On Mon, Jun 07, 2010 at 02:17:23PM -0700, Linus Torvalds wrote:
jffs2_clear_inode(inode);
into
make_bad_inode(inode); iput(inode);
and that changelog doesn't really explain it either ("fix leak"? Ok, I can see the iput() fixing the leak - but you also did that jffs2_clear_inode() change, and that has no explanation what-so-ever.
The final iput() calls ->clear_inode() (jffs2_clear_inode in case of jffs2) and the inode has just been created, with no other in-core references existing. Basically, that call was the only part of (required) iput() that _was_ done there ;-)
FWIW, what's happening around ->clear_inode()/->delete_inode()/->drop_inode() is a mess. This leak got found when I'd been looking through that crap; results of sanitizing are in #evict_inode (vfs-2.6.git). I'm going to shift that into for-next tomorrow, assuming it survives local beating. For now I've just pulled jffs2-fixes in it...