Re: BUG: atomic counter underflow [Was: 2.6.16-rc6-mm1]

From: Ian Kent
Date: Mon Mar 13 2006 - 00:31:47 EST

Next message: Nigel Cunningham: "Re: S3 sleep regression / 2.6.16-rc1+acpi-release-20060113"
Previous message: Nigel Cunningham: "Re: S3 sleep regression / 2.6.16-rc1+acpi-release-20060113"
In reply to: Ian Kent: "Re: BUG: atomic counter underflow [Was: 2.6.16-rc6-mm1]"
Next in thread: Grant Coady: "Re: 2.6.16-rc6-mm1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 12 Mar 2006, Jiri Slaby wrote:

> Andrew Morton wrote:
> >ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.16-rc6/2.6.16-rc6-mm1/
> [snip]
> >+remove-redundant-check-from-autofs4_put_super.patch
> >+autofs4-follow_link-missing-funtionality.patch
> >
> > Update autofs4 patches in -mm.
> Hello,
>
> I caught this during ftp browsing autofs-bind-mounted directories. I don't know
> circumstancies and if the patches above are source of problem. I also don't know
> if -rc6-mm1 is the first one.

btw what do you mean autofs-bind-mounted ?

>
> BUG: atomic counter underflow at:
> [<c0104736>] show_trace+0x13/0x15
> [<c0104873>] dump_stack+0x1e/0x20
> [<c01d6c97>] autofs4_wait+0x751/0x93a
> [<c01d543b>] try_to_fill_dentry+0xca/0x11c
> [<c01d59b3>] autofs4_revalidate+0xe1/0x148
> [<c0171338>] do_lookup+0x40/0x157
> [<c0172ec4>] __link_path_walk+0x804/0xe8c
> [<c017359c>] link_path_walk+0x50/0xe8
> [<c01738b7>] do_path_lookup+0x10f/0x26d
> [<c017429c>] __user_walk_fd+0x33/0x50
> [<c016d226>] vfs_stat_fd+0x1e/0x50
> [<c016d30d>] vfs_stat+0x20/0x22
> [<c016d328>] sys_stat64+0x19/0x2d
> [<c0103127>] syscall_call+0x7/0xb
>

There's some suspicious code in waitq.c.
Could you try the following patch for me please?

--- linux-2.6.16-rc6-mm1/fs/autofs4/waitq.c.notify-bug 2006-03-13 13:23:52.000000000 +0800
+++ linux-2.6.16-rc6-mm1/fs/autofs4/waitq.c 2006-03-13 13:25:40.000000000 +0800
@@ -263,7 +263,7 @@ int autofs4_wait(struct autofs_sb_info *
wq->tgid = current->tgid;
wq->status = -EINTR; /* Status return if interrupted */
atomic_set(&wq->wait_ctr, 2);
- atomic_set(&wq->notified, 1);
+ atomic_set(&wq->notify, 1);
mutex_unlock(&sbi->wq_mutex);
} else {
atomic_inc(&wq->wait_ctr);
@@ -273,9 +273,11 @@ int autofs4_wait(struct autofs_sb_info *
(unsigned long) wq->wait_queue_token, wq->len, wq->name, notify);
}

- if (notify != NFY_NONE && atomic_dec_and_test(&wq->notified)) {
+ if (notify != NFY_NONE && atomic_read(&wq->notify)) {
int type;

+ atomic_dec(&wq->notify);
+
if (sbi->version < 5) {
if (notify == NFY_MOUNT)
type = autofs_ptype_missing;
--- linux-2.6.16-rc6-mm1/fs/autofs4/autofs_i.h.notify-bug 2006-03-13 13:23:39.000000000 +0800
+++ linux-2.6.16-rc6-mm1/fs/autofs4/autofs_i.h 2006-03-13 13:24:08.000000000 +0800
@@ -85,7 +85,7 @@ struct autofs_wait_queue {
pid_t tgid;
/* This is for status reporting upon return */
int status;
- atomic_t notified;
+ atomic_t notify;
atomic_t wait_ctr;
};

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nigel Cunningham: "Re: S3 sleep regression / 2.6.16-rc1+acpi-release-20060113"
Previous message: Nigel Cunningham: "Re: S3 sleep regression / 2.6.16-rc1+acpi-release-20060113"
In reply to: Ian Kent: "Re: BUG: atomic counter underflow [Was: 2.6.16-rc6-mm1]"
Next in thread: Grant Coady: "Re: 2.6.16-rc6-mm1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]