From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 233ED32143D for ; Fri, 3 Apr 2026 06:30:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.171 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775197830; cv=none; b=UUdkEeA/L+DQlzXBAfGC7drmKhlEBYjwbhf4H7uFIr8w6A9yBJ3D4Qon/pwk0gMv4MCDsBP0fpLIfwJc7zG7uP7WVsO/tQuvuidS6v83OfU612spJKf40Wii1tE68VMfJ4u5WsRbGQ1cn+rYlIOa+wahag29+X3iTXaydXORFVY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775197830; c=relaxed/simple; bh=xzl8Tl+oT/5JDgckUA3p7FC1yPtGRVwkqYuL1scmJsQ=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=JwetCcuHmnOSk/Y9hPgy3IBzUGsblQT2aFwY9nxNPEVPAfWJaWSKpFmx1kzqr4lAztygOKqwrzqDVHlvYUi90pqUd3Xo/j6MnA3E32kdA9c78oOpzNv5LAC0UjguXzfJ+Bh4spCxq3/vQew7qPAuCYLQsfMrP1JdoNdgnGCt6rM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=L5Yf0Xc8; arc=none smtp.client-ip=209.85.210.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="L5Yf0Xc8" Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-82d0b68837aso353240b3a.2 for ; Thu, 02 Apr 2026 23:30:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1775197827; x=1775802627; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=GqRq4TvoUCbYo8jO8ig93cBQJkCaPpPSvejubE0Dwzw=; b=L5Yf0Xc8S/y7mQoxb72I22uUyVY2XMWP6IMKLVn3ro2BsMa5SGqh7nKeB8zKoNiG8T mhFKFAtK2ei3MgigXd8eKwWTi49x0pqdS19319oQ7bwubx7CT7oeri2HDlCP9omsUlno 8cgT+TFT4BprZ/4RDKPO61Tya+S6/Yvy1gNwDeCn35q3FNLP5I99ei49HZ2emd2Vtqaa XmL2xTzwHXzrFi/i9ZD5gC8E+6uRXGTk7ThCJXryHin3nVN+VqPbQlRvfU8LVlD//JKH b1E5oOCpybmXBQrsTGwl9fF4ZV9IHc8qb5GWPaenxlVrHXBtZmx9ydB6lQcT9WqCAbgc uYXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775197827; x=1775802627; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=GqRq4TvoUCbYo8jO8ig93cBQJkCaPpPSvejubE0Dwzw=; b=Ebi97w7/+J6oznEoHnCk18HlR1bBYy2F8FdBP7dMy9+m/+QSJdA1BXIFjO8DNQGtbL 2mWFage981tjegii35TcFlzQfgIjxedW0q7sUBOIyBwOGlfRWiR2XZ25m0TcNY9t9Gsl CnFgIx56ZVeNK5r6wADabG6jcWIDFwW3N5pny3bIWdMgsGVbwkqGHxIWyjT9JJWCX/R5 xiwbZsGKeSad/ggts6XR3LYU9mWAJlcR3CnxbY5xAHLL/BoqUaUNL1dlOd8ivw1qhBZA TJL0Av6JMxxqXSlGOrNvgqTD8MJ/C2ZgjD9yyutA+G5+A0ham2PvH+3mxUyTb9ayBiP+ guMw== X-Forwarded-Encrypted: i=1; AJvYcCV77/MHVcLUy6SY4YqeS3bsxbH/HKh4bMMKWMFnad/7UenbTNNatuyHvuqy7fXvIdx8rJlcZXsFyRgs8kI=@vger.kernel.org X-Gm-Message-State: AOJu0Ywh2WHKxEo+Ncqy2dbmFOe06AJebymwmzwbiqYV/+pPdSEYLp2U Uzel+j18qZNdDGwTpxDYjjNSVNvOt3o6SNpVmE8W608bbsMOy0pAJZct X-Gm-Gg: ATEYQzx6YMduk1B3d5GJQ1TqFEGrWgk1Kj524R8e5LiybnWkjT4x+iEGhbgf31/WZju zUjh71Ucs3c3zbqgirEQHFR9l8llHtu2CPI9Ia17tYoMuyP/XmNyeZnk0zSTndaxxKfSjJzEuFf KmARy05O0M0zEqbQVS7mMAGwz9bWmv9zkuScy8CX9JuNvCoH9mlp6oezXti27npQjbh7Yd4IIsL 1SnOZaeEte7N4i/5ag01fZ8bO3aM7Pdvy5Azz74s1zphM7UWsgxUMoScWdZ4BvBZbh0FOvPF0TQ PiR+ORp3hT1q68HeRmNjLwtLT43Knm5VHi9mbiRlsFSo1psXuVBBts9mRiV0ZeIqBH0AxHbIuU9 694Kfg6ZqV4f90XEatkY4LmKjs55XyrYBZLzk2v4L0Z13xwdb/75PDtjgnpm1nyfQ44y3F+QBDj Ua4Ufp8ypWYT+vOjyoP96+7uqPNRQiG39XENeiW65d2CbYPW0Ji60wE0Mgw9Uur7r9P3pKBYA= X-Received: by 2002:a05:6a20:5493:b0:398:981e:2e13 with SMTP id adf61e73a8af0-39f2f3aec2amr1890255637.62.1775197827036; Thu, 02 Apr 2026 23:30:27 -0700 (PDT) Received: from kernel-fuzz.. ([103.172.182.26]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-82cf9c41b8dsm4572258b3a.34.2026.04.02.23.30.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 Apr 2026 23:30:26 -0700 (PDT) From: ZhengYuan Huang To: mark@fasheh.com, jlbec@evilplan.org, joseph.qi@linux.alibaba.com Cc: ocfs2-devel@lists.linux.dev, linux-kernel@vger.kernel.org, baijiaju1990@gmail.com, r33s3n6@gmail.com, zzzccc427@gmail.com, ZhengYuan Huang Subject: [PATCH 0/3] ocfs2: stop BUG_ON crashes in suballoc invalid-dinode paths Date: Fri, 3 Apr 2026 14:30:13 +0800 Message-ID: <20260403063016.438287-1-gality369@gmail.com> X-Mailer: git-send-email 2.43.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit commit 10995aa2451a ("ocfs2: Morph the haphazard OCFS2_IS_VALID_DINODE() checks.") converted several OCFS2 dinode corruption checks from graceful error handling to BUG_ON() under the assumption that every caller only sees validated inode buffers. That assumption does not always hold for JBD-managed buffers. The common inode read path can still hand suballoc code an invalid dinode, which turns crafted filesystem corruption into a kernel panic instead of a normal OCFS2 filesystem error. This series restores graceful corruption handling at the three independently reachable BUG_ON() sites in fs/ocfs2/suballoc.c: 1. reserve_suballoc_bits() 2. claim_suballoc_bits() 3. _ocfs2_free_suballoc_bits() The series is split per crash site so each patch fixes one bug. A broader follow-up could harden structural validation for JBD-managed inode reads, but that change touches a much wider read-side contract and is kept out of scope here. ZhengYuan Huang (3): ocfs2: handle invalid dinode in reserve_suballoc_bits ocfs2: handle invalid dinode in claim_suballoc_bits ocfs2: handle invalid dinode in _ocfs2_free_suballoc_bits fs/ocfs2/suballoc.c | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) -- 2.43.0