GitHub/LineageOS/G12/android_kernel_amlogic_linux-4.9.git
13 years agojbd2: fix build when CONFIG_BUG is not enabled
Randy Dunlap [Thu, 27 Oct 2011 08:05:13 +0000 (04:05 -0400)]
jbd2: fix build when CONFIG_BUG is not enabled

Fix build error when CONFIG_BUG is not enabled:

fs/jbd2/transaction.c:1175:3: error: implicit declaration of function '__WARN'

by changing __WARN() to WARN_ON(), as suggested by
Arnaud Lacombe <lacombar@gmail.com>.

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Arnaud Lacombe <lacombar@gmail.com>
13 years agoext4: don't check io->flag when setting EXT4_STATE_DIO_UNWRITTEN inode state
Tao Ma [Wed, 26 Oct 2011 15:08:39 +0000 (11:08 -0400)]
ext4: don't check io->flag when setting EXT4_STATE_DIO_UNWRITTEN inode state

When we want to convert the unitialized extent in direct write, we can
either do it in ext4_end_io_nolock(AIO case) or in
ext4_ext_direct_IO(non AIO case) and EXT4_I(inode)->cur_aio_dio is a
guard for ext4_ext_map_blocks to find the right case.  In e9e3bcecf,
we mistakenly change it by:

- if (io)
+ if (io && !(io->flag & EXT4_IO_END_UNWRITTEN)) {
  io->flag = EXT4_IO_END_UNWRITTEN;
- else
+ atomic_inc(&EXT4_I(inode)->i_aiodio_unwritten);
+ } else
  ext4_set_inode_state(inode,
       EXT4_STATE_DIO_UNWRITTEN);

So now if we map 2 blocks, and the first one set the
EXT_IO_END_UNWRITTEN, the 2nd mapping will set inode state because of
the check for the flag. This is wrong.

Cc: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix a wrong comment in __mb_check_buddy()
Robin Dong [Wed, 26 Oct 2011 12:48:54 +0000 (08:48 -0400)]
ext4: fix a wrong comment in __mb_check_buddy()

The comment says the bit should be 0, but the after code assert the
bit to be 1.  This makes people confused, so fix it.

Signed-off-by: Robin Dong <sanbai@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: remove unused variable in mb_find_extent()
Robin Dong [Wed, 26 Oct 2011 09:30:30 +0000 (05:30 -0400)]
ext4: remove unused variable in mb_find_extent()

The variable 'ord' in function mb_find_extent() is redundant, so
remove it.

Signed-off-by: Robin Dong <sanbai@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: remove unused variable in ext4_mb_generate_from_pa()
Robin Dong [Wed, 26 Oct 2011 09:29:21 +0000 (05:29 -0400)]
ext4: remove unused variable in ext4_mb_generate_from_pa()

The variable 'count' in function ext4_mb_generate_from_pa() looks
useless, so remove it.

Signed-off-by: Robin Dong <sanbai@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: use stream-alloc when mb_group_prealloc set to zero
Robin Dong [Wed, 26 Oct 2011 09:14:27 +0000 (05:14 -0400)]
ext4: use stream-alloc when mb_group_prealloc set to zero

The kernel will crash on

ext4_mb_mark_diskspace_used:
BUG_ON(ac->ac_b_ex.fe_len <= 0);

after we set /sys/fs/ext4/sda/mb_group_prealloc to zero and create new files in an ext4 filesystem.

The reason is: ac_b_ex.fe_len also set to zero(mb_group_prealloc) in ext4_mb_normalize_group_request
because the ac_flags contains EXT4_MB_HINT_GROUP_ALLOC.

I think when someone set mb_group_prealloc to zero, it means DO NOT USE GROUP PREALLOCATION,
so we should set alloc-strategy to STREAM in this case.

Signed-off-by: Robin Dong <sanbai@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: let ext4_page_mkwrite stop started handle in failure
Yongqiang Yang [Wed, 26 Oct 2011 09:00:19 +0000 (05:00 -0400)]
ext4: let ext4_page_mkwrite stop started handle in failure

The started journal handle should be stopped in failure case.

Signed-off-by: Yongqiang Yang <xiaoqiangnk@gmail.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Acked-by: Jan Kara <jack@suse.cz>
Cc: stable@kernel.org
13 years agoext4: handle NULL p_ext in ext4_ext_next_allocated_block()
Curt Wohlgemuth [Wed, 26 Oct 2011 08:38:59 +0000 (04:38 -0400)]
ext4: handle NULL p_ext in ext4_ext_next_allocated_block()

In ext4_ext_next_allocated_block(), the path[depth] might
have a p_ext that is NULL -- see ext4_ext_binsearch().  In
such a case, dereferencing it will crash the machine.

This patch checks for p_ext == NULL in
ext4_ext_next_allocated_block() before dereferencinging it.

Tested using a hand-crafted an inode with eh_entries == 0 in
an extent block, verified that running FIEMAP on it crashes
without this patch, works fine with it.

Signed-off-by: Curt Wohlgemuth <curtw@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: error handling fix in ext4_ext_convert_to_initialized()
Dan Carpenter [Wed, 26 Oct 2011 07:42:36 +0000 (03:42 -0400)]
ext4: error handling fix in ext4_ext_convert_to_initialized()

When allocated is unsigned it breaks the error handling at the end
of the function when we call:
allocated = ext4_split_extent(...);
if (allocated < 0)
err = allocated;

I've made it a signed int instead of unsigned.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: use ext4_reserve_inode_write in ext4_xattr_set_handle
Eric Sandeen [Wed, 26 Oct 2011 07:32:07 +0000 (03:32 -0400)]
ext4: use ext4_reserve_inode_write in ext4_xattr_set_handle

ext4_mark_iloc_dirty() says:

 * The caller must have previously called ext4_reserve_inode_write().
 * Give this, we know that the caller already has write access to iloc->bh.

ext4_xattr_set_handle, however, just open-codes it.  May as well use
the helper function for consistency.

No bug here, just tidiness.

(Note: on cleanup path, ext4_reserve_inode_write sets
the bh to NULL if it returns an error, and brelse() of
a null bh is handled gracefully).

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: avoid setting directory i_nlink to zero
Andreas Dilger [Wed, 26 Oct 2011 07:22:31 +0000 (03:22 -0400)]
ext4: avoid setting directory i_nlink to zero

If a directory with more than EXT4_LINK_MAX subdirectories, the nlink
count is set to 1.  Subsequently, if any subdirectories are deleted,
ext4_dec_count() decrements the i_nlink count, which may go to 0
temporarily before being incremented back to 1.

While this is done under i_mutex, which prevents races for directory
and inode operations that check i_nlink, the temporary i_nlink == 0
case is exposed to userspace via stat() and similar calls that do not
hold i_mutex.

Instead, change the code to not decrement i_nlink count for any
directories that do not already have i_nlink larger than 2.

Reported-by: Cliff White <cliffw@whamcloud.com>
Reviewed-by: Johann Lombardi <johann@whamcloud.com>
Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: prevent stack overrun in ext4_file_open
Darrick J. Wong [Tue, 25 Oct 2011 13:18:41 +0000 (09:18 -0400)]
ext4: prevent stack overrun in ext4_file_open

In ext4_file_open, the filesystem records the mountpoint of the first
file that is opened after mounting the filesystem.  It does this by
allocating a 64-byte stack buffer, calling d_path() to grab the mount
point through which this file was accessed, and then memcpy()ing 64
bytes into the superblock's s_last_mounted field, starting from the
return value of d_path(), which is stored as "cp".  However, if cp >
buf (which it frequently is since path components are prepended
starting at the end of buf) then we can end up copying stack data into
the superblock.

Writing stack variables into the superblock doesn't sound like a great
idea, so use strlcpy instead.  Andi Kleen suggested using strlcpy
instead of strncpy.

Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: update EOFBLOCKS flag on fallocate properly
Dmitry Monakhov [Tue, 25 Oct 2011 12:15:12 +0000 (08:15 -0400)]
ext4: update EOFBLOCKS flag on fallocate properly

EOFBLOCK_FL should be updated if called w/o FALLOCATE_FL_KEEP_SIZE
Currently it happens only if new extent was allocated.

TESTCASE:
fallocate test_file -n -l4096
fallocate test_file -l4096
Last fallocate cmd has updated size, but keept EOFBLOCK_FL set. And
fsck will complain about that.

Also remove ping pong in ext4_fallocate() in case of new extents,
where ext4_ext_map_blocks() clear EOFBLOCKS bit, and later
ext4_falloc_update_inode() restore it again.

Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: remove messy logic from ext4_ext_rm_leaf
Dmitry Monakhov [Tue, 25 Oct 2011 09:35:05 +0000 (05:35 -0400)]
ext4: remove messy logic from ext4_ext_rm_leaf

- Both callers(truncate and punch_hole) already aligned left end point
  so we no longer need split logic here.
- Remove dead duplicated code.
- Call ext4_ext_dirty only after we have updated eh_entries, otherwise
  we'll loose entries update. Regression caused by d583fb87a3ff0
  266'th testcase in xfstests (http://patchwork.ozlabs.org/patch/120872)

Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: cleanup ext4_ext_grow_indepth code
Dmitry Monakhov [Sat, 22 Oct 2011 05:26:05 +0000 (01:26 -0400)]
ext4: cleanup ext4_ext_grow_indepth code

Currently code make an impression what grow procedure is very complicated
and some mythical paths, blocks are involved. But in fact grow in depth
it relatively simple procedure:
 1) Just create new meta block and copy root data to that block.
 2) Convert root from extent to index if old depth == 0
 3) Update root block pointer

This patch does:
 - Reorganize code to make it more self explanatory
 - Do not pass path parameter to new_meta_block() in order to
   provoke allocation from inode's group because top-level block
   should site closer to it's inode, but not to leaf data block.

   [ This happens anyway, due to logic in mballoc; we should drop
     the path parameter from new_meta_block() entirely.  -- tytso ]

Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: Allow quota file use root reservation
Dmitry Monakhov [Fri, 21 Oct 2011 00:07:23 +0000 (20:07 -0400)]
ext4: Allow quota file use root reservation

Quota file is fs's metadata, so it is reasonable  to permit use
root resevation if necessary. This patch fix 265'th xfstest failure

Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix the deadlock in mpage_da_map_and_submit()
Kazuya Mio [Thu, 20 Oct 2011 23:23:08 +0000 (19:23 -0400)]
ext4: fix the deadlock in mpage_da_map_and_submit()

If ext4_jbd2_file_inode() in mpage_da_map_and_submit() fails due to
journal abort, this function returns to caller without unlocking the
page.  It leads to the deadlock, and the patch fixes this issue by
calling mpage_da_submit_io().

Signed-off-by: Kazuya Mio <k-mio@sx.jp.nec.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix deadlock in ext4_ordered_write_end()
Akira Fujita [Thu, 20 Oct 2011 22:56:10 +0000 (18:56 -0400)]
ext4: fix deadlock in ext4_ordered_write_end()

If ext4_jbd2_file_inode() in ext4_ordered_write_end() fails for some
reasons, this function returns to caller without unlocking the page.
It leads to the deadlock, and the patch fixes this issue.

Signed-off-by: Akira Fujita <a-fujita@rs.jp.nec.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: quiet sparse noise about plain integer as NULL pointer
H Hartley Sweeten [Tue, 18 Oct 2011 15:01:51 +0000 (11:01 -0400)]
ext4: quiet sparse noise about plain integer as NULL pointer

The third parameter to ext4_free_blocks is a struct buffer_head *.  This
parameter should be NULL not 0.

This quiets the sparse noise:

warning: Using plain integer as NULL pointer

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: add __user decoration to calls of copy_{from,to}_user()
H Hartley Sweeten [Tue, 18 Oct 2011 14:59:51 +0000 (10:59 -0400)]
ext4: add __user decoration to calls of copy_{from,to}_user()

This quiets the sparse noise:

warning: incorrect type in argument 2 (different address spaces)
   expected void const [noderef] <asn:1>*from
   got struct fstrim_range *<noident>
warning: incorrect type in argument 1 (different address spaces)
   expected void [noderef] <asn:1>*to
   got struct fstrim_range *<noident>

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: functions should not be declared extern
H Hartley Sweeten [Tue, 18 Oct 2011 14:57:51 +0000 (10:57 -0400)]
ext4: functions should not be declared extern

The function declarations in ext4.h are already marked extern, so it's
not necessary to do so in the .c files.

This quiets the sparse noise:

warning: function 'ext4_flush_completed_IO' with external linkage has definition
warning: function 'ext4_init_inode_table' with external linkage has definition

Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: add block plug for .writepages
Shaohua Li [Tue, 18 Oct 2011 14:55:51 +0000 (10:55 -0400)]
ext4: add block plug for .writepages

Add block plug for ext4 .writepages. Though ext4 .writepages
already handles request merge very well, block plug is still
helpful to reduce block lock contention.

Signed-off-by: Shaohua Li <shaohua.li@intel.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: Fix comparison endianness problem in MMP initialization
Darrick J. Wong [Tue, 18 Oct 2011 14:53:51 +0000 (10:53 -0400)]
ext4: Fix comparison endianness problem in MMP initialization

As part of startup, the MMP initialization code does this:

mmp->mmp_seq = seq = cpu_to_le32(mmp_new_seq());

Next, mmp->mmp_seq is written out to disk, a delay happens, and then
the MMP block is read back in and the sequence value is tested:

if (seq != le32_to_cpu(mmp->mmp_seq)) {
/* fail the mount */

On a LE system such as x86, the *le32* functions do nothing and this
works.  Unfortunately, on a BE system such as ppc64, this comparison
becomes:

if (cpu_to_le32(new_seq) != le32_to_cpu(cpu_to_le32(new_seq)) {
/* fail the mount */

Except for a few palindromic sequence numbers, this test always causes
the mount to fail, which makes MMP filesystems generally unmountable
on ppc64.  The attached patch fixes this situation.

Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: MMP: fix error message rate-limiting logic in kmmpd
Nikitas Angelinas [Tue, 18 Oct 2011 14:51:51 +0000 (10:51 -0400)]
ext4: MMP: fix error message rate-limiting logic in kmmpd

Current logic would print an error message only once, and then
'failed_writes' would stay at 1.  Rework the loop to increment
'failed_writes' and print the error message every
s_mmp_update_interval * 60 seconds, as intended according to the
comment.

Signed-off-by: Nikitas Angelinas <nikitas_angelinas@xyratex.com>
Signed-off-by: Andrew Perepechko <andrew_perepechko@xyratex.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Acked-by: Andreas Dilger <adilger@dilger.ca>
13 years agoext4: MMP: kmmpd should use nodename from init_uts_ns.name, not sysname
Nikitas Angelinas [Tue, 18 Oct 2011 14:49:51 +0000 (10:49 -0400)]
ext4: MMP: kmmpd should use nodename from init_uts_ns.name, not sysname

sysname holds "Linux" by default, i.e. what appears when doing a "uname
-s"; nodename should be used to print the machine's hostname, i.e. what
is returned when doing a "uname -n" or "hostname", and what
gethostname(2)/sethostname(2) manipulate, in order to notify the
administrator of the node which is contending to mount the filesystem.

Acked-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Nikitas Angelinas <nikitas_angelinas@xyratex.com>
Signed-off-by: Andrew Perepechko <andrew_perepechko@xyratex.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: avoid stamping on other memories in ext4_ext_insert_index()
Tao Ma [Mon, 17 Oct 2011 14:13:46 +0000 (10:13 -0400)]
ext4: avoid stamping on other memories in ext4_ext_insert_index()

Add a sanity check to make sure ix hasn't gone beyond the valid bounds
of the extent block.

Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix ext4 so it works without CONFIG_PROC_FS
Fabrice Jouhaud [Sat, 8 Oct 2011 20:26:03 +0000 (16:26 -0400)]
ext4: fix ext4 so it works without CONFIG_PROC_FS

This fixes a bug which was introduced in dd68314ccf3fb.  The problem
came from the test of the return value of proc_mkdir which is always
false without procfs, and this would initialization of ext4.

Signed-off-by: Fabrice Jouhaud <yargil@free.fr>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: use le32_to_cpu for ext4_extent_idx.ei_block in ext4_ext_search_left()
Tao Ma [Sat, 8 Oct 2011 20:08:34 +0000 (16:08 -0400)]
ext4: use le32_to_cpu for ext4_extent_idx.ei_block in ext4_ext_search_left()

ext4_extent_idx.e_block is __le32, so use le32_to_cpu() in
ext4_ext_search_left().

Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: remove the obsolete/broken EXT4_IOC_WAIT_FOR_READONLY ioctl
Tao Ma [Sat, 8 Oct 2011 19:56:35 +0000 (15:56 -0400)]
ext4: remove the obsolete/broken EXT4_IOC_WAIT_FOR_READONLY ioctl

There are no users of the EXT4_IOC_WAIT_FOR_READONLY ioctl, and it is
also broken.  No one sets the set_ro_timer, no one wakes up us and our
state is set to TASK_INTERRUPTIBLE not RUNNING.  So remove it.

Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix the comment describing ext4_ext_search_right()
Tao Ma [Sat, 8 Oct 2011 19:53:49 +0000 (15:53 -0400)]
ext4: fix the comment describing ext4_ext_search_right()

The comment describing what ext4_ext_search_right() does is incorrect.
We return 0 in *phys when *logical is the 'largest' allocated block,
not smallest.

Fix a few other typos while we're at it.

Cc: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Tao Ma <boyu.mt@taobao.com>
13 years agoext4: remove deprecated oldalloc
Lukas Czerner [Sat, 8 Oct 2011 18:34:47 +0000 (14:34 -0400)]
ext4: remove deprecated oldalloc

For a long time now orlov is the default block allocator in the
ext4. It performs better than the old one and no one seems to claim
otherwise so we can safely drop it and make oldalloc and orlov mount
option deprecated.

This is a part of the effort to reduce number of ext4 options hence the
test matrix.

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: documentation: remove acl and user_xattr mount options
Theodore Ts'o [Sat, 8 Oct 2011 18:01:08 +0000 (14:01 -0400)]
ext4: documentation: remove acl and user_xattr mount options

Acl and user_xattr mount options are no longer needed since those
features are enabled by default if configured in (seee commit
ea6633369458992241599c9d9ebadffaeddec164). We can not easily deprecate
mount options itself (since it is probably too early), but we can
remove it from documentation first.

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: Free resources in some error path in ext4_fill_super
Tao Ma [Thu, 6 Oct 2011 16:10:11 +0000 (12:10 -0400)]
ext4: Free resources in some error path in ext4_fill_super

Some of the error path in ext4_fill_super don't release the
resouces properly. So this patch just try to release them
in the right way.

Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: Free resources in ext4_mb_init()'s error paths
Tao Ma [Thu, 6 Oct 2011 14:22:28 +0000 (10:22 -0400)]
ext4: Free resources in ext4_mb_init()'s error paths

In commit 79a77c5ac, we move ext4_mb_init_backend after the allocation
of s_locality_group to avoid memory leak in error path, but there are
still some other error paths in ext4_mb_init that need to do the same
work. So this patch adds all the error patch for ext4_mb_init. And all
the pointers are reset to NULL in case the caller may double free them.

Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: attempt to fix race in bigalloc code path
Aditya Kali [Fri, 9 Sep 2011 23:20:51 +0000 (19:20 -0400)]
ext4: attempt to fix race in bigalloc code path

Currently, there exists a race between delayed allocated writes and
the writeback when bigalloc feature is in use. The race was because we
wanted to determine what blocks in a cluster are under delayed
allocation and we were using buffer_delayed(bh) check for it. But, the
writeback codepath clears this bit without any synchronization which
resulted in a race and an ext4 warning similar to:

EXT4-fs (ram1): ext4_da_update_reserve_space: ino 13, used 1 with only 0
reserved data blocks

The race existed in two places.
(1) between ext4_find_delalloc_range() and ext4_map_blocks() when called from
    writeback code path.
(2) between ext4_find_delalloc_range() and ext4_da_get_block_prep() (where
    buffer_delayed(bh) is set.

To fix (1), this patch introduces a new buffer_head state bit -
BH_Da_Mapped.  This bit is set under the protection of
EXT4_I(inode)->i_data_sem when we have actually mapped the delayed
allocated blocks during the writeout time. We can now reliably check
for this bit inside ext4_find_delalloc_range() to determine whether
the reservation for the blocks have already been claimed or not.

To fix (2), it was necessary to set buffer_delay(bh) under the
protection of i_data_sem.  So, I extracted the very beginning of
ext4_map_blocks into a new function - ext4_da_map_blocks() - and
performed the required setting of bh_delay bit and the quota
reservation under the protection of i_data_sem.  These two fixes makes
the checking of buffer_delay(bh) and buffer_da_mapped(bh) consistent,
thus removing the race.

Tested: I was able to reproduce the problem by running 'dd' and
'fsync' in parallel. Also, xfstests sometimes used to reproduce this
race. After the fix both my test and xfstests were successful and no
race (warning message) was observed.

Google-Bug-Id: 4997027

Signed-off-by: Aditya Kali <adityakali@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: add some tracepoints in ext4/extents.c
Aditya Kali [Fri, 9 Sep 2011 23:18:51 +0000 (19:18 -0400)]
ext4: add some tracepoints in ext4/extents.c

This patch adds some tracepoints in ext4/extents.c and updates a tracepoint in
ext4/inode.c.

Tested: Built and ran the kernel and verified that these tracepoints work.
Also ran xfstests.

Signed-off-by: Aditya Kali <adityakali@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: rename ext4_has_free_blocks() to ext4_has_free_clusters()
Theodore Ts'o [Fri, 9 Sep 2011 23:16:51 +0000 (19:16 -0400)]
ext4: rename ext4_has_free_blocks() to ext4_has_free_clusters()

Rename the function so it is more clear what is going on.  Also rename
the various variables so it's clearer what's happening.

Also fix a missing blocks to cluster conversion when reading the
number of reserved blocks for root.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: rename ext4_claim_free_blocks() to ext4_claim_free_clusters()
Theodore Ts'o [Fri, 9 Sep 2011 23:14:51 +0000 (19:14 -0400)]
ext4: rename ext4_claim_free_blocks() to ext4_claim_free_clusters()

This function really claims a number of free clusters, not blocks, so
rename it so it's clearer what's going on.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: rename ext4_free_blocks_after_init() to ext4_free_clusters_after_init()
Theodore Ts'o [Fri, 9 Sep 2011 23:12:51 +0000 (19:12 -0400)]
ext4: rename ext4_free_blocks_after_init() to ext4_free_clusters_after_init()

This function really returns the number of clusters after initializing
an uninitalized block bitmap has been initialized.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: rename ext4_count_free_blocks() to ext4_count_free_clusters()
Theodore Ts'o [Fri, 9 Sep 2011 23:10:51 +0000 (19:10 -0400)]
ext4: rename ext4_count_free_blocks() to ext4_count_free_clusters()

This function really counts the free clusters reported in the block
group descriptors, so rename it to reduce confusion.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: Rename ext4_free_blks_{count,set}() to refer to clusters
Theodore Ts'o [Fri, 9 Sep 2011 23:08:51 +0000 (19:08 -0400)]
ext4: Rename ext4_free_blks_{count,set}() to refer to clusters

The field bg_free_blocks_count_{lo,high} in the block group
descriptor has been repurposed to hold the number of free clusters for
bigalloc functions.  So rename the functions so it makes it easier to
read and audit the block allocation and block freeing code.

