2003-02-06 20:33:48

by niteowl

[permalink] [raw]
Subject: 2.5.59 kernel bugs

FWIW, here's a list of potential 2.5.59 kernel bugs. Some of these
might be causing real trouble. Many are probably benign. A few may be
non-bugs that are just poor coding style although I've tried to weed
most of those out of this list.

The fs/super.c bug is probably the most serious of the bunch as it appears
to completely disable the sync_filesystems() function.

===== dangling else =====
drivers/char/generic_serial.c:152 else

===== misplaced/extra semicolon =====
arch/cris/drivers/eeprom.c:818 if(i2c_getack());
drivers/input/joydev.c:343 for (i = 0; i < joydev->nkey; i++); {
drivers/media/video/w9966.c:745 if(vtune->tuner != 0);
drivers/net/amd8111e.c:956 for( i=0; i< AMD8111E_REG_DUMP_LEN;i+=4);
drivers/net/tokenring/smctr.c:3067 for(i = 0; ((i < 6) && (dev->dev_addr[i] == 0)); i++);
drivers/scsi/sym53c8xx_2/sym_hipd.c:237 if (INB (nc_dstat) & ABRT);
drivers/scsi/sym53c8xx.c:6987 if (INB (nc_dstat) & ABRT);
drivers/usb/serial/whiteheat.c:786 if (copy_to_user((unsigned int *)arg, &modem_signals, sizeof(unsigned int)));
fs/super.c:313 if (!sb->s_op->sync_fs);
net/ipv4/fib_hash.c:944 if (iter->zone->fz_next);
sound/oss/cs46xx.c:4317 for( temp1 = offset; temp1<(offset+count); temp1+=4 );
sound/oss/vidc.c:228 for (new2size = 128; new2size < newsize; new2size <<= 1);
sound/pci/es1968.c:2677 if (val != oval); {

===== double logical operator =====
drivers/char/ip2/i2lib.c:1254 if ( 1 == i2QueueCommands(PTYPE_INLINE, pCh, 0, 1, CMD_STOPFL) > 0 ) {
drivers/char/ite_gpio.c:143 if (MAX_GPIO_LINE > *data >= 0)
drivers/char/sx.c:525 for (i=0; i < TIMEOUT_1 > 0;i++)
drivers/char/sx.c:531 for (i=0; i < TIMEOUT_2 > 0;i++) {
drivers/char/sx.c:551 for (i=0; i < TIMEOUT_1 > 0;i++)
drivers/char/sx.c:557 for (i=0; i < TIMEOUT_2 > 0;i++) {
drivers/net/fc/iph5526.c:3772 for (i = 0; i < clone_list[i].vendor_id != 0; i++)
drivers/scsi/advansys.c:7103 qdonep->remain_bytes <= scp->request_bufflen != 0) {

===== boolean instead of logical operator =====
fs/hugetlbfs/inode.c:235 if (!super_block | (super_block->s_flags & MS_ACTIVE)) {

