On Fri, Oct 12, 2018 at 01:02:48PM +0100, fdman...@kernel.org wrote:
> From: Filipe Manana
>
> At inode.c:evict_inode_truncate_pages(), when we iterate over the inode's
> extent states, we access an extent state record's "state" field after we
> unlocked the inode's io tree lock. This can lead to
On 2018/10/12 下午8:02, fdman...@kernel.org wrote:
> From: Filipe Manana
>
> At inode.c:evict_inode_truncate_pages(), when we iterate over the inode's
> extent states, we access an extent state record's "state" field after we
> unlocked the inode's io tree lock. This can lead to a use-after-free
From: Filipe Manana
At inode.c:evict_inode_truncate_pages(), when we iterate over the inode's
extent states, we access an extent state record's "state" field after we
unlocked the inode's io tree lock. This can lead to a use-after-free issue
because after we unlock the io tree that extent state r
