fix crashes when mounting legacy file system with sector size > PAGE_SIZE

fix crashes when mounting legacy file system with sector size > PAGE_SIZE

[Christoph Hellwig]

Hi all,

due to an almost comical failure on my part, my work in progress test
case failed to create any file system on a 64k block size loop device,
and then tried to mount it, leading to a probe of file system built
into my kernel.  Roughly the first half of the series are file systems
that actually crashed, but I fixed up all the pattern of missing
error handling that I saw.

Diffstat:
 affs/affs.h     |    5 -----
 affs/super.c    |    6 ++++--
 befs/linuxvfs.c |    3 ++-
 bfs/inode.c     |    3 ++-
 hpfs/super.c    |    3 ++-
 isofs/inode.c   |    3 ++-
 jfs/super.c     |    3 ++-
 minix/inode.c   |    3 ++-
 ntfs3/super.c   |    8 ++++++--
 omfs/inode.c    |    6 ++++--
 qnx4/inode.c    |    3 ++-
 11 files changed, 28 insertions(+), 18 deletions(-)

[PATCH 01/10] bfs: handle set_blocksize failures

[Christoph Hellwig]

bfs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting will hit the

	BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/bfs/inode.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/bfs/inode.c b/fs/bfs/inode.c
index 19e49c8cf750..9c3e90390824 100644
--- a/fs/bfs/inode.c
+++ b/fs/bfs/inode.c
@@ -346,7 +346,8 @@ static int bfs_fill_super(struct super_block *s, struct fs_context *fc)
 	s->s_time_min = 0;
 	s->s_time_max = U32_MAX;
 
-	sb_set_blocksize(s, BFS_BSIZE);
+	if (!sb_set_blocksize(s, BFS_BSIZE))
+		goto out;
 
 	sbh = sb_bread(s, 0);
 	if (!sbh)
-- 
2.53.0

[PATCH 02/10] hpfs: handle set_blocksize failures

[Christoph Hellwig]

hpfs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/hpfs/super.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/hpfs/super.c b/fs/hpfs/super.c
index c16d5d4caead..8fbdbf080627 100644
--- a/fs/hpfs/super.c
+++ b/fs/hpfs/super.c
@@ -523,7 +523,8 @@ static int hpfs_fill_super(struct super_block *s, struct fs_context *fc)
 	hpfs_lock(s);
 
 	/*sbi->sb_mounting = 1;*/
-	sb_set_blocksize(s, 512);
+	if (!sb_set_blocksize(s, 512))
+		goto bail0;
 	sbi->sb_fs_size = -1;
 	if (!(bootblock = hpfs_map_sector(s, 0, &bh0, 0))) goto bail1;
 	if (!(superblock = hpfs_map_sector(s, 16, &bh1, 1))) goto bail2;
-- 
2.53.0

[PATCH 03/10] qnx4: handle set_blocksize failures

[Christoph Hellwig]

qnx4 uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/qnx4/inode.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/qnx4/inode.c b/fs/qnx4/inode.c
index 4deb0eeadbde..42fcd500fad2 100644
--- a/fs/qnx4/inode.c
+++ b/fs/qnx4/inode.c
@@ -202,7 +202,8 @@ static int qnx4_fill_super(struct super_block *s, struct fs_context *fc)
 		return -ENOMEM;
 	s->s_fs_info = qs;
 
-	sb_set_blocksize(s, QNX4_BLOCK_SIZE);
+	if (!sb_set_blocksize(s, QNX4_BLOCK_SIZE))
+		return -EINVAL;
 
 	s->s_op = &qnx4_sops;
 	s->s_magic = QNX4_SUPER_MAGIC;
-- 
2.53.0

[PATCH 04/10] jfs: handle set_blocksize failures

[Christoph Hellwig]

jfs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/jfs/super.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/jfs/super.c b/fs/jfs/super.c
index 61575f7397ae..8180d83d33fe 100644
--- a/fs/jfs/super.c
+++ b/fs/jfs/super.c
@@ -491,7 +491,8 @@ static int jfs_fill_super(struct super_block *sb, struct fs_context *fc)
 	/*
 	 * Initialize blocksize to 4K.
 	 */
-	sb_set_blocksize(sb, PSIZE);
+	if (!sb_set_blocksize(sb, PSIZE))
+		goto out_unload;
 
