On Sat, Jul 11, 2026 at 06:01:31PM -0700, Ackerley Tng wrote:
> In the course of a CoCo guest's operation, will the guest need to
> convert between private/shared MMIO? Will the guest need some pages
> shared and others private? If these are required operations, guest_memfd
> already provides the tracking and is going to have a conversion ioctl
> very soon. Instead of further extending dmabuf to track more things, how
> about letting guest_memfd track it?
Use another FD type was sort of my fallback if we couldn't get DMABUF
into something workable. I'm kind of surprised to see guestmemfd
proposed as the other FD, but I don't know much about its insides.
If VFIO can create one and fill it with MMIO physical addresses then
maybe it is OK?
Jason
Saving progress should feel comforting.
You've survived a difficult section. You've made it through another encounter. Your progress is secure.
In theory, a save point represents safety.
Yet some of the most memorable horror games somehow make saving feel tense.
I've always found that fascinating.
In most genres, saving is a completely mechanical action. You barely think about it. Open a menu, press a button, move on.
In horror games, however, save systems often become part of the experience itself.
Sometimes they even become part of the fear.
Safety Feels Temporary
One thing horror games understand exceptionally well is that safety and danger become more meaningful when they exist side by side.
A safe room feels comforting because the rest of the world doesn't.
A save point feels valuable because progress can be lost.
That contrast creates emotional weight.
I still remember older survival horror games where reaching a save location felt like completing a journey.
Not because the act of saving was exciting.
Because getting there was.
Every hallway between me and that room carried risk. Every enemy encounter threatened valuable resources. Every mistake felt expensive.
The save point became more than a feature.
It became a destination.
Relief Can Be an Emotion Too
People often discuss fear when talking about horror games.
Relief deserves more attention.
In many ways, relief is one of the most important emotions the genre creates.
Without moments of relief, tension eventually becomes exhausting.
Players need opportunities to recover.
Save rooms often provide exactly that.
The music changes.
The atmosphere softens.
The pressure decreases.
For a few moments, players can breathe.
Those quiet pauses create an interesting effect. Instead of weakening the horror, they strengthen it.
The next dangerous section feels more intense because you've experienced a brief sense of comfort.
The contrast matters.
Fear isn't effective when it never changes.
Limited Saving Changes Behavior
Some horror games allow unlimited saves.
Others place restrictions on them.
Whether through limited resources, specific locations, or special conditions, these systems dramatically influence how players think.
I've noticed that limited saving changes decision-making almost immediately.
Players become cautious.
Resources feel more valuable.
Exploration becomes riskier.
Every choice carries additional weight because mistakes have consequences.
Suddenly, saving isn't just a technical feature.
It's a strategic decision.
Should I save now?
Should I keep going?
Can I survive the next section without doing it?
These questions create tension even when no immediate threat exists.
That's impressive design.
The game generates anxiety through decision-making rather than direct danger.
The Walk Back Is Sometimes Scarier
One of my favorite horror gaming experiences involves leaving a save room.
Entering feels great.
Leaving feels terrible.
The moment you step back into the unknown, the comfort disappears.
The music fades.
The safety vanishes.
The uncertainty returns.
What's interesting is that nothing may have changed.
The environment is the same.
The enemies are the same.
The layout remains familiar.
Yet emotionally, everything feels different.
You know you're moving away from security.
That awareness alone increases tension.
I've experienced situations where opening the door to leave a save room felt more intimidating than entering a boss area.
Not because I expected a specific threat.
Because I was abandoning certainty.
Modern Horror Uses Saving Differently
Contemporary horror games often approach saving in a less restrictive way.
Autosaves are common.
Checkpoints are frequent.
Players rarely lose significant amounts of progress.
That shift has obvious advantages. It reduces frustration and makes games more accessible.
At the same time, it changes the emotional role of saving.
Older horror games often transformed save systems into part of the atmosphere.
Modern games typically treat them as invisible support systems.
Neither approach is inherently better.
They're simply pursuing different goals.
One emphasizes vulnerability.
The other prioritizes convenience.
Interestingly, both can still create effective horror when used thoughtfully.
For another perspective on player vulnerability, see our [discussion about why limited resources increase tension].
Safe Rooms Become Emotional Anchors
Some locations in horror games remain memorable long after the details of the story fade.
Safe rooms are often among them.
Players remember how those spaces felt.
The familiar music.
The calm atmosphere.
The temporary sense of control.
I've finished games years ago and forgotten specific enemy encounters, yet I can still picture certain save rooms clearly.
That's remarkable when you think about it.
These locations rarely contain action.
Nothing dramatic happens there.
Their importance comes entirely from emotion.
They provide stability within unstable worlds.
The player develops a relationship with them.
Returning feels reassuring.
Leaving feels uncomfortable.
Few game mechanics achieve that kind of emotional significance.
Fear Feels Bigger When Progress Matters
A major reason save systems affect horror so strongly is simple.
Consequences matter.
If players feel that failure costs nothing, tension often decreases.
When progress becomes valuable, fear gains additional weight.
Suddenly every encounter feels important.
Every decision matters.
Every mistake carries consequences beyond the immediate moment.
This doesn't mean horror games need harsh punishment systems.
Excessive penalties can easily become frustrating.
But a small amount of risk often makes emotional investment stronger.
Players care more because they have something to lose.
And caring is essential for fear.
Without investment, horror struggles to have lasting impact.
The Psychology of "Just One More Room"
I've fallen into this trap countless times.
You're standing near a save point.
Logic says you should save and stop playing.
Instead, you think:
"I'll check one more room."
Then another room.
Then another hallway.
Then another objective.
Before long, you've wandered into a situation far more dangerous than expected.
Horror games thrive on this kind of curiosity.
Players constantly balance caution against exploration.
The save point represents security.
The unexplored area represents possibility.
Most of the time, curiosity wins.
That's why horror games remain so engaging despite the fear they create.
Players aren't simply avoiding danger.
They're actively seeking answers.
Why Save Points Remain Memorable
Not every horror game uses traditional save rooms anymore.
Not every game limits progress in meaningful ways.
