

I believe you'll find them further up in the function.

--D

> 
> Cheers,
> 
> Dave.
> -- 
> Dave Chinner
> david@fromorbit.com
> --
> To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply

* Re: [PATCH] net: ethernet: stmmac: Convert timers to use
From: Giuseppe CAVALLARO @ 2017-10-05  5:21 UTC (permalink / raw)
  To: Kees Cook, linux-kernel; +Cc: Alexandre Torgue, netdev, Thomas Gleixner
In-Reply-To: <20171005005057.GA23332@beast>

On 10/5/2017 2:50 AM, Kees Cook wrote:
> In preparation for unconditionally passing the struct timer_list pointer to
> all timer callbacks, switch to using the new timer_setup() and from_timer()
> to pass the timer pointer explicitly.
>
> Cc: Giuseppe Cavallaro <peppe.cavallaro@st.com>
> Cc: Alexandre Torgue <alexandre.torgue@st.com>
> Cc: netdev@vger.kernel.org
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by:  Giuseppe Cavallaro <peppe.cavallaro@st.com>
> ---
> This requires commit 686fef928bba ("timer: Prepare to change timer
> callback argument type") in v4.14-rc3, but should be otherwise
> stand-alone.
> ---
>   drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c | 22 ++++++++++------------
>   1 file changed, 10 insertions(+), 12 deletions(-)
>
> diff --git a/drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c b/drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c
> index 6a9c954492f2..8b50afcdb52d 100644
> --- a/drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c
> +++ b/drivers/net/ethernet/stmicro/stmmac/altr_tse_pcs.c
> @@ -118,10 +118,9 @@ int tse_pcs_init(void __iomem *base, struct tse_pcs *pcs)
>   	return ret;
>   }
>   
> -static void pcs_link_timer_callback(unsigned long data)
> +static void pcs_link_timer_callback(struct tse_pcs *pcs)
>   {
>   	u16 val = 0;
> -	struct tse_pcs *pcs = (struct tse_pcs *)data;
>   	void __iomem *tse_pcs_base = pcs->tse_pcs_base;
>   	void __iomem *sgmii_adapter_base = pcs->sgmii_adapter_base;
>   
> @@ -138,12 +137,11 @@ static void pcs_link_timer_callback(unsigned long data)
>   	}
>   }
>   
> -static void auto_nego_timer_callback(unsigned long data)
> +static void auto_nego_timer_callback(struct tse_pcs *pcs)
>   {
>   	u16 val = 0;
>   	u16 speed = 0;
>   	u16 duplex = 0;
> -	struct tse_pcs *pcs = (struct tse_pcs *)data;
>   	void __iomem *tse_pcs_base = pcs->tse_pcs_base;
>   	void __iomem *sgmii_adapter_base = pcs->sgmii_adapter_base;
>   
> @@ -201,14 +199,14 @@ static void auto_nego_timer_callback(unsigned long data)
>   	}
>   }
>   
> -static void aneg_link_timer_callback(unsigned long data)
> +static void aneg_link_timer_callback(struct timer_list *t)
>   {
> -	struct tse_pcs *pcs = (struct tse_pcs *)data;
> +	struct tse_pcs *pcs = from_timer(pcs, t, aneg_link_timer);
>   
>   	if (pcs->autoneg == AUTONEG_ENABLE)
> -		auto_nego_timer_callback(data);
> +		auto_nego_timer_callback(pcs);
>   	else if (pcs->autoneg == AUTONEG_DISABLE)
> -		pcs_link_timer_callback(data);
> +		pcs_link_timer_callback(pcs);
>   }
>   
>   void tse_pcs_fix_mac_speed(struct tse_pcs *pcs, struct phy_device *phy_dev,
> @@ -237,8 +235,8 @@ void tse_pcs_fix_mac_speed(struct tse_pcs *pcs, struct phy_device *phy_dev,
>   
>   		tse_pcs_reset(tse_pcs_base, pcs);
>   
> -		setup_timer(&pcs->aneg_link_timer,
> -			    aneg_link_timer_callback, (unsigned long)pcs);
> +		timer_setup(&pcs->aneg_link_timer, aneg_link_timer_callback,
> +			    0);
>   		mod_timer(&pcs->aneg_link_timer, jiffies +
>   			  msecs_to_jiffies(AUTONEGO_LINK_TIMER));
>   	} else if (phy_dev->autoneg == AUTONEG_DISABLE) {
> @@ -270,8 +268,8 @@ void tse_pcs_fix_mac_speed(struct tse_pcs *pcs, struct phy_device *phy_dev,
>   
>   		tse_pcs_reset(tse_pcs_base, pcs);
>   
> -		setup_timer(&pcs->aneg_link_timer,
> -			    aneg_link_timer_callback, (unsigned long)pcs);
> +		timer_setup(&pcs->aneg_link_timer, aneg_link_timer_callback,
> +			    0);
>   		mod_timer(&pcs->aneg_link_timer, jiffies +
>   			  msecs_to_jiffies(AUTONEGO_LINK_TIMER));
>   	}

^ permalink raw reply

* Re: [PATCH] USB: serial: qcserial: add Dell DW5818, DW5819
From: Bjørn Mork @ 2017-10-05  5:21 UTC (permalink / raw)
  To: Shrirang Bagul; +Cc: Johan Hovold, linux-usb, linux-kernel
In-Reply-To: <1507174911.4472.3.camel@canonical.com>

Shrirang Bagul <shrirang.bagul@canonical.com> writes:
> On Tue, 2017-10-03 at 15:37 +0200, Johan Hovold wrote:
>
>> Don't you want to add these to qmi_wwan as well?
>
> I haven't tested these devices with qmi_wwan. Perhaps a separate patch once it's
> verified.

Please do, if you can.  I realize that QMI isn't a default config for
these modems, but it's always good to have the driver support in case
some user wants to switch configs.

Note that they most likely support two "RMNET" interfaces, so two
entries will be necessary to make the support complete.



Bjørn

^ permalink raw reply

* Re: What's cooking in git.git (Oct 2017, #01; Wed, 4)
From: Junio C Hamano @ 2017-10-05  5:21 UTC (permalink / raw)
  To: Taylor Blau; +Cc: Jeff King, git
In-Reply-To: <20171004180737.GA90224@D-173-250-188-46.dhcp4.washington.edu>

Taylor Blau <me@ttaylorr.com> writes:

> It may make sense to send my other series to 'master' as well
> ("ref-filter.c: pass empty-string as NULL to atom parsers").

Thanks for reminding.  I was involved in the review and remember
that everybody was happy with the direction.  The topic was left on
the list without getting picked up by a mere accident.

Now it is queued.  Let's make sure nobody is depending on the
%(atom) vs %(atom:) distinction by merging it to 'next' soonish.

Those who don't raise stink while the change is in 'next' but only
do so after it hits a release won't be heard ;-)

^ permalink raw reply

* Re: [PATCH v4 04/14] platform/x86: dell-wmi: increase severity of some failures
From: Andy Shevchenko @ 2017-10-05  5:20 UTC (permalink / raw)
  To: Mario Limonciello
  Cc: dvhart@infradead.org, LKML, Platform Driver, Andy Lutomirski,
	quasisec, Pali Rohár, Rafael J. Wysocki, mjg59,
	Christoph Hellwig, Greg KH
In-Reply-To: <f9dd40ebcda3238fa431a8a0d38595b808fae38b.1507156392.git.mario.limonciello@dell.com>

On Thu, Oct 5, 2017 at 1:48 AM, Mario Limonciello
<mario.limonciello@dell.com> wrote:
> There is a lot of error checking in place for the format of the WMI
> descriptor buffer, but some of the potentially raised issues should
> be considered critical failures.
>
> If the buffer size or header don't match, this is a good indication
> that the buffer format changed in a way that the rest of the data
> should not be relied upon.
>
> For the remaining data set vectors, continue to notate a warning
> in undefined results, but as those are fields that the descriptor
> intended to refer to other applications, don't fail if they're new
> values.

> -       if (strncmp(obj->string.pointer, "DELL WMI", 8) != 0)
> -               dev_warn(&wdev->dev, "Dell descriptor buffer has invalid signature (%8ph)\n",
> +       if (strncmp(obj->string.pointer, "DELL WMI", 8) != 0) {
> +               dev_err(&wdev->dev, "Dell descriptor buffer has invalid signature (%8ph)\n",

A nit: ping-pong programming detected.
Looks like current patch 2 should go at least after this one.


