On Mon, Sep 18, 2023 at 01:04:56PM +0200, Hannes Reinecke wrote:
> Use accessor functions block_index_to_sector() and block_sector_to_index()
> to translate the page index into the block sector and vice versa.
You missed two in grow_dev_page() (which I just happened upon):
bh = folio_buffers(folio);
if (bh) {
if (bh->b_size == size) {
end_block = folio_init_buffers(folio, bdev,
(sector_t)index << sizebits, size);
goto done;
}
...
spin_lock(&inode->i_mapping->private_lock);
link_dev_buffers(folio, bh);
end_block = folio_init_buffers(folio, bdev,
(sector_t)index << sizebits, size);
Can UBSAN be of help here? It should catch shifting by a negative
amount. That sizebits is calculated in grow_buffers:
sizebits = PAGE_SHIFT - __ffs(size);
