On Sun, Oct 20, 2024 at 12:21:15AM +0900, Ryusuke Konishi wrote: > commit 08cfa12adf888db98879dbd735bc741360a34168 upstream. > > Syzbot reported that a task hang occurs in vcs_open() during a fuzzing > test for nilfs2. > > The root cause of this problem is that in nilfs_find_entry(), which > searches for directory entries, ignores errors when loading a directory > page/folio via nilfs_get_folio() fails. > > If the filesystem images is corrupted, and the i_size of the directory > inode is large, and the directory page/folio is successfully read but > fails the sanity check, for example when it is zero-filled, > nilfs_check_folio() may continue to spit out error messages in bursts. > > Fix this issue by propagating the error to the callers when loading a > page/folio fails in nilfs_find_entry(). > > The current interface of nilfs_find_entry() and its callers is outdated > and cannot propagate error codes such as -EIO and -ENOMEM returned via > nilfs_find_entry(), so fix it together. > > Link: https://lkml.kernel.org/r/20241004033640.6841-1-konishi.ryusuke@xxxxxxxxx > Fixes: 2ba466d74ed7 ("nilfs2: directory entry operations") > Signed-off-by: Ryusuke Konishi <konishi.ryusuke@xxxxxxxxx> > Reported-by: Lizhi Xu <lizhi.xu@xxxxxxxxxxxxx> > Closes: https://lkml.kernel.org/r/20240927013806.3577931-1-lizhi.xu@xxxxxxxxxxxxx > Reported-by: syzbot+8a192e8d090fa9a31135@xxxxxxxxxxxxxxxxxxxxxxxxx > Closes: https://syzkaller.appspot.com/bug?extid=8a192e8d090fa9a31135 > Cc: <stable@xxxxxxxxxxxxxxx> > Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> > --- > Please apply this patch to the stable trees indicated by the subject > prefix instead of the failed patches. > > This patch is tailored to take page/folio conversion into account and > avoid a few conflicts. Compiled and tested successfully. All now queued up, thanks for the backports. greg k-h