-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply

* Re: Linux 4.12+ memory leak on router with i40e NICs
From: Anders K. Pedersen | Cohaesio @ 2017-10-05  5:19 UTC (permalink / raw)
  To: alexander.duyck@gmail.com
  Cc: netdev@vger.kernel.org, intel-wired-lan@lists.osuosl.org,
	alexander.h.duyck@intel.com
In-Reply-To: <CAKgT0UfAqzuEbFA_hs8f4goL2hTMqeJ5no2sAc8NO_KJO120tA@mail.gmail.com>

On ons, 2017-10-04 at 08:32 -0700, Alexander Duyck wrote:
> On Wed, Oct 4, 2017 at 5:56 AM, Anders K. Pedersen | Cohaesio
> <akp@cohaesio.com> wrote:
> > Hello,
> > 
> > After updating one of our Linux based routers to kernel 4.13 it
> > began
> > leaking memory quite fast (about 1 GB every half hour). To narrow
> > we
> > tried various kernel versions and found that 4.11.12 is okay, while
> > 4.12 also leaks, so we did a bisection between 4.11 and 4.12.
> > 
> > The first bisection ended at
> > "[6964e53f55837b0c49ed60d36656d2e0ee4fc27b] i40e: fix handling of
> > HW
> > ATR eviction", which fixes some flag handling that was broken by
> > 47994c119a36 "i40e: remove hw_disabled_flags in favor of using
> > separate
> > flag bits", so I did a second bisection, where I added 6964e53f5583
> > "i40e: fix handling of HW ATR eviction" to the steps that had
> > 47994c119a36 "i40e: remove hw_disabled_flags in favor of using
> > separate
> > flag bits" in them.
> > 
> > The second bisection ended at
> > "[0e626ff7ccbfc43c6cc4aeea611c40b899682382] i40e: Fix support for
> > flow
> > director programming status", where I don't see any obvious
> > problems,
> > so I'm hoping for some assistance.
> > 
> > The router is a PowerEdge R730 server (Haswell based) with three
> > Intel
> > NICs (all using the i40e driver):
> > 
> > X710 quad port 10 GbE SFP+: eth0 eth1 eth2 eth3
> > X710 quad port 10 GbE SFP+: eth4 eth5 eth6 eth7
> > XL710 dual port 40 GbE QSFP+: eth8 eth9
> > 
> > The NICs are aggregated with LACP with the team driver:
> > 
> > team0: eth9 (40 GbE selected primary), and eth3, eth7 (10 GbE non-
> > selected backups)
> > team1: eth0, eth1, eth4, eth5 (all 10 GbE selected)
> > 
> > team0 is used for internal networks and has one untagged and four
> > tagged VLAN interfaces, while team1 has an external uplink
> > connection
> > without any VLANs.
> > 
> > The router runs an eBGP session on team1 to one of our uplinks, and
> > iBGP via team0 to our other border routers. It also runs OSPF on
> > the
> > internal VLANs on team0. One thing I've noticed is that when OSPF
> > is
> > not announcing a default gateway to the internal networks, so there
> > is
> > almost no traffic coming in on team0 and out on team1, but still
> > plenty
> > of traffic coming in on team1 and out via team0, there's no memory
> > leak
> > (or at least it is so small that we haven't detected it). But as
> > soon
> > as we configure OSPF to announce a default gateway to the internal
> > VLANs, so we get traffic from team0 to team1 the leaking begins.
> > Stopping the OSPF default gateway announcement again also stops the
> > leaking, but does not release already leaked memory.
> > 
> > So this leads to me suspect that the leaking is related to RX on
> > team0
> > (where XL710 eth9 is normally the only active interface) or TX on
> > team1
> > (X710 eth0, eth1, eth4, eth5). The first bad commit is related to
> > RX
> > cleaning, which suggests RX on team0. Since we're only seeing the
> > leak
> > for our outbound traffic, I suspect either a difference between the
> > X710 vs. XL710 NICs, or that the inbound traffic is for relatively
> > few
> > destination addresses (only our own systems) while the outbound
> > traffic
> > is for many different addresses on the internet. But I'm just
> > guessing
> > here.
> > 
> > I've tried kmemleak, but it only found a few kB of suspected memory
> > leaks (several of which disappeared again after a while).
> > 
> > Below I've included more details - git bisect logs, ethtool -i,
> > dmesg,
> > Kernel .config, and various memory related /proc files. Any help or
> > suggestions would be much appreciated, and please let me know if
> > more
> > information is needed or there's something I should try.
> > 
> > Regards,
> > Anders K. Pedersen
> > 
> 
> Hi Anders,
> 
> I think I see the problem and should have a patch submitted shortly
> to
> address it. From what I can tell it looks like the issue is that we
> weren't properly recycling the pages associated with descriptors that
> contained an Rx programming status. For now the workaround would be
> to
> try disabling ATR via the "ethtool --set-priv-flags" command. I
> should
> have a patch out in the next hour or so that you can try testing to
> verify if it addresses the issue.
> 
> Thanks.
> 
> - Alex

Thanks Alex,

I will test the patch in our next service window on Tuesday morning.

Regards,
Anders

^ permalink raw reply

* [Intel-wired-lan] Linux 4.12+ memory leak on router with i40e NICs
From: Anders K. Pedersen | Cohaesio @ 2017-10-05  5:19 UTC (permalink / raw)
  To: intel-wired-lan
In-Reply-To: <CAKgT0UfAqzuEbFA_hs8f4goL2hTMqeJ5no2sAc8NO_KJO120tA@mail.gmail.com>

On ons, 2017-10-04 at 08:32 -0700, Alexander Duyck wrote:
> On Wed, Oct 4, 2017 at 5:56 AM, Anders K. Pedersen | Cohaesio
> <akp@cohaesio.com> wrote:
> > Hello,
> > 
> > After updating one of our Linux based routers to kernel 4.13 it
> > began
> > leaking memory quite fast (about 1 GB every half hour). To narrow
> > we
> > tried various kernel versions and found that 4.11.12 is okay, while
> > 4.12 also leaks, so we did a bisection between 4.11 and 4.12.
> > 
> > The first bisection ended at
> > "[6964e53f55837b0c49ed60d36656d2e0ee4fc27b] i40e: fix handling of
> > HW
> > ATR eviction", which fixes some flag handling that was broken by
> > 47994c119a36 "i40e: remove hw_disabled_flags in favor of using
> > separate
> > flag bits", so I did a second bisection, where I added 6964e53f5583
> > "i40e: fix handling of HW ATR eviction" to the steps that had
> > 47994c119a36 "i40e: remove hw_disabled_flags in favor of using
> > separate
> > flag bits" in them.
> > 
> > The second bisection ended at
> > "[0e626ff7ccbfc43c6cc4aeea611c40b899682382] i40e: Fix support for
> > flow
> > director programming status", where I don't see any obvious
> > problems,
> > so I'm hoping for some assistance.
> > 
> > The router is a PowerEdge R730 server (Haswell based) with three
> > Intel
> > NICs (all using the i40e driver):
> > 
> > X710 quad port 10 GbE SFP+: eth0 eth1 eth2 eth3
> > X710 quad port 10 GbE SFP+: eth4 eth5 eth6 eth7
> > XL710 dual port 40 GbE QSFP+: eth8 eth9
> > 
> > The NICs are aggregated with LACP with the team driver:
> > 
> > team0: eth9 (40 GbE selected primary), and eth3, eth7 (10 GbE non-
> > selected backups)
> > team1: eth0, eth1, eth4, eth5 (all 10 GbE selected)
> > 
> > team0 is used for internal networks and has one untagged and four
> > tagged VLAN interfaces, while team1 has an external uplink
> > connection
> > without any VLANs.
> > 
> > The router runs an eBGP session on team1 to one of our uplinks, and
> > iBGP via team0 to our other border routers. It also runs OSPF on
> > the
> > internal VLANs on team0. One thing I've noticed is that when OSPF
> > is
> > not announcing a default gateway to the internal networks, so there
> > is
> > almost no traffic coming in on team0 and out on team1, but still
> > plenty
> > of traffic coming in on team1 and out via team0, there's no memory
> > leak
> > (or at least it is so small that we haven't detected it). But as
> > soon
> > as we configure OSPF to announce a default gateway to the internal
> > VLANs, so we get traffic from team0 to team1 the leaking begins.
> > Stopping the OSPF default gateway announcement again also stops the
> > leaking, but does not release already leaked memory.
> > 
> > So this leads to me suspect that the leaking is related to RX on
> > team0
> > (where XL710 eth9 is normally the only active interface) or TX on
> > team1
> > (X710 eth0, eth1, eth4, eth5). The first bad commit is related to
> > RX
> > cleaning, which suggests RX on team0. Since we're only seeing the
> > leak
> > for our outbound traffic, I suspect either a difference between the
> > X710 vs. XL710 NICs, or that the inbound traffic is for relatively
> > few
> > destination addresses (only our own systems) while the outbound
> > traffic
> > is for many different addresses on the internet. But I'm just
> > guessing
> > here.
> > 
> > I've tried kmemleak, but it only found a few kB of suspected memory
> > leaks (several of which disappeared again after a while).
> > 
> > Below I've included more details - git bisect logs, ethtool -i,
> > dmesg,
> > Kernel .config, and various memory related /proc files. Any help or
> > suggestions would be much appreciated, and please let me know if
> > more
> > information is needed or there's something I should try.
> > 
> > Regards,
> > Anders K. Pedersen
> > 
> 
> Hi Anders,
> 
> I think I see the problem and should have a patch submitted shortly
> to
> address it. From what I can tell it looks like the issue is that we
> weren't properly recycling the pages associated with descriptors that
> contained an Rx programming status. For now the workaround would be
> to
> try disabling ATR via the "ethtool --set-priv-flags" command. I
> should
> have a patch out in the next hour or so that you can try testing to
> verify if it addresses the issue.
> 
> Thanks.
> 
> - Alex

Thanks Alex,

I will test the patch in our next service window on Tuesday morning.

Regards,
Anders

^ permalink raw reply

* Re: [PATCH 0/4] RFC: attempt to remove md deadlocks with metadata without
From: NeilBrown @ 2017-10-05  5:17 UTC (permalink / raw)
  To: Xiao Ni; +Cc: linux-raid
In-Reply-To: <393232447.10845976.1505375841983.JavaMail.zimbra@redhat.com>

[-- Attachment #1: Type: text/plain, Size: 2418 bytes --]

On Thu, Sep 14 2017, Xiao Ni wrote:

>> 
>> What do
>>  cat /proc/8987/stack
>>  cat /proc/8983/stack
>>  cat /proc/8966/stack
>>  cat /proc/8381/stack
>> 
>> show??
>
...

