[RFC] ubsan: signed integer overflow in scsi_partsize
A Gentoo user reported a USBAN signed integer overflow in scsicam.c Shall we change something? kernel: UBSAN: Undefined behaviour in drivers/scsi/scsicam.c:173:29 kernel: signed integer overflow: kernel: 62015235 * 63 cannot be represented in type 'int' kernel: CPU: 0 PID: 14131 Comm: fdisk Tainted: P O 4.9.25-gentoo #4 ... kernel: d6629cec d1f444f2 0007 d6629d1c 003f d6629cfc d1fc8ffe d6629cfc kernel: d3037320 d6629d80 d1fc934b d28b15c0 d6629d20 002a d6629d48 d3037320 kernel: 002a 3202 31303236 35333235 ecd1f900 ecd1f9a8 d6629d5c d189d121 kernel: Call Trace: kernel: [] dump_stack+0x59/0x87 kernel: [] ubsan_epilogue+0xe/0x40 kernel: [] handle_overflow+0xbb/0xf0 kernel: [] ? do_read_cache_page+0x71/0x570 kernel: [] ? blkdev_readpages+0x20/0x20 kernel: [] ? read_cache_page+0x26/0x50 kernel: [] __ubsan_handle_mul_overflow+0x12/0x20 kernel: [] scsi_partsize+0x217/0x2e0 kernel: [] scsicam_bios_param+0x46/0x380 kernel: [] sd_getgeo+0x174/0x2d0 kernel: [] blkdev_ioctl+0x251/0x12c0 kernel: [] block_ioctl+0x4c/0xb0 kernel: [] do_vfs_ioctl+0xc0/0xdf0 kernel: [] ? mntput+0x23/0x60 kernel: [] ? __fput+0x1e9/0x4e0 kernel: [] ? fput+0x8/0x10 kernel: [] ? task_work_run+0x60/0xd0 kernel: [] SyS_ioctl+0x2e/0x60 kernel: [] do_fast_syscall_32+0x11d/0x550 kernel: [] ? do_vfs_ioctl+0xdf0/0xdf0 kernel: [] sysenter_past_esp+0x47/0x75 kernel: Thanks, Alice signature.asc Description: PGP signature
Linux kernel 4.9.25: signed integer overflow in drivers/scsi/scsicam.c:173:29
Hello scsi maintainer, I would like to report a signed integer overflow in drivers/scsi/scsicam.c:173:29 reported on the Gentoo bug reporting system. https://bugs.gentoo.org/show_bug.cgi?id=617820 The problem looks present ,at least , in the Linux kernel 4.9.25 regards, Alice Ferrazzi Gentoo kernel project leader signature.asc Description: PGP signature