 	/*
 	 * Set method vectors.
-- 
2.53.0

[PATCH 05/10] befs: handle set_blocksize failures

[Christoph Hellwig]

befs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/befs/linuxvfs.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/befs/linuxvfs.c b/fs/befs/linuxvfs.c
index c12caae9a967..ee0cbae521b9 100644
--- a/fs/befs/linuxvfs.c
+++ b/fs/befs/linuxvfs.c
@@ -860,7 +860,8 @@ befs_fill_super(struct super_block *sb, struct fs_context *fc)
 	 */
 	sb->s_magic = BEFS_SUPER_MAGIC;
 	/* Set real blocksize of fs */
-	sb_set_blocksize(sb, (ulong) befs_sb->block_size);
+	if (!sb_set_blocksize(sb, (ulong) befs_sb->block_size))
+		goto unacquire_priv_sbp;
 	sb->s_op = &befs_sops;
 	sb->s_export_op = &befs_export_operations;
 	sb->s_time_min = 0;
-- 
2.53.0

[PATCH 06/10] affs: handle set_blocksize failures

[Christoph Hellwig]

affs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/affs/affs.h  | 5 -----
 fs/affs/super.c | 6 ++++--
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/fs/affs/affs.h b/fs/affs/affs.h
index a0caf6ace860..44a3f69d275f 100644
--- a/fs/affs/affs.h
+++ b/fs/affs/affs.h
@@ -227,11 +227,6 @@ static inline bool affs_validblock(struct super_block *sb, int block)
 	       block < AFFS_SB(sb)->s_partition_size);
 }
 
-static inline void
-affs_set_blocksize(struct super_block *sb, int size)
-{
-	sb_set_blocksize(sb, size);
-}
 static inline struct buffer_head *
 affs_bread(struct super_block *sb, int block)
 {
diff --git a/fs/affs/super.c b/fs/affs/super.c
index 079f36e1ddec..b232251aa7bb 100644
--- a/fs/affs/super.c
+++ b/fs/affs/super.c
@@ -358,7 +358,8 @@ static int affs_fill_super(struct super_block *sb, struct fs_context *fc)
 	size = bdev_nr_sectors(sb->s_bdev);
 	pr_debug("initial blocksize=%d, #blocks=%d\n", 512, size);
 
-	affs_set_blocksize(sb, PAGE_SIZE);
+	if (!sb_set_blocksize(sb, PAGE_SIZE))
+		return -EINVAL;
 	/* Try to find root block. Its location depends on the block size. */
 
 	i = bdev_logical_block_size(sb->s_bdev);
@@ -374,7 +375,8 @@ static int affs_fill_super(struct super_block *sb, struct fs_context *fc)
 		if (ctx->root_block < 0)
 			sbi->s_root_block = (ctx->reserved + size - 1) / 2;
 		pr_debug("setting blocksize to %d\n", blocksize);
-		affs_set_blocksize(sb, blocksize);
+		if (!sb_set_blocksize(sb, blocksize))
+			return -EINVAL;
 		sbi->s_partition_size = size;
 
 		/* The root block location that was calculated above is not
-- 
2.53.0

[PATCH 07/10] isofs: handle set_blocksize failures

[Christoph Hellwig]

isofs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/isofs/inode.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/isofs/inode.c b/fs/isofs/inode.c
index efee53717f1c..337836a0a170 100644
--- a/fs/isofs/inode.c
+++ b/fs/isofs/inode.c
@@ -818,7 +818,8 @@ static int isofs_fill_super(struct super_block *s, struct fs_context *fc)
 	 * entries.  By forcing the blocksize in this way, we ensure
 	 * that we will never be required to do this.
 	 */
-	sb_set_blocksize(s, orig_zonesize);
+	if (!sb_set_blocksize(s, orig_zonesize))
+		goto out_freesbi;
 
 	sbi->s_nls_iocharset = NULL;
 
