Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp1857744lqp; Sat, 23 Mar 2024 11:45:11 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCV9WnwYf/FecJlQeDEBnmwNpdD2KY3vii4rDZI02bYfohNpoARgV+GR9yBFs4YkouOdBnaI4CYtz6cI1g5a/9RozDBZATr0XeS9Y/oiXA== X-Google-Smtp-Source: AGHT+IEHxvP5WScILWwM9ZFDl0WEf6DUrvFv0Z/rROiqUnF8QbYtlSlrA1RHKcZAgj9ULJBnRUjY X-Received: by 2002:a19:385a:0:b0:513:c876:c80a with SMTP id d26-20020a19385a000000b00513c876c80amr1740279lfj.34.1711219511510; Sat, 23 Mar 2024 11:45:11 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711219511; cv=pass; d=google.com; s=arc-20160816; b=HwhEsjvaI5P2v+v4nMw3gcU14jhEtk191l/aGvPsmPXHwzk0kIs9XEUqclUf3jUAEf pNpmle4Sa7t1m44wWkyIS/Bb7dO/7NckFGDJBeP1pOq6ewwWynCBYGlgnFzjudu8Z1/d 08mBRB986BqJFY5Ll7R0hGre1Njfjyjc7WfFZK3P+c37hBDPPlYAGGGnw7lt9vyPw0kb HR4K3JUWO8IVohTnLykxP4H3G0jKX1L5FiEhK97MvyWyGl3PcdIYFAOPuzGjEGItcfi0 nLsCln6944kZl2NYI1ldcK+8jtVGr9QGuk82xbFrYL2TzaGZmGs2MIoeVCz6r/qrXxqX XNsA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=hl1+HK89i1xP+hJ+KcjkIcXP2rcZOII2Kgct0+7M3wE=; fh=SR2lap5dGSk+s05IxtD0VLdqz5Frpn+wA8KzGNiSmNg=; b=Zt5J7VuCgRQeViRoYXqUsQWG8B7TtnBG2+x2caWi48B4lq/lEXdU8Rndp8oDPVu4a4 MNn6Sgv2UutOabxt5BQDGVjmk35UgfpgcaC+n65SL4IgPgtztAVLpiUos7X0RWzecSlB 46Aa84i6H3Xh3T/sn/kgXwWXZN1ObwhnnpCZa5ja+PyG5E7halRvpLQ1BJ4UwWcLrvrZ J5bfo8+397ZRqlOSlBdUSjZfXfKXCduIZwf73Qbjqqx5A7B/bagcO5cyON6wTCxbpHnf /3oLMOtgAe8DJb2XjwhBrrOXKLDs634EVg1hIEeJIkR8hdnCZdvwcnRuZ5WxBQ7PFMfY OB8A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KcjKT2AY; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-112450-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-112450-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id q30-20020a50c35e000000b0056bb698acccsi1064811edb.430.2024.03.23.11.45.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 23 Mar 2024 11:45:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-112450-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KcjKT2AY; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-112450-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-112450-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 2AE7C1F21553 for ; Sat, 23 Mar 2024 18:45:11 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3516157878; Sat, 23 Mar 2024 18:45:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="KcjKT2AY" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5AFD023BF; Sat, 23 Mar 2024 18:45:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711219503; cv=none; b=dolh6F/Af/ZX29vsVPtxhwmFjQ4Dv21ZuUdvQrJz4jReNaZ324dQgumRz3ll+/VDgShmwPTD/UltXw+HNdz59zKTFaUZt4qs7rLN4efULEZBWA+UWL5Jc9a/J3UFeMtfopsVZW3wTlzKYyFnq6vRSia4es3bEvVJzoNzNF+lFrA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711219503; c=relaxed/simple; bh=+mtJ5IE4P/cFRPbERUs8Q4/5lmsBJRrG3EaPz0KmKmg=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=bEInWABlgwhE2/+U742UN0c2NVKX2H3qD4y357/9uWLSsZ7ZQTPdV50I8zpl/0dOiQisTeD3ttJQ7zbRrZnqK6FwWHMTnX2N1qi5JJol82V7t1bvADzHq26COCR1Unl727eMPGA2kHS1Br8N51k6EEBjrXB4NboSbuu7459sgNM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=KcjKT2AY; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id D3DA8C433C7; Sat, 23 Mar 2024 18:45:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711219502; bh=+mtJ5IE4P/cFRPbERUs8Q4/5lmsBJRrG3EaPz0KmKmg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=KcjKT2AYphRdGHtYvag4o9ENC0t1Qd6LDvTyNc6dB2w+tLbnyoTB6LZlNEnwpgcvf UrwOPvlIOoQ5H3MtBKkl5N6uk4LGSYAdQ5afm690OuwLqEkz4+v8SVNB9XJDVtphEQ 6kNt4YmUUtPtqsiPsT+ZQfjSSRGvgNKWLyfMcfFdSzYzDODfJScgIcnY1xoLjDJCR+ rY2+WWsCQQr7QLn9EhlBuDwR4EVBFagiyA7oExyGkIqq/gMR96xAsZWbw0HH/dvr4x bZyBIn5UfbWHh7ZyILbI0ei0AbK1dAPa0yfnhAsS7AMM3jHfyG5xG8FsxIkxDQetRs Gfb99Ede3DUHw== Date: Sat, 23 Mar 2024 11:45:02 -0700 From: "Darrick J. Wong" To: Andrey Shumilin Cc: Chandan Babu R , Dave Chinner , linux-xfs@vger.kernel.org, open list , lvc-project@linuxtesting.org, khoroshilov@ispras.ru, ykarpov@ispras.ru, vmerzlyakov@ispras.ru, vefanov@ispras.ru Subject: Re: [PATCH 2/2] xfs_refcount: Preventing integer overflow Message-ID: <20240323184502.GA6390@frogsfrogsfrogs> References: <20240323062603.665572-1-shum.sdl@nppct.ru> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240323062603.665572-1-shum.sdl@nppct.ru> On Sat, Mar 23, 2024 at 09:26:03AM +0300, Andrey Shumilin wrote: > Multiplying variables can overflow the "overhead" variable. > To fix this, the variable type has been increased. > Next, a subtraction operation occurs with it, > but before that it is checked. Under what circumstances will pre-multiplication @overhead have a large enough value to overflow? The blocksize cannot be larger than 2^16, and full splits of three btrees should never require anywhere close to 2^16 blocks, right? Did your analysis tool find a scenario where this actually happens? --D > Found by Linux Verification Center (linuxtesting.org) with SVACE. > Signed-off-by: Andrey Shumilin > --- > fs/xfs/libxfs/xfs_refcount.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/xfs/libxfs/xfs_refcount.c b/fs/xfs/libxfs/xfs_refcount.c > index 511c912d515c..cbf07552eaff 100644 > --- a/fs/xfs/libxfs/xfs_refcount.c > +++ b/fs/xfs/libxfs/xfs_refcount.c > @@ -1070,7 +1070,7 @@ static bool > xfs_refcount_still_have_space( > struct xfs_btree_cur *cur) > { > - unsigned long overhead; > + unsigned long long overhead; > > /* > * Worst case estimate: full splits of the free space and rmap btrees > -- > 2.30.2 > >