Yet the underlying idea remains powerful.
Players need moments of safety.
Moments of relief.
Moments where tension briefly relaxes before building again.
Save points became iconic because they delivered those emotions consistently.
They represented hope within hostile environments.
A reminder that survival was possible.
A chance to regroup before facing whatever came next.
And perhaps that's why so many horror fans remember them so fondly.
They weren't frightening on their own.
They mattered because of everything waiting outside.
After all, what makes a safe place feel truly safe if there was never any danger to escape from in the first place?
https://horrorgamesfree.com
Life, as they say, throws a lot at us. From demanding deadlines to unexpected annoyances, it’s easy to feel the pressure build. Sometimes, what we need isn’t a complex strategy game or a deeply engrossing narrative; it’s just a simple, satisfying outlet for that pent-up energy. And that’s where games like kick the buddy come in – a delightfully straightforward experience designed for pure, unadulterated stress relief.
https://kickthebuddy.lol/
"Kick the Buddy" isn't about high scores or intricate mechanics; it's about embracing a bit of playful destruction. Imagine a virtual ragdoll, a friendly, if somewhat resilient, dummy named Buddy, who patiently awaits your creative (and often absurd) methods of interaction. It’s a game that understands the primal satisfaction of knocking things around, even if those things are digital.
The Art of Playful Punishment: Understanding the Gameplay Loop
At its core, "Kick the Buddy" is incredibly simple. You are presented with Buddy, a cheerful, often bandaged character, suspended in a room. Your objective? To unleash a wide array of tools and weapons upon him. The beauty lies in the sheer variety and the freedom to experiment.
Upon launching the game, you'll be greeted by Buddy and a UI that, while initially packed with icons, quickly becomes intuitive. Along the bottom or sides of the screen, you'll find categories of weapons: explosives, firearms, sharp objects, heavy objects, and even more bizarre options like elemental powers or exotic creatures. Tapping on a category reveals a carousel of specific items. Want to toss a grenade? Select the explosives category, then pick your boom-maker. Prefer to pepper Buddy with bullets? Head to firearms and choose your weapon of choice, be it a pistol, an assault rifle, or even a mini-gun.
The interaction is purely touch-based. Drag your chosen weapon onto Buddy, and it will interact with him in its intended way. Firearms will shoot, bombs will explode, and melee weapons will, well, kick and punch. Buddy reacts to every impact with comical animations and sound effects, his limbs flailing and his body bouncing around the environment. There's no "game over" screen, no health bar to meticulously manage for Buddy (though he does take on more damage and visual wear and tear). The goal isn't to defeat him in a traditional sense, but to simply engage in the cathartic act of unleashing digital mayhem.
Beyond the basic weaponry, the game often features special environmental hazards or interactive elements. Perhaps a giant fan you can activate to send Buddy swirling, or a portal that teleports him across the room. These elements add another layer of playful chaos, encouraging you to think creatively about how to maximize Buddy's suffering (in the most lighthearted way possible).
What truly sets games like this apart is the sheer variety of tools at your disposal. From conventional firearms like pistols and shotguns to the wonderfully absurd, like a black hole gun that sucks Buddy into oblivion or a rubber duck that somehow inflicts comical damage, the developers clearly revel in imagination. This constant influx of new, often ridiculous, ways to interact with Buddy keeps the experience fresh and encourages repeated play sessions.
Beyond the Bang: Tips for Optimal Stress Relief
While the game is wonderfully straightforward, a few tips can enhance your stress-busting experience:
Embrace the Absurd: Don't limit yourself to conventional weapons. Some of the most satisfying interactions come from the most outlandish items. Experiment with everything – you might be surprised by the sheer hilarity of a giant rubber band or a flock of angry birds.
Combine and Conquer:Â Many weapons have interesting synergies. Try freezing Buddy with an ice gun, then shattering him with a heavy object. Or pepper him with bullets before dropping an explosive on him. The more creative your combinations, the more entertaining the outcome.
Sound On, Volume Up: A significant part of the game's charm comes from its sound design. Buddy's comical yelps, the satisfying thwacks of impact, and the explosive roars all contribute to the overall catharsis. Don't be afraid to crank up the volume and fully immerse yourself in the chaotic symphony.
Short Bursts are Key:Â "Kick the Buddy" isn't designed for marathon sessions. Its strength lies in its ability to provide quick, satisfying bursts of stress relief. When you feel a bit overwhelmed or just need a mental break, a few minutes of playful destruction can do wonders.
No Right or Wrong Way: There's no leaderboard, no competitive element. The only "goal" is your own enjoyment. Feel free to be as chaotic or as precise as you wish. It’s your sandbox, and Buddy is your patient (and perpetually recovering) subject.
A Concluding Whack
In a world often filled with complexity, the simplicity and pure, unadulterated fun of "Kick the Buddy" is a refreshing antidote. It's a game that doesn't demand much from you, except a willingness to let go and embrace a bit of lighthearted destruction. So the next time you feel the need to let off some steam, consider giving Buddy a good kicking (or exploding, or freezing, or zapping). You might just find it to be the most satisfying stress reliever you never knew you needed.
Have you ever found yourself mesmerized by those vibrant, impossible-looking platformers where a small, geometric icon zips through a world of spikes and sudden drops? If so, you've likely encountered Geometry Dash, and its accessible younger sibling, geometry dash lite. This game, a rhythm-based platformer, might look daunting at first glance, but it offers a surprisingly deep and rewarding experience for those willing to embrace its unique brand of challenge. Whether you're a seasoned gamer looking for a new obsession or a casual player curious about what makes this game tick, let's dive into the exhilarating world of Geometry Dash Lite.
https://geometrylitepc.com/
Introduction: The Rhythm of Reaction
Geometry Dash Lite, available on various platforms, including as a full-fledged experience on your PC, distills the core essence of its paid counterpart into a free-to-play package. At its heart, it's a simple premise: guide your customizable icon through a series of obstacles, primarily spikes and sawblades, by tapping or clicking to jump. The catch? The entire level is synced to a pulsating, electronic soundtrack, making timing absolutely crucial. What begins as seemingly impossible quickly transforms into a dance of precise inputs and memorized patterns, all set to an energetic beat.
