On Fri, Dec 19, 2014 at 02:34:00PM +0300, Pavel Emelyanov wrote: > Hi, > > It looks like there's a strange refcount underflow in VFS/socket code. > The proggie [1] crashes the recent Linus' tree (d790be38 Merge tag > 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux) > with the calltrace [2]. > > If in the proggie the psk is replaced with non-socket descriptor the > issue doesn't appear. Gyah... mismerge on cherry-pick. My fault - ->i_fop assignment should've been removed from sock_alloc_file() in bd9b51. Could you verify that the following recovers the things? diff --git a/net/socket.c b/net/socket.c index 70bbde6..a2c33a4 100644 --- a/net/socket.c +++ b/net/socket.c @@ -372,7 +372,6 @@ struct file *sock_alloc_file(struct socket *sock, int flags, const char *dname) path.mnt = mntget(sock_mnt); d_instantiate(path.dentry, SOCK_INODE(sock)); - SOCK_INODE(sock)->i_fop = &socket_file_ops; file = alloc_file(&path, FMODE_READ | FMODE_WRITE, &socket_file_ops); -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
