On Mon, Aug 11, 2025 at 09:45:52PM +0200, Mateusz Guzik wrote:
> Better printing is a TODO in part because the routine must not trip
> over arbitrarily bogus state, in this case notably that's unset
> ->i_sb.
That... is a strange state. It means having never been passed to
inode_init_always(). How do you get to it? I mean, if the argument
is not pointing to a struct inode instance, sure, but then NULL is
not the only possibility - we are talking about the valur of
arbitrary word of memory that might contain anything whatsoever.
If, OTOH, it is a genuine struct inode, it must be in a very strange
point in the lifecycle - somewhere in the middle of alloc_inode(),
definitely before its address gets returned to the caller...
> See mm/debug.c:dump_vmg for an example.
Not quite relevant here...
> void dump_inode(struct inode *inode, const char *reason)
> {
> - pr_warn("%s encountered for inode %px", reason, inode);
> + struct super_block *sb = inode->i_sb; /* will be careful deref later */
> +
> + pr_warn("%s encountered for inode %px [fs %s]", reason, inode,
> sb ? sb->s_type->name : "NOT SET");
That's really misleading - this "NOT SET" is not a valid state; ->i_sb is
an assign-once member that gets set by constructor before the object is
returned and it's never modified afterwards. In particular, it is never
cleared.
There is a weird debugging in generic_shutdown_super() that goes through
the inodes of dying superblock that had survived the fs shutdown
("Busy inodes after unmount" thing) and poisons their ->i_sb, but that's
VFS_PTR_POINSON, not NULL.
We literally never store NULL there. Not even with kmem_cache_zalloc()...
