l1tf | L1 Trend Filtering - After Boyd et al : http : //www

You may have found a bug. Please post the output of:

I run my docker container on AWS ec2 t2.small which has 2 GB RAM as t2.micro memory(1GB) isn't enough for running the Elasticsearch container, so it should be fine for you as well until you have configured a lot more things. Looked into your logs but I don't see any error, hence difficult to debug without your docker-file.

Below is my docker-compose file for running Elasticsearch 7.6 in a docker container in AWS t2.small instance, let me know if it doesn't work for you and happy to help further.

So miracle of miracles I came across the answer totally by accident. I'd like to share in case anybody else comes across this and similarly bangs their heads for months.

In a totally unrelated change for another system I'm working on using this block driver, I made a change today and tried it on the pi4 and like magic it's all working.

What was the change? Not at all where I was looking....

So I register a callback with blk_queue_make_request not blk_init_queue. I don't handle the request queue, I handle the bios in the block request directly.

In so doing, you are told: https://www.kernel.org/doc/htmldocs/kernel-api/API-blk-queue-make-request.html

"The driver that does this must be able to deal appropriately with buffers in “highmemory”. This can be accomplished by either calling __bio_kmap_atomic to get a temporary kernel mapping, or by calling blk_queue_bounce to create a buffer in normal memory. "

Well, I had been achieving that with calls to kmap_atomic when I wanted to get the buffer. Today I read that there's a limited number of slots for those memory mappings and you should only call that if you're in an interrupt context and can't go to sleep, because the kmap_atomic call pulls from the reserved pile so it doesn't have to allocate on the call and possibly be put to sleep.

But my kernel module can sleep, so I changed the call to kmap() and... like magic... it's working.

So I'm thinking the failure cases were where kmap_atomic was failing and I wasn't catching or noticing, or possibly, something is wrong with kmap_atomic on the pi4 or on the interaction between the kernel in that case or something. I'll play more and see if I can tease out what's going on, but the trick is something's wrong with the way I was calling kmap_atomic.

After a little playing around...

This is most probably due to your installation of Docker. Docker by default can use all system resources. Toolbox installation uses VM from Virtualbox. You should increase the resources of the VM on Virtualbox.

If you are using Windows 10, you should not use Docker Toolbox due to it's only for legacy OS (Win 7). You should use Docker CE.

tldr;

Add Thread.currentThread().join(); after calling play method of media player inside the class hosting the callback. It will somehow keep the thread running, preventing the execution stopping due to end of executable logic in case any native lib error.

After doing many experiments or say trial and error, I found this.

Something else needed to keep the application running or otherwise even a single error in native code while processing the stream will kill the whole application. The actual code from where I took usage example of custom renderer is opening a jwt Frame which is keeping the application open. I removed it as I need not to show anything. But, now I started getting the problem. There's no other work left for the running thread/class, any error originating in native lib will break the connection(an expert might use a better terminology here) and hence the program will close, in return JNI will fire callback object is garbage collected.

I was using the Thread.currentThread().join(); but outside the class after creating an instance, hence effecting nothing for the class hosting the callbacks for rendering/processing the data.

Thinking more about what the jwt Frame might be doing, I removed it and replaced with Thread.currentThread().join(); inside the constructor, voila it started working perfectly.

So apparently the above config does in fact disable those patches. I was using /proc/cpuinfo to determine whether or not the patches were applied. A colleague ran a checker and they are disabled after adding the above config.

Go figure, don't trust /proc/cpuinfo for spectre/meltdown on container linux.