Note: at this point in bigalloc development we doesn't support
online resize, so this also makes it really obvious all of the places
we need to fix up to add support for online resize.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: enable mounting bigalloc as read/write
Theodore Ts'o [Fri, 9 Sep 2011 23:06:51 +0000 (19:06 -0400)]
ext4: enable mounting bigalloc as read/write

Now that we have implemented all of the changes needed for bigalloc,
we can finally enable it!

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: Fix bigalloc quota accounting and i_blocks value
Aditya Kali [Fri, 9 Sep 2011 23:04:51 +0000 (19:04 -0400)]
ext4: Fix bigalloc quota accounting and i_blocks value

With bigalloc changes, the i_blocks value was not correctly set (it was still
set to number of blocks being used, but in case of bigalloc, we want i_blocks
to represent the number of clusters being used). Since the quota subsystem sets
the i_blocks value, this patch fixes the quota accounting and makes sure that
the i_blocks value is set correctly.

Signed-off-by: Aditya Kali <adityakali@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: tune mballoc's default group prealloc size for bigalloc file systems
Theodore Ts'o [Fri, 9 Sep 2011 23:02:51 +0000 (19:02 -0400)]
ext4: tune mballoc's default group prealloc size for bigalloc file systems

The default group preallocation size had been previously set to 512
blocks/clusters, regardless of the block/cluster size.  This is
probably too big for large cluster sizes.  So adjust the default so
that it is 2 megabytes or 32 clusters, whichever is larger.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: teach ext4_statfs() to deal with clusters if bigalloc is enabled
Theodore Ts'o [Fri, 9 Sep 2011 23:00:51 +0000 (19:00 -0400)]
ext4: teach ext4_statfs() to deal with clusters if bigalloc is enabled

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: convert the free_blocks field in s_flex_groups to be free_clusters
Theodore Ts'o [Fri, 9 Sep 2011 22:58:51 +0000 (18:58 -0400)]
ext4: convert the free_blocks field in s_flex_groups to be free_clusters

Convert the free_blocks to be free_clusters to make the final revised
bigalloc changes easier to read/understand.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: convert s_{dirty,free}blocks_counter to s_{dirty,free}clusters_counter
Theodore Ts'o [Fri, 9 Sep 2011 22:56:51 +0000 (18:56 -0400)]
ext4: convert s_{dirty,free}blocks_counter to s_{dirty,free}clusters_counter

Convert the percpu counters s_dirtyblocks_counter and
s_freeblocks_counter in struct ext4_super_info to be
s_dirtyclusters_counter and s_freeclusters_counter.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: teach ext4_ext_truncate() about the bigalloc feature
Theodore Ts'o [Fri, 9 Sep 2011 22:54:51 +0000 (18:54 -0400)]
ext4: teach ext4_ext_truncate() about the bigalloc feature

When we are truncating (as opposed unlinking) a file, we need to worry
about partial truncates of a file, especially in the light of sparse
files.  The changes here make sure that arbitrary truncates of sparse
files works correctly.  Yeah, it's messy.

Note that these functions will need to be revisted when the punch
ioctl is integrated --- in fact this commit will probably have merge
conflicts with the punch changes which Allison Henders and the IBM LTC
have been working on.  I will need to fix this up when either patch
hits mainline.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: teach ext4_ext_map_blocks() about the bigalloc feature
Theodore Ts'o [Fri, 9 Sep 2011 22:52:51 +0000 (18:52 -0400)]
ext4: teach ext4_ext_map_blocks() about the bigalloc feature

If we need to allocate a new block in ext4_ext_map_blocks(), the
function needs to see if the cluster has already been allocated.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: teach ext4_free_blocks() about bigalloc and clusters
Theodore Ts'o [Fri, 9 Sep 2011 22:50:51 +0000 (18:50 -0400)]
ext4: teach ext4_free_blocks() about bigalloc and clusters

The ext4_free_blocks() function now has two new flags that indicate
whether a partial cluster at the beginning or the end of the block
extents should be freed or not.  That will be up the caller (i.e.,
truncate), who can figure out whether partial clusters at the
beginning or the end of a block range can be freed.

We also have to update the ext4_mb_free_metadata() and
release_blocks_on_commit() machinery to be cluster-based, since it is
used by ext4_free_blocks().

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: teach mballoc preallocation code about bigalloc clusters
Theodore Ts'o [Fri, 9 Sep 2011 22:48:51 +0000 (18:48 -0400)]
ext4: teach mballoc preallocation code about bigalloc clusters

In most of mballoc.c, we do everything in units of clusters, since the
block allocation bitmaps and buddy bitmaps are all denominated in
clusters.  The one place where we do deal with absolute block numbers
is in the code that handles the preallocation regions, since in the
case of inode-based preallocation regions, the start of the
preallocation region can't be relative to the beginning of the group.

So this adds a bit of complexity, where pa_pstart and pa_lstart are
block numbers, while pa_free, pa_len, and fe_len are denominated in
units of clusters.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: convert block group-relative offsets to use clusters
Theodore Ts'o [Fri, 9 Sep 2011 22:46:51 +0000 (18:46 -0400)]
ext4: convert block group-relative offsets to use clusters

Certain parts of the ext4 code base, primarily in mballoc.c, use a
block group number and offset from the beginning of the block group.
This offset is invariably used to index into the allocation bitmap, so
change the offset to be denominated in units of clusters.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: bigalloc changes to block bitmap initialization functions
Theodore Ts'o [Fri, 9 Sep 2011 22:44:51 +0000 (18:44 -0400)]
ext4: bigalloc changes to block bitmap initialization functions

Add bigalloc support to ext4_init_block_bitmap() and
ext4_free_blocks_after_init().

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: split out ext4_free_blocks_after_init()
Theodore Ts'o [Fri, 9 Sep 2011 22:42:51 +0000 (18:42 -0400)]
ext4: split out ext4_free_blocks_after_init()

The function ext4_free_blocks_after_init() used to be a #define of
ext4_init_block_bitmap().  This actually made it difficult to
understand how the function worked, and made it hard make changes to
support clusters.  So as an initial cleanup, I've separated out the
functionality of initializing block bitmap from calculating the number
of free blocks in the new block group.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: factor out block group accounting into functions
Theodore Ts'o [Fri, 9 Sep 2011 22:40:51 +0000 (18:40 -0400)]
ext4: factor out block group accounting into functions

This makes it easier to understand how ext4_init_block_bitmap() works,
and it will assist when we split out ext4_free_blocks_after_init() in
the next commit.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: convert instances of EXT4_BLOCKS_PER_GROUP to EXT4_CLUSTERS_PER_GROUP
Theodore Ts'o [Fri, 9 Sep 2011 22:38:51 +0000 (18:38 -0400)]
ext4: convert instances of EXT4_BLOCKS_PER_GROUP to EXT4_CLUSTERS_PER_GROUP

Change the places in fs/ext4/mballoc.c where EXT4_BLOCKS_PER_GROUP are
used to indicate the number of bits in a block bitmap (which is really
a cluster allocation bitmap in bigalloc file systems).  There are
still some places in the ext4 codebase where usage of
EXT4_BLOCKS_PER_GROUP needs to be audited/fixed, in code paths that
aren't used given the initial restricted assumptions for bigalloc.
These will need to be fixed before we can relax those restrictions.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: enforce bigalloc restrictions (e.g., no online resizing, etc.)
Theodore Ts'o [Fri, 9 Sep 2011 22:36:51 +0000 (18:36 -0400)]
ext4: enforce bigalloc restrictions (e.g., no online resizing, etc.)

