On 12/4/24 13:41, Miklos Szeredi wrote: > On Wed, 4 Dec 2024 at 10:56, David Howells <dhowells@xxxxxxxxxx> wrote: >> >> Interesting... The test program also causes fuse to oops (see attached) over >> without even getting to netfslib. The BUG is in iov_iter_revert(): >> >> if (iov_iter_is_xarray(i) || iter_is_ubuf(i)) { >> BUG(); /* We should never go beyond the start of the specified >> * range since we might then be straying into pages that >> * aren't pinned. >> */ > > Can you please test this? > > --- a/fs/fuse/file.c > +++ b/fs/fuse/file.c > @@ -1541,8 +1541,10 @@ static int fuse_get_user_pages(struct > fuse_args_pages *ap, struct iov_iter *ii, > */ > struct page **pages = kzalloc(max_pages * sizeof(struct page *), > GFP_KERNEL); > - if (!pages) > + if (!pages) { > + *nbytesp = 0; > return -ENOMEM; > + } > > while (nbytes < *nbytesp && nr_pages < max_pages) { > unsigned nfolios, i; > > (Also attaching patch without whitespace damage.) I had already posted a patch on Monday. https://lore.kernel.org/r/20241203-fix-fuse_get_user_pages-v2-1-acce8a29d06b@xxxxxxx @David, is that the same sysbot report or another one? Thanks, Bernd