Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp317662rwb; Thu, 18 Aug 2022 04:34:20 -0700 (PDT) X-Google-Smtp-Source: AA6agR5R4RI/pmLtOdf1aCmjYfmxPyxiJRo8FUZl899lKI8IOS1Xh7E84cdOgQ1itdHChOMBS++t X-Received: by 2002:aa7:8653:0:b0:52d:6fc3:1e41 with SMTP id a19-20020aa78653000000b0052d6fc31e41mr2616462pfo.13.1660822460117; Thu, 18 Aug 2022 04:34:20 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1660822460; cv=pass; d=google.com; s=arc-20160816; b=SkjnS0iDL0aFW7V5SfZNISwJpyllk7Nll3nBTrUi10pz+GzS+8iiPATkKY8+61EbAl xeJwdvJaKeYiqjtWVyla82At0ZDtADRdACWFtu10iUzu28m8yrnoQWvZfF6ZZeeAxCs7 eDYbnoR8C7pSHMIslnIG2WVzx1Fx+qDoTq588heODbT+a4hDsKG6PPC+Y3aYPagNo8EJ p19P/wqWFPfEsF7hYVEYQE6AFn2qu88wPRGw0yLYeWau9c//jMbcHBRbT91i0zIU152k nrR6gHBIraU9oPVy53E0TTNfeOyfl5e8Qtqdr5SZJVQWzktYm+JwYrDdCBy4e1BJFHa7 5LNA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:date:subject:message-id:cc:to:from :dkim-signature; bh=w3q3/luKQmtc+VjV/Gf2sz+X/or73ffditweh+vTyCw=; b=nmwda1hXBn6e5XVzUT9FgIZxqaJPGRypE7tHbedYBUSz1RUgF4Jcb0e9cHvrWr0ar1 C2WtP7oq70t1SN8USJBEPqaM41OQvjtjd0VHcKOhamYblso9qMiC80pLT+m6L8b2SuVm RrrMLByg2WDFMObVYZ6l+Cb/smxO8wnFzLfQky2ULozAYBDhjyzrF3rz4BesVNaPWm4J XcRWND8ZXwx0arFi1TqvQ6H2CgkEoYnNCHHOnlkYo0HXVyOpr5YKPiLKh+I6SLXP8oJA 4uUDdfmWVwVQNfq+PqQ2ja69m+5tSqXsVQNXtd8EVtYtSQp5m/3c0dj5uUkz+RSpyYqh ZxHQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@siddh.me header.s=zmail header.b=IPmmJF2k; arc=pass (i=1 spf=pass spfdomain=siddh.me dkim=pass dkdomain=siddh.me dmarc=pass fromdomain=siddh.me>); spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siddh.me Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k185-20020a6384c2000000b00419f2d09e77si1291477pgd.99.2022.08.18.04.34.00; Thu, 18 Aug 2022 04:34:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@siddh.me header.s=zmail header.b=IPmmJF2k; arc=pass (i=1 spf=pass spfdomain=siddh.me dkim=pass dkdomain=siddh.me dmarc=pass fromdomain=siddh.me>); spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siddh.me Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244371AbiHRLQu (ORCPT + 99 others); Thu, 18 Aug 2022 07:16:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44928 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237435AbiHRLQt (ORCPT ); Thu, 18 Aug 2022 07:16:49 -0400 Received: from sender-of-o50.zoho.in (sender-of-o50.zoho.in [103.117.158.50]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 55FD4AE216 for ; Thu, 18 Aug 2022 04:16:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660820437; cv=none; d=zohomail.in; s=zohoarc; b=BTMANjpPQ649xN1Ilw1xe5PDp07xqQayiOObxnMnehCh0whAnkBvvKzF96CLAtFZp4YQ8ODaEjbyfxO+8O3f/gIsCrn3d6QS0J7Ec5vbrkdOL7AdTYuhDWEn0Ytbzy53JRClJKXWGM2IHiZXzEaVpHOx4vYLVjY+pkiYXP8DU0I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.in; s=zohoarc; t=1660820437; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=w3q3/luKQmtc+VjV/Gf2sz+X/or73ffditweh+vTyCw=; b=RmUvCSOkclpZwMa6RoA6xFuaJBY/zqVsEm+96Q2v/o3+19cq7Jj+Cy1SOxYqBYt1p7y89zQmwA8ZtL63NN/GcveCbgYuiP+CjjbGq4SzrNz3Eff23eS6+YvUPTXaFpKSL3LcUceRTPAPCWioyQMgL5PvnmFoIk9DH7SRFqhNRho= ARC-Authentication-Results: