[tip:core/urgent] futex: fix requeue_pi key imbalance

[tip-bot for Darren Hart]

Commit-ID:  da085681014fb43d67d9bf6d14bc068e9254bd49
Gitweb:     http://git.kernel.org/tip/da085681014fb43d67d9bf6d14bc068e9254bd49
Author:     Darren Hart <dvhltc@xxxxxxxxxx>
AuthorDate: Wed, 7 Oct 2009 11:46:54 -0700
Committer:  Thomas Gleixner <tglx@xxxxxxxxxxxxx>
CommitDate: Wed, 7 Oct 2009 21:22:03 +0200

futex: fix requeue_pi key imbalance

If futex_wait_requeue_pi() wakes prior to requeue, we drop the
reference to the source futex_key twice, once in
handle_early_requeue_pi_wakeup() and once on our way out.

Remove the drop from the handle_early_requeue_pi_wakeup() and keep
the get/drops together in futex_wait_requeue_pi().

Reported-by: Helge Bahmann <hcb@xxxxxxxxxxxxxxx>
Signed-off-by: Darren Hart <dvhltc@xxxxxxxxxx>
Cc: Helge Bahmann <hcb@xxxxxxxxxxxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Cc: Dinakar Guniguntala <dino@xxxxxxxxxx>
Cc: John Stultz <johnstul@xxxxxxxxxx>
Cc: stable-2.6.31 <stable@xxxxxxxxxx>
LKML-Reference: <4ACCE21E.5030805@xxxxxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
---
 kernel/futex.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/kernel/futex.c b/kernel/futex.c
index 1e176f3..c3bb2fc 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -2111,7 +2111,6 @@ int handle_early_requeue_pi_wakeup(struct futex_hash_bucket *hb,
 		 * Unqueue the futex_q and determine which it was.
 		 */
 		plist_del(&q->list, &q->list.plist);
-		drop_futex_key_refs(&q->key);
 
 		if (timeout && !timeout->task)
 			ret = -ETIMEDOUT;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/