At least initially if the bigalloc feature is enabled, we will not
support non-extent mapped inodes, online resizing, online defrag, or
the FITRIM ioctl.  This simplifies the initial implementation.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: read-only support for bigalloc file systems
Theodore Ts'o [Fri, 9 Sep 2011 22:34:51 +0000 (18:34 -0400)]
ext4: read-only support for bigalloc file systems

This adds supports for bigalloc file systems.  It teaches the mount
code just enough about bigalloc superblock fields that it will mount
the file system without freaking out that the number of blocks per
group is too big.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: add ext4-specific kludge to avoid an oops after the disk disappears
Theodore Ts'o [Fri, 9 Sep 2011 22:28:51 +0000 (18:28 -0400)]
ext4: add ext4-specific kludge to avoid an oops after the disk disappears

The del_gendisk() function uninitializes the disk-specific data
structures, including the bdi structure, without telling anyone
else.  Once this happens, any attempt to call mark_buffer_dirty()
(for example, by ext4_commit_super), will cause a kernel OOPS.

Fix this for now until we can fix things in an architecturally correct
way.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix partial page writes
Allison Henderson [Wed, 7 Sep 2011 01:53:01 +0000 (21:53 -0400)]
ext4: fix partial page writes

While running extended fsx tests to verify the preceeding patches,
a similar bug was also found in the write operation

When ever a write operation begins or ends in a hole,
or extends EOF, the partial page contained in the hole
or beyond EOF needs to be zeroed out.

To correct this the new ext4_discard_partial_page_buffers_no_lock
routine is used to zero out the partial page, but only for buffer
heads that are already unmapped.

Signed-off-by: Allison Henderson <achender@linux.vnet.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix fsx truncate failure
Allison Henderson [Wed, 7 Sep 2011 01:49:44 +0000 (21:49 -0400)]
ext4: fix fsx truncate failure

While running extended fsx tests to verify the first
two patches, a similar bug was also found in the
truncate operation.

This bug happens because the truncate routine only zeros
the unblock aligned portion of the last page.  This means
that the block aligned portions of the page appearing after
i_size are left unzeroed, and the buffer heads still mapped.

This bug is corrected by using ext4_discard_partial_page_buffers
in the truncate routine to zero the partial page and unmap
the buffer headers.

Signed-off-by: Allison Henderson <achender@linux.vnet.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: only call ext4_jbd2_file_inode when an inode has been extended
Theodore Ts'o [Tue, 6 Sep 2011 06:37:06 +0000 (02:37 -0400)]
ext4: only call ext4_jbd2_file_inode when an inode has been extended

In delayed allocation mode, it's important to only call
ext4_jbd2_file_inode when the file has been extended.  This is
necessary to avoid a race which first got introduced in commit
678aaf481, but which was made much more common with the introduction
of the "punch hole" functionality.  (Especially when dioread_nolock
was enabled; when I could reliably reproduce this problem with
xfstests #74.)

The race is this: If while trying to writeback a delayed allocation
inode, there is a need to map delalloc blocks, and we run out of space
in the journal, *and* at the same time the inode is already on the
committing transaction's t_inode_list (because for example while doing
the punch hole operation, ext4_jbd2_file_inode() is called), then the
commit operation will wait for the inode to finish all of its pending
writebacks by calling filemap_fdatawait(), but since that inode has
one or more pages with the PageWriteback flag set, the commit
operation will wait forever, and the so the writeback of the inode can
never take place, and the kjournald thread and the writeback thread
end up waiting for each other --- forever.

It's important at this point to recall why an inode is placed on the
t_inode_list; it is to provide the data=ordered guarantees that we
don't end up exposing stale data.  In the case where we are truncating
or punching a hole in the inode, there is no possibility that stale
data could be exposed in the first place, so we don't need to put the
inode on the t_inode_list!

The right long-term fix is to get rid of data=ordered mode altogether,
and only update the extent tree or indirect blocks after the data has
been written.  Until then, this change will also avoid some
unnecessary waiting in the commit operation.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: Allison Henderson <achender@linux.vnet.ibm.com>
Cc: Jan Kara <jack@suse.cz>
13 years agojbd2: use gfp_t instead of int
Dan Carpenter [Sun, 4 Sep 2011 14:20:14 +0000 (10:20 -0400)]
jbd2: use gfp_t instead of int

This silences some Sparse warnings:
fs/jbd2/transaction.c:135:69: warning: incorrect type in argument 2 (different base types)
fs/jbd2/transaction.c:135:69:    expected restricted gfp_t [usertype] flags
fs/jbd2/transaction.c:135:69:    got int [signed] gfp_mask

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agojbd2: add debugging information to jbd2_journal_dirty_metadata()
Theodore Ts'o [Sun, 4 Sep 2011 14:18:14 +0000 (10:18 -0400)]
jbd2: add debugging information to jbd2_journal_dirty_metadata()

Add debugging information in case jbd2_journal_dirty_metadata() is
called with a buffer_head which didn't have
jbd2_journal_get_write_access() called on it, or if the journal_head
has the wrong transaction in it.  In addition, return an error code.
This won't change anything for ocfs2, which will BUG_ON() the non-zero
exit code.

For ext4, the caller of this function is ext4_handle_dirty_metadata(),
and on seeing a non-zero return code, will call __ext4_journal_stop(),
which will print the function and line number of the (buggy) calling
function and abort the journal.  This will allow us to recover instead
of bug halting, which is better from a robustness and reliability
point of view.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: improve handling of conflicting mount options
Theodore Ts'o [Sat, 3 Sep 2011 22:22:38 +0000 (18:22 -0400)]
ext4: improve handling of conflicting mount options

If the user explicitly specifies conflicting mount options for
delalloc or dioread_nolock and data=journal, fail the mount, instead
of printing a warning and continuing (since many user's won't look at
dmesg and notice the warning).

Also, print a single warning that data=journal implies that delayed
allocation is not on by default (since it's not supported), and
furthermore that O_DIRECT is not supported.  Improve the text in
Documentation/filesystems/ext4.txt so this is clear there as well.

Similarly, if the dioread_nolock mount option is specified when the
file system block size != PAGE_SIZE, fail the mount instead of
printing a warning message and ignoring the mount option.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: fix 2nd xfstests 127 punch hole failure
Allison Henderson [Sat, 3 Sep 2011 15:56:52 +0000 (11:56 -0400)]
ext4: fix 2nd xfstests 127 punch hole failure

This patch fixes a second punch hole bug found by xfstests 127.

This bug happens because punch hole needs to flush the pages
of the hole to avoid race conditions.  But if the end of the
hole is in the same page as i_size, the buffer heads beyond
i_size need to be unmapped and the page needs to be zeroed
after it is flushed.

To correct this, the new ext4_discard_partial_page_buffers
routine is used to zero and unmap the partial page
beyond i_size if the end of the hole appears in the same
page as i_size.

The code has also been optimized to set the end of the hole
to the page after i_size if the specified hole exceeds i_size,
and the code that flushes the pages has been simplified.

Signed-off-by: Allison Henderson <achender@linux.vnet.ibm.com>
13 years agoext4: fix xfstests 75, 112, 127 punch hole failure
Allison Henderson [Sat, 3 Sep 2011 15:55:59 +0000 (11:55 -0400)]
ext4: fix xfstests 75, 112, 127 punch hole failure

This patch addresses a bug found by xfstests 75, 112, 127
when blocksize = 1k

This bug happens because the punch hole code only zeros
out non block aligned regions of the page.  This means that if the
blocks are smaller than a page, then the block aligned regions of
the page inside the hole are left un-zeroed, and their buffer heads
are still mapped.  This bug is corrected by using
ext4_discard_partial_page_buffers to properly zero the partial page
at the head and tail of the hole, and unmap the corresponding buffer
heads

This patch also addresses a bug reported by Lukas while working on a
new patch to add discard support for loop devices using punch hole.
The bug happened because of the first and last block number
needed to be cast to a larger data type before calculating the
byte offset, but since now we only need the byte offsets of the
pages, we no longer even need to be calculating the byte offsets
of the blocks.  The code to do the block offset calculations is
removed in this patch.

