--- /dev/null
+From 2062afb4f804afef61cbe62a30cac9a46e58e067 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Sat, 26 Jul 2014 14:52:01 -0700
+Subject: Fix gcc-4.9.0 miscompilation of load_balance() in scheduler
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 2062afb4f804afef61cbe62a30cac9a46e58e067 upstream.
+
+Michel Dänzer and a couple of other people reported inexplicable random
+oopses in the scheduler, and the cause turns out to be gcc mis-compiling
+the load_balance() function when debugging is enabled. The gcc bug
+apparently goes back to gcc-4.5, but slight optimization changes means
+that it now showed up as a problem in 4.9.0 and 4.9.1.
+
+The instruction scheduling problem causes gcc to schedule a spill
+operation to before the stack frame has been created, which in turn can
+corrupt the spilled value if an interrupt comes in. There may be other
+effects of this bug too, but that's the code generation problem seen in
+Michel's case.
+
+This is fixed in current gcc HEAD, but the workaround as suggested by
+Markus Trippelsdorf is pretty simple: use -fno-var-tracking-assignments
+when compiling the kernel, which disables the gcc code that causes the
+problem. This can result in slightly worse debug information for
+variable accesses, but that is infinitely preferable to actual code
+generation problems.
+
+Doing this unconditionally (not just for CONFIG_DEBUG_INFO) also allows
+non-debug builds to verify that the debug build would be identical: we
+can do
+
+ export GCC_COMPARE_DEBUG=1
+
+to make gcc internally verify that the result of the build is
+independent of the "-g" flag (it will make the compiler build everything
+twice, toggling the debug flag, and compare the results).
+
+Without the "-fno-var-tracking-assignments" option, the build would fail
+(even with 4.8.3 that didn't show the actual stack frame bug) with a gcc
+compare failure.
+
+See also gcc bugzilla:
+
+ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61801
+
+Reported-by: Michel Dänzer <michel@daenzer.net>
+Suggested-by: Markus Trippelsdorf <markus@trippelsdorf.de>
+Cc: Jakub Jelinek <jakub@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/Makefile
++++ b/Makefile
+@@ -614,6 +614,8 @@ KBUILD_CFLAGS += -fomit-frame-pointer
+ endif
+ endif
+
++KBUILD_CFLAGS += $(call cc-option, -fno-var-tracking-assignments)
++
+ ifdef CONFIG_DEBUG_INFO
+ KBUILD_CFLAGS += -g
+ KBUILD_AFLAGS += -gdwarf-2
--- /dev/null
+From 0253d634e0803a8376a0d88efee0bf523d8673f9 Mon Sep 17 00:00:00 2001
+From: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
+Date: Wed, 23 Jul 2014 14:00:19 -0700
+Subject: mm: hugetlb: fix copy_hugetlb_page_range()
+
+From: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
+
+commit 0253d634e0803a8376a0d88efee0bf523d8673f9 upstream.
+
+Commit 4a705fef9862 ("hugetlb: fix copy_hugetlb_page_range() to handle
+migration/hwpoisoned entry") changed the order of
+huge_ptep_set_wrprotect() and huge_ptep_get(), which leads to breakage
+in some workloads like hugepage-backed heap allocation via libhugetlbfs.
+This patch fixes it.
+
+The test program for the problem is shown below:
+
+ $ cat heap.c
+ #include <unistd.h>
+ #include <stdlib.h>
+ #include <string.h>
+
+ #define HPS 0x200000
+
+ int main() {
+ int i;
+ char *p = malloc(HPS);
+ memset(p, '1', HPS);
+ for (i = 0; i < 5; i++) {
+ if (!fork()) {
+ memset(p, '2', HPS);
+ p = malloc(HPS);
+ memset(p, '3', HPS);
+ free(p);
+ return 0;
+ }
+ }
+ sleep(1);
+ free(p);
+ return 0;
+ }
+
+ $ export HUGETLB_MORECORE=yes ; export HUGETLB_NO_PREFAULT= ; hugectl --heap ./heap
+
+Fixes 4a705fef9862 ("hugetlb: fix copy_hugetlb_page_range() to handle
+migration/hwpoisoned entry"), so is applicable to -stable kernels which
+include it.
+
+Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
+Reported-by: Guillaume Morin <guillaume@morinfr.org>
+Suggested-by: Guillaume Morin <guillaume@morinfr.org>
+Acked-by: Hugh Dickins <hughd@google.com>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ mm/hugetlb.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/mm/hugetlb.c
++++ b/mm/hugetlb.c
+@@ -2400,6 +2400,7 @@ int copy_hugetlb_page_range(struct mm_st
+ } else {
+ if (cow)
+ huge_ptep_set_wrprotect(src, addr, src_pte);
++ entry = huge_ptep_get(src_pte);
+ ptepage = pte_page(entry);
+ get_page(ptepage);
+ page_dup_rmap(ptepage);
projects / thirdparty / kernel / stable-queue.git / commitdiff
