Re: [syzbot] Re: kernel BUG in __block_write_begin_int (3)

From: syzbot
Date: Thu Oct 17 2024 - 12:03:34 EST

Next message: Liam R. Howlett: "Re: [RFC PATCH v2 1/1] exec: seal system mappings"
Previous message: Eric Snowberg: "[RFC PATCH v3 01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check"
In reply to: syzbot: "[syzbot] [nilfs?] kernel BUG in __block_write_begin_int (3)"
Next in thread: Ryusuke Konishi: "[PATCH] nilfs2: fix kernel bug due to missing clearing of checked flag"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For archival purposes, forwarding an incoming command email to
linux-kernel@xxxxxxxxxxxxxxx, syzkaller-bugs@xxxxxxxxxxxxxxxx.

***

Subject: Re: kernel BUG in __block_write_begin_int (3)
Author: dmantipov@xxxxxxxxx

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git c964ced7726294d40913f2127c3f185a92cb4a41

diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
index fe5b1a30c509..57108bd90e8b 100644
--- a/fs/nilfs2/dir.c
+++ b/fs/nilfs2/dir.c
@@ -483,6 +483,13 @@ int nilfs_add_link(struct dentry *dentry, struct inode *inode)
got_it:
from = offset_in_folio(folio, de);
to = from + rec_len;
+ if (unlikely(to > folio_size(folio))) {
+ nilfs_error(dir->i_sb, "bad entry in directory #%lu:"
+ " from=%zu to=%zu size=%zu", dir->i_ino,
+ from, to, folio_size(folio));
+ err = -EINVAL;
+ goto out_unlock;
+ }
err = nilfs_prepare_chunk(folio, from, to);
if (err)
goto out_unlock;

Next message: Liam R. Howlett: "Re: [RFC PATCH v2 1/1] exec: seal system mappings"
Previous message: Eric Snowberg: "[RFC PATCH v3 01/13] certs: Remove CONFIG_INTEGRITY_PLATFORM_KEYRING check"
In reply to: syzbot: "[syzbot] [nilfs?] kernel BUG in __block_write_begin_int (3)"
Next in thread: Ryusuke Konishi: "[PATCH] nilfs2: fix kernel bug due to missing clearing of checked flag"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]