The game boasts a clean, minimalist aesthetic, using vibrant colors and bold geometric shapes to create its distinct visual style. Don't let the simplicity fool you; under that bright facade lies a game that demands focus, quick reflexes, and an almost zen-like patience. It's a game that teaches you the value of repetition and the thrill of overcoming seemingly insurmountable challenges, one perfectly timed jump at a time.
Gameplay: A Symphony of Taps and Jumps
The core gameplay loop of Geometry Dash Lite is deceptively straightforward. Your icon automatically moves forward, and your primary interaction is jumping. A single tap or click makes your icon jump a short distance. Holding down the tap will make your icon jump higher and longer, a crucial mechanic for navigating larger gaps or ascending multiple platforms.
As you progress through a level, you'll encounter a variety of game modes that dramatically alter your icon's behavior:
Cube:Â This is your default state, where a single tap or hold controls your jump.
Ship:Â Your icon transforms into a small spaceship, and holding down allows you to fly upwards, while releasing makes you fall. This mode demands a delicate touch, as you must navigate tight corridors and avoid ceiling and floor spikes.
Ball:Â In this mode, tapping flips your icon's gravity, making it stick to the ceiling or floor. This requires quick decisions and precise timing to avoid obstacles.
UFO:Â Similar to the cube, but your taps create a series of small, controlled jumps, allowing for more intricate aerial maneuvers.
Beyond these transformations, levels are peppered with various interactive elements:
Portals:Â These change your icon's size, speed, or game mode, keeping you constantly on your toes.
Jump Pads:Â These automatically launch you high into the air, often requiring a follow-up tap or hold for further control.
Gravity Pads:Â These instantly reverse your gravity, adding another layer of complexity to your movements.
Each level in Geometry Dash Lite is a meticulously designed gauntlet, with every obstacle placed with purpose. The challenge lies in memorizing these sequences and developing the muscle memory to execute them flawlessly. The game also features a practice mode, allowing you to place checkpoints anywhere in the level, making it easier to isolate and conquer troublesome sections without having to restart from the beginning every time.
Tips for Taming the Dash
Embarking on your Geometry Dash Lite journey can feel overwhelming initially, but with a few pointers, you'll be soaring through levels in no time:
1. Start Slow:Â Don't jump straight into the hardest levels. Begin with the easier official levels to get a feel for the game's mechanics, different game modes, and the rhythm-based timing. Each successful completion builds confidence and understanding.
2. Practice Mode is Your Friend:Â Seriously, embrace it. When you hit a wall (or a spike!), switch to practice mode. Place checkpoints before and after the problematic section and repeat it until you can consistently clear it. This targeted practice is invaluable.
3. Listen to the Music:Â The levels are designed around the soundtrack. Pay attention to the beat and the musical cues. Often, a jump or an action is perfectly synced with a particular sound or rhythm.
4. Memorize Patterns (Eventually):Â While immediate reactions are important, Geometry Dash is also about memorization. As you play a level repeatedly, you'll start to anticipate obstacles and know exactly when to tap or release.
5. Don't Get Frustrated: You will die. A lot. It's part of the learning process. Take a deep breath, learn from your mistakes, and try again. The satisfaction of finally beating a challenging level after countless attempts is what makes this game so rewarding.
6. Experiment with Controls:Â While tapping is the standard, some players prefer clicking with a mouse or using a controller. Find what feels most comfortable and gives you the most precise control.
Conclusion: The Joy of Overcoming
Geometry Dash Lite is more than just a game; it's a testament to the power of persistence and the joy of incremental improvement. What starts as a flurry of frustrated taps slowly transforms into a fluid dance of precise movements. Each completed level is a small victory, a testament to your growing skill and understanding of its intricate design.
It's a game that can be picked up for a quick five-minute session or lost in for hours as you chase that elusive "100%." It offers a unique blend of challenge, rhythm, and vibrant aesthetics that keeps players coming back for more. So, if you're looking for a game that will test your reflexes, train your timing, and provide a truly satisfying sense of accomplishment, give Geometry Dash Lite a try. You might just find yourself addicted to its spiky, rhythmic charm.
On Wed, Jul 8, 2026 at 1:53 PM Andreas Hindborg <a.hindborg(a)kernel.org> wrote:
>
> Commit 9b836641d3bf ("rust: helpers: Add bindings/wrappers for
> dma_resv_lock") added rust_helper_dma_resv_lock() and
> rust_helper_dma_resv_unlock() unconditionally. However, the dma-resv
> functionality is only available when CONFIG_DMA_SHARED_BUFFER is
> enabled, resulting in the following link error when it is not:
>
> LD .tmp_vmlinux1
> ld.lld: error: undefined symbol: dma_resv_reset_max_fences
> >>> referenced by dma-resv.h:463
> >>> rust/helpers/helpers.o:(rust_helper_dma_resv_unlock) in archive vmlinux.a
>
> The dma_resv_unlock() inline in <linux/dma-resv.h> calls
> dma_resv_reset_max_fences(), which is only compiled into
> drivers/dma-buf/dma-resv.c when CONFIG_DMA_SHARED_BUFFER is set. With
> the option disabled the symbol is never defined, so the helper fails
> to link.
>
> Fix this by guarding the helper definitions with `#ifdef
> CONFIG_DMA_SHARED_BUFFER`.
>
> The only user of this helper is the DRM shmem abstractions, which already
> depend on `CONFIG_DMA_SHARED_BUFFER`.
>
> Cc: stable(a)vger.kernel.org
> Fixes: 9b836641d3bf ("rust: helpers: Add bindings/wrappers for dma_resv_lock")
> Signed-off-by: Andreas Hindborg <a.hindborg(a)kernel.org>
Please see:
https://lore.kernel.org/rust-for-linux/20260708082454.1254320-3-mkchauras@g…
Cheers,
Miguel
Hi Linus and folks,
DEPT(DEPendency Tracker) is a runtime deadlock detection framework that
sees what lockdep cannot.
