UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/fs/xfs
History
Xie XiuQi 79c350e45e xfs: fix signed integer overflow 
Use 1U for unsigned int to avoid a overflow warning from UBSAN.

[   31.910858] UBSAN: Undefined behaviour in fs/xfs/xfs_buf_item.c:889:25
[   31.911252] signed integer overflow:
[   31.911478] -2147483648 - 1 cannot be represented in type 'int'
[   31.911846] CPU: 1 PID: 1011 Comm: tuned Tainted: G    B          ---- -------   3.10.0-327.28.3.el7.x86_64 #1
[   31.911857] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 01/07/2011
[   31.911866]  1ffff1004069cd3b 0000000076bec3fd ffff8802034e69a0 ffffffff81ee3140
[   31.911883]  ffff8802034e69b8 ffffffff81ee31fd ffffffffa0ad79e0 ffff8802034e6b20
[   31.911898]  ffffffff81ee46e2 0000002d515470c0 0000000000000001 0000000041b58ab3
[   31.911913] Call Trace:
[   31.911932]  [<ffffffff81ee3140>] dump_stack+0x1e/0x20
[   31.911947]  [<ffffffff81ee31fd>] ubsan_epilogue+0x12/0x55
[   31.911964]  [<ffffffff81ee46e2>] handle_overflow+0x1ba/0x215
[   31.912083]  [<ffffffff81ee4798>] __ubsan_handle_sub_overflow+0x2a/0x31
[   31.912204]  [<ffffffffa08676fb>] xfs_buf_item_log+0x34b/0x3f0 [xfs]
[   31.912314]  [<ffffffffa0880490>] xfs_trans_log_buf+0x120/0x260 [xfs]
[   31.912402]  [<ffffffffa079a890>] xfs_btree_log_recs+0x80/0xc0 [xfs]
[   31.912490]  [<ffffffffa07a29f8>] xfs_btree_delrec+0x11a8/0x2d50 [xfs]
[   31.913589]  [<ffffffffa07a86f9>] xfs_btree_delete+0xc9/0x260 [xfs]
[   31.913762]  [<ffffffffa075b5cf>] xfs_free_ag_extent+0x63f/0xe20 [xfs]
[   31.914339]  [<ffffffffa075ec0f>] xfs_free_extent+0x2af/0x3e0 [xfs]
[   31.914641]  [<ffffffffa0801b2b>] xfs_bmap_finish+0x32b/0x4b0 [xfs]
[   31.914841]  [<ffffffffa083c2e7>] xfs_itruncate_extents+0x3b7/0x740 [xfs]
[   31.915216]  [<ffffffffa08342fa>] xfs_setattr_size+0x60a/0x860 [xfs]
[   31.915471]  [<ffffffffa08345ea>] xfs_vn_setattr+0x9a/0xe0 [xfs]
[   31.915590]  [<ffffffff8149ad38>] notify_change+0x5c8/0x8a0
[   31.915607]  [<ffffffff81450f22>] do_truncate+0x122/0x1d0
[   31.915640]  [<ffffffff8147beee>] do_last+0x15de/0x2c80
[   31.915707]  [<ffffffff8147d777>] path_openat+0x1e7/0xcc0
[   31.915802]  [<ffffffff81480824>] do_filp_open+0xa4/0x160
[   31.915848]  [<ffffffff81453127>] do_sys_open+0x1b7/0x3f0
[   31.915879]  [<ffffffff81453392>] SyS_open+0x32/0x40
[   31.915897]  [<ffffffff81f08989>] system_call_fastpath+0x16/0x1b

[  240.086809] UBSAN: Undefined behaviour in fs/xfs/xfs_buf_item.c:866:34
[  240.086820] signed integer overflow:
[  240.086830] -2147483648 - 1 cannot be represented in type 'int'
[  240.086846] CPU: 1 PID: 12969 Comm: rm Tainted: G    B          ---- -------   3.10.0-327.28.3.el7.x86_64 #1
[  240.086857] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 01/07/2011
[  240.086868]  1ffff10040491def 00000000e2ea59c1 ffff88020248ef40 ffffffff81ee3140
[  240.086885]  ffff88020248ef58 ffffffff81ee31fd ffffffffa0ad79e0 ffff88020248f0c0
[  240.086901]  ffffffff81ee46e2 0000002d02488000 0000000000000001 0000000041b58ab3
[  240.086915] Call Trace:
[  240.086938]  [<ffffffff81ee3140>] dump_stack+0x1e/0x20
[  240.086953]  [<ffffffff81ee31fd>] ubsan_epilogue+0x12/0x55
[  240.086971]  [<ffffffff81ee46e2>] handle_overflow+0x1ba/0x215
...

