[Kernel-packages] [Bug 1994079]
The behavior for 32 bit is not what I expected, offset: 4294967295 (0x), fallocate returned: 0 allocating at the boundary is OK, where as at 0xfbff it fails. I'd expect at the boundary for it to fail too. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in Linux: Confirmed Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079]
Hey Colin, This looks to be intentional? Afaict, the -EFBIG might ceome directly from vfs_fallocate(): /* Check for wrap through zero too */ if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) return -EFBIG; and you should see the same behavior for 64bit if you pass in -1 as offset: brauner@wittgenstein|~/Downloads > sudo ./fallocate got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 18446744073709551615 (0x), fallocate returned: -1 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in Linux: Confirmed Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079]
Tested and fails on m68k with ext4 and btrfs; occurs across arches and across file systems. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in Linux: Confirmed Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079]
Tested and fails also on m68k Linux 4.16 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in Linux: Confirmed Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079] Re: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal
Launchpad has imported 1 comments from the remote bug at https://bugzilla.kernel.org/show_bug.cgi?id=216626. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. On 2022-10-25T16:46:18+00:00 colin.i.king wrote: Created attachment 303085 C source to reproduce the fallocate/SIGXFSZ issue This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Issue found on ext4, probably also on other file systems(?). Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 4.15 kernels through to linux 6.0 it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress- ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 and 6.0 kernels. attached is a simple reproducer Reply at: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1994079/comments/4 ** Changed in: linux Status: Unknown => Confirmed ** Changed in: linux Importance: Unknown => Medium -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in Linux: Confirmed Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079] Re: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal
** Bug watch added: Linux Kernel Bug Tracker #216626 https://bugzilla.kernel.org/show_bug.cgi?id=216626 ** Also affects: linux via https://bugzilla.kernel.org/show_bug.cgi?id=216626 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in Linux: Unknown Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079] Re: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal
occurs on 6.0 i386 kernels too ** Changed in: linux (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079] Missing required logs.
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window: apport-collect 1994079 and then change the status of the bug to 'Confirmed'. If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'. This change has been made by an automated script, maintained by the Ubuntu Kernel Team. ** Changed in: linux (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in linux package in Ubuntu: Incomplete Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1994079] [NEW] fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal
Public bug reported: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress- ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. ** Affects: linux (Ubuntu) Importance: High Status: New ** Attachment added: "fallocate/file size limit reproducer C source" https://bugs.launchpad.net/bugs/1994079/+attachment/5626526/+files/fallocate.c ** Changed in: linux (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1994079 Title: fallocate on 32 bit boundary on 32 bit systems with setrlimit fails to generate SIGXFSZ signal Status in linux package in Ubuntu: New Bug description: This is a corner case on 32 bit systems when using large file offsets, fallocate and setrlimit. Setting the RLIMIT_FSIZE with setrlimit to 0x and then fallocating 1 or more bytes at the offset of 0x should make the fallocate fail with EFBIG and generate a SIGXFSZ signal. On 64 bit platforms this works, on 32 bit platforms such as i386 Ubuntu bionic with 4.15 kernels it fails to generate EFBIG errors and SIGXFSZ. Attached is a test program to illustrate the problem. It sets the file size limit and allocates 1024 bytes at the boundary file size limit for 3 offsets: On 64 bit systems we get the expected results: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 got signal SIGXFSZ offset: 4294967295 (0x), fallocate returned: -1 On 32 bit systems the code fails on the 0x offset: got signal SIGXFSZ offset: 65536 (0x1), fallocate returned: -1 got signal SIGXFSZ offset: 4294966271 (0xfbff), fallocate returned: -1 offset: 4294967295 (0x), fallocate returned: 0 Attached is the reproducer. I found this while developing a file limit boundary test case in stress-ng and discovered it breaks on all 32 bit kernels (armhf, i386, etc), even with recent 5.15 kernels. This could be seen as a security issue; the sysadmin can set the file size limit and yet a 32 bit system can use a corner case like this to fallocate a much larger file by using the 0x offset and a huge fallocate size. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1994079/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp