On Fri, Oct 19, 2018 at 11:36:19PM +0100, David Howells wrote:
> Alan Jenkins <alan.christopher.jenkins@xxxxxxxxx> wrote:
>
> > # open_tree_clone 3</mnt 3 sh
> > # cd /proc/self/fd/3
> > # mount --move . /mnt
> > [ 41.747831] mnt_flags=1020 umount=0
> > # cd /
> > # umount /mnt
> > umount: /mnt: target is busy
> >
> > ^ a newly introduced bug? I do not remember having this problem before.
>
> The reason EBUSY is returned is because propagate_mount_busy() is called by
> do_umount() with refcnt == 2, but mnt_count == 3:
>
> umount-3577 M=f8898a34 u=3 0x555 sp=__x64_sys_umount+0x12/0x15
>
> the trace line being added here:
>
> if (!propagate_mount_busy(mnt, 2)) {
> if (!list_empty(&mnt->mnt_list))
> umount_tree(mnt, UMOUNT_PROPAGATE|UMOUNT_SYNC);
> retval = 0;
> } else {
> trace_mnt_count(mnt, mnt->mnt_id,
> atomic_read(&mnt->mnt_count),
> 0x555, __builtin_return_address(0));
> }
>
> The busy evaluation is a result of this check:
>
> if (!list_empty(&mnt->mnt_mounts) || do_refcount_check(mnt, refcnt))
>
> in propagate_mount_busy().
>
>
> The problem apparently being that mnt_count counts both refs from mountings
> and refs from other sources, such as file descriptors or pathwalk.
As it bloody well should. Once the tree has been attached, that open_ctree()
descriptor is refering to vfsmount of /mnt (what else could it be?)
IOW, it *is* genuinely busy. The livelock on umount -l you've mentioned is
a different story - that's definitely a bug, but this -EBUSY is correct.
