From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: [PATCH] coda: kill file_count abuse Date: Fri, 20 Jul 2007 01:53:16 +0100 Message-ID: <20070720005316.GA21668@ftp.linux.org.uk> References: <20070719214508.GA4482@lst.de> <20070719221559.GI8857@delft.aura.cs.cmu.edu> <20070720004534.GA31489@sgi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Christoph Hellwig , akpm@osdl.org, linux-fsdevel@vger.kernel.org To: David Chinner Return-path: Received: from zeniv.linux.org.uk ([195.92.253.2]:49861 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758074AbXGTAxV (ORCPT ); Thu, 19 Jul 2007 20:53:21 -0400 Content-Disposition: inline In-Reply-To: <20070720004534.GA31489@sgi.com> Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Fri, Jul 20, 2007 at 10:45:34AM +1000, David Chinner wrote: > On Thu, Jul 19, 2007 at 06:16:00PM -0400, Jan Harkes wrote: > > On Thu, Jul 19, 2007 at 11:45:08PM +0200, Christoph Hellwig wrote: > > > ->release is the proper way to detect the last close of a file, > > > file_count should never be used in filesystems. > > > > Has been tried, the problem with that once ->release is called it is too > > late to pass the the error back to close(2). > > I think you'll find the problem is that fput() throws away the error > from ->release, not that it's too late.... Just where would that return value go? BTW, the reason why checks for struct file refcount blow is not far from that: task A: write() task B (sharing descriptor table with A): close() task C (with another reference to struct file in question): close() task A: return from write() Now, the final fput() here happens in write(). In particular, no call of close(2) sees refcount equal to 1.