Jaegeuk Kim 5d64600d4f f2fs: avoid bug_on on corrupted inode ... syzbot has tested the proposed patch but the reproducer still triggered crash: kernel BUG at fs/f2fs/inode.c:LINE! F2FS-fs (loop1): invalid crc value F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0) F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock F2FS-fs (loop5): invalid crc value ------------[ cut here ]------------ kernel BUG at fs/f2fs/inode.c:238! invalid opcode: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 1 PID: 4886 Comm: syz-executor1 Not tainted 4.17.0-rc1+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:do_read_inode fs/f2fs/inode.c:238 [inline] RIP: 0010:f2fs_iget+0x3307/0x3ca0 fs/f2fs/inode.c:313 RSP: 0018:ffff8801c44a70e8 EFLAGS: 00010293 RAX: ffff8801ce208040 RBX: ffff8801b3621080 RCX: ffffffff82eace18 F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) RDX: 0000000000000000 RSI: ffffffff82eaf047 RDI: 0000000000000007 RBP: ffff8801c44a7410 R08: ffff8801ce208040 R09: ffffed0039ee4176 R10: ffffed0039ee4176 R11: ffff8801cf720bb7 R12: ffff8801c0efa000 R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 FS: 00007f753aa9d700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 ------------[ cut here ]------------ CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 kernel BUG at fs/f2fs/inode.c:238! CR2: 0000000001b03018 CR3: 00000001c8b74000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: f2fs_fill_super+0x4377/0x7bf0 fs/f2fs/super.c:2842 mount_bdev+0x30c/0x3e0 fs/super.c:1165 f2fs_mount+0x34/0x40 fs/f2fs/super.c:3020 mount_fs+0xae/0x328 fs/super.c:1268 vfs_kern_mount.part.34+0xd4/0x4d0 fs/namespace.c:1037 vfs_kern_mount fs/namespace.c:1027 [inline] do_new_mount fs/namespace.c:2517 [inline] do_mount+0x564/0x3070 fs/namespace.c:2847 ksys_mount+0x12d/0x140 fs/namespace.c:3063 __do_sys_mount fs/namespace.c:3077 [inline] __se_sys_mount fs/namespace.c:3074 [inline] __x64_sys_mount+0xbe/0x150 fs/namespace.c:3074 do_syscall_64+0x1b1/0x800 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457daa RSP: 002b:00007f753aa9cba8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000457daa RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007f753aa9cbf0 RBP: 0000000000000064 R08: 0000000020016a00 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 R13: 0000000000000064 R14: 00000000006fcb80 R15: 0000000000000000 RIP: do_read_inode fs/f2fs/inode.c:238 [inline] RSP: ffff8801c44a70e8 RIP: f2fs_iget+0x3307/0x3ca0 fs/f2fs/inode.c:313 RSP: ffff8801c44a70e8 invalid opcode: 0000 [#2] SMP KASAN ---[ end trace 1cbcbec2156680bc ]--- Reported-and-tested-by: syzbot+41a1b341571f0952badb@syzkaller.appspotmail.com Reviewed-by: Chao Yu <yuchao0@huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>		2018-05-31 11:31:48 -07:00
..
9p	fscache development	2018-04-07 09:08:24 -07:00
adfs
affs
afs	afs: Fix server record deletion	2018-04-20 09:59:33 -07:00
autofs4	autofs: mount point create should honour passed in mode	2018-04-20 17:18:35 -07:00
befs
bfs
btrfs	for-4.17-rc1-tag	2018-04-22 12:09:27 -07:00
cachefiles	fscache: Pass object size in rather than calling back for it	2018-04-06 14:05:14 +01:00
ceph	ceph: check if mds create snaprealm when setting quota	2018-04-23 17:35:19 +02:00
cifs	cifs: smbd: Avoid allocating iov on the stack	2018-04-25 11:15:58 -05:00
coda
configfs
cramfs
crypto	fscrypt: allow synchronous bio decryption	2018-05-02 14:30:57 -07:00
debugfs
devpts
dlm
ecryptfs	eCryptfs: don't pass up plaintext names when using filename encryption	2018-04-16 18:51:22 +00:00
efivarfs
efs
exofs
exportfs	ovl: do not try to reconnect a disconnected origin dentry	2018-04-12 12:04:49 +02:00
ext2	\n	2018-04-20 09:01:26 -07:00
ext4	fscrypt: allow synchronous bio decryption	2018-05-02 14:30:57 -07:00
f2fs	f2fs: avoid bug_on on corrupted inode	2018-05-31 11:31:48 -07:00
fat
