Hey Al,
mind looking at fs/namei,c line 2186:
if (likely(!nd_jump_root(nd)))
return s;
nd->root.mnt = NULL;
--> rcu_read_unlock(); <--
return ERR_PTR(-ECHILD);
because that rcu_read_unlock() looks odd.
It looks odd because the lock part is
if (flags & LOOKUP_RCU)
rcu_read_lock();
ie it's locked conditionally, and the code in between does not seem to
return every time LOOKUP_RCU is clear.
So mind giving this a look? Is it as obviously buggy as I think it is,
or is there something I'm missing?
Linus