I'm thrilled to share that DEPT has moved beyond theory and is now
catching real deadlocks in the wild:
https://lore.kernel.org/lkml/6383cde5-cf4b-facf-6e07-1378a485657d@I-love.SA…https://lore.kernel.org/lkml/1674268856-31807-1-git-send-email-byungchul.pa…https://lore.kernel.org/all/b6e00e77-4a8c-4e05-ab79-266bf05fcc2d@igalia.com/
I've added comprehensive documentation explaining DEPT's design and usage.
Getting started is as simple as enabling CONFIG_DEPT and watching dmesg.
THE PROBLEM LOCKDEP CANNOT SOLVE
--------------------------------
Lockdep has been our trusted deadlock detector for two decades, but it
has a fundamental blind spot: it tracks lock acquisition order, not the
actual waits and events that cause deadlocks. This means lockdep misses:
* Deadlocks involving folio locks (not released within the context)
* Cross-context synchronization like wait_for_completion()/complete()
* DMA fence waits, RCU waits, and general waitqueue patterns
* Any synchronization primitive outside the classic lock/unlock model
Consider this real deadlock pattern that lockdep cannot detect:
context X context Y context Z
mutex_lock A
folio_lock B
folio_lock B <- DEADLOCK
mutex_lock A <- DEADLOCK
folio_unlock B
folio_unlock B
mutex_unlock A
mutex_unlock A
Lockdep sees lock acquisitions. DEPT sees the actual dependency:
"mutex_unlock A in context Y cannot happen until folio_lock B is
awakened by the owner's folio_unlock B, and vice versa in context Z."
It's a circular dependency that means deadlock.
THE DEPT APPROACH
-----------------
DEPT asks a simpler question: "What is this context waiting for, and
what event will wake it up?"
Every deadlock is fundamentally about unreachable events. DEPT tracks:
[S] Where an event context begins (the code path that will trigger
an event)
[W] Where a wait for another event apears between [S] and [E]
[E] Where the event for [S] occurs
By building a dependency graph of "[E] cannot occur until the event that
[W] waits for occurs", DEPT detects circular dependencies regardless of
the underlying synchronization primitives involved.
WHAT DEPT BRINGS TO THE TABLE
-----------------------------
* Universal coverage: Works with any wait/event-based synchronization,
not just locks
* Correct read-lock handling: No more blind spots for read-side
dependencies
* Continuous operation: Unlike lockdep, DEPT keeps running after
reports, catching multiple deadlocks in a single session
* Clean annotation API: Simple, intuitive interfaces for subsystem
maintainers to refine detection
* Battle-tested: Already catching real deadlocks as the links above
demonstrate
FALSE POSITIVES: THE HONEST CONVERSATION
----------------------------------------
Like any powerful detection tool, DEPT faces the false positive
challenge. This is not unique to DEPT — lockdep spent years building its
annotation infrastructure (lock classes, subclasses, lockdep_map) to
separate real bugs from intentional patterns.
DEPT is on the same journey. We have:
* Event site recovery: Declare when an event has fallback paths
* Subclass-based classification: Distinguish per-CPU, per-device,
and modality-specific waits
* Page usage tracking: Separate block device mappings from regular
file mappings to avoid spurious reports (currently being worked on)
But comprehensive annotation requires subsystem maintainer expertise.
This is where I need your help.
THE PATH TO MAINLINE
--------------------
DEPT is marked EXPERIMENTAL in Kconfig for a reason. Like lockdep, it
will mature through collaboration:
1. Core framework: Stabilized and ready for review
2. Subsystem pilots: Working with maintainers to add annotations
where they matter most (mm, block, drm, networking, ...)
3. Gradual enablement: DEPT and lockdep coexist; DEPT takes over
dependency checking when ready
I am not proposing to replace lockdep. Lockdep's lock usage validation
remains invaluable. The vision is:
LOCKDEP: Validates correct lock usage
|
v
DEPT: Performs dependency checking with full wait/event coverage
WHY MERGE NOW?
--------------
Some might suggest: "Fix all false positives out-of-tree first." But
the affected subsystems span the entire kernel. Like lockdep's
two-decade annotation journey, DEPT needs mainline visibility for:
* Proper annotation placement (maintainers know their code best)
* Real-world testing across configurations and workloads
* Incremental improvement through community feedback
CONFIG_DEPT is opt-in. It won't affect your default kernel build. But
for those debugging complex synchronization issues, DEPT is ready to
help today.
ACKNOWLEDGMENTS
---------------
This work would not be possible without:
Harry Yoo <harry.yoo(a)oracle.com>
Gwan-gyeong Mun <gwan-gyeong.mun(a)intel.com>
Yunseong Kim <ysk(a)kzalloc.com>
Yeoreum Yun <yeoreum.yun(a)arm.com>
And the countless kernel developers whose lockdep annotations over two
decades showed us the path forward.
FAQ
---
Q. Isn't this the cross-release feature that got reverted?
A. Cross-release (commit b09be676e0ff2) attempted to extend lockdep
with wait/event tracking. It found real bugs but introduced false
positives that masked further issues. DEPT learns from that
experience with a cleaner design and flexible reporting that makes
false positives less disruptive.
Q. Why not build DEPT into lockdep?
A. Lockdep is stable, battle-tested code. I chose separation because
while DEPT borrows BFS and hashing ideas, the wait/event model
requires rebuilding from scratch. Lockdep was designed for lock
acquisition order — retrofitting it would risk its stability.
Q. Will DEPT replace lockdep?
A. No. Lockdep validates correct lock usage — that's not going away.
DEPT supersedes only the dependency-checking logic when mature.
Q. Should we merge DEPT now or wait for more annotations out-of-tree?
A. Now. The annotation journey requires mainline collaboration. Lockdep
didn't become useful overnight — it grew through maintainer
contributions. DEPT needs the same path.
Q. What if I enable DEPT and get false positives?
A. That's the point — report them. Work with us to add annotations that
distinguish your intentional patterns from real deadlocks. This is
how lockdep became indispensable, and it's how DEPT will too.
