We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ 6008.461516] ------------[ cut here ]------------ [ 6008.464680] UBSAN: signed-integer-overflow in ../fs/libfs.c:149:11 [ 6008.468664] 9223372036854775807 + 16387 cannot be represented in type 'loff_t' (aka 'long long') [ 6008.474167] CPU: 1 PID: 1214 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00041-gec7cb1052e44-dirty #15 [ 6008.479662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 6008.485276] Call Trace: [ 6008.486819] <TASK> [ 6008.488258] dump_stack_lvl+0x93/0xd0 [ 6008.490535] handle_overflow+0x171/0x1b0 [ 6008.492957] dcache_dir_lseek+0x3bf/0x3d0 [ 6008.495455] ? mutex_lock+0x4b/0x90 [ 6008.497626] __x64_sys_lseek+0x150/0x1b0 [ 6008.500035] do_syscall_64+0xd7/0x1b0 [ 6008.502294] ? arch_exit_to_user_mode_prepare+0x11/0x60 [ 6008.505479] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 6008.508531] RIP: 0033:0x7feadbaf6539 [ 6008.510736] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 8 [ 6008.521796] RSP: 002b:00007ffcf6fbe278 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 6008.526359] RAX: ffffffffffffffda RBX: 00007feadbc2af80 RCX: 00007feadbaf6539 [ 6008.530637] RDX: 0000000000000001 RSI: 7fffffffffffffff RDI: 0000000000000003 [ 6008.534919] RBP: 00007feadbb55496 R08: 0000000000000000 R09: 0000000000000000 [ 6008.539216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 6008.543455] R13: 00000000000009e7 R14: 00007feadbc2af80 R15: 00007feadbc2af80 [ 6008.547714] </TASK> [ 6008.549334] ---[ end trace ]---
The text was updated successfully, but these errors were encountered:
[PATCH] libfs: fix accidental overflow in offset calculation
Sorry, something went wrong.
libfs: fix accidental overflow in offset calculation
4eb95f4
Running syzkaller with the newly reintroduced signed integer overflow sanitizer gives this report: [ 6008.464680] UBSAN: signed-integer-overflow in ../fs/libfs.c:149:11 [ 6008.468664] 9223372036854775807 + 16387 cannot be represented in type 'loff_t' (aka 'long long') [ 6008.474167] CPU: 1 PID: 1214 Comm: syz-executor.0 Not tainted 6.8.0-rc2-00041-gec7cb1052e44-dirty torvalds#15 [ 6008.479662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 6008.485276] Call Trace: [ 6008.486819] <TASK> [ 6008.488258] dump_stack_lvl+0x93/0xd0 [ 6008.490535] handle_overflow+0x171/0x1b0 [ 6008.492957] dcache_dir_lseek+0x3bf/0x3d0 ... Use the check_add_overflow() helper to gracefully check for unintentional overflow causing wraparound in our offset calculations. Link: llvm/llvm-project#82432 [1] Closes: KSPP#359 Cc: [email protected] Signed-off-by: Justin Stitt <[email protected]>
JustinStitt
No branches or pull requests
The text was updated successfully, but these errors were encountered: