Just before removing truncate_complete_page's BUG_ON(page_mapped(page)),
thought I'd recheck on a few filesystems. The shame! Easily triggered
with tmpfs: not because of recent changes, but because shmem_nopage
omitted the i_size_read from Andrea's careful truncate_count/i_size_read
/cachelookup/truncate_count sequence. For varying reasons, other users
of shmem_getpage can't go beyond i_size, so just add it to shmem_nopage.
Signed-off-by: Hugh Dickins <[EMAIL PROTECTED]>
--- 2.6.11-rc3/mm/shmem.c 2005-02-03 09:06:16.000000000 +0000
+++ linux/mm/shmem.c 2005-02-05 16:52:57.000000000 +0000
@@ -1162,6 +1162,8 @@ struct page *shmem_nopage(struct vm_area
idx = (address - vma->vm_start) >> PAGE_SHIFT;
idx += vma->vm_pgoff;
idx >>= PAGE_CACHE_SHIFT - PAGE_SHIFT;
+ if (((loff_t) idx << PAGE_CACHE_SHIFT) >= i_size_read(inode))
+ return NOPAGE_SIGBUS;
error = shmem_getpage(inode, idx, &page, SGP_CACHE, type);
if (error)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