GETTING STARTED
---------------
1. Enable CONFIG_DEPT (EXPERIMENTAL)
2. Boot your kernel
3. Check dmesg for DEPT reports
4. Read Documentation/dev-tools/dept.rst for interpretation
DEPT is a tool for understanding your code's synchronization behavior.
Even if you never see a deadlock report, the visibility it provides
is invaluable.
I look forward to your feedback, patches, and collaboration. Let's make
DEPT as indispensable to kernel developers as lockdep has been.
---
Changes from v18:
1. Rebase on v7.0.
2. Add 'Reviewed-by: Jeff Layton <jlayton(a)kernel.org>' on 37th
patch, 'SUNRPC: relocate struct rcu_head to the first field
of struct rpc_xprt'. (thanks to Jeff Layton)
3. Refine and supplement dept documents and comments, and fix
typos. (feedbacked by Bagas Sanjaya and Yunseong Kim)
4. Add __rust_helper to rust_helper_wait_for_completion().
(feedbacked by Dirk Behme)
5. Remove the part supporting recover events tracking - I will
keep maintaining it out of tree tho - as it unnecessarily
complicates the initial DEPT patchset and significantly
increases the review burden.
6. Get rid of 'extern' keyword with function declarations.
(feedbacked by Petr Pavlu)
Changes from v17:
1. Rebase on the mainline as of 2025 Dec 5.
2. Convert the documents' format from txt to rst. (feedbacked
by Jonathan Corbet and Bagas Sanjaya)
3. Move the documents from 'Documentation/dependency' to
'Documentation/dev-tools'. (feedbakced by Jonathan Corbet)
4. Improve the documentation. (feedbacked by NeilBrown)
5. Use a common function, enter_from_user_mode(), instead of
arch specific code, to notice context switch from user mode.
(feedbacked by Dave Hansen, Mark Rutland, and Mark Brown)
6. Resolve the header dependency issue by using dept's internal
header, instead of relocating 'struct llist_{head,node}' to
another header. (feedbacked by Greg KH)
7. Improve page(or folio) usage type APIs.
8. Add rust helper for wait_for_completion(). (feedbacked by
Guangbo Cui, Boqun Feng, and Danilo Krummrich)
9. Refine some commit messages.
Changes from v16:
1. Rebase on v6.17.
2. Fix a false positive from rcu (by Yunseong Kim)
3. Introduce APIs to set page's usage, dept_set_page_usage() and
dept_reset_page_usage() to avoid false positives.
4. Consider lock_page() as a potential wait unconditionally.
5. Consider folio_lock_killable() as a potential wait
unconditionally.
6. Add support for tracking PG_writeback waits and events.
7. Fix two build errors due to the additional debug information
added by dept. (by Yunseong Kim)
Changes from v15:
1. Fix typo and improve comments and commit messages (feedbacked
by ALOK TIWARI, Waiman Long, and kernel test robot).
2. Do not stop dept on detection of cicular dependency of
recover event, allowing to keep reporting.
3. Add SK hynix to copyright.
4. Consider folio_lock() as a potential wait unconditionally.
5. Fix Kconfig dependency bug (feedbacked by kernel test rebot).
6. Do not suppress reports that involve classes even that have
already involved in other reports, allowing to keep
reporting.
Changes from v14:
1. Rebase on the current latest, v6.15-rc6.
2. Refactor dept code.
3. With multi event sites for a single wait, even if an event
forms a circular dependency, the event can be recovered by
other event(or wake up) paths. Even though informing the
circular dependency is worthy but it should be suppressed
once informing it, if it doesn't lead an actual deadlock. So
introduce APIs to annotate the relationship between event
site and recover site, that are, event_site() and
dept_recover_event().
4. wait_for_completion() worked with dept map embedded in struct
completion. However, it generates a few false positves since
all the waits using the instance of struct completion, share
the map and key. To avoid the false positves, make it not to
share the map and key but each wait_for_completion() caller
have its own key by default. Of course, external maps also
can be used if needed.
5. Fix a bug about hardirq on/off tracing.
6. Implement basic unit test for dept.
7. Add more supports for dma fence synchronization.
8. Add emergency stop of dept e.g. on panic().
9. Fix false positives by mmu_notifier_invalidate_*().
10. Fix recursive call bug by DEPT_WARN_*() and DEPT_STOP().
11. Fix trivial bugs in DEPT_WARN_*() and DEPT_STOP().
12. Fix a bug that a spin lock, dept_pool_spin, is used in
both contexts of irq disabled and enabled without irq
disabled.
13. Suppress reports with classes, any of that already have
been reported, even though they have different chains but
being barely meaningful.
14. Print stacktrace of the wait that an event is now waking up,
not only stacktrace of the event.
15. Make dept aware of lockdep_cmp_fn() that is used to avoid
false positives in lockdep so that dept can also avoid them.
16. Do do_event() only if there are no ecxts have been
delimited.
17. Fix a bug that was not synchronized for stage_m in struct
dept_task, using a spin lock, dept_task()->stage_lock.
18. Fix a bug that dept didn't handle the case that multiple
ttwus for a single waiter can be called at the same time
e.i. a race issue.
19. Distinguish each kernel context from others, not only by
system call but also by user oriented fault so that dept can
work with more accuracy information about kernel context.
That helps to avoid a few false positives.
20. Limit dept's working to x86_64 and arm64.
Changes from v13:
1. Rebase on the current latest version, v6.9-rc7.
2. Add 'dept' documentation describing dept APIs.
Changes from v12:
1. Refine the whole document for dept.
2. Add 'Interpret dept report' section in the document, using a
deadlock report obtained in practice. Hope this version of
document helps guys understand dept better.
https://lore.kernel.org/lkml/6383cde5-cf4b-facf-6e07-1378a485657d@I-love.SA…https://lore.kernel.org/lkml/1674268856-31807-1-git-send-email-byungchul.pa…
Changes from v11:
1. Add 'dept' documentation describing the concept of dept.
2. Rewrite the commit messages of the following commits for
using weaker lockdep annotation, for better description.
fs/jbd2: Use a weaker annotation in journal handling
cpu/hotplug: Use a weaker annotation in AP thread
(feedbacked by Thomas Gleixner)
Changes from v10:
1. Fix noinstr warning when building kernel source.
2. dept has been reporting some false positives due to the folio
lock's unfairness. Reflect it and make dept work based on
dept annotaions instead of just wait and wake up primitives.