>
> /usr/sbin/mdadm --grow --continue /dev/md0. Is it the reason to add lockdep_assert_held(&mddev->reconfig_mutex)?
> [root@dell-pr1700-02 ~]# cat /proc/8983/stack
> [<ffffffffa0a3464c>] mddev_suspend+0x12c/0x160 [md_mod]
> [<ffffffffa0a379ec>] suspend_lo_store+0x7c/0xe0 [md_mod]
> [<ffffffffa0a3b7d0>] md_attr_store+0x80/0xc0 [md_mod]
> [<ffffffff812ec8da>] sysfs_kf_write+0x3a/0x50
> [<ffffffff812ec39f>] kernfs_fop_write+0xff/0x180
> [<ffffffff81260457>] __vfs_write+0x37/0x170
> [<ffffffff812619e2>] vfs_write+0xb2/0x1b0
> [<ffffffff81263015>] SyS_write+0x55/0xc0
> [<ffffffff810037c7>] do_syscall_64+0x67/0x150
> [<ffffffff81777527>] entry_SYSCALL64_slow_path+0x25/0x25
> [<ffffffffffffffff>] 0xffffffffffffffff
>
> [jbd2/md0-8]
> [root@dell-pr1700-02 ~]# cat /proc/8966/stack
> [<ffffffffa0a39b20>] md_write_start+0xf0/0x220 [md_mod]
> [<ffffffffa0972b49>] raid5_make_request+0x89/0x8b0 [raid456]
> [<ffffffffa0a34175>] md_make_request+0xf5/0x260 [md_mod]
> [<ffffffff81376427>] generic_make_request+0x117/0x2f0
> [<ffffffff81376675>] submit_bio+0x75/0x150
> [<ffffffff8129e0b0>] submit_bh_wbc+0x140/0x170
> [<ffffffff8129e683>] submit_bh+0x13/0x20
> [<ffffffffa0957e29>] jbd2_write_superblock+0x109/0x230 [jbd2]
> [<ffffffffa0957f8b>] jbd2_journal_update_sb_log_tail+0x3b/0x80 [jbd2]
> [<ffffffffa09517ff>] jbd2_journal_commit_transaction+0x16ef/0x19e0 [jbd2]
> [<ffffffffa0955d02>] kjournald2+0xd2/0x260 [jbd2]
> [<ffffffff810c73f9>] kthread+0x109/0x140
> [<ffffffff817776c5>] ret_from_fork+0x25/0x30
> [<ffffffffffffffff>] 0xffffffffffffffff

Thanks for this (and sorry it took so long to get to it).
It looks like

Commit: cc27b0c78c79 ("md: fix deadlock between mddev_suspend() and md_write_start()")

is badly broken.  I wonder how it ever passed testing.

In write_start() is change the wait_event() call to

	wait_event(mddev->sb_wait,
		   !test_bit(MD_SB_CHANGE_PENDING, &mddev->sb_flags) && !mddev->suspended);


That should be

	wait_event(mddev->sb_wait,
		   !test_bit(MD_SB_CHANGE_PENDING, &mddev->sb_flags) || mddev->suspended);

i.e. it was (!A && !B), it should be (!A || B) !!!!!

Could you please make that change and try again.

Thanks,
NeilBrown

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply

* Re: "man git-stash" explanation of "--include-untracked" and "--all" seems ambiguous
From: Junio C Hamano @ 2017-10-05  5:16 UTC (permalink / raw)
  To: Robert P. J. Day; +Cc: Thomas Gummerer, Git Mailing list
In-Reply-To: <alpine.LFD.2.21.1710041300350.9804@localhost.localdomain>

"Robert P. J. Day" <rpjday@crashcourse.ca> writes:

>> If this were --include=untracked vs --include=all, then I'd say your
>> suggestion will violate the usual expectation of "on the command
>> line, last one wins", but "--include-untracked" and "--all" are
>> spelled very differently, and may not look all that related to a
>> casual reader, so the expectation for "the last one wins" might be
>> weaker than usual.
>>
>> But once we start complaining to a command line that has both,
>> saying they are mutually exclusive, people will realize that they
>> are very much closely related options, even though spelled quite
>> differently.  And at that point, they will find it very unreasonable
>> that we do not follow the usual "the last one wins" rule but error
>> out X-<.
>>
>> If I really cared deeply about these two options [*1*], I would
>> think that the ideal longer term direction would be to introduce
>> --include={untracked,all-crufts} to replace and deprecate the
>> current two options.  And then we make sure --include=* forms follow
>> the usual "last one wins" rule.
>>
>>
>> [Footnote]
>>
>> *1* I personally don't, but that does not mean I will block efforts
>>     by others who do to make this part of the system better.
>
>   since i'm the one who tripped over this pedantic nitpickery, i'm
> willing to take a shot at patching it, as long as there's consensus
> from those *way* higher up the food chain as to what that patch should
> look like.

That is rather hard to arrange.  I can give you, with some effort,
how a series of patches I may produce would look like if I were
interested in this topic.  But I cannot guarantee you that it would
become the consensus solution among other contributors on the list.

And more importantly, designing a good UI/UX (both the final user
interface, and the minimization of inconvenience to users during the
transition period) is more than 80% of the work required for a topic
like this, and by the time I outline something which may or may not
be close to a consensus solution, more than half of the effort
needed has already spent by _me_, on the topic that _I_ am not all
that interested.  That does not sound like a great economy to me.

I can still help polish a concrete proposal with the usual review on
design and implementation, of course.

^ permalink raw reply

* [GIT] Networking
From: David Miller @ 2017-10-05  5:14 UTC (permalink / raw)
  To: torvalds; +Cc: akpm, netdev, linux-kernel


1) Check iwlwifi 9000 reorder buffer out-of-space condition properly,
   from Sara Sharon.

2) Fix RCU splat in qualcomm rmnet driver, from Subash Abhinov
   Kasiviswanathan.

3) Fix session and tunnel release races in l2tp, from Guillaume Nault
   and Sabrina Dubroca.

4) Fix endian bug in sctp_diag_dump(), from Dan Carpenter.

5) Several mlx5 driver fixes from the Mellanox folks (max flow
   counters cap check, invalid memory access in IPoIB support, etc.)

6) tun_get_user() should bail if skb->len is zero, from Alexander
   Potapenko.

7) Fix RCU lookups in inetpeer, from Eric Dumazet.

8) Fix locking in packet_do_bund().

9) Handle cb->start() error properly in netlink dump code, from
   Jason A. Donenfeld.

10) Handle multicast properly in UDP socket early demux code.
    From Paolo Abeni.

11) Several erspan bug fixes in ip_gre, from Xin Long.

12) Fix use-after-free in socket filter code, in order to handle the
    face that listener lock is no longer taken during the three-way
    TCP handshake.  From Eric Dumazet.

13) Fix infoleak in RTM_GETSTATS, from Nikolay Aleksandrov.

14) Fix tail call generation in x86-64 BPF JIT, from Alexei
    Starovoitov.

Please pull, thanks a lot!

The following changes since commit cd4175b11685b11c40e31a03e05084cc212b0649:

  Merge branch 'parisc-4.14-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux (2017-09-23 06:14:06 -1000)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git 

for you to fetch changes up to e769fcec6bc4bdd1b0e2cf817680148f9c40b1c4:

  net: 8021q: skip packets if the vlan is down (2017-10-04 18:16:48 -0700)

----------------------------------------------------------------
Aleksander Morgado (1):
      rndis_host: support Novatel Verizon USB730L

Alexander Potapenko (1):
      tun: bail out from tun_get_user() if the skb is empty

Alexei Starovoitov (1):
      bpf: fix bpf_tail_call() x64 JIT

Alexey Kodanev (1):
      vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit

Andrew Lunn (1):
      net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans

Antoine Tenart (1):
      net: mvpp2: do not select the internal source clock

Arend Van Spriel (2):
      brcmfmac: add length check in brcmf_cfg80211_escan_handler()
      brcmfmac: setup passive scan if requested by user-space

Arnd Bergmann (3):
      ath10k: mark PM functions as __maybe_unused
      rocker: fix rocker_tlv_put_* functions for KASAN
      netlink: fix nla_put_{u8,u16,u32} for KASAN

Avraham Stern (2):
      iwlwifi: mvm: send all non-bufferable frames on the probe queue
      iwlwifi: mvm: wake the correct mac80211 queue

Christoph Paasch (1):
      net: Set sk_prot_creator when cloning sockets to the right proto

Christophe JAILLET (2):
      cnic: Fix an error handling path in 'cnic_alloc_bnx2x_resc()'
      net: hns3: Fix an error handling path in 'hclge_rss_init_hw()'

Dan Carpenter (1):
      sctp: Fix a big endian bug in sctp_diag_dump()

David S. Miller (8):
      Merge branch 'l2tp-fix-some-races-in-session-deletion'
      Merge branch 'aquantia-fixes'
      Merge tag 'wireless-drivers-for-davem-2017-09-25' of git://git.kernel.org/.../kvalo/wireless-drivers
      Merge branch 'mvpp2-various-fixes'
      Merge tag 'mlx5-fixes-2017-09-28' of git://git.kernel.org/.../saeed/linux
      Merge branch 'udp-fix-early-demux-for-mcast-packets'
      Merge branch 'erspan-fixes'
      Merge branch 'mlxsw-gre-fixes'

David Spinadel (1):
      iwlwifi: mvm: Flush non STA TX queues

David Wu (1):
      net: stmmac: dwmac-rk: Add RK3128 GMAC support

Ed Blake (2):
      net: stmmac: dwc-qos: Add suspend / resume support
      net: stmmac: dwmac4: Re-enable MAC Rx before powering down

Eric Dumazet (2):
      inetpeer: fix RCU lookup() again
      socket, bpf: fix possible use after free

