git.baikalelectronics.ru Git - kernel.git/commit

author	Michael Ellerman <mpe@ellerman.id.au>
	Tue, 11 Jul 2017 12:10:54 +0000 (22:10 +1000)
committer	Michael Ellerman <mpe@ellerman.id.au>
	Wed, 12 Jul 2017 11:49:55 +0000 (21:49 +1000)
commit	779cec7f6f22df396eb6a65f83521b850a71b3be
tree	02ef53f39e886855fbc54e0a482bbcd46378106b	tree \| snapshot
parent	1d2a90a03ae8f6c23d96c54f4ac1e371ac9b474a	commit \| diff

powerpc/64: Fix atomic64_inc_not_zero() to return an int

Although it's not documented anywhere, there is an expectation that
atomic64_inc_not_zero() returns a result which fits in an int. This is
the behaviour implemented on all arches except powerpc.

This has caused at least one bug in practice, in the percpu-refcount
code, where the long result from our atomic64_inc_not_zero() was
truncated to an int leading to lost references and stuck systems. That
was worked around in that code in commit 8fc39be920a9 ("percpu-refcount:
fix reference leak during percpu-atomic transition").

To the best of my grepping abilities there are no other callers
in-tree which truncate the value, but we should fix it anyway. Because
the breakage is subtle and potentially very harmful I'm also tagging
it for stable.

Code generation is largely unaffected because in most cases the
callers are just using the result for a test anyway. In particular the
case of fget() that was mentioned in commit 49f21b1f0585
("powerpc/atomic: Implement atomic*_inc_not_zero") generates exactly
the same code.

Fixes: 49f21b1f0585 ("powerpc/atomic: Implement atomic*_inc_not_zero")
Cc: stable@vger.kernel.org # v3.4
Noticed-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>