On Wed, 08 May 2024 17:22:51 +0000, Justin Stitt wrote:
> Running syzkaller with the newly reintroduced signed integer overflow
> sanitizer produces this report:
>
> [ 65.194362] ------------[ cut here ]------------
> [ 65.197752] UBSAN: signed-integer-overflow in
> ../drivers/scsi/sr_ioctl.c:436:9
> [ 65.203607] -2147483648 * 177 cannot be represented in type 'int'
> [ 65.207911] CPU: 2 PID: 10416 Comm: syz-executor.1 Not tainted
> 6.8.0-rc2-00035-gb3ef86b5a957 #1
> [ 65.213585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> 1.16.3-debian-1.16.3-2 04/01/2014
> [ 65.219923] Call Trace:
> [ 65.221556] <TASK>
> [ 65.223029] dump_stack_lvl+0x93/0xd0
> [ 65.225573] handle_overflow+0x171/0x1b0
> [ 65.228219] sr_select_speed+0xeb/0xf0
> [ 65.230786] ? __pm_runtime_resume+0xe6/0x130
> [ 65.233606] sr_block_ioctl+0x15d/0x1d0
> ...
>
> [...]
Applied to 6.10/scsi-queue, thanks!
[1/1] scsi: sr: fix unintentional arithmetic wraparound
https://git.kernel.org/mkp/scsi/c/9fad9d560af5
--
Martin K. Petersen Oracle Linux Engineering