freevxfs
fscache	fscache: use appropriate radix tree accessors	2018-04-11 10:28:39 -07:00
fuse
gfs2	GFS2: Minor improvements to comments and documentation	2018-04-12 10:07:51 -07:00
hfs
hfsplus
hostfs
hpfs
hugetlbfs	hugetlbfs: fix bug in pgoff overflow checking	2018-04-05 21:36:21 -07:00
isofs	isofs: fix potential memory leak in mount option parsing	2018-04-16 09:47:41 +02:00
jbd2	ext4: set h_journal if there is a failure starting a reserved handle	2018-04-18 11:49:31 -04:00
jffs2	jffs2_kill_sb(): deal with failed allocations	2018-04-15 23:49:05 -04:00
jfs
kernfs
lockd
minix
nfs	NFS client updates for Linux 4.17	2018-04-12 12:55:50 -07:00
nfs_common
nfsd
nilfs2	page cache: use xa_lock	2018-04-11 10:28:39 -07:00
nls
notify	fsnotify: fix ignore mask logic in send_to_group()	2018-04-13 15:52:49 +02:00
ntfs
ocfs2	Merge branch 'akpm' (patches from Andrew)	2018-04-06 14:19:26 -07:00
omfs
openpromfs
orangefs	orangefs_kill_sb(): deal with allocation failures	2018-04-15 23:49:12 -04:00
overlayfs	ovl: add support for "xino" mount and config options	2018-04-12 12:04:50 +02:00
proc	proc: fix /proc/loadavg regression	2018-04-20 17:18:36 -07:00
pstore	pstore: fix crypto dependencies without compression	2018-04-06 15:45:33 -07:00
qnx4
qnx6
quota	fs: quota: Replace GFP_ATOMIC with GFP_KERNEL in dquot_init	2018-04-09 17:48:54 +02:00
ramfs
reiserfs	fs/reiserfs/journal.c: add missing resierfs_warning() arg	2018-04-11 10:28:36 -07:00
romfs
squashfs
sysfs
sysv
tracefs
ubifs	This pull request contains updates for both UBI and UBIFS:	2018-04-11 16:39:34 -07:00
udf	udf: Fix leak of UTF-16 surrogates into encoded strings	2018-04-18 16:34:55 +02:00
ufs
xfs	xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE	2018-04-17 19:10:15 -07:00
aio.c
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c	exec: introduce finalize_exec() before start_thread()	2018-04-11 10:28:37 -07:00
binfmt_elf_fdpic.c	exec: introduce finalize_exec() before start_thread()	2018-04-11 10:28:37 -07:00
binfmt_elf.c	fs, elf: don't complain MAP_FIXED_NOREPLACE unless -EEXIST error	2018-04-20 17:18:36 -07:00
binfmt_em86.c
binfmt_flat.c	exec: introduce finalize_exec() before start_thread()	2018-04-11 10:28:37 -07:00
binfmt_misc.c
binfmt_script.c
block_dev.c	libnvdimm for 4.17	2018-04-10 10:25:57 -07:00
buffer.c	Merge branch 'work.thaw' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2018-04-12 12:28:32 -07:00
char_dev.c
compat_binfmt_elf.c
compat_ioctl.c
compat.c
coredump.c
d_path.c
dax.c	page cache: use xa_lock	2018-04-11 10:28:39 -07:00
dcache.c	fs/dcache.c: add cond_resched() in shrink_dentry_list()	2018-04-11 10:28:38 -07:00
dcookies.c
direct-io.c	Merge branch 'akpm' (patches from Andrew)	2018-04-06 14:19:26 -07:00
drop_caches.c
eventfd.c
eventpoll.c
exec.c	exec: pin stack limit during exec	2018-04-11 10:28:37 -07:00
fcntl.c
fhandle.c
file_table.c
file.c
filesystems.c
fs_pin.c
fs_struct.c
fs-writeback.c	writeback: safer lock nesting	2018-04-20 17:18:35 -07:00
inode.c	page cache: use xa_lock	2018-04-11 10:28:39 -07:00
internal.h	Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2018-04-06 11:07:08 -07:00
ioctl.c
iomap.c
Kconfig
Kconfig.binfmt
libfs.c
locks.c
Makefile
mbcache.c
mount.h
mpage.c
namei.c	Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2018-04-09 12:48:05 -07:00
namespace.c	vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion	2018-04-20 09:59:33 -07:00
no-block.c
nsfs.c
open.c	Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2018-04-06 11:07:08 -07:00
pipe.c
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
readdir.c
select.c
seq_file.c	seq_file: account everything to kmemcg	2018-04-11 10:28:36 -07:00
signalfd.c
splice.c
stack.c
stat.c
statfs.c
super.c	mm,vmscan: Allow preallocating memory for register_shrinker().	2018-04-16 02:06:47 -04:00
sync.c
timerfd.c
userfaultfd.c
utimes.c
xattr.c