Florian Fainelli (1):
      net: dsa: Fix network device registration order

Gal Pressman (3):
      net/mlx5e: Print netdev features correctly in error message
      net/mlx5e: Don't add/remove 802.1ad rules when changing 802.1Q VLAN filter
      net/mlx5e: Fix calculated checksum offloads counters

Grant Grundler (1):
      r8152: add Linksys USB3GIGV1 id

Gregory CLEMENT (1):
      net: mvpp2: Fix clock resource by adding an optional bus clock

Guillaume Nault (4):
      l2tp: ensure sessions are freed after their PPPOL2TP socket
      l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
      ppp: fix __percpu annotation
      l2tp: fix l2tp_eth module loading

Igor Russkikh (3):
      aquantia: Setup max_mtu in ndev to enable jumbo frames
      aquantia: Fix Tx queue hangups
      aquantia: Fix transient invalid link down/up indications

Inbar Karmy (1):
      net/mlx5: Fix FPGA capability location

Jason A. Donenfeld (1):
      netlink: do not proceed if dump's start() errs

Kalle Valo (2):
      Merge tag 'iwlwifi-for-kalle-2017-09-15' of git://git.kernel.org/.../iwlwifi/iwlwifi-fixes
      Merge ath-current from ath.git

Luca Coelho (4):
      iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
      iwlwifi: mvm: handle FIF_ALLMULTI when setting multicast addresses
      iwlwifi: mvm: initialize status in iwl_mvm_add_int_sta_common()
      iwlwifi: mvm: set status before calling iwl_mvm_send_cmd_status()

Matan Barak (1):
      net/mlx5: Fix static checker warning on steering tracepoints code

Matt Chen (1):
      iwlwifi: mvm: fix wowlan resume failed to load INIT ucode

Naftali Goldstein (1):
      iwlwifi: mvm: change state when queueing agg start work

Nikolay Aleksandrov (1):
      net: rtnetlink: fix info leak in RTM_GETSTATS call

Or Gerlitz (2):
      net/mlx5e: Disallow TC offloading of unsupported match/action combinations
      net/mlx5: Fix wrong indentation in enable SRIOV code

Paolo Abeni (2):
      IPv4: early demux can return an error code
      udp: perform source validation for mcast early demux

Parthasarathy Bhuvaragan (1):
      tipc: use only positive error codes in messages

Paul Blakey (1):
      net/mlx5e: Fix erroneous freeing of encap header buffer

Pavel Belous (1):
      atlantic: fix iommu errors

Petr Machata (2):
      mlxsw: spectrum_router: Move VRF refcounting
      mlxsw: spectrum_router: Track RIF of IPIP next hops

Raed Salem (1):
      net/mlx5: Check device capability for maximum flow counters

Roi Dayan (1):
      net/mlx5e: IPoIB, Fix access to invalid memory address

Sabrina Dubroca (1):
      l2tp: fix race condition in l2tp_tunnel_delete

Sara Sharon (1):
      iwlwifi: mvm: fix reorder buffer for 9000 devices

Sergey Matyukevich (2):
      qtnfmac: lock access to h/w in tx path
      qtnfmac: cancel scans on wireless interface changes

Stefan Chulski (1):
      net: mvpp2: fix parsing fragmentation detection

Subash Abhinov Kasiviswanathan (1):
      net: qualcomm: rmnet: Fix rcu splat in rmnet_is_real_dev_registered

Timur Tabi (1):
      net: qcom/emac: specify the correct size when mapping a DMA buffer

Vishakha Narvekar (1):
      net: 8021q: skip packets if the vlan is down

Vivien Didelot (1):
      net: dsa: mv88e6xxx: lock mutex when freeing IRQs

Vlad Buslov (1):
      net/mlx5e: Check encap entry state when offloading tunneled flows

Willem de Bruijn (2):
      packet: in packet_do_bind, test fanout with bind_lock held
      packet: only test po->has_vnet_hdr once in packet_snd

Xin Long (7):
      ip_gre: ipgre_tap device should keep dst
      ip6_gre: ip6gre_tap device should keep dst
      ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
      ip_gre: get key from session_id correctly in erspan_rcv
      ip_gre: check packet length and mtu correctly in erspan_xmit
      ip_gre: set tunnel hlen properly in erspan_tunnel_init
      ip_gre: erspan device should keep dst

Yan Markman (1):
      net: mvpp2: fix port list indexing

 Documentation/devicetree/bindings/net/marvell-pp2.txt              |  10 +++--
 Documentation/devicetree/bindings/net/rockchip-dwmac.txt           |   1 +
 arch/x86/net/bpf_jit_comp.c                                        |   4 +-
 drivers/net/dsa/mv88e6xxx/chip.c                                   |   6 +++
 drivers/net/ethernet/aquantia/atlantic/aq_cfg.h                    |   4 ++
 drivers/net/ethernet/aquantia/atlantic/aq_nic.c                    | 145 ++++++++++++++++++++++++++++++++-------------------------------------
 drivers/net/ethernet/aquantia/atlantic/aq_nic.h                    |   2 -
 drivers/net/ethernet/aquantia/atlantic/aq_ring.c                   |  53 +++++++++++++++++++++----
 drivers/net/ethernet/aquantia/atlantic/aq_ring.h                   |  10 ++++-
 drivers/net/ethernet/aquantia/atlantic/aq_vec.c                    |   8 +---
 drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_b0_internal.h |   2 +-
 drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c       |   3 +-
 drivers/net/ethernet/broadcom/cnic.c                               |   2 +-
 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c            |   3 +-
 drivers/net/ethernet/marvell/mvpp2.c                               |  46 ++++++++++++++++------
 drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.h       |   4 +-
 drivers/net/ethernet/mellanox/mlx5/core/en_fs.c                    |   4 +-
 drivers/net/ethernet/mellanox/mlx5/core/en_main.c                  |  13 +++----
 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c                    |   3 ++
 drivers/net/ethernet/mellanox/mlx5/core/en_stats.h                 |   6 +++
 drivers/net/ethernet/mellanox/mlx5/core/en_tc.c                    |  91 +++++++++++++++++++++++++++++++++++++++----
 drivers/net/ethernet/mellanox/mlx5/core/en_tx.c                    |   1 +
 drivers/net/ethernet/mellanox/mlx5/core/fpga/cmd.c                 |   4 +-
 drivers/net/ethernet/mellanox/mlx5/core/fpga/cmd.h                 |   2 +-
 drivers/net/ethernet/mellanox/mlx5/core/fpga/core.c                |   3 +-
 drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c                   |   8 ++++
 drivers/net/ethernet/mellanox/mlx5/core/fs_core.h                  |  11 ++++++
 drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib.c              |   3 +-
 drivers/net/ethernet/mellanox/mlx5/core/sriov.c                    |   2 +-
 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c              |  18 +++++++--
 drivers/net/ethernet/qualcomm/emac/emac-mac.c                      |   3 +-
 drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c                 |   5 +--
 drivers/net/ethernet/rocker/rocker_tlv.h                           |  48 ++++++++++++++---------
 drivers/net/ethernet/stmicro/stmmac/dwmac-dwc-qos-eth.c            |   1 +
 drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c                     | 112 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 drivers/net/ethernet/stmicro/stmmac/dwmac4_core.c                  |   7 ++++
 drivers/net/ppp/ppp_generic.c                                      |   2 +-
 drivers/net/tun.c                                                  |   8 ++--
 drivers/net/usb/cdc_ether.c                                        |  21 +++++++++-
 drivers/net/usb/r8152.c                                            |   2 +
 drivers/net/usb/rndis_host.c                                       |   4 ++
 drivers/net/wireless/ath/ath10k/pci.c                              |   7 +---
 drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c        |  37 +++++++++---------
 drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h      |   5 +++
 drivers/net/wireless/intel/iwlwifi/mvm/d3.c                        |   2 +-
 drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c                  |  62 ++++++++++++++++++++++++++++--
 drivers/net/wireless/intel/iwlwifi/mvm/rs.c                        |   3 +-
 drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c                      |   7 ++--
 drivers/net/wireless/intel/iwlwifi/mvm/scan.c                      |   2 +-
 drivers/net/wireless/intel/iwlwifi/mvm/sta.c                       |   8 ++--
 drivers/net/wireless/intel/iwlwifi/mvm/sta.h                       |   2 +
 drivers/net/wireless/intel/iwlwifi/mvm/tt.c                        |   1 +
 drivers/net/wireless/intel/iwlwifi/mvm/tx.c                        |  10 ++---
 drivers/net/wireless/quantenna/qtnfmac/cfg80211.c                  |   9 +++--
 drivers/net/wireless/quantenna/qtnfmac/cfg80211.h                  |   3 ++
 drivers/net/wireless/quantenna/qtnfmac/event.c                     |   2 -
 drivers/net/wireless/quantenna/qtnfmac/pearl/pcie.c                |   9 ++++-
 drivers/net/wireless/quantenna/qtnfmac/pearl/pcie_bus_priv.h       |   2 +
 include/linux/mlx5/device.h                                        |   5 +--
 include/linux/mlx5/driver.h                                        |   1 +
 include/linux/mlx5/mlx5_ifc.h                                      |   3 +-
 include/net/netlink.h                                              |  73 ++++++++++++++++++++++++++---------
 include/net/protocol.h                                             |   4 +-
 include/net/route.h                                                |   4 +-
 include/net/tcp.h                                                  |   2 +-
 include/net/udp.h                                                  |   2 +-
 include/uapi/linux/bpf.h                                           |   2 +-
 kernel/bpf/core.c                                                  |   2 +-
 net/8021q/vlan_core.c                                              |   6 +++
 net/core/filter.c                                                  |  12 ++++--
 net/core/rtnetlink.c                                               |   3 ++
 net/core/sock.c                                                    |   7 +++-
 net/dsa/slave.c                                                    |  31 ++++++++-------
 net/ipv4/inetpeer.c                                                |   4 +-
 net/ipv4/ip_gre.c                                                  |  12 +++---
 net/ipv4/ip_input.c                                                |  25 +++++++-----
 net/ipv4/ip_vti.c                                                  |   3 +-
 net/ipv4/route.c                                                   |  46 ++++++++++++----------
 net/ipv4/tcp_ipv4.c                                                |   9 +++--
 net/ipv4/udp.c                                                     |  24 +++++++++---
 net/ipv6/ip6_gre.c                                                 |   1 +
 net/ipv6/ip6_tunnel.c                                              |   5 ++-
 net/ipv6/ip6_vti.c                                                 |   3 +-
 net/l2tp/l2tp_core.c                                               |  16 +++++---
 net/l2tp/l2tp_core.h                                               |   6 ++-
 net/l2tp/l2tp_eth.c                                                |  51 +-----------------------
 net/l2tp/l2tp_ppp.c                                                |   8 ++--
 net/netlink/af_netlink.c                                           |   7 +++-
 net/packet/af_packet.c                                             |  12 ++++--
 net/sctp/sctp_diag.c                                               |   4 +-
 net/tipc/msg.c                                                     |   2 +-
 91 files changed, 863 insertions(+), 388 deletions(-)

