Re: [PATCH] bugfix: two read_inode() calls without clear_inode() call between

> Could you please explain me, why we need to wake up somebody right 
> before freeing an inode? It seems for me, if somebody really wait on 
> this inode, then they have a good chance to access already freed memory.

find_inode() needs to be woken up (__wait_on_freeing_inode) when an
inode being freed is actually taken off the hash list .  And it's
careful not to touch it after being woken up.

Miklos

> diff --git a/fs/inode.c b/fs/inode.c
> --- a/fs/inode.c
> +++ b/fs/inode.c
> @@ -282,6 +282,13 @@ static void dispose_list(struct list_hea
>   		if (inode->i_data.nrpages)
>   			truncate_inode_pages(&inode->i_data, 0);
>   		clear_inode(inode);
> +
> +		spin_lock(&inode_lock);
> +		hlist_del_init(&inode->i_hash);
> +		list_del_init(&inode->i_sb_list);
> +		spin_unlock(&inode_lock);
> +
> +		wake_up_inode(inode);
>                  ^^^^^^^^^^^^^^^^^^^^
>   		destroy_inode(inode);
>   		nr_disposed++;
>   	}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- Re: [PATCH] bugfix: two read_inode() calls without clear_inode() call between
  - From: Vasily Averin <[email protected]>

Prev by Date: Re: platform-device-driver-for-mq11xx-graphics-chip.patch added to -mm tree
Next by Date: Re: Determining if the current processor is Hyperthreaded
Previous by thread: Re: [PATCH] bugfix: two read_inode() calls without clear_inode() call between
Next by thread: Re: platform-device-driver-for-mq11xx-graphics-chip.patch added to -mm tree
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind]