On 10/28/20 11:26 AM, yangerkun wrote:
ext4_ext_search_right will read more extent block and call put_bh after we get the information we need. However ret_ex will break this and may cause use-after-free once pagecache has been freed. Fix it by dup the extent we need.
It would be good if we have a test case to reproduce it. Do you? Ideally it should go in fstests, if you have some way to forcefully reproduce it/simulate it. Let me know, if needed, I can as well help to get those into fstests. -ritesh