^ permalink raw reply

* New Defects reported by Coverity Scan for ceph
From: scan-admin @ 2017-10-05  5:08 UTC (permalink / raw)
  To: ceph-devel


Hi,

Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.

22 new defect(s) introduced to ceph found with Coverity Scan.
36 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 22 defect(s)


** CID 1297802:  Program hangs  (INFINITE_LOOP)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 1905 in Objecter::wait_for_osd_map()()


________________________________________________________________________________________________________
*** CID 1297802:  Program hangs  (INFINITE_LOOP)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 1905 in Objecter::wait_for_osd_map()()
1899       Cond cond;
1900       bool done;
1901       lock.Lock();
1902       C_SafeCond *context = new C_SafeCond(&lock, &cond, &done, NULL);
1903       waiting_for_map[0].push_back(pair<Context*, int>(context, 0));
1904       l.unlock();
>>>     CID 1297802:  Program hangs  (INFINITE_LOOP)
>>>     If "done" is initially false then it will remain false.
1905       while (!done)
1906         cond.Wait(lock);
1907       lock.Unlock();
1908     }
1909     
1910     struct C_Objecter_GetVersion : public Context {

** CID 1351616:  Resource leaks  (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::submit_command(Objecter::CommandOp *, unsigned long *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()


________________________________________________________________________________________________________
*** CID 1351616:  Resource leaks  (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::submit_command(Objecter::CommandOp *, unsigned long *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224     	// Previously each event was a context, identified by a
225     	// pointer, and each context to be called only once. Since you
226     	// can queue the same function pointer, member function,
227     	// lambda, or functor up multiple times, identifying things by
228     	// function for the purposes of cancellation is no longer
229     	// suitable. Thus:
>>>     CID 1351616:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "e" going out of scope leaks the storage it points to.
230     	return e.id;
231           }
232     
233           // Adjust the timeout of a currently-scheduled event (relative)
234           bool adjust_event(uint64_t id, typename TC::duration duration) {
235     	return adjust_event(id, TC::now() + duration);

** CID 1351659:    (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()


________________________________________________________________________________________________________
*** CID 1351659:    (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
112     
113       cluster.wait_for_latest_osdmap();
114       test_loop(cluster, pool_name, obj_name);
115       return;
116     }
117     
>>>     CID 1351659:    (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
118     int main(int args, char **argv)
119     {
120       if (args != 3 && args != 4) {
121         std::cerr << "Error: " << argv[0] << " [ec|rep] pool_name obj_name" << std::endl;
122         return 1;
123       }
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
112     
113       cluster.wait_for_latest_osdmap();
114       test_loop(cluster, pool_name, obj_name);
115       return;
116     }
117     
>>>     CID 1351659:    (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
118     int main(int args, char **argv)
119     {
120       if (args != 3 && args != 4) {
121         std::cerr << "Error: " << argv[0] << " [ec|rep] pool_name obj_name" << std::endl;
122         return 1;
123       }

** CID 1351672:    (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()


________________________________________________________________________________________________________
*** CID 1351672:    (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547       } else {
548         err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549       }
550       return err;
551     }
552     
>>>     CID 1351672:    (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
553     int main(int argc, const char** argv) {
554       KvStoreBench kvsb;
555       int err = kvsb.setup(argc, argv);
556       if (err == 0) cout << "setup successful" << std::endl;
557       else{
558         cout << "error " << err << std::endl;
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547       } else {
548         err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549       }
550       return err;
551     }
552     
>>>     CID 1351672:    (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
553     int main(int argc, const char** argv) {
554       KvStoreBench kvsb;
555       int err = kvsb.setup(argc, argv);
556       if (err == 0) cout << "setup successful" << std::endl;
557       else{
558         cout << "error " << err << std::endl;
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547       } else {
548         err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549       }
550       return err;
551     }
552     
>>>     CID 1351672:    (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
553     int main(int argc, const char** argv) {
554       KvStoreBench kvsb;
555       int err = kvsb.setup(argc, argv);
556       if (err == 0) cout << "setup successful" << std::endl;
557       else{
558         cout << "error " << err << std::endl;

** CID 1355572:    (INFINITE_LOOP)
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 58 in Resetter::reset(mds_role_t)()
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 96 in Resetter::reset(mds_role_t)()


________________________________________________________________________________________________________
*** CID 1355572:    (INFINITE_LOOP)
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 58 in Resetter::reset(mds_role_t)()
52     
53       lock.Lock();
54       journaler.recover(new C_SafeCond(&mylock, &cond, &done, &r));
55       lock.Unlock();
56     
57       mylock.Lock();
>>>     CID 1355572:    (INFINITE_LOOP)
>>>     If "done" is initially false then it will remain false.
58       while (!done)
59         cond.Wait(mylock);
60       mylock.Unlock();
61     
62       if (r != 0) {
63         if (r == -ENOENT) {
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 96 in Resetter::reset(mds_role_t)()
90     
91       cout << "writing journal head" << std::endl;
92       journaler.write_head(new C_SafeCond(&mylock, &cond, &done, &r));
93       lock.Unlock();
94     
95       mylock.Lock();
>>>     CID 1355572:    (INFINITE_LOOP)
>>>     If "done" is initially false then it will remain false.
96       while (!done)
97         cond.Wait(mylock);
98       mylock.Unlock();
99     
100       Mutex::Locker l(lock);
101       if (r != 0) {

** CID 1395778:    (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_pool_stats(std::__cxx11::list<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t>>> *, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long
 , std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_fs_stats(ceph_statfs &, boost::optional<long>, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()


________________________________________________________________________________________________________
*** CID 1395778:    (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_pool_stats(std::__cxx11::list<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t>>> *, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long
 , std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224     	// Previously each event was a context, identified by a
225     	// pointer, and each context to be called only once. Since you
226     	// can queue the same function pointer, member function,
227     	// lambda, or functor up multiple times, identifying things by
228     	// function for the purposes of cancellation is no longer
229     	// suitable. Thus:
>>>     CID 1395778:    (RESOURCE_LEAK)
>>>     Variable "e" going out of scope leaks the storage it points to.
230     	return e.id;
231           }
232     
233           // Adjust the timeout of a currently-scheduled event (relative)
234           bool adjust_event(uint64_t id, typename TC::duration duration) {
235     	return adjust_event(id, TC::now() + duration);
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_fs_stats(ceph_statfs &, boost::optional<long>, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224     	// Previously each event was a context, identified by a
225     	// pointer, and each context to be called only once. Since you
226     	// can queue the same function pointer, member function,
227     	// lambda, or functor up multiple times, identifying things by
228     	// function for the purposes of cancellation is no longer
229     	// suitable. Thus:
>>>     CID 1395778:    (RESOURCE_LEAK)
>>>     Variable "e" going out of scope leaks the storage it points to.
230     	return e.id;
231           }
232     
233           // Adjust the timeout of a currently-scheduled event (relative)
234           bool adjust_event(uint64_t id, typename TC::duration duration) {
235     	return adjust_event(id, TC::now() + duration);

** CID 1396149:  Uninitialized members  (UNINIT_CTOR)
/home/brad/working/src/ceph/src/include/rados/rados_types.hpp: 186 in librados::inconsistent_obj_t::inconsistent_obj_t()()


________________________________________________________________________________________________________
*** CID 1396149:  Uninitialized members  (UNINIT_CTOR)
/home/brad/working/src/ceph/src/include/rados/rados_types.hpp: 186 in librados::inconsistent_obj_t::inconsistent_obj_t()()
180       bool has_deep_errors() const {
181         return errors & DEEP_ERRORS;
182       }
183     };
184     
185     struct inconsistent_obj_t : obj_err_t {
>>>     CID 1396149:  Uninitialized members  (UNINIT_CTOR)
>>>     Non-static class member "version" is not initialized in this constructor nor in any functions that it calls.
186       inconsistent_obj_t() = default;
187       inconsistent_obj_t(const object_id_t& object)
188         : object{object}, version(0)
189       {}
190       object_id_t object;
191       uint64_t version;  // XXX: Redundant with object info attr

** CID 1400655:  Security best practices violations  (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2892 in Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()