-- 
2.53.0

[PATCH 08/10] minix: handle set_blocksize failures

[Christoph Hellwig]

minix uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/minix/inode.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/minix/inode.c b/fs/minix/inode.c
index 9c6bac248907..03a69b13950d 100644
--- a/fs/minix/inode.c
+++ b/fs/minix/inode.c
@@ -292,7 +292,8 @@ static int minix_fill_super(struct super_block *s, struct fs_context *fc)
 		sbi->s_namelen = 60;
 		sbi->s_version = MINIX_V3;
 		sbi->s_mount_state = MINIX_VALID_FS;
-		sb_set_blocksize(s, m3s->s_blocksize);
+		if (!sb_set_blocksize(s, m3s->s_blocksize))
+			goto out;
 		s->s_max_links = MINIX2_LINK_MAX;
 	} else
 		goto out_no_fs;
-- 
2.53.0

[PATCH 09/10] ntfs3: handle set_blocksize failures

[Christoph Hellwig]

ntfs3 uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/ntfs3/super.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c
index 004f59937559..3305fe406cb2 100644
--- a/fs/ntfs3/super.c
+++ b/fs/ntfs3/super.c
@@ -1174,7 +1174,10 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size,
 	rec->total = cpu_to_le32(sbi->record_size);
 	((struct ATTRIB *)Add2Ptr(rec, ao))->type = ATTR_END;
 
-	sb_set_blocksize(sb, min_t(u32, sbi->cluster_size, PAGE_SIZE));
+	if (!sb_set_blocksize(sb, min_t(u32, sbi->cluster_size, PAGE_SIZE))) {
+		err = -EINVAL;
+		goto out;
+	}
 
 	sbi->block_mask = sb->s_blocksize - 1;
 	sbi->blocks_per_cluster = sbi->cluster_size >> sb->s_blocksize_bits;
@@ -1225,7 +1228,8 @@ static int ntfs_init_from_boot(struct super_block *sb, u32 sector_size,
 			/*
 			 * Try alternative boot (last sector)
 			 */
-			sb_set_blocksize(sb, block_size);
+			if (!sb_set_blocksize(sb, block_size))
+				return -EINVAL;
 			hint = "Alternative boot";
 			dev_size = dev_size0; /* restore original size. */
 			goto read_boot;
-- 
2.53.0

[PATCH 10/10] omfs: handle set_blocksize failures

[Christoph Hellwig]

omfs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
Without this, mounting we will hit the

        BUG_ON(offset >= folio_size(folio));

in folio_set_bh on the first __bread_gfp call.

Signed-off-by: Christoph Hellwig <hch@lst.de>

Signed-off-by: Christoph Hellwig <hch@lst.de>
---
 fs/omfs/inode.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/omfs/inode.c b/fs/omfs/inode.c
index 834cae1e6223..1d915ef72119 100644
--- a/fs/omfs/inode.c
+++ b/fs/omfs/inode.c
@@ -478,7 +478,8 @@ static int omfs_fill_super(struct super_block *sb, struct fs_context *fc)
 	sb->s_time_min = 0;
 	sb->s_time_max = U64_MAX / MSEC_PER_SEC;
 
-	sb_set_blocksize(sb, 0x200);
+	if (!sb_set_blocksize(sb, 0x200))
+		goto end;
 
 	bh = sb_bread(sb, 0);
 	if (!bh)
@@ -530,7 +531,8 @@ static int omfs_fill_super(struct super_block *sb, struct fs_context *fc)
 	 * Use sys_blocksize as the fs block since it is smaller than a
 	 * page while the fs blocksize can be larger.
 	 */
-	sb_set_blocksize(sb, sbi->s_sys_blocksize);
+	if (!sb_set_blocksize(sb, sbi->s_sys_blocksize))
+		goto out_brelse_bh;
 
 	/*
 	 * ...and the difference goes into a shift.  sys_blocksize is always
-- 
2.53.0

Re: [PATCH 03/10] qnx4: handle set_blocksize failures

[Anders Larsen]

Hi,

On 2026-05-11 09:16 Christoph Hellwig wrote:
> qnx4 uses buffer_heads, which don't handle block size > PAGE_SIZE well.

qnx4fs uses a fixed block size of 512 bytes, so this will never happen.

> -	sb_set_blocksize(s, QNX4_BLOCK_SIZE);
> +	if (!sb_set_blocksize(s, QNX4_BLOCK_SIZE))
> +		return -EINVAL;

QNX4_BLOCK_SIZE is a constant (512)...

Cheers
Anders

Re: [PATCH 03/10] qnx4: handle set_blocksize failures

[Christoph Hellwig]

On Mon, May 11, 2026 at 09:42:49AM +0200, Anders Larsen wrote:
> Hi,
> 
> On 2026-05-11 09:16 Christoph Hellwig wrote:
> > qnx4 uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> 
> qnx4fs uses a fixed block size of 512 bytes, so this will never happen.
> 
> > -	sb_set_blocksize(s, QNX4_BLOCK_SIZE);
> > +	if (!sb_set_blocksize(s, QNX4_BLOCK_SIZE))
> > +		return -EINVAL;
> 
> QNX4_BLOCK_SIZE is a constant (512)...

Yes, which means that sb_set_blocksize fails when the device has an LBA
size larger than 512 bytes, and this failure should be handled.

Re: [PATCH 03/10] qnx4: handle set_blocksize failures

[Anders Larsen]

On 2026-05-11 09:45 Christoph Hellwig wrote:
> On Mon, May 11, 2026 at 09:42:49AM +0200, Anders Larsen wrote:
> > On 2026-05-11 09:16 Christoph Hellwig wrote:
> > > qnx4 uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> > 
> > qnx4fs uses a fixed block size of 512 bytes, so this will never happen.
> > 
> > > -	sb_set_blocksize(s, QNX4_BLOCK_SIZE);
> > > +	if (!sb_set_blocksize(s, QNX4_BLOCK_SIZE))
> > > +		return -EINVAL;
> > 
> > QNX4_BLOCK_SIZE is a constant (512)...
> 
> Yes, which means that sb_set_blocksize fails when the device has an LBA
> size larger than 512 bytes, and this failure should be handled.

OK, so I misunderstood the issue. In that case:

Acked-by: Anders Larsen <al@alarsen.net>

Re: [PATCH 10/10] omfs: handle set_blocksize failures

[Christian Brauner]

On Mon, May 11, 2026 at 09:16:55AM +0200, Christoph Hellwig wrote:
> omfs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> Without this, mounting we will hit the
> 
>         BUG_ON(offset >= folio_size(folio));
> 
> in folio_set_bh on the first __bread_gfp call.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>

I'll drop the double-sign-off.

> ---
>  fs/omfs/inode.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/omfs/inode.c b/fs/omfs/inode.c
> index 834cae1e6223..1d915ef72119 100644
> --- a/fs/omfs/inode.c
> +++ b/fs/omfs/inode.c
> @@ -478,7 +478,8 @@ static int omfs_fill_super(struct super_block *sb, struct fs_context *fc)
>  	sb->s_time_min = 0;
>  	sb->s_time_max = U64_MAX / MSEC_PER_SEC;
>  
> -	sb_set_blocksize(sb, 0x200);
> +	if (!sb_set_blocksize(sb, 0x200))
> +		goto end;
>  
>  	bh = sb_bread(sb, 0);
>  	if (!bh)
> @@ -530,7 +531,8 @@ static int omfs_fill_super(struct super_block *sb, struct fs_context *fc)
>  	 * Use sys_blocksize as the fs block since it is smaller than a
>  	 * page while the fs blocksize can be larger.
>  	 */
> -	sb_set_blocksize(sb, sbi->s_sys_blocksize);
> +	if (!sb_set_blocksize(sb, sbi->s_sys_blocksize))
> +		goto out_brelse_bh;
>  
>  	/*
>  	 * ...and the difference goes into a shift.  sys_blocksize is always
> -- 
> 2.53.0
> 

Re: fix crashes when mounting legacy file system with sector size > PAGE_SIZE

[Christian Brauner]

On Mon, 11 May 2026 09:16:45 +0200, Christoph Hellwig wrote:
> due to an almost comical failure on my part, my work in progress test
> case failed to create any file system on a 64k block size loop device,
> and then tried to mount it, leading to a probe of file system built
> into my kernel.  Roughly the first half of the series are file systems
> that actually crashed, but I fixed up all the pattern of missing
> error handling that I saw.
> 
> [...]

