On 8 June 2015 at 17:45, Vyacheslav Dubeyko <slava@xxxxxxxxxxx> wrote: > On Sun, 2015-06-07 at 02:42 +0200, Sergei Antonov wrote: >> Fix this bugreport by Sasha Levin: >> http://lkml.org/lkml/2015/2/20/85 ("use after free") >> Make sure mapped pages are available for the entire lifetime of hfs_bnode. >> > > Sorry, I missed the point. What do you try to fix? How this change fixes > the issue? > > I think that maybe this fix makes sense. But it needs to describe it > more deeply. Could you describe the fix with more details? You are basically saying you don’t understand it. Too bad, because the bug is very simple. It is the „use after free“ type of bug, and it can be illustrated by this: (1) void *ptr = malloc(…); (2) free(ptr); (3) memcpy(…, ptr, 1); Guess which two of these three lines are executed in wrong order. My patch is about the same type of bug, but with memory pages mapping. The driver currently accesses pages that may be unavailable, or contain different data. The problem is more likely to occur when memory is a limited resource. I reproduced it while running a memory-hungry program. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
