From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Woodhouse Subject: Re: [PATCH] VFS bugfix: two read_inode() calles without clear_inode() call between Date: Wed, 04 May 2005 22:35:07 +0100 Message-ID: <1115242507.12012.394.camel@baythorne.infradead.org> References: <1114607741.12617.4.camel@sauron.oktetlabs.ru> <1114618748.12617.23.camel@sauron.oktetlabs.ru> <1114673528.3483.2.camel@sauron.oktetlabs.ru> <20050428003450.51687b65.akpm@osdl.org> <1115209055.8559.12.camel@sauron.oktetlabs.ru> <20050504130450.7c90a422.akpm@osdl.org> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Cc: dedekind@infradead.org, miklos@szeredi.hu, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Return-path: Received: from baythorne.infradead.org ([81.187.226.107]:43691 "EHLO baythorne.infradead.org") by vger.kernel.org with ESMTP id S261666AbVEDVfK (ORCPT ); Wed, 4 May 2005 17:35:10 -0400 To: Andrew Morton In-Reply-To: <20050504130450.7c90a422.akpm@osdl.org> Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Wed, 2005-05-04 at 13:04 -0700, Andrew Morton wrote: > This sounds more like a bug in the iget() caller to me. > > Question is: if the inode has zero refcount and is unhashed then how > did the caller get its sticky paws onto the inode* in the first place? > > If the caller had saved a copy of the inode* in local storage then the > caller should have taken a ref against the inode. > > If the caller had just looked up the inode via hastable lookup via > iget_whatever() then again the caller will have a ref on the inode. > > So. Please tell us more about how the caller got into this situation. I could explain in detail how JFFS2 garbage collection works, moving log entries out of the way by calling iget() on the inode to which they belong.... or I could just say "NFS". -- dwmw2