Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp3580905rwb; Fri, 9 Dec 2022 17:06:26 -0800 (PST) X-Google-Smtp-Source: AA0mqf4j8WguryiMQDgvsFgTCvl7MtEHTu40BBfmoiPYaHf/bfaqgOe5F1P28imebx2dye0aZoHS X-Received: by 2002:a05:6402:1641:b0:46c:aa8b:da5c with SMTP id s1-20020a056402164100b0046caa8bda5cmr8442822edx.33.1670634386105; Fri, 09 Dec 2022 17:06:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670634386; cv=none; d=google.com; s=arc-20160816; b=d29wudyLiPjUuvTGj9CpzApWt9ws+PBn+PeRY+wL2qsVtOmoTu7FN1OnJEof61b3IH 92OiN+0Wrazj9MURuNG6LPWremp3Pjb5BNBrc9JI1VqCL+kP5nm9HQnAY3jSR87bCk/3 i5qPZvrIn67eq4TEmurHDTr6uPxAhlZFIDYuVZFSZR+UDhcpl67fztyt8uwQ2aLqes6P pkpcVm5wBsrBcWAXfaYRuhm7E5ySyIAconW39UZDuIjcrw/rQEjbFeK014hb8M4H+RGW 32dpa3PdjFrmsERoS8+77VrNmfhhU6VF7sQPZhw0KjhDBN3rrKhqWPlq3bO6xcxCrIKa ieXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:mail-followup-to:message-id:subject:cc:to:from:date :dkim-signature; bh=C/ezPocw2wzR9BVrPtt+qgUIFZXivZB+tnZLegsQHkI=; b=XxiFYqn9aPZOo47tPibFSKNZ5pcDCwiBYeBgySJyyyVD1VFwgtnAkH3/yLx83mTYBW 7IWBAcCDcpmptfbMAUr2VzWIGk9wODC69AeRy27+MNBmRNviMvHcjI79l3NQC0uPwN5X 8oNFx3j8C1sTdvH7lUcCkomEyjSxyQ4e0TFmPRehvut38qiFKLvDIqH6BO+sVd6+Wmir fF9XCsPPJFdEyb/3tXKHDfeJ97cvdoinA5AiPRnUakozMmgDvIq4VyCbIDwxuS/quuaS 1eeQXXTaaO8WeXzdPj7UN0cwG9AfVtZ/LIhpspI3C6cVdYcsLAK0gpnHDuPtY5VNB3yX fpcg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=dMnz6XKH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a21-20020a05640213d500b0046c72d49d6fsi2071535edx.596.2022.12.09.17.06.08; Fri, 09 Dec 2022 17:06:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=dMnz6XKH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229876AbiLJAYG (ORCPT + 74 others); Fri, 9 Dec 2022 19:24:06 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60558 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229470AbiLJAYE (ORCPT ); Fri, 9 Dec 2022 19:24:04 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0AFEC78BA7 for ; Fri, 9 Dec 2022 16:24:04 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id A4F67622EC for ; Sat, 10 Dec 2022 00:24:03 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E9C92C433D2; Sat, 10 Dec 2022 00:24:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1670631843; bh=mkQRf8rZZglel4X8c1Cmb05WYQ3DlvFSrxTlbe8Fg2U=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dMnz6XKHeIK4xxbwY8/aw7uvotAQAU6pwJkOnr4m50CTmHQ5L4VYgCy3jcQS3N4wJ +PoUSkzTLsuzy6M1t/Kjq/TKu5WXRpasc9GlSesdmGO5uP9Ic4z5MYWJVJ82oDat8v Xm96TbwCFMNH/xrY1t3OaEcKk+M9t8KllQkfD4uxQnrl/ehrUQ8H23NQ/AZ4dEh+sU JpnjuHTEcIYN0HCzII0hDOEc25H+O3G42oe8nQpLOOCTtHu4gc3eXwaWw7vM7a0wqF W63W423ele92yNoHXQvcZ+tENnmPTO2kCybaa77XwtvJ5mvvDqzF1hCu6eL2Tk6DTS 7CBcuMDcTHJ2Q== Date: Sat, 10 Dec 2022 08:23:57 +0800 From: Gao Xiang To: Siddh Raman Pant Cc: Gao Xiang , Chao Yu , Yue Hu , Jeffle Xu , linux-erofs , linux-kernel , syzbot+a8e049cd3abd342936b6@syzkaller.appspotmail.com Subject: Re: [PATCH v2] erofs/zmap.c: Fix incorrect offset calculation Message-ID: Mail-Followup-To: Siddh Raman Pant , Gao Xiang , Chao Yu , Yue Hu , Jeffle Xu , linux-erofs , linux-kernel , syzbot+a8e049cd3abd342936b6@syzkaller.appspotmail.com References: <20221209102151.311049-1-code@siddh.me> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20221209102151.311049-1-code@siddh.me> X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 09, 2022 at 03:51:51PM +0530, Siddh Raman Pant via Linux-erofs wrote: > Effective offset to add to length was being incorrectly calculated, > which resulted in iomap->length being set to 0, triggering a WARN_ON > in iomap_iter_done(). > > Fix that, and describe it in comments. > > This was reported as a crash by syzbot under an issue about a warning > encountered in iomap_iter_done(), but unrelated to erofs. > > C reproducer: https://syzkaller.appspot.com/text?tag=ReproC&x=1037a6b2880000 > Kernel config: https://syzkaller.appspot.com/text?tag=KernelConfig&x=e2021a61197ebe02 > Dashboard link: https://syzkaller.appspot.com/bug?extid=a8e049cd3abd342936b6 > > Reported-by: syzbot+a8e049cd3abd342936b6@syzkaller.appspotmail.com > Suggested-by: Gao Xiang > Signed-off-by: Siddh Raman Pant It looks good to me! Reviewed-by: Gao Xiang Thanks, Gao Xiang > --- > Changes since v2: > - Fix the calculation instead of bailing out. > > fs/erofs/zmap.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/fs/erofs/zmap.c b/fs/erofs/zmap.c > index 0bb66927e3d0..a171e4caba3c 100644 > --- a/fs/erofs/zmap.c > +++ b/fs/erofs/zmap.c > @@ -790,12 +790,16 @@ static int z_erofs_iomap_begin_report(struct inode *inode, loff_t offset, > iomap->type = IOMAP_HOLE; > iomap->addr = IOMAP_NULL_ADDR; > /* > - * No strict rule how to describe extents for post EOF, yet > - * we need do like below. Otherwise, iomap itself will get > + * No strict rule on how to describe extents for post EOF, yet > + * we need to do like below. Otherwise, iomap itself will get > * into an endless loop on post EOF. > + * > + * Calculate the effective offset by subtracting extent start > + * (map.m_la) from the requested offset, and add it to length. > + * (NB: offset >= map.m_la always) > */ > if (iomap->offset >= inode->i_size) > - iomap->length = length + map.m_la - offset; > + iomap->length = length + offset - map.m_la; > } > iomap->flags = 0; > return 0; > -- > 2.35.1 > >