________________________________________________________________________________________________________
*** CID 1400655:  Security best practices violations  (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2892 in Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
2886         if (acting_primary == -1) {
2887           t->osd = -1;
2888         } else {
2889           int osd;
2890           bool read = is_read && !is_write;
2891           if (read && (t->flags & CEPH_OSD_FLAG_BALANCE_READS)) {
>>>     CID 1400655:  Security best practices violations  (DC.WEAK_CRYPTO)
>>>     "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2892     	int p = rand() % acting.size();
2893     	if (p)
2894     	  t->used_replica = true;
2895     	osd = acting[p];
2896     	ldout(cct, 10) << " chose random osd." << osd << " of " << acting
2897     		       << dendl;

** CID 1402139:    (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 563 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 561 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 552 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 603 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 600 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 597 in LibRadosList_ListObjectsCursor_Test::TestBody()()


________________________________________________________________________________________________________
*** CID 1402139:    (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 563 in LibRadosList_ListObjectsCursor_Test::TestBody()()
557           ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
558           cout << "> oid=" << oid << " cursor=" << ObjectCursor(cursor) << std::endl;
559         }
560         rados_nobjects_list_seek_cursor(ctx, first_cursor);
561         ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562         cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
>>>     CID 1402139:    (RESOURCE_LEAK)
>>>     Variable "cursor" going out of scope leaks the storage it points to.
563       }
564       rados_list_ctx_t ctx;
565       ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566     
567       std::map<rados_object_list_cursor, string> cursor_to_obj;
568       int count = 0;
/home/brad/working/src/ceph/src/test/librados/list.cc: 561 in LibRadosList_ListObjectsCursor_Test::TestBody()()
555         while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556           string oid = entry;
557           ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
558           cout << "> oid=" << oid << " cursor=" << ObjectCursor(cursor) << std::endl;
559         }
560         rados_nobjects_list_seek_cursor(ctx, first_cursor);
>>>     CID 1402139:    (RESOURCE_LEAK)
>>>     Variable "cursor" going out of scope leaks the storage it points to.
561         ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562         cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
563       }
564       rados_list_ctx_t ctx;
565       ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566     
/home/brad/working/src/ceph/src/test/librados/list.cc: 552 in LibRadosList_ListObjectsCursor_Test::TestBody()()
546     
547       {
548         rados_list_ctx_t ctx;
549         const char *entry;
550         rados_object_list_cursor cursor;
551         ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
>>>     CID 1402139:    (RESOURCE_LEAK)
>>>     Variable "cursor" going out of scope leaks the storage it points to.
552         ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
553         rados_object_list_cursor first_cursor = cursor;
554         cout << "x cursor=" << ObjectCursor(cursor) << std::endl;
555         while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556           string oid = entry;
557           ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
/home/brad/working/src/ceph/src/test/librados/list.cc: 603 in LibRadosList_ListObjectsCursor_Test::TestBody()()
597         ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598         cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599         // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
600         ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601         cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602         cout << ": entry=" << entry << " expected=" << p->second << std::endl;
>>>     CID 1402139:    (RESOURCE_LEAK)
>>>     Variable "cursor" going out of scope leaks the storage it points to.
603         ASSERT_EQ(p->second, string(entry));
604     
605         ++p;
606     
607         rados_object_list_cursor_free(ctx, cursor);
608       }
/home/brad/working/src/ceph/src/test/librados/list.cc: 600 in LibRadosList_ListObjectsCursor_Test::TestBody()()
594         rados_object_list_cursor cursor;
595         rados_object_list_cursor oid(p->first);
596         rados_nobjects_list_seek_cursor(ctx, oid);
597         ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598         cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599         // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
>>>     CID 1402139:    (RESOURCE_LEAK)
>>>     Variable "cursor" going out of scope leaks the storage it points to.
600         ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601         cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602         cout << ": entry=" << entry << " expected=" << p->second << std::endl;
603         ASSERT_EQ(p->second, string(entry));
604     
605         ++p;
/home/brad/working/src/ceph/src/test/librados/list.cc: 597 in LibRadosList_ListObjectsCursor_Test::TestBody()()
591       ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
592       while (p != cursor_to_obj.rend()) {
593         cout << ": seek to " << ObjectCursor(p->first) << std::endl;
594         rados_object_list_cursor cursor;
595         rados_object_list_cursor oid(p->first);
596         rados_nobjects_list_seek_cursor(ctx, oid);
>>>     CID 1402139:    (RESOURCE_LEAK)
>>>     Variable "cursor" going out of scope leaks the storage it points to.
597         ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598         cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599         // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
600         ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601         cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602         cout << ": entry=" << entry << " expected=" << p->second << std::endl;

** CID 1405343:  Error handling issues  (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()


________________________________________________________________________________________________________
*** CID 1405343:  Error handling issues  (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
14     extern void register_test_instances();
15     extern void register_test_leader_watcher();
16     extern void register_test_pool_watcher();
17     extern void register_test_rbd_mirror();
18     extern void register_test_rbd_mirror_image_deleter();
19     
>>>     CID 1405343:  Error handling issues  (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
20     int main(int argc, char **argv)
21     {
22       register_test_cluster_watcher();
23       register_test_image_sync();
24       register_test_instance_watcher();
25       register_test_instances();

** CID 1405347:  Error handling issues  (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()


________________________________________________________________________________________________________
*** CID 1405347:  Error handling issues  (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
18     extern void register_test_object_map();
19     extern void register_test_operations();
20     extern void register_test_mirroring();
21     extern void register_test_mirroring_watcher();
22     #endif // TEST_LIBRBD_INTERNALS
23     
>>>     CID 1405347:  Error handling issues  (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
24     int main(int argc, char **argv)
25     {
26       register_test_librbd();
27     #ifdef TEST_LIBRBD_INTERNALS
28       register_test_groups();
29       register_test_image_watcher();

** CID 1405350:  Error handling issues  (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()


________________________________________________________________________________________________________
*** CID 1405350:  Error handling issues  (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
356     out:
357       ceph_shutdown(admin);
358       return r;
359     }
360     
361     
>>>     CID 1405350:  Error handling issues  (UNCAUGHT_EXCEPT)
>>>     In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
362     int main(int argc, char **argv)
363     {
364       int r = update_root_mode();
365       if (r < 0)
366         exit(1);
367     

** CID 1413801:  Resource leaks  (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::_op_submit_with_budget(Objecter::Op *, ceph::shunique_lock<boost::shared_mutex> &, unsigned long *, int *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()


________________________________________________________________________________________________________
*** CID 1413801:  Resource leaks  (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::_op_submit_with_budget(Objecter::Op *, ceph::shunique_lock<boost::shared_mutex> &, unsigned long *, int *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224     	// Previously each event was a context, identified by a
225     	// pointer, and each context to be called only once. Since you
226     	// can queue the same function pointer, member function,
227     	// lambda, or functor up multiple times, identifying things by
228     	// function for the purposes of cancellation is no longer
229     	// suitable. Thus:
>>>     CID 1413801:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "e" going out of scope leaks the storage it points to.
230     	return e.id;
231           }
232     
233           // Adjust the timeout of a currently-scheduled event (relative)
234           bool adjust_event(uint64_t id, typename TC::duration duration) {
235     	return adjust_event(id, TC::now() + duration);

** CID 1418951:  Concurrent data access violations  (MISSING_LOCK)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 134 in rbd::action::bench::rbd_bencher::start_io(int, unsigned long, unsigned long, int, bool)()


________________________________________________________________________________________________________
*** CID 1418951:  Concurrent data access violations  (MISSING_LOCK)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 134 in rbd::action::bench::rbd_bencher::start_io(int, unsigned long, unsigned long, int, bool)()
128       }
129         
130       void start_io(int max, uint64_t off, uint64_t len, int op_flags, bool read_flag)
131       {
132         {
133           Mutex::Locker l(lock);
>>>     CID 1418951:  Concurrent data access violations  (MISSING_LOCK)
>>>     Accessing "this->in_flight" without holding lock "Mutex._m". Elsewhere, "_ZN3rbd6action5bench11rbd_bencherE.in_flight" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
134           in_flight++;
135         }
136     
137         librbd::RBD::AioCompletion *c;
138         if (read_flag) {
139           bufferlist *read_bl = new bufferlist();

** CID 1418952:  Control flow issues  (MISSING_BREAK)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 6882 in PrimaryLogPG::_rollback_to(PrimaryLogPG::OpContext *, ceph_osd_op &)()


________________________________________________________________________________________________________
*** CID 1418952:  Control flow issues  (MISSING_BREAK)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 6882 in PrimaryLogPG::_rollback_to(PrimaryLogPG::OpContext *, ceph_osd_op &)()
6876           return -EAGAIN;
6877         case cache_result_t::BLOCKED_FULL:
6878           block_write_on_full_cache(soid, ctx->op);
6879           return -EAGAIN;
6880         case cache_result_t::REPLIED_WITH_EAGAIN:
6881           assert(0 == "this can't happen, no rollback on replica");
>>>     CID 1418952:  Control flow issues  (MISSING_BREAK)
>>>     The above case falls through to this one.
6882         default:
6883           assert(0 == "must promote was set, other values are not valid");
6884           return -EAGAIN;
6885         }
6886       }
6887     

** CID 1418953:  Security best practices violations  (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 125 in rbd::action::bench::rbd_bencher::rbd_bencher(librbd::Image *, rbd::action::bench::<unnamed>::io_type_t, unsigned long)()


________________________________________________________________________________________________________
*** CID 1418953:  Security best practices violations  (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 125 in rbd::action::bench::rbd_bencher::rbd_bencher(librbd::Image *, rbd::action::bench::<unnamed>::io_type_t, unsigned long)()
119           in_flight(0),
120           io_type(io_type),
121           io_size(io_size)
122       {
123         if (io_type == IO_TYPE_WRITE || io_type == IO_TYPE_RW) {
124           bufferptr bp(io_size);
>>>     CID 1418953:  Security best practices violations  (DC.WEAK_CRYPTO)
>>>     "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
125           memset(bp.c_str(), rand() & 0xff, io_size);
126           write_bl.push_back(bp);
127         }
128       }
129         
130       void start_io(int max, uint64_t off, uint64_t len, int op_flags, bool read_flag)