Signed-off-by: Xie XiuQi <xiexiuqi@huawei.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
 		2016-09-14 07:41:16 +10:00
..
libxfs xfs: track log done items directly in the deferred pending work item 2016-08-30 13:51:39 +10:00
Kconfig xfs: implement iomap based buffered write path 2016-06-21 09:53:44 +10:00
Makefile xfs: reverse block mapping support for 4.8-rc1 2016-08-06 09:50:36 -04:00
kmem.c xfs: improve kmem_realloc 2016-04-06 09:47:01 +10:00
kmem.h xfs: improve kmem_realloc 2016-04-06 09:47:01 +10:00
mrlock.h
uuid.c
uuid.h
xfs.h
xfs_acl.c posix_acl: Inode acl caching fixes 2016-03-31 00:30:15 -04:00
xfs_acl.h xfs: Change how listxattr generates synthetic attributes 2015-12-06 21:34:16 -05:00
xfs_aops.c xfs: update for 4.8-rc1 2016-07-27 09:53:35 -07:00
xfs_aops.h xfs: direct calls in the direct I/O path 2016-07-20 11:38:01 +10:00
xfs_attr.h xfs: remove put_value from attr ->put_listent context 2016-04-06 07:57:45 +10:00
xfs_attr_inactive.c xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_attr_list.c xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_bmap_util.c xfs: disable XFS_IOC_SWAPEXT when rmap btree is enabled 2016-08-03 12:18:07 +10:00
xfs_bmap_util.h xfs: change xfs_bmap_{finish,cancel,init,free} -> xfs_defer_* 2016-08-03 11:18:10 +10:00
xfs_buf.c xfs: prevent dropping ioend completions during buftarg wait 2016-08-26 16:01:59 +10:00
xfs_buf.h xfs: track and serialize in-flight async buffers against unmount 2016-07-20 11:15:28 +10:00
xfs_buf_item.c xfs: fix signed integer overflow 2016-09-14 07:41:16 +10:00
xfs_buf_item.h xfs: fix non-debug build warnings 2015-08-25 10:05:13 +10:00
xfs_dir2_readdir.c xfs: concurrent readdir hangs on data buffer locks 2016-05-18 13:20:21 -04:00
xfs_discard.c xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_discard.h
xfs_dquot.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_dquot.h xfs: fix implicit bool to int conversion 2015-01-09 10:48:58 +11:00
xfs_dquot_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_dquot_item.h xfs: remove the quotaoff log format from the quotaoff log item 2013-12-13 11:34:08 +11:00
xfs_error.c Merge branch 'xfs-4.8-misc-fixes-3' into for-next 2016-07-20 11:51:08 +10:00
xfs_error.h xfs: propagate bmap updates to rmapbt 2016-08-03 12:16:05 +10:00
xfs_export.c xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_export.h
xfs_extent_busy.c xfs: merge xfs_ag.h into xfs_format.h 2014-11-28 14:25:04 +11:00
xfs_extent_busy.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_extfree_item.c xfs: remove unnecessary parentheses from log redo item recovery functions 2016-08-03 12:29:32 +10:00
xfs_extfree_item.h xfs: refactor redo intent item processing 2016-08-03 11:23:49 +10:00
xfs_file.c xfs: don't invalidate whole file on DAX read/write 2016-08-17 08:31:33 +10:00
xfs_filestream.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_filestream.h xfs: add filestream allocator tracepoints 2014-04-23 07:11:52 +10:00
xfs_fsops.c xfs: store rmapbt block count in the AGF 2016-08-17 08:31:49 +10:00
xfs_fsops.h xfs: remove unused function definitions 2016-02-08 14:58:07 +11:00
xfs_globals.c xfs: export log_recovery_delay to delay mount time log recovery 2014-09-09 11:56:13 +10:00
xfs_icache.c xfs: cancel eofblocks background trimming on remount read-only 2016-06-21 11:53:28 +10:00
xfs_icache.h xfs: cancel eofblocks background trimming on remount read-only 2016-06-21 11:53:28 +10:00
xfs_icreate_item.c xfs: move most of xfs_sb.h to xfs_format.h 2014-11-28 14:27:09 +11:00
xfs_icreate_item.h
xfs_inode.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_inode.h xfs: change xfs_bmap_{finish,cancel,init,free} -> xfs_defer_* 2016-08-03 11:18:10 +10:00
xfs_inode_item.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_inode_item.h xfs: remove timestamps from incore inode 2016-02-09 16:54:58 +11:00
xfs_ioctl.c fs: return EPERM on immutable inode 2016-08-07 10:03:31 -04:00
xfs_ioctl.h xfs: don't pass ioflags around in the ioctl path 2016-07-20 11:29:35 +10:00
xfs_ioctl32.c xfs: don't pass ioflags around in the ioctl path 2016-07-20 11:29:35 +10:00
xfs_ioctl32.h xfs: compat_xfs_bstat does not have forkoff 2014-10-02 09:17:58 +10:00
xfs_iomap.c Merge branch 'iomap-fixes-4.8-rc3' into for-next 2016-08-17 11:13:37 +10:00
xfs_iomap.h xfs: (re-)implement FIEMAP_FLAG_XATTR 2016-08-17 08:45:30 +10:00