===== compare has higher precedence than assignment =====
arch/um/kernel/process.c:125 while((err = waitpid(new_pid, &status, 0) < 0) && (errno == EINTR)) ;
drivers/isdn/hysdn/hysdn_boot.c:146 if ((boot->last_error = card->writebootseq(card, boot->buf.BootBuf, datlen) < 0))
drivers/mtd/nftlmount.c:110 &retlen, buf, (char *)&oob) < 0)) {
drivers/mtd/nftlmount.c:91 8, &retlen, (char *)&h1) < 0)) {
drivers/net/wan/comx-hw-mixcom.c:106 while ((cec = (rd_hscx(dev, HSCX_STAR) & HSCX_CEC) != 0) &&
drivers/pcmcia/i82092.c:154 if ((ret = register_ss_entry(socket_count, &i82092aa_operations) != 0)) {
drivers/scsi/dpt_i2o.c:2540 if((rcode = adpt_i2o_reset_hba(pHba) != 0)){
drivers/scsi/dpt_i2o.c:2566 if((rcode = adpt_i2o_reset_hba(pHba) != 0)){
drivers/scsi/st.c:1953 DEB( debugging = (options & MT_ST_DEBUGGING) != 0; )
fs/jffs/intrep.c:1912 pos) < 0)) {
net/sunrpc/auth_gss/auth_gss.c:686 &bufin, &bufout, &qop_state) < 0))
sound/core/oss/pcm_plugin.c:814 if ((err = snd_pcm_plug_capture_disable_useless_channels(plug, dst_channels, dst_channels_final) < 0))
sound/oss/es1371.c:2857 if ((res=(s->dev_audio = register_sound_dsp(&es1371_audio_fops,-1))<0))
sound/oss/es1371.c:2859 if ((res=(s->codec.dev_mixer = register_sound_mixer(&es1371_mixer_fops, -1)) < 0))
sound/oss/es1371.c:2861 if ((res=(s->dev_dac = register_sound_dsp(&es1371_dac_fops, -1)) < 0))
sound/oss/es1371.c:2863 if ((res=(s->dev_midi = register_sound_midi(&es1371_midi_fops, -1))<0 ))
sound/oss/sscape.c:657 if (hw_config->irq > 15 || (regs[4] = irq_bits == 0xff))
sound/pci/nm256/nm256.c:1542 if ((err = snd_nm256_mixer(chip) < 0))
sound/pci/rme9652/hdsp.c:1579 if ((change = gain != hdsp_read_gain(hdsp, addr)))
sound/pci/rme9652/hdsp.c:1657 if ((change = gain != hdsp_read_gain(hdsp, addr)))
sound/ppc/powermac.c:154 if ((err = snd_pmac_probe() < 0)) {
sound/usb/usbaudio.c:545 if ((err = subs->ops.prepare(subs, substream->runtime, urb) < 0) ||

===== ??? =====
drivers/video/atafb.c:1185 if (par->HDB & 0x200 && par->HDB & ~0x200 - par->HDE <= 5) {
sound/oss/nec_vrc5477.c:1142 totalCopyCount =+ copyCount;


2003-02-06 20:59:22

by Martin J. Bligh

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

> FWIW, here's a list of potential 2.5.59 kernel bugs. Some of these
> might be causing real trouble. Many are probably benign. A few may be
> non-bugs that are just poor coding style although I've tried to weed
> most of those out of this list.
>
> The fs/super.c bug is probably the most serious of the bunch as it appears
> to completely disable the sync_filesystems() function.

Some fairly sickening stuff ... I'll log the following sections in bugzilla
If any brave volunteers for the others want to go ahead with the other
sections, and split the effort, would be much appreciated. Please mail
back to lkml that you're doing it ... and watch very carefully on newly
logged bugs for collisions ;-)

> ===== dangling else =====
> ===== misplaced/extra semicolon =====
> ===== double logical operator =====

2003-02-06 21:07:26

by Andrew Morton

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

<[email protected]> wrote:
>
> FWIW, here's a list of potential 2.5.59 kernel bugs. Some of these
> might be causing real trouble. Many are probably benign. A few may be
> non-bugs that are just poor coding style although I've tried to weed

I assume you picked these up with `gcc -W'?

gcc -W generates ten megabytes of warnings, with a few gems. We really need
finer-grained control of gcc warnings so that the good ones can be turned on.
gcc warnings are being redone at present and this might yet happen...

> fs/super.c:313 if (!sb->s_op->sync_fs);

That's fixed in 2.5.59++

> net/ipv4/fib_hash.c:944 if (iter->zone->fz_next);

That too. davem said "OMG that's scary :)"

> fs/hugetlbfs/inode.c:235 if (!super_block | (super_block->s_flags & MS_ACTIVE)) {

I'll fix that up.

As for the rest well gee. Perhaps we should stick #error's in there to
flush out some people who can test the fixes.