Signed-off-by: Allison Henderson <achender@linux.vnet.ibm.com>
13 years agoext4: Add new ext4_discard_partial_page_buffers routines
Allison Henderson [Sat, 3 Sep 2011 15:51:09 +0000 (11:51 -0400)]
ext4: Add new ext4_discard_partial_page_buffers routines

This patch adds two new routines: ext4_discard_partial_page_buffers
and ext4_discard_partial_page_buffers_no_lock.

The ext4_discard_partial_page_buffers routine is a wrapper
function to ext4_discard_partial_page_buffers_no_lock.
The wrapper function locks the page and passes it to
ext4_discard_partial_page_buffers_no_lock.
Calling functions that already have the page locked can call
ext4_discard_partial_page_buffers_no_lock directly.

The ext4_discard_partial_page_buffers_no_lock function
zeros a specified range in a page, and unmaps the
corresponding buffer heads.  Only block aligned regions of the
page will have their buffer heads unmapped.  Unblock aligned regions
will be mapped if needed so that they can be updated with the
partial zero out.  This function is meant to
be used to update a page and its buffer heads to be zeroed
and unmapped when the corresponding blocks have been released
or will be released.

This routine is used in the following scenarios:
* A hole is punched and the non page aligned regions
  of the head and tail of the hole need to be discarded

* The file is truncated and the partial page beyond EOF needs
  to be discarded

* The end of a hole is in the same page as EOF.  After the
  page is flushed, the partial page beyond EOF needs to be
  discarded.

* A write operation begins or ends inside a hole and the partial
  page appearing before or after the write needs to be discarded

* A write operation extends EOF and the partial page beyond EOF
  needs to be discarded

This function takes a flag EXT4_DISCARD_PARTIAL_PG_ZERO_UNMAPPED
which is used when a write operation begins or ends in a hole.
When the EXT4_DISCARD_PARTIAL_PG_ZERO_UNMAPPED flag is used, only
buffer heads that are already unmapped will have the corresponding
regions of the page zeroed.

Signed-off-by: Allison Henderson <achender@linux.vnet.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext4: call ext4_handle_dirty_metadata with correct inode in ext4_dx_add_entry
Theodore Ts'o [Wed, 31 Aug 2011 16:02:51 +0000 (12:02 -0400)]
ext4: call ext4_handle_dirty_metadata with correct inode in ext4_dx_add_entry

ext4_dx_add_entry manipulates bh2 and frames[0].bh, which are two buffer_heads
that point to directory blocks assigned to the directory inode.  However, the
function calls ext4_handle_dirty_metadata with the inode of the file that's
being added to the directory, not the directory inode itself.  Therefore,
correct the code to dirty the directory buffers with the directory inode, not
the file inode.

Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
13 years agoext4: ext4_mkdir should dirty dir_block with newly created directory inode
Darrick J. Wong [Wed, 31 Aug 2011 16:00:51 +0000 (12:00 -0400)]
ext4: ext4_mkdir should dirty dir_block with newly created directory inode

ext4_mkdir calls ext4_handle_dirty_metadata with dir_block and the inode "dir".
Unfortunately, dir_block belongs to the newly created directory (which is
"inode"), not the parent directory (which is "dir").  Fix the incorrect
association.

Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
13 years agoext4: ext4_rename should dirty dir_bh with the correct directory
Darrick J. Wong [Wed, 31 Aug 2011 15:58:51 +0000 (11:58 -0400)]
ext4: ext4_rename should dirty dir_bh with the correct directory

When ext4_rename performs a directory rename (move), dir_bh is a
buffer that is modified to update the '..' link in the directory being
moved (old_inode).  However, ext4_handle_dirty_metadata is called with
the old parent directory inode (old_dir) and dir_bh, which is
incorrect because dir_bh does not belong to the parent inode.  Fix
this error.

Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
13 years agoext4: fake direct I/O mode for data=journal
Theodore Ts'o [Wed, 31 Aug 2011 15:56:51 +0000 (11:56 -0400)]
ext4: fake direct I/O mode for data=journal

Currently attempts to open a file with O_DIRECT in data=journal mode
causes the open to fail with -EINVAL.  This makes it very hard to test
data=journal mode.  So we will let the open succeed, but then always
fall back to O_DSYNC buffered writes.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoext2,ext3,ext4: don't inherit APPEND_FL or IMMUTABLE_FL for new inodes
Theodore Ts'o [Wed, 31 Aug 2011 15:54:51 +0000 (11:54 -0400)]
ext2,ext3,ext4: don't inherit APPEND_FL or IMMUTABLE_FL for new inodes

This doesn't make much sense, and it exposes a bug in the kernel where
attempts to create a new file in an append-only directory using
O_CREAT will fail (but still leave a zero-length file).  This was
discovered when xfstests #79 was generalized so it could run on all
file systems.

Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc:stable@kernel.org

13 years agoext4: remove i_mutex lock in ext4_evict_inode to fix lockdep complaining
Jiaying Zhang [Wed, 31 Aug 2011 15:50:51 +0000 (11:50 -0400)]
ext4: remove i_mutex lock in ext4_evict_inode to fix lockdep complaining

The i_mutex lock and flush_completed_IO() added by commit 2581fdc810
in ext4_evict_inode() causes lockdep complaining about potential
deadlock in several places.  In most/all of these LOCKDEP complaints
it looks like it's a false positive, since many of the potential
circular locking cases can't take place by the time the
ext4_evict_inode() is called; but since at the very least it may mask
real problems, we need to address this.

This change removes the flush_completed_IO() and i_mutex lock in
ext4_evict_inode().  Instead, we take a different approach to resolve
the software lockup that commit 2581fdc810 intends to fix.  Rather
than having ext4-dio-unwritten thread wait for grabing the i_mutex
lock of an inode, we use mutex_trylock() instead, and simply requeue
the work item if we fail to grab the inode's i_mutex lock.

This should speed up work queue processing in general and also
prevents the following deadlock scenario: During page fault,
shrink_icache_memory is called that in turn evicts another inode B.
Inode B has some pending io_end work so it calls ext4_ioend_wait()
that waits for inode B's i_ioend_count to become zero.  However, inode
B's ioend work was queued behind some of inode A's ioend work on the
same cpu's ext4-dio-unwritten workqueue.  As the ext4-dio-unwritten
thread on that cpu is processing inode A's ioend work, it tries to
grab inode A's i_mutex lock.  Since the i_mutex lock of inode A is
still hold before the page fault happened, we enter a deadlock.

Signed-off-by: Jiaying Zhang <jiayingz@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
13 years agoLinux 3.1-rc3
Linus Torvalds [Mon, 22 Aug 2011 18:42:53 +0000 (11:42 -0700)]
Linux 3.1-rc3

13 years agoMerge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Mon, 22 Aug 2011 18:26:56 +0000 (11:26 -0700)]
Merge branch 'perf-urgent-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  perf tools: Add group event scheduling option to perf record/stat
  MAINTAINERS: Fix list of perf events source files
  perf tools: Fix build against newer glibc
  perf tools: Fix error handling of unknown events
  perf evlist: Fix missing event name init for default event
  perf list: Fix exit value

13 years agoMerge branch 'stable/bug.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Mon, 22 Aug 2011 18:25:44 +0000 (11:25 -0700)]
Merge branch 'stable/bug.fixes' of git://git./linux/kernel/git/konrad/xen

* 'stable/bug.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen/tracing: Fix tracing config option properly
  xen: Do not enable PV IPIs when vector callback not present
  xen/x86: replace order-based range checking of M2P table by linear one
  xen: xen-selfballoon.c needs more header files

13 years agoxen/tracing: Fix tracing config option properly
Jeremy Fitzhardinge [Thu, 11 Aug 2011 20:17:20 +0000 (13:17 -0700)]
xen/tracing: Fix tracing config option properly

Steven Rostedt says we should use CONFIG_EVENT_TRACING.

