From patchwork Mon Nov 14 12:03:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddh Raman Pant X-Patchwork-Id: 19778 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp2111631wru; Mon, 14 Nov 2022 04:22:04 -0800 (PST) X-Google-Smtp-Source: AA0mqf6/tMwj+jjUemltKXBlAVhuPvVHteLJKIIAdIBcT0Hi6yf8dSYoi7754jqtyUgBOlMkzi+d X-Received: by 2002:a17:907:6090:b0:7ae:fdcd:8198 with SMTP id ht16-20020a170907609000b007aefdcd8198mr3392666ejc.475.1668428524360; Mon, 14 Nov 2022 04:22:04 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1668428524; cv=pass; d=google.com; s=arc-20160816; b=EZFKOQW9n6ny7RCBAz5vA6sOPkYvFFtQHwiXZPT0w4/ZkBSS81EZRV7eN3iGXJoyxN GKBlIbJhf0AyL3S3wZVdsOjA0j0440JwN08RqZmcJcyfr41eOeTSmh+qBhYC3r6nfIdW HUAKg9Ae3IVPEIQmojVhwTt+67C2089dYKISyJi/FhVpEGcQOcdQ1AuG4zZAmYQmR+qS YfzbWYV+L+m+Erq4/KwHHBVVFJH1uHbToel0ouZ4dTVJSYsiaksI5ZhSr2LHPDLEo8Pm uQrTt0hRLBQol/Y0Dcr+Ud7T2FuL2ZK4cRYgDOV0OHQ84WZFYUoMP+Cud1IJkOCUshgJ aYFQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version:date :subject:message-id:cc:to:from:dkim-signature; bh=IggqRsG6zyyiJTsuHTvPfu+aryWmvQ8Thb531wDkz4U=; b=R8GIy+VUfeuzKyEkWj+3fXxGMxM+/sh+Y+cHiH4EJDhCEH1GHt/wUfAJ4Nnet8GWqe 2wojX4cYgTC4k3zhooSh8M0r1K/hpCSMt/jMvpuB6UpQPbVr8ou3rhIVuGwRabaiptHV Fehk0+m1Do6CCFvSeefiWv0ZUS2yhib9Qos2tMD6oVgIxNwdroJhF6SMkJCRskIwL5m+ 4RQgPcddbkkxo3KW+xwfFlqSlFu0/3bekWMIA+uQI+PbTn4z25dCmRtGu86Nml/rwz1J z0yiiO0UD02q+wxyFU3LRycPPkYtcSntgFrAA6vip35otfZGZoTr+YdndxIhWmhmwnau XzVw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@siddh.me header.s=zmail header.b=JPHUw5BK; arc=pass (i=1 spf=pass spfdomain=siddh.me dkim=pass dkdomain=siddh.me dmarc=pass fromdomain=siddh.me>); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siddh.me Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id he42-20020a1709073daa00b00781132a4ca6si9307062ejc.850.2022.11.14.04.21.40; Mon, 14 Nov 2022 04:22:04 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@siddh.me header.s=zmail header.b=JPHUw5BK; arc=pass (i=1 spf=pass spfdomain=siddh.me dkim=pass dkdomain=siddh.me dmarc=pass fromdomain=siddh.me>); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siddh.me Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236658AbiKNMHp (ORCPT + 99 others); Mon, 14 Nov 2022 07:07:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40138 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236732AbiKNMHi (ORCPT ); Mon, 14 Nov 2022 07:07:38 -0500 Received: from sender-of-o50.zoho.in (sender-of-o50.zoho.in [103.117.158.50]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 02642CE25; Mon, 14 Nov 2022 04:07:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668427448; cv=none; d=zohomail.in; s=zohoarc; b=ZRzORh6m8nEovh7z5LC9xoKhnIYR2azpervtA+NTZV0P0nNZh7GDcun/d8lEJ5dKKUvlJOV0juJkvf64ZDm2QmtEBe9D+wyi3xwfqoARpgojzTNxCroQklWyjC98A6YUe85aK45FM/dR8dXq22FKXTj5dHcS3jYjdw2VZRiBMDU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.in; s=zohoarc; t=1668427448; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:MIME-Version:Message-ID:Subject:To; bh=IggqRsG6zyyiJTsuHTvPfu+aryWmvQ8Thb531wDkz4U=; b=cjE7oDUZx0sspDXdnM0tglLm97e4Yn4ueJQ1AFaM0KfOke1ao0TZabJosM+BupogR2DiVjOp35fGiw2KER0k6hD6NVw0jhhis6I5V85iCqRoTtxxdhsINbnGOJonbwjfM+LrByHGppbMRXU0Mo0ao5W4jOluz0Tc4VkSwly+Wwg= ARC-Authentication-Results: i=1; mx.zohomail.in; dkim=pass header.i=siddh.me; spf=pass smtp.mailfrom=code@siddh.me; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1668427448; s=zmail; d=siddh.me; i=code@siddh.me; h=From:From:To:To:Cc:Cc:Message-ID:Subject:Subject:Date:Date:MIME-Version:Content-Transfer-Encoding:Content-Type:Message-Id:Reply-To; bh=IggqRsG6zyyiJTsuHTvPfu+aryWmvQ8Thb531wDkz4U=; b=JPHUw5BKVBPw3sHMXH8/wSDflLkTjwonv4Ieetj6JC0dExLm3SXDFwVrBen2LESy SFrX4lQQS7qrTxtZBAiYBtW36SgM8oKzXrlBQ8oQxKccp7WRutSn+49BmQIe8nvItP3 mMHWwBpP9nxtXYKZXcWeQXPzIP4dmeVYALG+VOOc= Received: from kampyooter.. (110.226.30.173 [110.226.30.173]) by mx.zoho.in with SMTPS id 1668427447485815.8405388936613; Mon, 14 Nov 2022 17:34:07 +0530 (IST) From: Siddh Raman Pant To: Gao Xiang , Chao Yu , Yue Hu , Jeffle Xu Cc: linux-erofs , linux-fsdevel , linux-kernel Message-ID: <20221114120349.472418-1-code@siddh.me> Subject: [RFC PATCH] erofs/zmap.c: Bail out when no further region remains Date: Mon, 14 Nov 2022 17:33:49 +0530 X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 X-ZohoMailClient: External X-Spam-Status: No, score=-0.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,URIBL_BLACK autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749474108277982751?= X-GMAIL-MSGID: =?utf-8?q?1749474108277982751?= The following calculation of iomap->length on line 798 in z_erofs_iomap_begin_report() can yield 0: if (iomap->offset >= inode->i_size) iomap->length = length + map.m_la - offset; This triggers a WARN_ON in iomap_iter_done() (see line 34 of fs/iomap/iter.c). Hence, return error when this scenario is encountered. ============================================================ This was reported as a crash by syzbot under an issue about warning encountered in iomap_iter_done(), but unrelated to erofs. Hence, not adding issue hash in Reported-by line. C reproducer: https://syzkaller.appspot.com/text?tag=ReproC&x=1037a6b2880000 Kernel config: https://syzkaller.appspot.com/text?tag=KernelConfig&x=e2021a61197ebe02 Dashboard link: https://syzkaller.appspot.com/bug?extid=a8e049cd3abd342936b6 Reported-by: syzbot@syzkaller.appspotmail.com Signed-off-by: Siddh Raman Pant --- fs/erofs/zmap.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/erofs/zmap.c b/fs/erofs/zmap.c index 0bb66927e3d0..bad852983eb9 100644 --- a/fs/erofs/zmap.c +++ b/fs/erofs/zmap.c @@ -796,6 +796,9 @@ static int z_erofs_iomap_begin_report(struct inode *inode, loff_t offset, */ if (iomap->offset >= inode->i_size) iomap->length = length + map.m_la - offset; + + if (iomap->length == 0) + return -EINVAL; } iomap->flags = 0; return 0;