From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 607B11A76D4; Tue, 30 Jul 2024 17:16:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722359769; cv=none; b=trbfvecd42ePLmknRs5qPYFl+SZGsBPJTvj3VPva2sKxlZSnTn9AZWoyfDMHa9kE7M7mAUZY4HSywLwUYCJY68+A4vqjokCNIYX+IO9/I+waFhe9eKBxF5l9RWQcvtUiYQDwt0N1g2rtnuKbs8UyLSw8NLwFIp+K3i0nKftJwXU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722359769; c=relaxed/simple; bh=eOXpORnj1imNLTzZkqENoIP8nKq/ESldcXRF8Ha2Z/E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Y7QJNKH6n1pZ3Ctljdalsq6meLEdp4ISzn1USamzi11CE8y2oI6o5n8hriewwwpzzYkHixDxHhjumLd5WmIYrB6BpNVN7gOwqhG/QkUFXgCliJFaS8Vmd4OunVYg/4q6kspBDFmmTkFYyFdu2/MVrEEbAD3ORYf01SZLK40ZNKU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=CrCHb+RZ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="CrCHb+RZ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7EA0FC32782; Tue, 30 Jul 2024 17:16:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1722359769; bh=eOXpORnj1imNLTzZkqENoIP8nKq/ESldcXRF8Ha2Z/E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CrCHb+RZfPsa47YUi/ndYo3pVLdB1RT+/Ke7Hrhxwadueg076GXlBfOddcNxHc8qH nMFYM9uv3i1NN8srHEtob++/0nC3S/kdU8AIV/SwLUZbMZig1XXLoBR7SF+BPqL7JE S3r4IXfvhhjqz+/X1vXd/iKUDhvvi6C6Hj/GIlU8= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Ryusuke Konishi , Andrew Morton , Sasha Levin Subject: [PATCH 6.10 512/809] nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro Date: Tue, 30 Jul 2024 17:46:28 +0200 Message-ID: <20240730151744.959268614@linuxfoundation.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240730151724.637682316@linuxfoundation.org> References: <20240730151724.637682316@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 6.10-stable review patch. If anyone has any objections, please let me know. ------------------ From: Ryusuke Konishi [ Upstream commit 0f3819e8c483771a59cf9d3190cd68a7a990083c ] According to the C standard 3.4.3p3, the result of signed integer overflow is undefined. The macro nilfs_cnt32_ge(), which compares two sequence numbers, uses signed integer subtraction that can overflow, and therefore the result of the calculation may differ from what is expected due to undefined behavior in different environments. Similar to an earlier change to the jiffies-related comparison macros in commit 5a581b367b5d ("jiffies: Avoid undefined behavior from signed overflow"), avoid this potential issue by changing the definition of the macro to perform the subtraction as unsigned integers, then cast the result to a signed integer for comparison. Link: https://lkml.kernel.org/r/20130727225828.GA11864@linux.vnet.ibm.com Link: https://lkml.kernel.org/r/20240702183512.6390-1-konishi.ryusuke@gmail.com Fixes: 9ff05123e3bf ("nilfs2: segment constructor") Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton Signed-off-by: Sasha Levin --- fs/nilfs2/segment.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/nilfs2/segment.c b/fs/nilfs2/segment.c index 6ea81f1d50944..d02fd92cdb432 100644 --- a/fs/nilfs2/segment.c +++ b/fs/nilfs2/segment.c @@ -136,7 +136,7 @@ static void nilfs_dispose_list(struct the_nilfs *, struct list_head *, int); #define nilfs_cnt32_ge(a, b) \ (typecheck(__u32, a) && typecheck(__u32, b) && \ - ((__s32)(a) - (__s32)(b) >= 0)) + ((__s32)((a) - (b)) >= 0)) static int nilfs_prepare_segment_lock(struct super_block *sb, struct nilfs_transaction_info *ti) -- 2.43.0