2003-02-06 22:09:33

by Alan

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

On Thu, 2003-02-06 at 21:08, Martin J. Bligh wrote:
> Some fairly sickening stuff ... I'll log the following sections in bugzilla
> If any brave volunteers for the others want to go ahead with the other
> sections, and split the effort, would be much appreciated. Please mail
> back to lkml that you're doing it ... and watch very carefully on newly
> logged bugs for collisions ;-)

2.4-ac fixes applied for : (No name in the entry as I've not figured
out who to credit yet)

o Fix i2c_ack cris extra ";"
o Fix JSIOCSBTNMAP extra ";"
o Fix VIDIOCGTUNER on w9966
o Fix amd8111e_read_regs
o Fix smctr_load_node_addr
o Fix sym53c8xxx extra ";"
o Fix sym53c8xxx_2 extra ";"
o Fix cs46xx download area clear
o Fix hysdn bootup error handling
o Fix mtd mount error checks
o Fix dpt_i2o reset error paths
o Fix a jffs error path handler
o Fix es1371 error path on register
o Fix sscape operator precedence
o Fix copy counting in vrc5477 audio

Once the next -ac appears those should all drop into 2.5 if someone
wants to do the legwork



2003-02-06 22:23:47

by Martin J. Bligh

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

>> Some fairly sickening stuff ... I'll log the following sections in bugzilla
>> If any brave volunteers for the others want to go ahead with the other
>> sections, and split the effort, would be much appreciated. Please mail
>> back to lkml that you're doing it ... and watch very carefully on newly
>> logged bugs for collisions ;-)
>
> 2.4-ac fixes applied for : (No name in the entry as I've not figured
> out who to credit yet)
>
> o Fix i2c_ack cris extra ";"
> o Fix JSIOCSBTNMAP extra ";"
> o Fix VIDIOCGTUNER on w9966
> o Fix amd8111e_read_regs
> o Fix smctr_load_node_addr
> o Fix sym53c8xxx extra ";"
> o Fix sym53c8xxx_2 extra ";"
> o Fix cs46xx download area clear
> o Fix hysdn bootup error handling
> o Fix mtd mount error checks
> o Fix dpt_i2o reset error paths
> o Fix a jffs error path handler
> o Fix es1371 error path on register
> o Fix sscape operator precedence
> o Fix copy counting in vrc5477 audio
>
> Once the next -ac appears those should all drop into 2.5 if someone
> wants to do the legwork

I'm happy to do whatever legwork is needed ... if you already have a
seperate patch you could send my way for this stuff, would make it
easier, if not, I'll go digging through your next release ...

Thanks,

M.

2003-02-06 22:43:20

by Dave Jones

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

On Thu, Feb 06, 2003 at 01:16:40PM -0800, Andrew Morton wrote:

> gcc -W generates ten megabytes of warnings, with a few gems. We really need
> finer-grained control of gcc warnings so that the good ones can be turned on.
> gcc warnings are being redone at present and this might yet happen...

A 'spare time' project of mine is to get -W builds at least 'mostly clean'
The low hanging fruit got fixed up a while back. Most of the remainder
is signed comparison warnings. gcc-3.4 has promoted this warning to
show up in regular builds too, so at some point, either a lot of effort
is going to have to be undertaken to fix those, or we use -Wno-signed-compare
during builds.

> As for the rest well gee. Perhaps we should stick #error's in there to
> flush out some people who can test the fixes.

Just for giggles I did a quick audit of the results of a make
allyesconfig a few weekends ago. The number of drivers we still have
that need updating to new APIs (from tqueue conversions to cli/sti etc)
is quite disturbing. There's a lot of groundwork to be done there
hopefully before we get to a 2.6test phase, or we're going to be
obsoleting boatloads of drivers.

I meant to clean up the output and feed it all into bugzilla.
I'll get around to it sometime..

