Q: bugs in generic_forget_inode()?
From: Kirill Korotaev
Date: Mon Sep 06 2004 - 06:57:38 EST
Hello,
1. I found that generic_forget_inode() calls write_inode_now() dropping
inode_lock and destroys inode after that. The problem is that
write_inode_now() can sleep and during this sleep someone can find inode
in the hash, w/o I_FREEING state and with i_count = 0.
If such inode will be iget'ed, then it will be iput'ed once more later
messing with the current iput(). So the inode can be cleared and
destroyed twice.
2. Why there is no wake_up_inode() in generic_forget_inode() like in
generic_delete_inode()? Looks like it is missing...
is it bugs in generic_forget_inode()?
Kirill
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/