Cc:Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
13 years agoxen: Do not enable PV IPIs when vector callback not present
Stefano Stabellini [Wed, 17 Aug 2011 13:15:00 +0000 (15:15 +0200)]
xen: Do not enable PV IPIs when vector callback not present

Fix regression for HVM case on older (<4.1.1) hypervisors caused by

  commit 99bbb3a84a99cd04ab16b998b20f01a72cfa9f4f
  Author: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
  Date:   Thu Dec 2 17:55:10 2010 +0000

    xen: PV on HVM: support PV spinlocks and IPIs

This change replaced the SMP operations with event based handlers without
taking into account that this only works when the hypervisor supports
callback vectors. This causes unexplainable hangs early on boot for
HVM guests with more than one CPU.

BugLink: http://bugs.launchpad.net/bugs/791850
CC: stable@kernel.org
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Tested-and-Reported-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
13 years agoMerge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1...
Linus Torvalds [Mon, 22 Aug 2011 01:13:19 +0000 (18:13 -0700)]
Merge branch 'fixes' of git://git./linux/kernel/git/ieee1394/linux1394-2.6

* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6:
  firewire: core: handle ack_busy when fetching the Config ROM

13 years agoBtrfs: fix 64 bit divide problem
Josef Bacik [Sat, 20 Aug 2011 12:29:51 +0000 (08:29 -0400)]
Btrfs: fix 64 bit divide problem

This fixes a regression introduced by commit cdcb725c05fe ("Btrfs: check
if there is enough space for balancing smarter").  We can't do 64-bit
divides on 32-bit architectures.

In cases where we need to divide/multiply by 2 we should just left/right
shift respectively, and in cases where theres N number of devices use
do_div.  Also make the counters u64 to match up with rw_devices.
Thanks,

Signed-off-by: Josef Bacik <josef@redhat.com>
Acked-and-tested-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoMerge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Linus Torvalds [Sun, 21 Aug 2011 13:59:41 +0000 (06:59 -0700)]
Merge branch 'for_linus' of git://git./linux/kernel/git/tytso/ext4

* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
  ext4: flush any pending end_io requests before DIO reads w/dioread_nolock
  ext4: fix nomblk_io_submit option so it correctly converts uninit blocks
  ext4: Resolve the hang of direct i/o read in handling EXT4_IO_END_UNWRITTEN.
  ext4: call ext4_ioend_wait and ext4_flush_completed_IO in ext4_evict_inode
  ext4: Fix ext4_should_writeback_data() for no-journal mode

13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6
Linus Torvalds [Sun, 21 Aug 2011 13:59:02 +0000 (06:59 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/tiwai/sound-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
  ALSA: sound/aoa/fabrics/layout.c: remove unneeded kfree
  ALSA: hda - Fix error check from snd_hda_get_conn_index() in patch_cirrus.c
  ALSA: hda - Don't spew too many ELD errors
  ALSA: usb-audio - Fix missing mixer dB information
  ALSA: hda - Add "PCM" volume to vmaster slave list
  ALSA: hda - Fix duplicated capture-volume creation for ALC268 models
  ALSA: ac97: Add HP Compaq dc5100 SFF(PT003AW) to Headphone Jack Sense whitelist
  ALSA: snd_usb_caiaq: track submitted output urbs

13 years agopci: fix new kernel-doc warning in pci.c
Randy Dunlap [Sat, 20 Aug 2011 18:49:43 +0000 (11:49 -0700)]
pci: fix new kernel-doc warning in pci.c

Fix new kernel-doc warning in pci.c:

  Warning(drivers/pci/pci.c:3259): No description found for parameter 'mps'
  Warning(drivers/pci/pci.c:3259): Excess function parameter 'rq' description in 'pcie_set_mps'

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Cc: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoALSA: sound/aoa/fabrics/layout.c: remove unneeded kfree
Julia Lawall [Sat, 20 Aug 2011 06:12:41 +0000 (08:12 +0200)]
ALSA: sound/aoa/fabrics/layout.c: remove unneeded kfree

The label outnodev is only used when kzalloc has not yet taken place or has
failed, so there is no need for the call for kfree under this label.

A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@@
identifier x;
expression E1!=0,E2,E3,E4;
statement S;
iterator I;
@@

(
if (...) { ... when != kfree(x)
               when != x = E3
               when != E3 = x
*  return ...;
 }
... when != x = E2
    when != I(...,x,...) S
if (...) { ... when != x = E4
 kfree(x); ... return ...; }
)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
13 years agoALSA: hda - Fix error check from snd_hda_get_conn_index() in patch_cirrus.c
Takashi Iwai [Sat, 20 Aug 2011 07:19:59 +0000 (09:19 +0200)]
ALSA: hda - Fix error check from snd_hda_get_conn_index() in patch_cirrus.c

snd_hda_get_conn_index() returns a negative value while the current code
stores it in an unsigned int.  It must be stored in a signed integer.

Reported-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
13 years agoALSA: hda - Don't spew too many ELD errors
Takashi Iwai [Sat, 20 Aug 2011 07:14:45 +0000 (09:14 +0200)]
ALSA: hda - Don't spew too many ELD errors

Currently HD-audio driver shows the all error ELD byte as an error
in the kernel message.  This is annoying when the video driver doesn't
set the correct ELD from the beginning. e.g. radeon sends a zero-byte
data, but we still check ELD with the fixed 128 byte as a workaround
for some broken devices, it spews 128-times errors.

For avoiding this, the driver aborts reading when the first byte is
invalid.  In such a case, the whole data is certainly invalid.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes...
Linus Torvalds [Sat, 20 Aug 2011 06:07:08 +0000 (23:07 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/jbarnes/drm-intel

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/drm-intel:
  drm/i915: set GFX_MODE to pre-Ivybridge default value even on Ivybridge

13 years agoext4: flush any pending end_io requests before DIO reads w/dioread_nolock
Jiaying Zhang [Fri, 19 Aug 2011 23:13:32 +0000 (19:13 -0400)]
ext4: flush any pending end_io requests before DIO reads w/dioread_nolock

There is a race between ext4 buffer write and direct_IO read with
dioread_nolock mount option enabled. The problem is that we clear
PageWriteback flag during end_io time but will do
uninitialized-to-initialized extent conversion later with dioread_nolock.
If an O_direct read request comes in during this period, ext4 will return
zero instead of the recently written data.

This patch checks whether there are any pending uninitialized-to-initialized
extent conversion requests before doing O_direct read to close the race.
Note that this is just a bandaid fix. The fundamental issue is that we
clear PageWriteback flag before we really complete an IO, which is
problem-prone. To fix the fundamental issue, we may need to implement an
extent tree cache that we can use to look up pending to-be-converted extents.