Applied to the vfs-7.2.misc branch of the vfs/vfs.git tree.
Patches in the vfs-7.2.misc branch should appear in linux-next soon.

Please report any outstanding bugs that were missed during review in a
new review to the original patch series allowing us to drop it.

It's encouraged to provide Acked-bys and Reviewed-bys even though the
patch has now been applied. If possible patch trailers will be updated.

Note that commit hashes shown below are subject to change due to rebase,
trailer updates or similar. If in doubt, please check the listed branch.

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git
branch: vfs-7.2.misc

[01/10] bfs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/bab288bb548d
[02/10] hpfs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/765969ab437b
[03/10] qnx4: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/58afc2e824c3
[04/10] jfs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/aa9d3b31b70b
[05/10] befs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/d42cc4dfa0aa
[06/10] affs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/47239d1711ff
[07/10] isofs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/03f5399f6bcb
[08/10] minix: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/d893fc670546
[09/10] ntfs3: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/d5c1a645a715
[10/10] omfs: handle set_blocksize failures
        https://git.kernel.org/vfs/vfs/c/efc0b642ba34

Re: [PATCH 08/10] minix: handle set_blocksize failures

[Jan Kara]

On Mon 11-05-26 09:16:53, Christoph Hellwig wrote:
> minix uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> Without this, mounting we will hit the
> 
>         BUG_ON(offset >= folio_size(folio));
> 
> in folio_set_bh on the first __bread_gfp call.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> ---
>  fs/minix/inode.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/minix/inode.c b/fs/minix/inode.c
> index 9c6bac248907..03a69b13950d 100644
> --- a/fs/minix/inode.c
> +++ b/fs/minix/inode.c
> @@ -292,7 +292,8 @@ static int minix_fill_super(struct super_block *s, struct fs_context *fc)
>  		sbi->s_namelen = 60;
>  		sbi->s_version = MINIX_V3;
>  		sbi->s_mount_state = MINIX_VALID_FS;
> -		sb_set_blocksize(s, m3s->s_blocksize);
> +		if (!sb_set_blocksize(s, m3s->s_blocksize))
> +			goto out;

This should go to out_release AFAICT. Otherwise we leak the bh.

								Honza

>  		s->s_max_links = MINIX2_LINK_MAX;
>  	} else
>  		goto out_no_fs;
> -- 
> 2.53.0
> 
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

Re: [PATCH 07/10] isofs: handle set_blocksize failures

[Jan Kara]

On Mon 11-05-26 09:16:52, Christoph Hellwig wrote:
> isofs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> Without this, mounting we will hit the
> 
>         BUG_ON(offset >= folio_size(folio));
> 
> in folio_set_bh on the first __bread_gfp call.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>

Looks good. Feel free to add:

Reviewed-by: Jan Kara <jack@suse.cz>

								Honza

> ---
>  fs/isofs/inode.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/isofs/inode.c b/fs/isofs/inode.c
> index efee53717f1c..337836a0a170 100644
> --- a/fs/isofs/inode.c
> +++ b/fs/isofs/inode.c
> @@ -818,7 +818,8 @@ static int isofs_fill_super(struct super_block *s, struct fs_context *fc)
>  	 * entries.  By forcing the blocksize in this way, we ensure
>  	 * that we will never be required to do this.
>  	 */
> -	sb_set_blocksize(s, orig_zonesize);
> +	if (!sb_set_blocksize(s, orig_zonesize))
> +		goto out_freesbi;
>  
>  	sbi->s_nls_iocharset = NULL;
>  
> -- 
> 2.53.0
> 
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

Re: [PATCH 01/10] bfs: handle set_blocksize failures

[Jan Kara]

On Mon 11-05-26 09:16:46, Christoph Hellwig wrote:
> bfs uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> Without this, mounting will hit the
> 
> 	BUG_ON(offset >= folio_size(folio));
> 
> in folio_set_bh on the first __bread_gfp call.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>

