In a DFS cluster setup, do the following:

1. Create a new content object state group with two states e.g. "online" and "offline";
2. Edit the "anonymous" role:

content|read|Section( Standard ) , StateGroup_online_status( Online )

3. Create an article with an "offline" status;
4. Try to access the article in the frontend as an anonymous user (by calling the article directly in the URL, for example);
5. An "Access denied" will be displayed, as expected;
6. When the user has read permission to the currently viewed node, an array with ['content', 'scope', 'store', 'binarydata'] is returned, but when there is no read permission, self::contentViewGenerateError is called, and returns an array with only ['content', 'store', 'binarydata']. The scope => 'viewcache' is missing in this array, which causes a wrong INSERT query in the "ezdfsfile" table with no scope and wrong name_trunk set. You will get something like this:

name:		var/ezflow_site/cache/content/eng/72-60e95d5cf1c771b573d12a47e1c55267.cache
name_trunk:	var/ezflow_site/cache/content/eng/72-60e95d5cf1c771b573d12a47e1c55267.cache
name_hash:	4fa70f4da0b63067abd8c7977be853bc
datatype:	misc
scope:		UNKNOWN_SCOPE
size:		5579
mtime:		1381452696
expired:	0
status:		0

...instead of something like this:

name:		var/ezflow_site/cache/content/eng/73-10eab1595f6cb9bb3d0d38f55542dc71.cache
name_trunk:	var/ezflow_site/cache/content/eng/73-
name_hash:	d438fc2f8912baa161762b9c0f1a2ac5
datatype:	misc
scope:		viewcache
size:		1893
mtime:		1381452827
expired:	0
status:		0

7. Switch the article state to "online" and clear the contentcache: access is still denied for anonymous users. This is because both "name_trunk" and "scope" fields are different from what is expected, and therefore no match is found. The end result is that contentcache is still presented as not expired, until all caches are cleared.