3. Remove the support for PG_writeback while working on 2. I
will add the support later if needed.
4. dept didn't print stacktrace for [S] if the participant of a
deadlock is not lock mechanism but general wait and event.
However, it made hard to interpret the report in that case.
So add support to print stacktrace of the requestor who asked
the event context to run - usually a waiter of the event does
it just before going to wait state.
5. Give up tracking raw_local_irq_{disable,enable}() since it
totally messed up dept's irq tracking. So make it work in the
same way as lockdep does. I will consider it once any false
positives by those are observed again.
6. Change the manual rwsem_acquire_read(->j_trans_commit_map)
annotation in fs/jbd2/transaction.c to the try version so
that it works as much as it exactly needs.
7. Remove unnecessary 'inline' keyword in dept.c and add
'__maybe_unused' to a needed place.
Changes from v9:
1. Fix a bug. SDT tracking didn't work well because of my big
mistake that I should've used waiter's map to indentify its
class but it had been working with waker's one. FYI,
PG_locked and PG_writeback weren't affected. They still
worked well. (reported by YoungJun)
Changes from v8:
1. Fix build error by adding EXPORT_SYMBOL(PG_locked_map) and
EXPORT_SYMBOL(PG_writeback_map) for kernel module build -
appologize for that. (reported by kernel test robot)
2. Fix build error by removing header file's circular dependency
that was caused by "atomic.h", "kernel.h" and "irqflags.h",
which I introduced - appolgize for that. (reported by kernel
test robot)
Changes from v7:
1. Fix a bug that cannot track rwlock dependency properly,
introduced in v7. (reported by Boqun and lockdep selftest)
2. Track wait/event of PG_{locked,writeback} more aggressively
assuming that when a bit of PG_{locked,writeback} is cleared
there might be waits on the bit. (reported by Linus, Hillf
and syzbot)
3. Fix and clean bad style code e.i. unnecessarily introduced
a randome pattern and so on. (pointed out by Linux)
4. Clean code for applying dept to wait_for_completion().
Changes from v6:
1. Tie to task scheduler code to track sleep and try_to_wake_up()
assuming sleeps cause waits, try_to_wake_up()s would be the
events that those are waiting for, of course with proper dept
annotations, sdt_might_sleep_weak(), sdt_might_sleep_strong()
and so on. For these cases, class is classified at sleep
entrance rather than the synchronization initialization code.
Which would extremely reduce false alarms.
2. Remove the dept associated instance in each page struct for
tracking dependencies by PG_locked and PG_writeback thanks to
the 1. work above.
3. Introduce CONFIG_dept_AGGRESIVE_TIMEOUT_WAIT to suppress
reports that waits with timeout set are involved, for those
who don't like verbose reporting.
4. Add a mechanism to refill the internal memory pools on
running out so that dept could keep working as long as free
memory is available in the system.
5. Re-enable tracking hashed-waitqueue wait. That's going to no
longer generate false positives because class is classified
at sleep entrance rather than the waitqueue initailization.
6. Refactor to make it easier to port onto each new version of
the kernel.
7. Apply dept to dma fence.
8. Do trivial optimizaitions.
Changes from v5:
1. Use just pr_warn_once() rather than WARN_ONCE() on the lack
of internal resources because WARN_*() printing stacktrace is
too much for informing the lack. (feedback from Ted, Hyeonggon)
2. Fix trivial bugs like missing initializing a struct before
using it.
3. Assign a different class per task when handling onstack
variables for waitqueue or the like. Which makes dept
distinguish between onstack variables of different tasks so
as to prevent false positives. (reported by Hyeonggon)
4. Make dept aware of even raw_local_irq_*() to prevent false
positives. (reported by Hyeonggon)
5. Don't consider dependencies between the events that might be
triggered within __schedule() and the waits that requires
__schedule(), real ones. (reported by Hyeonggon)
6. Unstage the staged wait that has prepare_to_wait_event()'ed
*and* yet to get to __schedule(), if we encounter __schedule()
in-between for another sleep, which is possible if e.g. a
mutex_lock() exists in 'condition' of ___wait_event().
7. Turn on CONFIG_PROVE_LOCKING when CONFIG_DEPT is on, to rely
on the hardirq and softirq entrance tracing to make dept more
portable for now.
Changes from v4:
1. Fix some bugs that produce false alarms.
2. Distinguish each syscall context from another *for arm64*.
3. Make it not warn it but just print it in case dept ring
buffer gets exhausted. (feedback from Hyeonggon)
4. Explicitely describe "EXPERIMENTAL" and "dept might produce
false positive reports" in Kconfig. (feedback from Ted)
Changes from v3:
1. dept shouldn't create dependencies between different depths
of a class that were indicated by *_lock_nested(). dept
normally doesn't but it does once another lock class comes
in. So fixed it. (feedback from Hyeonggon)
2. dept considered a wait as a real wait once getting to
__schedule() even if it has been set to TASK_RUNNING by wake
up sources in advance. Fixed it so that dept doesn't consider
the case as a real wait. (feedback from Jan Kara)
3. Stop tracking dependencies with a map once the event
associated with the map has been handled. dept will start to
work with the map again, on the next sleep.
Changes from v2:
1. Disable dept on bit_wait_table[] in sched/wait_bit.c
reporting a lot of false positives, which is my fault.
Wait/event for bit_wait_table[] should've been tagged in a
higher layer for better work, which is a future work.
(feedback from Jan Kara)
2. Disable dept on crypto_larval's completion to prevent a false
positive.
Changes from v1:
1. Fix coding style and typo. (feedback from Steven)
2. Distinguish each work context from another in workqueue.
3. Skip checking lock acquisition with nest_lock, which is about
correct lock usage that should be checked by lockdep.