Dave

--
| Dave Jones. http://www.codemonkey.org.uk
| SuSE Labs

2003-02-06 22:59:07

by Randy.Dunlap

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

On Thu, 6 Feb 2003, Dave Jones wrote:

| On Thu, Feb 06, 2003 at 01:16:40PM -0800, Andrew Morton wrote:
|
| > gcc -W generates ten megabytes of warnings, with a few gems. We really need
| > finer-grained control of gcc warnings so that the good ones can be turned on.
| > gcc warnings are being redone at present and this might yet happen...
|
| A 'spare time' project of mine is to get -W builds at least 'mostly clean'
| The low hanging fruit got fixed up a while back. Most of the remainder
| is signed comparison warnings. gcc-3.4 has promoted this warning to
| show up in regular builds too, so at some point, either a lot of effort
| is going to have to be undertaken to fix those, or we use -Wno-signed-compare
| during builds.
|
| > As for the rest well gee. Perhaps we should stick #error's in there to
| > flush out some people who can test the fixes.
|
| Just for giggles I did a quick audit of the results of a make
| allyesconfig a few weekends ago. The number of drivers we still have
| that need updating to new APIs (from tqueue conversions to cli/sti etc)
| is quite disturbing. There's a lot of groundwork to be done there
| hopefully before we get to a 2.6test phase, or we're going to be
| obsoleting boatloads of drivers.
|
| I meant to clean up the output and feed it all into bugzilla.
| I'll get around to it sometime..

I did a 'make allyesconfig' build about 10 days ago. I kept a list of
modules that I had to disable due to syntax errors and another list of
linker errors. Here's that list, for 2.5.59:


