Re: [PATCH V2] fs: fix undefined behavior in bit shift for SB_NOUSER

From: Hao Ge
Date: Mon Apr 24 2023 - 01:44:20 EST

Next message: Christoph Hellwig: "[PATCH 01/17] fs: unexport buffer_check_dirty_writeback"
Previous message: Daniel Wagner: "[ANNOUNCE] 4.19.280-rt123"
In reply to: Hao Ge: "[PATCH V3] fs: fix undefined behavior in bit shift for SB_NOUSER"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Apr 24, 2023, at 13:02, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> On Mon, Apr 24, 2023 at 12:51:22PM +0800, Hao Ge wrote:
>> Shifting signed 32-bit value by 31 bits is undefined, so changing
>> significant bit to unsigned. The UBSAN warning calltrace like below:
>
>> UBSAN: shift-out-of-bounds in fs/nsfs.c:306:32
>> left shift of 1 by 31 places cannot be represented in type 'int'
>> CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.3.0-rc4+ #2
>> Call trace:
>> <TASK>
>> dump_backtrace+0x134/0x1e0
>> show_stack+0x2c/0x3c
>> dump_stack_lvl+0xb0/0xd4
>> dump_stack+0x14/0x1c
>> ubsan_epilogue+0xc/0x3c
>> __ubsan_handle_shift_out_of_bounds+0xb0/0x14c
>> nsfs_init+0x4c/0xb0
>> start_kernel+0x38c/0x738
>> __primary_switched+0xbc/0xc4
>> </TASK>
>>
>> Fixes: e462ec50cb5f ("VFS: Differentiate mount flags (MS_*) from internal superblock flags")
>> Signed-off-by: Hao Ge <gehao@xxxxxxxxxx>
>
> *snort*
>
> IMO something like "spotted by UBSAN" is more than enough here -
> stack trace is completely pointless.
>
> Otherwise, no problems with the patch - it's obviously safe.
Thanks for taking time to review this patch.
I fully agree with your suggestion, as it is not just this one place that reported this error, although they are the same reason.
I will remove stack trace and send v3.

Next message: Christoph Hellwig: "[PATCH 01/17] fs: unexport buffer_check_dirty_writeback"
Previous message: Daniel Wagner: "[ANNOUNCE] 4.19.280-rt123"
In reply to: Hao Ge: "[PATCH V3] fs: fix undefined behavior in bit shift for SB_NOUSER"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]