Looks good. Feel free to add:

Reviewed-by: Jan Kara <jack@suse.cz>

								Honza

> ---
>  fs/bfs/inode.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/bfs/inode.c b/fs/bfs/inode.c
> index 19e49c8cf750..9c3e90390824 100644
> --- a/fs/bfs/inode.c
> +++ b/fs/bfs/inode.c
> @@ -346,7 +346,8 @@ static int bfs_fill_super(struct super_block *s, struct fs_context *fc)
>  	s->s_time_min = 0;
>  	s->s_time_max = U32_MAX;
>  
> -	sb_set_blocksize(s, BFS_BSIZE);
> +	if (!sb_set_blocksize(s, BFS_BSIZE))
> +		goto out;
>  
>  	sbh = sb_bread(s, 0);
>  	if (!sbh)
> -- 
> 2.53.0
> 
-- 
Jan Kara <jack@suse.com>
SUSE Labs, CR

Re: [PATCH 08/10] minix: handle set_blocksize failures

[Christoph Hellwig]

On Mon, May 11, 2026 at 06:08:18PM +0200, Jan Kara wrote:
> On Mon 11-05-26 09:16:53, Christoph Hellwig wrote:
> > minix uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> > Without this, mounting we will hit the
> > 
> >         BUG_ON(offset >= folio_size(folio));
> > 
> > in folio_set_bh on the first __bread_gfp call.
> > 
> > Signed-off-by: Christoph Hellwig <hch@lst.de>
> > ---
> >  fs/minix/inode.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/fs/minix/inode.c b/fs/minix/inode.c
> > index 9c6bac248907..03a69b13950d 100644
> > --- a/fs/minix/inode.c
> > +++ b/fs/minix/inode.c
> > @@ -292,7 +292,8 @@ static int minix_fill_super(struct super_block *s, struct fs_context *fc)
> >  		sbi->s_namelen = 60;
> >  		sbi->s_version = MINIX_V3;
> >  		sbi->s_mount_state = MINIX_VALID_FS;
> > -		sb_set_blocksize(s, m3s->s_blocksize);
> > +		if (!sb_set_blocksize(s, m3s->s_blocksize))
> > +			goto out;
> 
> This should go to out_release AFAICT. Otherwise we leak the bh.

Yes.  Christian, do you want a resend or incremental patch?

Re: [PATCH 08/10] minix: handle set_blocksize failures

[Christian Brauner]

On Tue, May 12, 2026 at 08:08:30AM +0200, Christoph Hellwig wrote:
> On Mon, May 11, 2026 at 06:08:18PM +0200, Jan Kara wrote:
> > On Mon 11-05-26 09:16:53, Christoph Hellwig wrote:
> > > minix uses buffer_heads, which don't handle block size > PAGE_SIZE well.
> > > Without this, mounting we will hit the
> > > 
> > >         BUG_ON(offset >= folio_size(folio));
> > > 
> > > in folio_set_bh on the first __bread_gfp call.
> > > 
> > > Signed-off-by: Christoph Hellwig <hch@lst.de>
> > > ---
> > >  fs/minix/inode.c | 3 ++-
> > >  1 file changed, 2 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/fs/minix/inode.c b/fs/minix/inode.c
> > > index 9c6bac248907..03a69b13950d 100644
> > > --- a/fs/minix/inode.c
> > > +++ b/fs/minix/inode.c
> > > @@ -292,7 +292,8 @@ static int minix_fill_super(struct super_block *s, struct fs_context *fc)
> > >  		sbi->s_namelen = 60;
> > >  		sbi->s_version = MINIX_V3;
> > >  		sbi->s_mount_state = MINIX_VALID_FS;
> > > -		sb_set_blocksize(s, m3s->s_blocksize);
> > > +		if (!sb_set_blocksize(s, m3s->s_blocksize))
> > > +			goto out;
> > 
> > This should go to out_release AFAICT. Otherwise we leak the bh.
> 
> Yes.  Christian, do you want a resend or incremental patch?

Incremental patch. When we reasonably can fold something clean we should
do it instead of refiring a bunch of mails.