From: Andreas Gruenbacher <agruen@suse.de>

Could it be that security/selinux/hooks.c:inode_doinit_with_dentry has a
race?  It does a d_find_alias(inode) and assumes that the d_inode field of
the result is valid.  I did not try to reproduce the Oops so far, but this
would be my first guess:



---

 security/selinux/hooks.c |    1 +
 1 files changed, 1 insertion(+)

diff -puN security/selinux/hooks.c~selinux-inode-race-trap security/selinux/hooks.c
--- 25/security/selinux/hooks.c~selinux-inode-race-trap	2004-02-19 20:22:43.000000000 -0800
+++ 25-akpm/security/selinux/hooks.c	2004-02-19 20:22:43.000000000 -0800
@@ -751,6 +751,7 @@ static int inode_doinit_with_dentry(stru
 			       inode->i_ino);
 			goto out;
 		}
+               BUG_ON(inode != dentry->d_inode);
 
 		len = INITCONTEXTLEN;
 		context = kmalloc(len, GFP_KERNEL);

_