On 27/06/2017 15:50, Al Viro wrote: >> Queued, thanks. > It's broken. Look: once we are past the anon_inode_getfile(), the > reference we held on kvm is transferred into new struct file. After > that point we don't drop kvm - we drop file. And as long as that > file is held, it will keep holding what used to be our reference to > kvm. Once all references to file are gone, its ->release() will be > called and that's where kvm reference in it will be dropped. > > IOW, this patch introduces a double-put. Yup, I've noticed your other reply (hopefully would have noticed during regression testing). Thanks Al. Paolo
