On Mon, Aug 26, 2019 at 05:30:14PM +0200, Jan Kara wrote: > On Mon 26-08-19 22:35:47, zhangyi (F) wrote: > > If user specify a large enough value of "commit=" option, it may trigger > > signed integer overflow which may lead to sbi->s_commit_interval becomes > > a large or small value, zero in particular. > > > > UBSAN: Undefined behaviour in ../fs/ext4/super.c:1592:31 > > signed integer overflow: > > 536870912 * 1000 cannot be represented in type 'int' > > [...] > > Call trace: > > [...] > > [<ffffff9008a2d120>] ubsan_epilogue+0x34/0x9c lib/ubsan.c:166 > > [<ffffff9008a2d8b8>] handle_overflow+0x228/0x280 lib/ubsan.c:197 > > [<ffffff9008a2d95c>] __ubsan_handle_mul_overflow+0x4c/0x68 lib/ubsan.c:218 > > [<ffffff90086d070c>] handle_mount_opt fs/ext4/super.c:1592 [inline] > > [<ffffff90086d070c>] parse_options+0x1724/0x1a40 fs/ext4/super.c:1773 > > [<ffffff90086d51c4>] ext4_remount+0x2ec/0x14a0 fs/ext4/super.c:4834 > > [...] > > > > Although it is not a big deal, still silence the UBSAN by limit the > > input value. > > > > Signed-off-by: zhangyi (F) <yi.zhang@xxxxxxxxxx> > > Looks good to me. You can add: > > Reviewed-by: Jan Kara <jack@xxxxxxx> Thanks, applied. - Ted