make some things build during allyesconfig testing:
syntax errors:
RISCOM8=n
HOTPLUG_PCI_ACPI=n
ESPSERIAL=n
SPECIALIX=n
SC1200_WDT=n
IEEE1394_PCILYNX=n
ISDN_DRV_HISAX=n
ISDN_BOOL=n
VIDEO_SAA5249=n
VIDEO_ZR36120=n
VIDEO_ZORAN=n
VIDEO_ZORAN_BUZ=n
VIDEO_ZORAN_DC10=n
VIDEO_ZORAN_LML33=n
VIDEO_STRADIS=n
TUNER_3036=n
I2O_LAN=n
MTD_BLKMTD=n
FTL=n
IPHASE5526=n
WAN=n
RCPCI=n
DEFXX=n
EL3=n
SCSI_INITIO=n
SCSI_PCI2000=n
SCSI_PCI2000I=n
SCSI_DPT_I2O=n
AIC7XXX_BUILD_FIRMWARE=n
AIC79XX_BUILD_FIRMWARE=n
SCSI_NCR53C7xx=n
SCSI_EATA=n
SCSI_EATA_DMA=n
SCSI_DC390T=n
SCSI_AM53C974=n
SCSI_GDTH=n
SCSI_EATA_PIO=n
FB_MATROX=n
FB_SIS=n
FB_PM2=n
FB_PM3=n
FB_CYBER2000=n
FB_IMSTT=n
FB_CLGEN=n
cannot link multiple frame buffer drivers:
have conflicts in hgafb and fbmem: linux_logo* (6)
so FB_HGA=n
SND_ALS100=n
SND_AZT2320=n
SND_CMI8330=n
SND_DT019X=n
SND_ES18XX=n
SND_OPL3SA2=n
SOUND_AD1816=n
SND_AD1816A=n
SND_CS4236=n
SND_CS4231=n
SND_CS4232=n
SND_INTERWAVE=n
SND_INTERWAVE_STB=n
SND_OPTI92X_AD1848=n
SND_OPTI92X_CS4231=n
SND_OPTI93X=n
SND_ES968=n
SND_SB16=n
SND_SBAWE=n
SND_WAVEFRONT=n
SOUND_SB=n
SOUND_PAS=n
SOUND_AEDSP16=n
TRIX_HAVE_BOOT=n
PSS_HAVE_BOOT=n
MAUI_HAVE_BOOT=n
MSNDCLAS_HAVE_BOOT=n
MSNDPIN_HAVE_BOOT=n
SOUND_AWE32_SYNTH=n
SOUND_MSNDCLAS=n
SOUND_MSNDPIN=n
link errors:
ATM_LANE=n
ATM_ENI=n
ATM_TCP=n
ATM_ZATM=n
ATM_LANAI=n
ATM_HORIZON=n
ATM_FORE200E=n
ATM_IA=n
ATM_NICSTAR=n
ATM_NICSTAR_USE_SUNI=n
ATM_NICSTAR_USE_IDT77105=n
ATM_IDT77252=n
ATM_IDT77252_RCV_ALL=n
ATM_IDT77252_USE_SUNI=n
ATM_AMBASSADOR=n
ATM_FIRESTREAM=n
MOXA_SMARTIO=n
MOXA_INTELLIO=n
STALLION=n
ISTALLION=n
COMPUTONE=n
SX=n
RIO=n
FTAPE=n
ZFTAPE=n
IPMI_KCS=n
AIRONET4500=n
STRIP=n
SK98LIN=n
SKMC=n
ELMC_II=n
NI65=n
LP486E=n
APRICOT=n
COPS=n
COPS_DAYNA=n
COPS_TANGENT=n
LTPC=n
ARCNET=n
PCMCIA_3C574=n
PCMCIA_FMVJ18X=n
PCMCIA_NMCLAN=n
AIRONET4500_CS=n
PCMCIA_XIRTULIP=n
SCC=n
6PACK=n
MKISS=n
YAM=n
TOSHIBA_OLD=n
TOSHIBA_FIR=n
SCSI_SIM710=n
CDU31A=n
SBPCD=n
I2C_ELEKTOR=n
ELPLUS=n
ROCKETPORT=n
DIGIEPCA=n
CYCLADES=n
SONYPI=n
SCSI_PSI240I=n
CDU535=n
MTD_UCLINUX=n
SOUND_GUS=n
SOUND_GUS16=n
SOUND_GUSMAX=n
SCSI_GENERIC_NCR5380=n
SCSI_GENERIC_NCR5380_MMIO=n
EL1=n
PCMCIA_XIRC2PS=n
CM206=n
EL16=n
NI5010=n
DMASCC=n
SCSI_MCA_53C9X=n
ELMC=n
IBMLANA=n
3C515=n
AT1700=n
###
make -f scripts/Makefile.build obj=arch/i386/boot arch/i386/boot/bzImage
make -f scripts/Makefile.build obj=arch/i386/boot/compressed \
IMAGE_OFFSET=0x100000 arch/i386/boot/compressed/vmlinux
arch/i386/boot/tools/build -b arch/i386/boot/bootsect arch/i386/boot/setup arch/i386/boot/vmlinux.bin CURRENT > arch/i386/boot/bzImage
Root device is (3, 4)
Boot sector 512 bytes.
Setup is 4880 bytes.
System is 8384 kB
System is too big. Try using modules.
make[1]: *** [arch/i386/boot/bzImage] Error 1
make: *** [bzImage] Error 2


--
~Randy

2003-02-07 00:05:08

by Russell King

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

On Thu, Feb 06, 2003 at 02:43:17PM -0600, [email protected] wrote:
> ===== misplaced/extra semicolon =====
> sound/oss/vidc.c:228 for (new2size = 128; new2size < newsize; new2size <<= 1);

Style bug, but functionality is intended as written. I'll probably be
lazy with this one; OSS drivers should be converted to ALSA at some
point in the future, so I don't consider this a high priority thing
to fix at present.

--
Russell King ([email protected]) The developer of ARM Linux
http://www.arm.linux.org.uk/personal/aboutme.html

2003-02-07 09:14:26

by Oleg Drokin

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

Hello!

