On Thu 26-01-23 11:54:55, Andrew Morton wrote: > On Thu, 26 Jan 2023 09:51:55 +0100 Jan Kara <jack@xxxxxxx> wrote: > > > When filesystem's ->get_block function does not map the buffer head when > > called from __mpage_writepage(), the function will happily go and pass > > "the function" being __mpage_writepage(), not ->get_block()... Ah, right :) > > bogus bdev and block number to bio allocation routines which leads to > > crashes sooner or later. > > Crashes are unwelcome. How is this bug triggered? Should we backport > the fix? I assume this is a longstanding thing and that any Fixes: > target would be ancient? If ancient, why did it take so long to > discover? fsstress was able to trigger the problem for UDF. The problem is there likely since the time __mpage_writepage() was created (definitely pre-git). But usually filesystems using mpage_writepages() just allocate blocks in their ->get_block() method so the problem was not visible until I've changed UDF to not allocate blocks from page writeback (to fix some other bug). For that reason, I'm actually carrying this change in my tree so that I don't get swamped with 0-day and syzbot reports on that offending UDF fix. Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR
