linux/lib, branch v3.5

Merge tag 'iommu-fixes-v3.5-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu

2012-07-09T17:57:21Z

Pull IOMMU fixes from Joerg Roedel: "The patches fix several issues in the AMD IOMMU driver, the NVidia SMMU driver, and the DMA debug code. The most important fix for the AMD IOMMU solves a problem with SR-IOV devices where virtual functions did not work with IOMMU enabled. The NVidia SMMU patch fixes a possible sleep while spin-lock situation (queued the small fix for v3.5, a better but more intrusive fix is coming for v3.6). The DMA debug patches fix a possible data corruption issue due to bool vs u32 usage." * tag 'iommu-fixes-v3.5-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu: iommu/amd: fix type bug in flush code dma-debug: debugfs_create_bool() takes a u32 pointer iommu/tegra: smmu: Fix unsleepable memory allocation iommu/amd: Initialize dma_ops for hotplug and sriov devices iommu/amd: Fix missing iommu_shutdown initialization in passthrough mode

dma-debug: debugfs_create_bool() takes a u32 pointer

2012-07-02T10:11:40Z

Even though it has "bool" in the name, you have pass a u32 pointer to debugfs_create_bool(). Otherwise you get memory corruption in write_file_bool(). Fortunately in this case the corruption happens in an alignment hole between variables so it doesn't cause any problems. Signed-off-by: Dan Carpenter Signed-off-by: Joerg Roedel

fault-inject: avoid call to random32() if fault injection is disabled

2012-06-20T21:39:36Z

After enabling CONFIG_FAILSLAB I noticed random32 in profiles even if slub fault injection wasn't enabled at runtime. should_fail forces a comparison against random32() even if probability is 0: if (attr->probability <= random32() % 100) return false; Add a check up front for probability == 0 and avoid all of the more complicated checks. Signed-off-by: Anton Blanchard Acked-by: Akinobu Mita Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

2012-06-15T23:52:35Z

Pull core updates (RCU and locking) from Ingo Molnar: "Most of the diffstat comes from the RCU slow boot regression fixes, but there's also a debuggability improvements/fixes." * 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: memblock: Document memblock_is_region_{memory,reserved}() rcu: Precompute RCU_FAST_NO_HZ timer offsets rcu: Move RCU_FAST_NO_HZ per-CPU variables to rcu_dynticks structure rcu: Update RCU_FAST_NO_HZ tracing for lazy callbacks rcu: RCU_FAST_NO_HZ detection of callback adoption spinlock: Indicate that a lockup is only suspected kdump: Execute kmsg_dump(KMSG_DUMP_PANIC) after smp_send_stop() panic: Make panic_on_oops configurable

btree: catch NULL value before it does harm

2012-06-07T21:43:55Z

Storing NULL values in the btree is illegal and can lead to memory corruption and possible other fun as well. Catch it on insert, instead of waiting for the inevitable. Signed-off-by: Joern Engel Signed-off-by: Roland Dreier Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

btree: fix tree corruption in btree_get_prev()

2012-06-07T21:43:55Z

The memory the parameter __key points to is used as an iterator in btree_get_prev(), so if we save off a bkey() pointer in retry_key and then assign that to __key, we'll end up corrupting the btree internals when we do eg longcpy(__key, bkey(geo, node, i), geo->keylen); to return the key value. What we should do instead is use longcpy() to copy the key value that retry_key points to __key. This can cause a btree to get corrupted by seemingly read-only operations such as btree_for_each_safe. [akpm@linux-foundation.org: avoid the double longcpy()] Signed-off-by: Roland Dreier Acked-by: Joern Engel Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

Merge tag 'md-3.5-fixes' of git://neil.brown.name/md

2012-06-06T16:49:28Z

Pull two md fixes from NeilBrown: "One sparse-warning fix, one bugfix for 3.4-stable" * tag 'md-3.5-fixes' of git://neil.brown.name/md: md: raid1/raid10: fix problem with merge_bvec_fn lib/raid6: fix sparse warnings in recovery functions

spinlock: Indicate that a lockup is only suspected

2012-06-06T09:34:20Z

On an over-committed KVM system we got a: "BUG: spinlock lockup on CPU#2, swapper/2/0" message on the heavily contended virtio blk spinlock. While we might want to reconsider the locking of virtio-blk (lock is held while switching to the host) this patch tries to make the message clearer: the lockup is only suspected. Signed-off-by: Christian Borntraeger Cc: Rusty Russell Cc: Michael S. Tsirkin Cc: Linus Torvalds Cc: Andrew Morton Cc: Peter Zijlstra Link: http://lkml.kernel.org/r/1338283124-7063-1-git-send-email-borntraeger@de.ibm.com Signed-off-by: Ingo Molnar

Merge branch 'core/debug' into core/urgent

2012-06-06T09:12:55Z

Merge two debugging patchlets that were waiting for preparatory commits to hit upstream. Signed-off-by: Ingo Molnar

radix-tree: fix contiguous iterator

2012-06-05T17:46:40Z

This patch fixes bug in macro radix_tree_for_each_contig(). If radix_tree_next_slot() sees NULL in next slot it returns NULL, but following radix_tree_next_chunk() switches iterating into next chunk. As result iterating becomes non-contiguous and breaks vfs "splice" and all its users. Signed-off-by: Konstantin Khlebnikov Reported-and-bisected-by: Hans de Bruin Reported-and-bisected-by: Ondrej Zary Reported-bisected-and-tested-by: Toralf Förster Link: https://lkml.org/lkml/2012/6/5/64 Cc: stable # 3.4.x Signed-off-by: Linus Torvalds