Not sure that I'm not missing something obvious. When invalidate_mapping_pages fails to lock the page, we continue to the next iteration, skipping the next > end check. This can lead to a case where we invalidate a page that is beyond the requested boundaries. Currently there are two callers that might be affected, one is btrfs and the second one is the fadvice syscall. Does that look right, or am I just missing something? ------ [PATCH 1/1] mm: invalidate_mapping_pages checks boundaries when lock fails When we failed to lock the page, we continued to the next iteration, skipping the next > end check. This might cause throwing away a page that is beyond the requested boundaries. Signed-off-by: Yehuda Sadeh <yehuda@xxxxxxxxxxxxxxx> --- mm/truncate.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/mm/truncate.c b/mm/truncate.c index 450cebd..abb67d4 100644 --- a/mm/truncate.c +++ b/mm/truncate.c @@ -345,11 +345,12 @@ unsigned long invalidate_mapping_pages(struct address_space *mapping, next = index; next++; if (lock_failed) - continue; + goto unlocked; ret += invalidate_inode_page(page); unlock_page(page); +unlocked: if (next > end) break; } -- 1.5.6.5 -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>