Changes from RFC(v0):
1. Prevent adding a wait tag at prepare_to_wait() but __schedule().
(feedback from Linus and Matthew)
2. Use try version at lockdep_acquire_cpus_lock() annotation.
3. Distinguish each syscall context from another.
Byungchul Park (39):
dept: implement DEPT(DEPendency Tracker)
dept: add single event dependency tracker APIs
dept: add lock dependency tracker APIs
dept: tie to lockdep and IRQ tracing
dept: add proc knobs to show stats and dependency graph
dept: distinguish each kernel context from another
dept: distinguish each work from another
dept: add a mechanism to refill the internal memory pools on running
out
dept: record the latest one out of consecutive waits of the same class
dept: apply sdt_might_sleep_{start,end}() to
wait_for_completion()/complete()
dept: apply sdt_might_sleep_{start,end}() to swait
dept: apply sdt_might_sleep_{start,end}() to waitqueue wait
dept: apply sdt_might_sleep_{start,end}() to hashed-waitqueue wait
dept: apply sdt_might_sleep_{start,end}() to dma fence
dept: track timeout waits separately with a new Kconfig
dept: apply timeout consideration to wait_for_completion()/complete()
dept: apply timeout consideration to swait
dept: apply timeout consideration to waitqueue wait
dept: apply timeout consideration to hashed-waitqueue wait
dept: apply timeout consideration to dma fence wait
dept: make dept able to work with an external wgen
dept: track PG_locked with dept
dept: print staged wait's stacktrace on report
locking/lockdep: prevent various lockdep assertions when
lockdep_off()'ed
dept: add documents for dept
cpu/hotplug: use a weaker annotation in AP thread
dept: assign dept map to mmu notifier invalidation synchronization
dept: assign unique dept_key to each distinct dma fence caller
dept: make dept aware of lockdep_set_lock_cmp_fn() annotation
dept: make dept stop from working on debug_locks_off()
dept: assign unique dept_key to each distinct wait_for_completion()
caller
completion, dept: introduce init_completion_dmap() API
dept: call dept_hardirqs_off() in local_irq_*() regardless of irq
state
dept: introduce APIs to set page usage and use subclasses_evt for the
usage
dept: track PG_writeback with dept
SUNRPC: relocate struct rcu_head to the first field of struct rpc_xprt
mm: percpu: increase PERCPU_DYNAMIC_SIZE_SHIFT on DEPT and large
PAGE_SIZE
rust: completion: Add __rust_helper to
rust_helper_wait_for_completion()
dept: implement a basic unit test for dept
Yunseong Kim (1):
rcu/update: fix same dept key collision between various types of RCU
Documentation/dev-tools/dept.rst | 905 ++++++++
Documentation/dev-tools/dept_api.rst | 124 +
Documentation/dev-tools/index.rst | 2 +
drivers/dma-buf/dma-fence.c | 23 +-
include/linux/completion.h | 124 +-
include/linux/dept.h | 267 +++
include/linux/dept_ldt.h | 78 +
include/linux/dept_sdt.h | 68 +
include/linux/dept_unit_test.h | 61 +
include/linux/dma-fence.h | 74 +-
include/linux/hardirq.h | 3 +
include/linux/irq-entry-common.h | 4 +
include/linux/irqflags.h | 21 +-
include/linux/local_lock_internal.h | 1 +
include/linux/lockdep.h | 105 +-
include/linux/lockdep_types.h | 3 +
include/linux/mm_types.h | 4 +
include/linux/mmu_notifier.h | 26 +
include/linux/mutex.h | 1 +
include/linux/page-flags.h | 217 +-
include/linux/pagemap.h | 37 +-
include/linux/percpu-rwsem.h | 2 +-
include/linux/percpu.h | 4 +
include/linux/rcupdate_wait.h | 13 +-
include/linux/rtmutex.h | 1 +
include/linux/rwlock_types.h | 1 +
include/linux/rwsem.h | 1 +
include/linux/sched.h | 111 +
include/linux/seqlock.h | 2 +-
include/linux/spinlock_types_raw.h | 3 +
include/linux/srcu.h | 2 +-
include/linux/sunrpc/xprt.h | 9 +-
include/linux/swait.h | 3 +
include/linux/wait.h | 3 +
include/linux/wait_bit.h | 3 +
init/init_task.c | 2 +
init/main.c | 2 +
kernel/Makefile | 1 +
kernel/cpu.c | 2 +-
kernel/dependency/Makefile | 5 +
kernel/dependency/dept.c | 3222 ++++++++++++++++++++++++++
kernel/dependency/dept_hash.h | 10 +
kernel/dependency/dept_internal.h | 314 +++
kernel/dependency/dept_object.h | 13 +
kernel/dependency/dept_proc.c | 94 +
kernel/dependency/dept_unit_test.c | 149 ++
kernel/exit.c | 1 +
kernel/fork.c | 2 +
kernel/locking/lockdep.c | 33 +
kernel/module/main.c | 2 +
kernel/rcu/rcu.h | 1 +
kernel/rcu/update.c | 5 +-
kernel/sched/completion.c | 62 +-
kernel/sched/core.c | 9 +
kernel/workqueue.c | 3 +
lib/Kconfig.debug | 48 +
lib/debug_locks.c | 2 +
lib/locking-selftest.c | 2 +
mm/filemap.c | 38 +
mm/mm_init.c | 3 +
mm/mmu_notifier.c | 31 +-
rust/helpers/completion.c | 5 +
62 files changed, 6247 insertions(+), 120 deletions(-)
create mode 100644 Documentation/dev-tools/dept.rst
create mode 100644 Documentation/dev-tools/dept_api.rst
create mode 100644 include/linux/dept.h
create mode 100644 include/linux/dept_ldt.h
create mode 100644 include/linux/dept_sdt.h
create mode 100644 include/linux/dept_unit_test.h
create mode 100644 kernel/dependency/Makefile
create mode 100644 kernel/dependency/dept.c
create mode 100644 kernel/dependency/dept_hash.h
create mode 100644 kernel/dependency/dept_internal.h
create mode 100644 kernel/dependency/dept_object.h
create mode 100644 kernel/dependency/dept_proc.c
create mode 100644 kernel/dependency/dept_unit_test.c
base-commit: 028ef9c96e96197026887c0f092424679298aae8
--
2.17.1
DMA_HEAP_IOCTL_ALLOC allocates a dma-buf and installs an fd into the
caller's fd table via fd_install() before dma_heap_ioctl() copies the
result back to userspace. If the trailing copy_to_user() fails, the
ioctl returns -EFAULT and userspace never learns the fd number, but
the fd (and the underlying dma-buf reference) remain in the caller's
fd table and are leaked for the lifetime of the process.