** CID 1418954:    (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 277 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()


________________________________________________________________________________________________________
*** CID 1418954:    (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
229       uint64_t start_pos;
230     
231       uint64_t unit_len = size/io_size/io_threads;
232       // disturb all thread's offset
233       for (i = 0; i < io_threads; i++) {
234         if (random) {
>>>     CID 1418954:    (DC.WEAK_CRYPTO)
>>>     "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
235           start_pos = (rand() % (size / io_size)) * io_size;
236         } else {
237           start_pos = unit_len * i * io_size;
238         }
239         thread_offset.push_back(start_pos);
240       }
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 277 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
271           bool read_flag = should_read(read_proportion);
272     
273           b.wait_for(io_threads - 1);
274           b.start_io(io_threads, thread_offset[i], io_size, op_flags, read_flag);
275     
276           if (random) {
>>>     CID 1418954:    (DC.WEAK_CRYPTO)
>>>     "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
277             thread_offset[i] = (rand() % (size / io_size)) * io_size;
278           } else {
279             thread_offset[i] += io_size;
280             if (thread_offset[i] + io_size > size)
281               thread_offset[i] = 0;
282           }

** CID 1418955:  Concurrent data access violations  (MISSING_LOCK)
/home/brad/working/src/ceph/src/osdc/Journaler.cc: 562 in Journaler::append_entry(ceph::buffer::list &)()


________________________________________________________________________________________________________
*** CID 1418955:  Concurrent data access violations  (MISSING_LOCK)
/home/brad/working/src/ceph/src/osdc/Journaler.cc: 562 in Journaler::append_entry(ceph::buffer::list &)()
556         l.lock();
557       }
558       ldout(cct, 20) << "write_buf_throttle get, delta " << delta << dendl;
559       size_t wrote = journal_stream.write(bl, &write_buf, write_pos);
560       ldout(cct, 10) << "append_entry len " << s << " to " << write_pos << "~"
561     		 << wrote << dendl;
>>>     CID 1418955:  Concurrent data access violations  (MISSING_LOCK)
>>>     Accessing "this->write_pos" without holding lock "Journaler.lock". Elsewhere, "Journaler.write_pos" is accessed with "Journaler.lock" held 6 out of 8 times (1 of these accesses strongly imply that it is necessary).
562       write_pos += wrote;
563     
564       // flush previous object?
565       uint64_t su = get_layout_period();
566       assert(su > 0);
567       uint64_t write_off = write_pos % su;

** CID 1418956:    (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 231 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()


________________________________________________________________________________________________________
*** CID 1418956:    (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 231 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
225       unsigned ios = 0;
226     
227       vector<uint64_t> thread_offset;
228       uint64_t i;
229       uint64_t start_pos;
230     
>>>     CID 1418956:    (DIVIDE_BY_ZERO)
>>>     In expression "size / io_size", division by expression "io_size" which may be zero has undefined behavior.
231       uint64_t unit_len = size/io_size/io_threads;
232       // disturb all thread's offset
233       for (i = 0; i < io_threads; i++) {
234         if (random) {
235           start_pos = (rand() % (size / io_size)) * io_size;
236         } else {
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
229       uint64_t start_pos;
230     
231       uint64_t unit_len = size/io_size/io_threads;
232       // disturb all thread's offset
233       for (i = 0; i < io_threads; i++) {
234         if (random) {
>>>     CID 1418956:    (DIVIDE_BY_ZERO)
>>>     In expression "size / io_size", division by expression "io_size" which may be zero has undefined behavior.
235           start_pos = (rand() % (size / io_size)) * io_size;
236         } else {
237           start_pos = unit_len * i * io_size;
238         }
239         thread_offset.push_back(start_pos);
240       }

** CID 1418957:  Uninitialized members  (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_mock_ImageSync.cc: 107 in rbd::mirror::image_sync::MetadataCopyRequest<librbd::<unnamed>::MockTestImageCtx>::MetadataCopyRequest()()


________________________________________________________________________________________________________
*** CID 1418957:  Uninitialized members  (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_mock_ImageSync.cc: 107 in rbd::mirror::image_sync::MetadataCopyRequest<librbd::<unnamed>::MockTestImageCtx>::MetadataCopyRequest()()
101         s_instance->on_finish = on_finish;
102         return s_instance;
103       }
104     
105       MetadataCopyRequest() {
106         s_instance = this;
>>>     CID 1418957:  Uninitialized members  (UNINIT_CTOR)
>>>     Non-static class member "on_finish" is not initialized in this constructor nor in any functions that it calls.
107       }
108     
109       MOCK_METHOD0(send, void());
110     };
111     
112     template <>


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FCBsNVyGXtBtUu5bDT7ItSJQjbRl2Ee4PG8K-2FycjN-2FryFBgcAdPnrk7XQ2BwD363FcC64gju3cTdVPd5CXN3UpGQ9pNaBVxW5DlJWx6FvI-2Fusuy8N7nHTMXyHFzu6ZE7DP2NfsqwknjJ-2BabyRng3m2F09WHzdfoBrvXBxXmzusZ2PNPiX8No6jOuoui1mYK-2Bg-3D

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FCBsNVyGXtBtUu5bDT7ItSJQjbRl2Ee4PG8K-2FycjN-2Fr5NZ21oVA-2BuXJqzPU5-2FfcCwOcWCXSWNYGUmQzReV9wL9TmFx6aqZq59o87d2HGDOlnMeK5G0ScClfZtw3Frkfm01q34FqqL5GVMfthacoCk8Lmpr6XOPbICMdf5U9STR5M78EIdk8fWkfoPI7h5-2BEa4-3D


^ permalink raw reply

* [Intel-wired-lan] [jkirsher-next-queue:dev-queue] BUILD REGRESSION a99c110d8cc0c2787cbfbbdc194c253082238f63
From: kbuild test robot @ 2017-10-05  5:08 UTC (permalink / raw)
  To: intel-wired-lan

https://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue.git  dev-queue
a99c110d8cc0c2787cbfbbdc194c253082238f63  i40e: Fix memory leak related filter programming status

ERROR: "__aeabi_uldivmod" [drivers/net/ethernet/intel/i40e/i40e.ko] undefined!
ERROR: "__udivdi3" [drivers/net/ethernet/intel/i40e/i40e.ko] undefined!

Error ids grouped by kconfigs:

recent_errors
??? arm-allmodconfig
??? ??? ERROR:__aeabi_uldivmod-drivers-net-ethernet-intel-i40e-i40e.ko-undefined
??? i386-allmodconfig
    ??? ERROR:__udivdi3-drivers-net-ethernet-intel-i40e-i40e.ko-undefined

elapsed time: 495m

configs tested: 106

x86_64                           allyesdebian
sh                                allnoconfig
sh                            titan_defconfig
x86_64                           allmodconfig
alpha                               defconfig
parisc                            allnoconfig
parisc                              defconfig
arm                               allnoconfig
arm                          exynos_defconfig
arm                        multi_v5_defconfig
arm                        multi_v7_defconfig
arm                        shmobile_defconfig
arm                           sunxi_defconfig
arm64                             allnoconfig
frv                                 defconfig
tile                         tilegx_defconfig
um                             i386_defconfig
x86_64                 randconfig-x018-201740
x86_64                 randconfig-x011-201740
x86_64                 randconfig-x012-201740
x86_64                 randconfig-x019-201740
x86_64                 randconfig-x013-201740
x86_64                 randconfig-x017-201740
x86_64                 randconfig-x015-201740
x86_64                 randconfig-x014-201740
x86_64                 randconfig-x016-201740
x86_64                 randconfig-x010-201740
arm                              allmodconfig
arm                                      arm5
arm                                     arm67
arm                          ixp4xx_defconfig
arm                                    sa1100
arm                                   samsung
arm                                        sh
arm64                            alldefconfig
arm64                            allmodconfig
x86_64                                   rhel
x86_64                               rhel-7.2
i386                               tinyconfig
powerpc                           allnoconfig
powerpc                             defconfig
powerpc                       ppc64_defconfig
s390                        default_defconfig
x86_64                   randconfig-i0-201740
sparc64                           allnoconfig
i386                     randconfig-i0-201740
i386                     randconfig-i1-201740
i386                   randconfig-x013-201740
i386                   randconfig-x014-201740
i386                   randconfig-x015-201740
i386                   randconfig-x019-201740
i386                   randconfig-x011-201740
i386                   randconfig-x018-201740
i386                   randconfig-x010-201740
i386                   randconfig-x017-201740
i386                   randconfig-x012-201740
i386                   randconfig-x016-201740
m68k                       m5475evb_defconfig
i386                   randconfig-x000-201740
i386                   randconfig-x001-201740
i386                   randconfig-x002-201740
i386                   randconfig-x003-201740
i386                   randconfig-x004-201740
i386                   randconfig-x005-201740
i386                   randconfig-x006-201740
i386                   randconfig-x007-201740
i386                   randconfig-x008-201740
i386                   randconfig-x009-201740
mips                           32r2_defconfig
mips                         64r6el_defconfig
mips                              allnoconfig
mips                      fuloong2e_defconfig
mips                                   jz4740
mips                      malta_kvm_defconfig
mips                                     txx9
ia64                             alldefconfig
ia64                              allnoconfig
c6x                        evmc6678_defconfig
h8300                    h8300h-sim_defconfig
nios2                         10m50_defconfig
xtensa                       common_defconfig
i386                   randconfig-x074-201740
i386                   randconfig-x071-201740
i386                   randconfig-x076-201740
i386                   randconfig-x077-201740
i386                   randconfig-x073-201740
i386                   randconfig-x079-201740
i386                   randconfig-x072-201740
i386                   randconfig-x078-201740
i386                   randconfig-x075-201740
i386                   randconfig-x070-201740
i386                             alldefconfig
i386                              allnoconfig
i386                                defconfig
x86_64                 randconfig-x001-201740
x86_64                 randconfig-x000-201740
x86_64                 randconfig-x004-201740
x86_64                 randconfig-x008-201740
x86_64                 randconfig-x006-201740
x86_64                 randconfig-x007-201740
x86_64                 randconfig-x005-201740
x86_64                 randconfig-x009-201740
x86_64                 randconfig-x003-201740
x86_64                 randconfig-x002-201740
i386                             allmodconfig

