Regression in 4.6.0-git - bisected to commit dd254f5a382c

[Larry Finger]

The mainline kernels past 4.6.0 fail hang when logging in. There are no error 
messages, and the machine seems to be waiting for some event that never happens.

The problem has been bisected to commit dd254f5a382c ("fold checks into 
iterate_and_advance()"). The bisection has been verified.

The problem is the call from iov_iter_advance(). When I reinstated the old macro 
with a new name and used it in that routine, the system works. Obviously, the 
call that seems to be incorrect has some benefits. My quich-and-dirty patch is 
attached.

I will be willing to test any patch you prepare.

Thanks,

Larry

--
If I was stranded on an island and the only way to get off
the island was to make a pretty UI, Iâd die there.

Linus Torvalds
diff --git a/lib/iov_iter.c b/lib/iov_iter.c
index 28cb431..614911c 100644
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -139,6 +139,43 @@
 	}							\
 }
 
+#define iterate_and_advance_nocheck(i, n, v, I, B, K) {		\
+	size_t skip = i->iov_offset;				\
+	if (unlikely(i->type & ITER_BVEC)) {			\
+		const struct bio_vec *bvec;			\
+		struct bio_vec v;				\
+		iterate_bvec(i, n, v, bvec, skip, (B))		\
+		if (skip == bvec->bv_len) {			\
+			bvec++;					\
+			skip = 0;				\
+		}						\
+		i->nr_segs -= bvec - i->bvec;			\
+		i->bvec = bvec;					\
+	} else if (unlikely(i->type & ITER_KVEC)) {		\
+		const struct kvec *kvec;			\
+		struct kvec v;					\
+		iterate_kvec(i, n, v, kvec, skip, (K))		\
+		if (skip == kvec->iov_len) {			\
+			kvec++;					\
+			skip = 0;				\
+		}						\
+		i->nr_segs -= kvec - i->kvec;			\
+		i->kvec = kvec;					\
+	} else {						\
+		const struct iovec *iov;			\
+		struct iovec v;					\
+		iterate_iovec(i, n, v, iov, skip, (I))		\
+		if (skip == iov->iov_len) {			\
+			iov++;					\
+			skip = 0;				\
+		}						\
+		i->nr_segs -= iov - i->iov;			\
+		i->iov = iov;					\
+	}							\
+	i->count -= n;						\
+	i->iov_offset = skip;					\
+}
+ 
 static size_t copy_page_to_iter_iovec(struct page *page, size_t offset, size_t bytes,
 			 struct iov_iter *i)
 {
@@ -488,7 +525,7 @@ EXPORT_SYMBOL(iov_iter_copy_from_user_atomic);
 
 void iov_iter_advance(struct iov_iter *i, size_t size)
 {
-	iterate_and_advance(i, size, v, 0, 0, 0)
+	iterate_and_advance_nocheck(i, size, v, 0, 0, 0)
 }
 EXPORT_SYMBOL(iov_iter_advance);