i=1; mx.zohomail.in; dkim=pass header.i=siddh.me; spf=pass smtp.mailfrom=code@siddh.me; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1660820437; s=zmail; d=siddh.me; i=code@siddh.me; h=From:From:To:To:Cc:Cc:Message-ID:Subject:Subject:Date:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type:Message-Id:Reply-To; bh=w3q3/luKQmtc+VjV/Gf2sz+X/or73ffditweh+vTyCw=; b=IPmmJF2k6/1SqT02GUNG6cNF9PRrVOBVauI7Gxr3vl6IzUfgHFmetHP6xEJSEs+f UTnuUpVVI0CfxUgWtgfQkowITG0Lu07mgkTl5c/ddZaVDBGWcELlHyYMeBgo7rIUoqi U2aUCQNU7weOGb/EPhCeuYwTPXiR65CFg0+dX/NQ= Received: from localhost.localdomain (103.86.19.2 [103.86.19.2]) by mx.zoho.in with SMTPS id 1660820435766507.18754371954867; Thu, 18 Aug 2022 16:30:35 +0530 (IST) From: Siddh Raman Pant To: david@fromorbit.com Cc: djwong@kernel.org, fgheet255t@gmail.com, hch@infradead.org, linux-ext4@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-xfs@vger.kernel.org, riteshh@linux.ibm.com, syzbot+a8e049cd3abd342936b6@syzkaller.appspotmail.com, syzkaller-bugs@googlegroups.com Message-ID: <20220818110031.89467-1-code@siddh.me> Subject: Re: [syzbot] WARNING in iomap_iter Date: Thu, 18 Aug 2022 16:30:31 +0530 X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220214025849.GP59729@dread.disaster.area> References: <20220214025849.GP59729@dread.disaster.area> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset=utf8 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org This is probably due to mismatch in types between userspace API struct and the kernel's internal struct, which leads to offset being overflowed after getting converted from __u64 (unsigned long long) to loff_t (signed long long), resulting in ridiculously negative offset value. #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gi= t master --- include/uapi/linux/loop.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/uapi/linux/loop.h b/include/uapi/linux/loop.h index 6f63527dd2ed..33c07c467da4 100644 --- a/include/uapi/linux/loop.h +++ b/include/uapi/linux/loop.h @@ -53,12 +53,12 @@ struct loop_info64 { =09__u64=09=09 lo_device;=09=09=09/* ioctl r/o */ =09__u64=09=09 lo_inode;=09=09=09/* ioctl r/o */ =09__u64=09=09 lo_rdevice;=09=09=09/* ioctl r/o */ -=09__u64=09=09 lo_offset; -=09__u64=09=09 lo_sizelimit;/* bytes, 0 =3D=3D max available */ -=09__u32=09=09 lo_number;=09=09=09/* ioctl r/o */ -=09__u32=09=09 lo_encrypt_type;=09=09/* obsolete, ignored */ -=09__u32=09=09 lo_encrypt_key_size;=09=09/* ioctl w/o */ -=09__u32=09=09 lo_flags; +=09__s64=09=09 lo_offset; +=09__s64=09=09 lo_sizelimit;=09/* bytes, 0 =3D=3D max available */ +=09__s32=09=09 lo_number;=09=09=09/* ioctl r/o */ +=09__s32=09=09 lo_encrypt_type;=09=09/* obsolete, ignored */ +=09__s32=09=09 lo_encrypt_key_size;=09=09/* ioctl w/o */ +=09__s32=09=09 lo_flags; =09__u8=09=09 lo_file_name[LO_NAME_SIZE]; =09__u8=09=09 lo_crypt_name[LO_NAME_SIZE]; =09__u8=09=09 lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */ --=20 2.35.1