Signed-off-by: Jiaying Zhang <jiayingz@google.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@kernel.org
13 years agodrm/i915: set GFX_MODE to pre-Ivybridge default value even on Ivybridge
Jesse Barnes [Fri, 12 Aug 2011 22:28:32 +0000 (15:28 -0700)]
drm/i915: set GFX_MODE to pre-Ivybridge default value even on Ivybridge

Prior to Ivybridge, the GFX_MODE would default to 0x800, meaning that
MI_FLUSH would flush the TLBs in addition to the rest of the caches
indicated in the MI_FLUSH command.  However starting with Ivybridge, the
register defaults to 0x2800 out of reset, meaning that to invalidate the
TLB we need to use PIPE_CONTROL.  Since we're not doing that yet, go
back to the old default so things work.

v2: don't forget to actually *clear* the new bit

Reviewed-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
Tested-by: Kenneth Graunke <kenneth@whitecape.org>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
13 years agoMerge branch 'for-linus' of git://git.kernel.dk/linux-block
Linus Torvalds [Fri, 19 Aug 2011 17:47:07 +0000 (10:47 -0700)]
Merge branch 'for-linus' of git://git.kernel.dk/linux-block

* 'for-linus' of git://git.kernel.dk/linux-block: (23 commits)
  Revert "cfq: Remove special treatment for metadata rqs."
  block: fix flush machinery for stacking drivers with differring flush flags
  block: improve rq_affinity placement
  blktrace: add FLUSH/FUA support
  Move some REQ flags to the common bio/request area
  allow blk_flush_policy to return REQ_FSEQ_DATA independent of *FLUSH
  xen/blkback: Make description more obvious.
  cfq-iosched: Add documentation about idling
  block: Make rq_affinity = 1 work as expected
  block: swim3: fix unterminated of_device_id table
  block/genhd.c: remove useless cast in diskstats_show()
  drivers/cdrom/cdrom.c: relax check on dvd manufacturer value
  drivers/block/drbd/drbd_nl.c: use bitmap_parse instead of __bitmap_parse
  bsg-lib: add module.h include
  cfq-iosched: Reduce linked group count upon group destruction
  blk-throttle: correctly determine sync bio
  loop: fix deadlock when sysfs and LOOP_CLR_FD race against each other
  loop: add BLK_DEV_LOOP_MIN_COUNT=%i to allow distros 0 pre-allocated loop devices
  loop: add management interface for on-demand device allocation
  loop: replace linked list of allocated devices with an idr index
  ...

13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes...
Linus Torvalds [Fri, 19 Aug 2011 17:02:37 +0000 (10:02 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/jbarnes/pci-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6:
  PCI: OF: Don't crash when bridge parent is NULL.
  PCI: export pcie_bus_configure_settings symbol
  PCI: code and comments cleanup
  PCI: make cardbus-bridge resources optional
  PCI: make SRIOV resources optional
  PCI : ability to relocate assigned pci-resources
  PCI: honor child buses add_size in hot plug configuration
  PCI: Set PCI-E Max Payload Size on fabric

13 years agoPCI: OF: Don't crash when bridge parent is NULL.
David Daney [Tue, 16 Aug 2011 18:24:37 +0000 (11:24 -0700)]
PCI: OF: Don't crash when bridge parent is NULL.

In pcibios_get_phb_of_node(), we will crash while booting if
bus->bridge->parent is NULL.

Check for this case and avoid dereferencing the NULL pointer.

Signed-off-by: David Daney <david.daney@cavium.com>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
13 years agoRevert "cfq: Remove special treatment for metadata rqs."
Jens Axboe [Fri, 19 Aug 2011 06:34:48 +0000 (08:34 +0200)]
Revert "cfq: Remove special treatment for metadata rqs."

We have a kernel build regression since 3.1-rc1, which is about 10%
regression. The kernel source is in an ext3 filesystem.
Alex Shi bisect it to commit:
commit a07405b7802691d29ab3b23bdc76ee6d006aad0b
Author: Justin TerAvest <teravest@google.com>
Date:   Sun Jul 10 22:09:19 2011 +0200

    cfq: Remove special treatment for metadata rqs.

Apparently this is caused by lack metadata preemption, where ext3/ext4
do use READ_META. I didn't see a way to fix the issue, so suggest
reverting the patch.

This reverts commit a07405b7802691d29ab3b23bdc76ee6d006aad0b.

Reported-by: Alex Shi<alex.shi@intel.com>
Reported-by: Shaohua Li<shaohua.li@intel.com>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoALSA: usb-audio - Fix missing mixer dB information
Takashi Iwai [Fri, 19 Aug 2011 05:55:10 +0000 (07:55 +0200)]
ALSA: usb-audio - Fix missing mixer dB information

The recent fix for testing dB range at the mixer creation time seems
to cause regressions in some devices.  In such devices, reading the dB
info at probing time gives an error, thus both dBmin and dBmax are still
zero, and TLV flag isn't set although the later read of dB info succeeds.

This patch adds a workaround for such a case by assuming that the later
read will succeed.  In future, a similar test should be performed in a
case where a wrong dB range is seen even in the later read.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Cc: <stable@kernel.org>
13 years agoMerge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc
Linus Torvalds [Fri, 19 Aug 2011 05:49:34 +0000 (22:49 -0700)]
Merge git://git./linux/kernel/git/davem/sparc

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
  sparc: fix array bounds error setting up PCIC NMI trap

13 years agoMerge branch 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzi...
Linus Torvalds [Fri, 19 Aug 2011 05:48:30 +0000 (22:48 -0700)]
Merge branch 'upstream-linus' of git://git./linux/kernel/git/jgarzik/libata-dev

* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev:
  drivers/ata/sata_dwc_460ex.c: add missing kfree
  ata: Add iMX pata support
  pata_via: disable ATAPI DMA on AVERATEC 3200
  [libata] sata_sil: fix used-uninit warning

13 years agoMerge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
Linus Torvalds [Fri, 19 Aug 2011 05:47:13 +0000 (22:47 -0700)]
Merge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/linux-nfs

* 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
  NFSv4.1: Return NFS4ERR_BADSESSION to callbacks during session resets
  NFSv4.1: Fix the callback 'highest_used_slotid' behaviour
  pnfs-obj: Fix the comp_index != 0 case
  pnfs-obj: Bug when we are running out of bio
  nfs: add missing prefetch.h include

13 years agosparc: fix array bounds error setting up PCIC NMI trap
Ian Campbell [Wed, 17 Aug 2011 22:14:57 +0000 (22:14 +0000)]
sparc: fix array bounds error setting up PCIC NMI trap

  CC      arch/sparc/kernel/pcic.o
arch/sparc/kernel/pcic.c: In function 'pcic_probe':
arch/sparc/kernel/pcic.c:359:33: error: array subscript is above array bounds [-Werror=array-bounds]
arch/sparc/kernel/pcic.c:359:8: error: array subscript is above array bounds [-Werror=array-bounds]
arch/sparc/kernel/pcic.c:360:33: error: array subscript is above array bounds [-Werror=array-bounds]
arch/sparc/kernel/pcic.c:360:8: error: array subscript is above array bounds [-Werror=array-bounds]
arch/sparc/kernel/pcic.c:361:33: error: array subscript is above array bounds [-Werror=array-bounds]
arch/sparc/kernel/pcic.c:361:8: error: array subscript is above array bounds [-Werror=array-bounds]
cc1: all warnings being treated as errors

I'm not particularly familiar with sparc but t_nmi (defined in head_32.S via
the TRAP_ENTRY macro) and pcic_nmi_trap_patch (defined in entry.S) both appear
to be 4 instructions long and I presume from the usage that instructions are
int sized.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: sparclinux@vger.kernel.org
Reviewed-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
13 years agodrivers/ata/sata_dwc_460ex.c: add missing kfree
Julia Lawall [Mon, 8 Aug 2011 11:17:57 +0000 (13:17 +0200)]
drivers/ata/sata_dwc_460ex.c: add missing kfree

Currently, error handling code in this function calls the function
sata_dwc_port_stop, but this function has essentially no effect if hsdevp
has not been stored in ap, which is the case throughout this function.  The
only effect is to print a debugging message including ap->print_id.

The code is rewritten to not call sata_dwc_port_stop, but instead to jump
to a local label that prints the original error message and the print_id
information.  In the case where hsdevp has been already allocated (but not
yet stored in ap), this value is freed as well.

A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@exists@
local idexpression x;
statement S,S1;
expression E;
identifier fl;
expression *ptr != NULL;
@@

x = \(kmalloc\|kzalloc\|kcalloc\)(...);
...
if (x == NULL) S
<... when != x
     when != if (...) { <+...kfree(x)...+> }
     when any
     when != true x == NULL
x->fl
...>
(
if (x == NULL) S1
|
if (...) { ... when != x
               when forall
(
 return \(0\|<+...x...+>\|ptr\);
|
* return ...;
)
}
)
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>