On Mar 20, 2013, at 1:09 AM, Andrew Morton <a...@linux-foundation.org> wrote:
> On Tue, 19 Mar 2013 13:31:18 +0400 Vladimir Davydov <vdavy...@parallels.com> > wrote: > >> mnt_drop_write() must be called only if mnt_want_write() succeeded, >> otherwise the mnt_writers counter will diverge. >> >> ... >> >> --- a/ipc/mqueue.c >> +++ b/ipc/mqueue.c >> @@ -840,7 +840,8 @@ out_putfd: >> fd = error; >> } >> mutex_unlock(&root->d_inode->i_mutex); >> - mnt_drop_write(mnt); >> + if (!ro) >> + mnt_drop_write(mnt); >> out_putname: >> putname(name); >> return fd; > > huh, that's been there for a while. What were the runtime-visible > effects of the bug? mnt_writers counters are used to check if remounting FS as read-only is OK, so after an extra mnt_drop_write() call, it would be impossible to remount mqueue FS as read-only. Besides, on umount a warning would be printed like this one: [ 194.714880] ===================================== [ 194.719680] [ BUG: bad unlock balance detected! ] [ 194.724488] 3.9.0-rc3 #5 Not tainted [ 194.728159] ------------------------------------- [ 194.732958] a.out/12486 is trying to release lock (sb_writers) at: [ 194.739355] [<ffffffff811b177f>] mnt_drop_write+0x1f/0x30 [ 194.744851] but there are no more locks to release! -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