Thanks,
Fengguang

^ permalink raw reply

* Re: [PATCH 2/2] mm: Consolidate page table accounting
From: Anshuman Khandual @ 2017-10-05  5:08 UTC (permalink / raw)
  To: Kirill A. Shutemov, Andrew Morton
  Cc: linux-mm, linux-kernel, linux-api, Michal Hocko
In-Reply-To: <20171004163648.11234-2-kirill.shutemov@linux.intel.com>

On 10/04/2017 10:06 PM, Kirill A. Shutemov wrote:
> This patch switches page table accounting to single counter from
> three -- nr_ptes, nr_pmds and nr_puds.
> 
> mm->pgtables_bytes is now used to account page table levels. We use
> bytes, because page table size for different levels of page table tree
> may be different.
> 
> The change has user-visible effect: we don't have VmPMD and VmPUD
> reported in /proc/[pid]/status. Not sure if anybody uses them.
> (As alternative, we can always report 0 kB for them.)
> 
> OOM-killer report is also slightly changed: we now report pgtables_bytes
> instead of nr_ptes, nr_pmd, nr_puds.

Could you please mention the motivation of doing this ? Why we are
consolidating the counters which also changes /proc/ interface as
well as OOM report ? What is the benefit ?

^ permalink raw reply

* Re: [PATCH 2/2] mm: Consolidate page table accounting
From: Anshuman Khandual @ 2017-10-05  5:08 UTC (permalink / raw)
  To: Kirill A. Shutemov, Andrew Morton
  Cc: linux-mm, linux-kernel, linux-api, Michal Hocko
In-Reply-To: <20171004163648.11234-2-kirill.shutemov@linux.intel.com>

On 10/04/2017 10:06 PM, Kirill A. Shutemov wrote:
> This patch switches page table accounting to single counter from
> three -- nr_ptes, nr_pmds and nr_puds.
> 
> mm->pgtables_bytes is now used to account page table levels. We use
> bytes, because page table size for different levels of page table tree
> may be different.
> 
> The change has user-visible effect: we don't have VmPMD and VmPUD
> reported in /proc/[pid]/status. Not sure if anybody uses them.
> (As alternative, we can always report 0 kB for them.)
> 
> OOM-killer report is also slightly changed: we now report pgtables_bytes
> instead of nr_ptes, nr_pmd, nr_puds.

Could you please mention the motivation of doing this ? Why we are
consolidating the counters which also changes /proc/ interface as
well as OOM report ? What is the benefit ?

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

^ permalink raw reply

* Re: [PATCH 2/2] mm: Consolidate page table accounting
From: Anshuman Khandual @ 2017-10-05  5:08 UTC (permalink / raw)
  To: Kirill A. Shutemov, Andrew Morton
  Cc: linux-mm-Bw31MaZKKs3YtjvyW6yDsg,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA, Michal Hocko
In-Reply-To: <20171004163648.11234-2-kirill.shutemov-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>

On 10/04/2017 10:06 PM, Kirill A. Shutemov wrote:
> This patch switches page table accounting to single counter from
> three -- nr_ptes, nr_pmds and nr_puds.
> 
> mm->pgtables_bytes is now used to account page table levels. We use
> bytes, because page table size for different levels of page table tree
> may be different.
> 
> The change has user-visible effect: we don't have VmPMD and VmPUD
> reported in /proc/[pid]/status. Not sure if anybody uses them.
> (As alternative, we can always report 0 kB for them.)
> 
> OOM-killer report is also slightly changed: we now report pgtables_bytes
> instead of nr_ptes, nr_pmd, nr_puds.

Could you please mention the motivation of doing this ? Why we are
consolidating the counters which also changes /proc/ interface as
well as OOM report ? What is the benefit ?

^ permalink raw reply

* Re: [PATCH 0/4] RFC: attempt to remove md deadlocks with metadata without
From: NeilBrown @ 2017-10-05  5:03 UTC (permalink / raw)
  To: Xiao Ni; +Cc: linux-raid
In-Reply-To: <f5b2cb91-3a9e-69ba-6b01-51335ec74da1@redhat.com>

[-- Attachment #1: Type: text/plain, Size: 1908 bytes --]

On Sat, Sep 30 2017, Xiao Ni wrote:

> On 09/12/2017 09:49 AM, NeilBrown wrote:
>> Hi,
>>   I looked again at the previous patch I posted which tried to mak
>>   md_update_sb() safe without taking reconfig_mutex, and realized that
>>   it had serious problems, particularly around devices being added or
>>   removed while the update was happening.
> Could you explain this in detail? What's the serious problems?

My patch allowed md_update_sb() to run without holding ->reconfig_mutex.
md_update_sb() uses rdev_for_each() in several places, so either that
list needs to be kept stable, or md_update_sb() needs to ensure it is
very careful while walking the list.

I couldn't just use a spinlock to protect the lists because one of the
rdev_for_Each calls md_super_write() on some of the devices, which is
not allowed while holding a spinlock.

I decided it was too hard to make md_update_sb() walk the list in a
fully say manner.

NeilBrown


>
> Regards
> Xiao
>>
>>   So I decided to try a different approach, which is embodied in these
>>   patches.  The md thread is now explicitly allowed to call
>>   md_update_sb() while some other thread holds the lock and
>>   waits for mddev_suspend() to complete.
>>
>>   Please test these and confirm that they still address the problem you
>>   found.
>>
>> Thanks,
>> NeilBrown
>>
>> ---
>>
>> NeilBrown (4):
>>        md: always hold reconfig_mutex when calling mddev_suspend()
>>        md: don't call bitmap_create() while array is quiesced.
>>        md: use mddev_suspend/resume instead of ->quiesce()
>>        md: allow metadata update while suspending.
>>
>>
>>   drivers/md/dm-raid.c     |    5 ++++-
>>   drivers/md/md.c          |   45 ++++++++++++++++++++++++++++++++-------------
>>   drivers/md/md.h          |    6 ++++++
>>   drivers/md/raid5-cache.c |    2 ++
>>   4 files changed, 44 insertions(+), 14 deletions(-)
>>
>> --
>> Signature
>>

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

^ permalink raw reply

* Re: [PATCH 15/25] xfs: scrub refcount btrees
From: Darrick J. Wong @ 2017-10-05  5:02 UTC (permalink / raw)
  To: Dave Chinner; +Cc: linux-xfs
In-Reply-To: <20171005025937.GL3666@dastard>

On Thu, Oct 05, 2017 at 01:59:37PM +1100, Dave Chinner wrote:
> On Tue, Oct 03, 2017 at 01:42:23PM -0700, Darrick J. Wong wrote:
> > From: Darrick J. Wong <darrick.wong@oracle.com>
> > +/* Scrub a refcountbt record. */
> > +STATIC int
> > +xfs_scrub_refcountbt_helper(
> > +	struct xfs_scrub_btree		*bs,
> > +	union xfs_btree_rec		*rec)
> > +{
> > +	struct xfs_mount		*mp = bs->cur->bc_mp;
> > +	struct xfs_agf			*agf;
> > +	struct xfs_refcount_irec	irec;
> > +	unsigned long long		rec_end;
> > +	xfs_agblock_t			eoag;
> > +	bool				has_cowflag;
> > +	int				error = 0;
> > +
> > +	irec.rc_startblock = be32_to_cpu(rec->refc.rc_startblock);
> > +	irec.rc_blockcount = be32_to_cpu(rec->refc.rc_blockcount);
> > +	irec.rc_refcount = be32_to_cpu(rec->refc.rc_refcount);
> > +	agf = XFS_BUF_TO_AGF(bs->sc->sa.agf_bp);
> > +	eoag = be32_to_cpu(agf->agf_length);
> > +
> > +	/* Only CoW records can have refcount == 1. */
> > +	has_cowflag = !!(irec.rc_startblock & XFS_REFC_COW_START);
> > +	if ((irec.rc_refcount == 1 && !has_cowflag) ||
> > +	    (irec.rc_refcount != 1 && has_cowflag))
> > +		xfs_scrub_btree_set_corrupt(bs->sc, bs->cur, 0);
> > +
> > +	/* Check the extent. */
> > +	irec.rc_startblock &= ~XFS_REFC_COW_START;
> > +	rec_end = (unsigned long long)irec.rc_startblock + irec.rc_blockcount;
> > +	if (irec.rc_startblock >= mp->m_sb.sb_agblocks ||
> > +	    irec.rc_startblock >= eoag ||
> > +	    irec.rc_blockcount == 0 ||
> > +	    rec_end > mp->m_sb.sb_agblocks ||
> > +	    rec_end > eoag ||
> 
> For the (broken) record...

Yup.

> > +	    irec.rc_refcount < 1)
> 
> Unsigned variable, so it seems to me that irec.rc_refcount == 0
> would be a more correct check.

Ok.

--D

> Cheers,
> 
> Dave.
> -- 
> Dave Chinner
> david@fromorbit.com
> --
> To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply


This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.