fs/direct-io.c: fix possible use-after-free with AIO
Running AIO is pinning inode in memory using file reference. Once AIO is
completed using aio_complete(), file reference is put and inode can be
freed from memory. So we have to be sure that calling aio_complete() is
the last thing we do with the inode.
Acked-by: Jeff Moyer <jmoyer@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Cc: Christoph Hellwig <hch@infradead.org> Cc: Jens Axboe <axboe@kernel.dk> Cc: Jeff Moyer <jmoyer@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
projects / karo-tx-linux.git / commit