Re: [PATCH] nfs_unlink() race (was: nfs_refresh_inode: inode number mismatch)

Date: Tue Jun 10 2003 - 20:47:17 EST

On Tue, Jun 10, 2003 at 06:28:24PM -0700, Frank Cusack wrote:
> On Wed, Jun 11, 2003 at 01:54:25AM +0100, wrote:
> > On Mon, Jun 09, 2003 at 06:51:41AM -0700, Frank Cusack wrote:
> >
> > > When foo is unlinked, nfs_unlink() does a sillyrename, this puts the
> > > dentry on nfs_delete_queue, and (in the VFS) unhashes it from the dcache.
> > > This causes a problem, because dentry->d_parent->d_inode is now guaranteed
> > > to remain stale. (OK, I'm not really sure about this last part.)
> >
> > ????
> >
> > What does hashed state have to ->d_parent?
> Because now d_parent can be d_deleted (no children) and then go away.

Why? It still has our dentry refering to it and contributing into its

> Then won't dentry->d_parent be wrong? What happens if d_parent becomes
> a negative d_entry v. disappearing entirely.

->d_parent will not become negative.

> It is if d_count goes to 0 on one of them and the inode is then unlinked.
> But the other dentry remains and again tries to unlink when its d_count
> goes to 0. Over NFS the fh includes the generation and so you can't
> accidentally delete what only looks like the same file, but what happens
> in the local fs?

Please, take a look at the way normal links work.
> Also, the real problem is that something goes wrong with d_parent and

Now, _that_ is interesting. What are you actually seeing there?
Note that unhashing doesn't change _any_ ->d_count - hash chains
are not counted in it and ->d_parent is not changed.

> NFS tries to refresh an inode that it should really know doesn't exist
> anymore. That's why my #2 patch only executes during a rmdir.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Sun Jun 15 2003 - 22:00:26 EST