On Thu, 26 Jan 2023 09:51:55 +0100 Jan Kara <jack@xxxxxxx> wrote: > When filesystem's ->get_block function does not map the buffer head when > called from __mpage_writepage(), the function will happily go and pass "the function" being __mpage_writepage(), not ->get_block()... > bogus bdev and block number to bio allocation routines which leads to > crashes sooner or later. Crashes are unwelcome. How is this bug triggered? Should we backport the fix? I assume this is a longstanding thing and that any Fixes: target would be ancient? If ancient, why did it take so long to discover? > E.g. UDF can do this because it doesn't want to > allocate blocks from ->writepages callbacks. It allocates blocks on > write or page fault but writeback can still spot dirty buffers without > underlying blocks allocated e.g. if blocksize < pagesize, the tail page > is dirtied (which means all its buffers are dirtied), and truncate > extends the file so that some buffer starts to be within i_size. > > ...
