From: Andreas Gruenbacher <agruen@suse.de>

Could it be that security/selinux/hooks.c:inode_doinit_with_dentry has a
race?  It does a d_find_alias(inode) and assumes that the d_inode field of
the result is valid.  I did not try to reproduce the Oops so far, but this
would be my first guess:



---

 25-akpm/security/selinux/hooks.c |    1 +
 1 files changed, 1 insertion(+)

diff -puN security/selinux/hooks.c~selinux-inode-race-trap security/selinux/hooks.c
--- 25/security/selinux/hooks.c~selinux-inode-race-trap	Thu Apr  1 15:46:26 2004
+++ 25-akpm/security/selinux/hooks.c	Thu Apr  1 15:46:26 2004
@@ -751,6 +751,7 @@ static int inode_doinit_with_dentry(stru
 			       inode->i_ino);
 			goto out;
 		}
+               BUG_ON(inode != dentry->d_inode);
 
 		len = INITCONTEXTLEN;
 		context = kmalloc(len, GFP_KERNEL);

_