xfs_iops.c xfs: (re-)implement FIEMAP_FLAG_XATTR 2016-08-17 08:45:30 +10:00
xfs_iops.h xfs: inodes are new until the dentry cache is set up 2015-02-23 22:38:08 +11:00
xfs_itable.c xfs: mode di_mode to vfs inode 2016-02-09 16:54:58 +11:00
xfs_itable.h xfs: bulkstat chunk formatting cursor is broken 2014-11-07 08:30:30 +11:00
xfs_linux.h xfs: remove __arch_pack 2016-07-20 11:48:46 +10:00
xfs_log.c Merge branch 'xfs-4.8-buf-fixes' into for-next 2016-07-20 11:53:35 +10:00
xfs_log.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_log_cil.c xfs: allocate log vector buffers outside CIL context lock 2016-07-22 09:52:35 +10:00
xfs_log_priv.h xfs: remove transaction types 2016-04-06 09:20:36 +10:00
xfs_log_recover.c xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_message.c xfs: more info from kmem deadlocks and high-level error msgs 2015-10-12 16:04:45 +11:00
xfs_message.h
xfs_mount.c xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_mount.h xfs: rmap btree requires more reserved free space 2016-08-03 11:38:24 +10:00
xfs_mru_cache.c xfs: xfs_mru_cache_insert() should use GFP_NOFS 2015-03-25 14:57:53 +11:00
xfs_mru_cache.h xfs: embedd mru_elem into parent structure 2014-04-23 07:11:51 +10:00
xfs_ondisk.h xfs: define the on-disk rmap btree format 2016-08-03 11:36:07 +10:00
xfs_pnfs.c xfs: make xfs_bmbt_to_iomap available outside of xfs_pnfs.c 2016-06-21 09:52:47 +10:00
xfs_pnfs.h xfs: abstract block export operations from nfsd layouts 2016-07-15 15:31:29 -04:00
xfs_qm.c xfs: better xfs_trans_alloc interface 2016-04-06 09:19:55 +10:00
xfs_qm.h xfs: Split default quota limits by quota type 2016-02-08 11:27:55 +11:00
xfs_qm_bhv.c xfs: move most of xfs_sb.h to xfs_format.h 2014-11-28 14:27:09 +11:00
xfs_qm_syscalls.c xfs: better xfs_trans_alloc interface 2016-04-06 09:19:55 +10:00
xfs_quota.h xfs: fix quota block reservation leak when tp allocates and frees blocks 2015-06-01 07:15:37 +10:00
xfs_quotaops.c xfs: wire up Q_XGETNEXTQUOTA / get_nextdqblk 2016-02-08 11:27:38 +11:00
xfs_rmap_item.c xfs: remove unnecessary parentheses from log redo item recovery functions 2016-08-03 12:29:32 +10:00
xfs_rmap_item.h xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_rtalloc.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_rtalloc.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_stats.c xfs: reverse block mapping support for 4.8-rc1 2016-08-06 09:50:36 -04:00
xfs_stats.h xfs: add rmap btree stats infrastructure 2016-08-03 11:31:11 +10:00
xfs_super.c xfs: disallow mounting of realtime + rmap filesystems 2016-08-26 15:59:19 +10:00
xfs_super.h xfs: make several functions static 2016-06-01 17:38:15 +10:00
xfs_symlink.c xfs: rename flist/free_list to dfops 2016-08-03 11:19:29 +10:00
xfs_symlink.h xfs: push down inactive transaction mgmt for remote symlinks 2013-10-08 14:53:02 -05:00
xfs_sysctl.c xfs: pass xfsstats structures to handlers and macros 2015-10-12 05:19:45 +11:00
xfs_sysctl.h xfs: export log_recovery_delay to delay mount time log recovery 2014-09-09 11:56:13 +10:00
xfs_sysfs.c xfs: fix xfs_error_get_cfg for negative errnos 2016-07-20 10:48:51 +10:00
xfs_sysfs.h xfs: configurable error behavior via sysfs 2016-05-18 10:58:51 +10:00
xfs_trace.c xfs: rework xfs_bmap_free callers to use xfs_defer_ops 2016-08-03 11:15:38 +10:00
xfs_trace.h xfs: track log done items directly in the deferred pending work item 2016-08-30 13:51:39 +10:00
xfs_trans.c xfs: undo block reservation correctly in xfs_trans_reserve() 2016-09-14 07:39:07 +10:00
xfs_trans.h xfs: remove the extents array from the rmap update done log item 2016-08-03 12:28:43 +10:00
xfs_trans_ail.c xfs: Make xfsaild freezeable again 2016-02-08 14:59:07 +11:00
xfs_trans_buf.c xfs: remove XBF_STALE flag wrapper macros 2016-02-10 15:01:11 +11:00
xfs_trans_dquot.c xfs: Split default quota limits by quota type 2016-02-08 11:27:55 +11:00
xfs_trans_extfree.c xfs: move (and rename) the deferred bmap-free tracepoints 2016-08-03 12:31:07 +10:00
xfs_trans_inode.c xfs: move di_changecount to VFS inode 2016-02-09 16:54:58 +11:00
xfs_trans_priv.h xfs: add helper to conditionally remove items from the AIL 2015-08-19 10:01:08 +10:00
xfs_trans_rmap.c xfs: collapse single use static functions 2016-08-03 12:30:31 +10:00
xfs_xattr.c Make __xfs_xattr_put_listen preperly report errors. 2016-09-14 07:40:35 +10:00