On Thu, Feb 06, 2003 at 02:43:17PM -0600, [email protected] wrote:

Also similar stuff in IDE code in 2.4.21-pre4 from bk tree:

> ===== misplaced/extra semicolon =====
drivers/ide/ide-taskfile.c:247 if (drive->using_dma && !(hwif->ide_dma_write(drive)));
drivers/ide/ide-taskfile.c:253 if (drive->using_dma && !(hwif->ide_dma_read(drive)));

At least looking at another similar code that is ifdefed out, it seems below patch is correct.
(and even if it's not, still that code should be changed not to confuse people ;) )

Also I took a look at drivers/ide/ide-taskfile.c in 2.5 hoping I can see what should
be in fact done and got even more confused ;)
Sounds like in 2.5 there should be "return ide_started" at the end, not stopped,
because otherwise when drive->using_dma is set, we always return ide_stopped for
WIN_WRITEDMA.*, WIN_IDENTIFY_DMA and WIN_READDMA, WIN_READDMA_ONCE, WIN_READDMA_EXT
taskfile->command and default case is the same (we check stuff, and then regardless
or the result of the check we always return ide_stopped).
Which looks somehow strange (and different from similar code in 2.4).
Can please somebody take a look at it?

Bye,
Oleg

===== drivers/ide/ide-taskfile.c 1.2 vs edited =====
--- 1.2/drivers/ide/ide-taskfile.c Thu Nov 14 20:38:17 2002
+++ edited/drivers/ide/ide-taskfile.c Fri Feb 7 11:56:59 2003
@@ -244,13 +244,13 @@
case WIN_WRITEDMA_ONCE:
case WIN_WRITEDMA:
case WIN_WRITEDMA_EXT:
- if (drive->using_dma && !(hwif->ide_dma_write(drive)));
+ if (drive->using_dma && !(hwif->ide_dma_write(drive)))
return ide_started;
case WIN_READDMA_ONCE:
case WIN_READDMA:
case WIN_READDMA_EXT:
case WIN_IDENTIFY_DMA:
- if (drive->using_dma && !(hwif->ide_dma_read(drive)));
+ if (drive->using_dma && !(hwif->ide_dma_read(drive)))
return ide_started;
default:
break;

2003-02-28 09:02:50

by Paul Laufer

[permalink] [raw]
Subject: Re: 2.5.59 kernel bugs

SOUND_SB is fixed as of 2.5.62 or so. Work is being done on
SOUND_AWE32_SYNTH but the structure of the driver doesn't fit the new
PnP API and is going to require quite a bit of rewrite. Not sure how
many people still use these old ISA sound cards... I only had a
handful of volunteers this time around to help test the soundblaster
fixes. During 2.3 there was significantly more interest for this once
wildly popular sound card. Other drivers for cards like the PAS16 that
weren't popular to begin with (and are 10+ years old) may have trouble
finding someone willing to update it.

Paul

On Thu, Feb 06, 2003 at 03:06:31PM -0800 or thereabouts, Randy.Dunlap wrote:
> On Thu, 6 Feb 2003, Dave Jones wrote:

[Snip]

> I did a 'make allyesconfig' build about 10 days ago. I kept a list of
> modules that I had to disable due to syntax errors and another list of
> linker errors. Here's that list, for 2.5.59:
>
>
> make some things build during allyesconfig testing:
> syntax errors:

[snip long list]

> ###
> make -f scripts/Makefile.build obj=arch/i386/boot arch/i386/boot/bzImage
> make -f scripts/Makefile.build obj=arch/i386/boot/compressed \
> IMAGE_OFFSET=0x100000 arch/i386/boot/compressed/vmlinux
> arch/i386/boot/tools/build -b arch/i386/boot/bootsect arch/i386/boot/setup arch/i386/boot/vmlinux.bin CURRENT > arch/i386/boot/bzImage
> Root device is (3, 4)
> Boot sector 512 bytes.
> Setup is 4880 bytes.
> System is 8384 kB
> System is too big. Try using modules.
> make[1]: *** [arch/i386/boot/bzImage] Error 1
> make: *** [bzImage] Error 2
>
>
> --
> ~Randy
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/