On Thu, Sep 05, 2024 at 06:24:24PM +0800, Julian Sun wrote: > Attempting to unshare extents beyond EOF will trigger > the need zeroing case, which in turn triggers a warning. > Therefore, let's skip the unshare process if extents are > beyond EOF. > > Reported-and-tested-by: syzbot+296b1c84b9cbf306e5a0@xxxxxxxxxxxxxxxxxxxxxxxxx > Closes: https://syzkaller.appspot.com/bug?extid=296b1c84b9cbf306e5a0 > Fixes: 32a38a499104 ("iomap: use write_begin to read pages to unshare") > Inspired-by: Dave Chinner <david@xxxxxxxxxxxxx> > Signed-off-by: Julian Sun <sunjunchao2870@xxxxxxxxx> > --- > fs/iomap/buffered-io.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/iomap/buffered-io.c b/fs/iomap/buffered-io.c > index f420c53d86ac..8898d5ec606f 100644 > --- a/fs/iomap/buffered-io.c > +++ b/fs/iomap/buffered-io.c > @@ -1340,6 +1340,9 @@ static loff_t iomap_unshare_iter(struct iomap_iter *iter) > /* don't bother with holes or unwritten extents */ > if (srcmap->type == IOMAP_HOLE || srcmap->type == IOMAP_UNWRITTEN) > return length; > + /* don't try to unshare any extents beyond EOF. */ > + if (pos > i_size_read(iter->inode)) > + return length; > > do { > struct folio *folio; iomap isn't the place to do this. The high level fallocate code in the filesystem should be trimming unshare length to EOF long before we get anywhere near the iomap layer. -Dave. -- Dave Chinner david@xxxxxxxxxxxxx
