On 2026/2/6 17:29, Dmitry Antipov wrote:
Shouldn't it be in this way instead? Note the whole thing looks
somewhat confusing - the comment says "always truncate page 0"
but the code explicitly says "in case of error, truncate page 0".
This seems fixes https://syzkaller.appspot.com/bug?extid=fc026e87558558f75c00.
Signed-off-by: Dmitry Antipov <[email protected]>
---
fs/f2fs/file.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index d7047ca6b98d..bfc9ff97e4a5 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -910,16 +910,15 @@ int f2fs_truncate(struct inode *inode)
/* we should check inline_data size */
if (!f2fs_may_inline_data(inode)) {
err = f2fs_convert_inline_inode(inode);
- if (err) {
- /*
- * Always truncate page #0 to avoid page cache
- * leak in evict() path.
- */
- truncate_inode_pages_range(inode->i_mapping,
- F2FS_BLK_TO_BYTES(0),
- F2FS_BLK_END_BYTES(0));
+ /*
+ * Always truncate page #0 to avoid page cache
+ * leak in evict() path.
+ */
+ truncate_inode_pages_range(inode->i_mapping,
+ F2FS_BLK_TO_BYTES(0),
+ F2FS_BLK_END_BYTES(0));
Seems it can fix this issue, but my question is can we explain the details
why it can cause to leave page #0 after f2fs_convert_inline_inode() w/o any
failure.
Thanks,
+ if (err)
return err;
- }
}
err = f2fs_truncate_blocks(inode, i_size_read(inode), true);
_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
