On Mon, May 16, 2016 at 4:59 AM Vlastimil Babka <vbabka@suse.cz> wrote:

On 05/08/2016 03:16 PM, Anthony Romano wrote:
> When fallocate is interrupted it will undo a range that extends one byte
> past its range of allocated pages. This can corrupt an in-use page by
> zeroing out its first byte. Instead, undo using the inclusive byte range.
> Signed-off-by: Anthony Romano <anthony.romano@coreos.com>

Looks like a stable candidate patch. Can you point out the commit that
introduced the bug, for the Fixes: tag?

Bumping this thread as I don't think this patch has gotten picked up. And cc'ing folks from 1635f6a74152f1dcd1b888231609d64875f0a81a.

Thank you,

Brandon

> ---
> mm/shmem.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/mm/shmem.c b/mm/shmem.c
> index 719bd6b..f0f9405 100644
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
> @@ -2238,7 +2238,7 @@ static long shmem_fallocate(struct file *file, int mode, loff_t offset,
> /* Remove the !PageUptodate pages we added */
> shmem_undo_range(inode,
> (loff_t)start << PAGE_SHIFT,
> - (loff_t)index << PAGE_SHIFT, true);
> + ((loff_t)index << PAGE_SHIFT) - 1, true);
> goto undone;
> }
>
>