From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-fsdevel-owner@vger.kernel.org>
Received: from zeniv.linux.org.uk ([195.92.253.2]:47684 "EHLO
        ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S933090AbeGFRfm (ORCPT
        <rfc822;linux-fsdevel@vger.kernel.org>);
        Fri, 6 Jul 2018 13:35:42 -0400
Date: Fri, 6 Jul 2018 18:35:40 +0100
From: Al Viro <viro@ZenIV.linux.org.uk>
To: Miklos Szeredi <mszeredi@redhat.com>
Cc: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH (v4.18 regression fix)] vfs: don't evict uninitialized
 inode
Message-ID: <20180706173540.GD30522@ZenIV.linux.org.uk>
References: <20180706153548.23287-1-mszeredi@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180706153548.23287-1-mszeredi@redhat.com>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On Fri, Jul 06, 2018 at 05:35:48PM +0200, Miklos Szeredi wrote:
> iput() ends up calling ->evict() on new inode, which is not yet initialized
> by owning fs.  So use destroy_inode() instead.
> 
> Add to sb->s_inodes list only after the inode has been inserted into the
> hash.  The exact point at which the inode is added onto the sb list
> shouldn't matter as long as it is done while the inode is in the I_NEW
> state.
> 
> Reported-by: Al Viro <viro@zeniv.linux.org.uk>
> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
> Fixes: 80ea09a002bf ("vfs: factor out inode_insert5()")

Check 22dc9a168272 (new primitive: discard_new_inode()) in vfs.git; IMO yours
should go on top of that and I would seriously consider going for just
alloc_inode() - to hell with new_inode_pseudo().  I_CREATING gives an easy
way for insert_inode5() to decide whether we need to move into ->i_sb_list...