The failure is easily reachable from userspace: pass a struct
dma_heap_allocation_data that lives in a page whose protection is
flipped to PROT_READ between copy_from_user() and copy_to_user()
(e.g. via mprotect()). Each such ioctl leaks one dmabuf fd; repeating
the call quickly fills /proc/<pid>/fd with anonymous "/dmabuf:"
entries that only go away when the process exits.
Fix it by closing the installed fd (and clearing the fd field of the
kernel-side copy) when copy_to_user() fails after a successful
allocation, so the error path matches what userspace observes: no fd
was returned, therefore no fd is left behind.
Fixes: c02a81fba74f ("dma-buf: Add dma-buf heaps framework")
Cc: stable(a)vger.kernel.org
Signed-off-by: Baineng Shou <shoubaineng(a)gmail.com>
---
Reproducer (full source, gcc -o poc poc.c; run as root):
// poc.c -- leak one dma-buf fd per DMA_HEAP_IOCTL_ALLOC
// when copy_to_user() fails
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/ioctl.h>
#include <sys/mman.h>
#include <linux/dma-heap.h>
int main(int argc, char **argv)
{
int n = argc > 1 ? atoi(argv[1]) : 100;
long ps = sysconf(_SC_PAGESIZE);
int heap = open("/dev/dma_heap/system", O_RDWR | O_CLOEXEC);
if (heap < 0)
return perror("open"), 1;
for (int i = 0; i < n; i++) {
/* Put a valid request in a page, then make the page
* read-only: copy_from_user() still succeeds and the
* dma-buf is allocated and fd_install()'d, but the
* trailing copy_to_user() fails and the fd, never
* returned to us, is leaked.
*/
struct dma_heap_allocation_data *req =
mmap(NULL, ps, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
memset(req, 0, sizeof(*req));
req->len = ps;
req->fd_flags = O_RDWR | O_CLOEXEC;
mprotect(req, ps, PROT_READ);
ioctl(heap, DMA_HEAP_IOCTL_ALLOC, req); /* -EFAULT */
munmap(req, ps);
}
printf("done: check ls -l /proc/%d/fd for %d leaked fds\n",
getpid(), n);
pause();
return 0;
}
Before the fix, ./poc 10 leaves 10 anonymous dmabuf fds in the
caller's fd table:
# ls -l /proc/$(pgrep poc)/fd
lrwx------ 1 root root 64 Jan 1 00:03 3 -> /dev/dma_heap/system
lrwx------ 1 root root 64 Jan 1 00:03 4 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 5 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 6 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 7 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 8 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 9 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 10 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 11 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 12 -> /dmabuf:
lrwx------ 1 root root 64 Jan 1 00:03 13 -> /dmabuf:
After the fix, only /dev/dma_heap/system remains open; the
anonymous "/dmabuf:" entries are gone.
drivers/dma-buf/dma-heap.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/drivers/dma-buf/dma-heap.c b/drivers/dma-buf/dma-heap.c
index a76bf3f8b071..0dd7a84b06bf 100644
--- a/drivers/dma-buf/dma-heap.c
+++ b/drivers/dma-buf/dma-heap.c
@@ -18,6 +18,7 @@
#include <linux/uaccess.h>
#include <linux/xarray.h>
#include <uapi/linux/dma-heap.h>
+#include <linux/fdtable.h>
#define DEVNAME "dma_heap"
@@ -181,8 +182,16 @@ static long dma_heap_ioctl(struct file *file, unsigned int ucmd,
goto err;
}
- if (copy_to_user((void __user *)arg, kdata, out_size) != 0)
+ if (copy_to_user((void __user *)arg, kdata, out_size) != 0) {
+ if (kcmd == DMA_HEAP_IOCTL_ALLOC && ret == 0) {
+ struct dma_heap_allocation_data *h = (void *)kdata;
+
+ close_fd(h->fd);
+ h->fd = -1;
+ }
ret = -EFAULT;
+ }
+
err:
if (kdata != stack_kdata)
kfree(kdata);
--
2.34.1
Hi Logan,
On 02/07/2026 21:34, Logan Gunthorpe wrote:
>
>
> On 2026-07-02 10:44 a.m., Matt Evans wrote:
>>> So maybe at this point it's fine to enable this on 32bit systems and we
>>> can remove this requirement. However, I think we should do that
>>> explicitly in its own patch, not hide it in this refactoring patch.
>>
>> Your question does prove it's too stealthy as-is. :) PCI_P2PDMA still
>> can't be enabled on 32-bit systems because of its ZONE_DEVICE ->
>> MEMORY_HOTPLUG -> 64BIT dependency. So we're not enabling 32-bit
>> support for PCI_P2PDMA here, but it's not obvious and so I'll re-add the
>> `depends on 64BIT`. At least then it won't be enabled without intention
>> if someone enables ZONE_DEVICE on 32-bit systems...
>
> Ok, that all makes sense to me. I would be good with removing the 64BIT
> dependency (as it is is a bit confusing as is) but I think adding
> another patch would be appropriate with some of the commit message notes
> you mentioned in your emails.
>
> Besides that, I think you can add to this patch:
>
> Reviewed-by: Logan Gunthorpe <logang(a)deltatee.com>
Thanks for that. On second reading, just want to check with you:
I'm intending to repost _retaining_ the 64BIT dependency (i.e. revert
its removal) for simplicity's sake. Then we can follow up separatey
(outside this series) with a cleanup patch to remove 64BIT, explain,
examine other dependencies etc. as you suggest. Works for you?
(I want to reduce the diff in this series, and revert since this isn't
truly necessary && wasn't entirely obvious.)
Cheers,
Matt