syzbot

 sign-in | mailing list | source | docs
🐞 Open [1438]
Subsystems
🐞 Fixed [6961]
🐞 Invalid [18147]
Missing Backports [223]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

UBSAN: array-index-out-of-bounds in dbFindLeaf (2)

Status: upstream: reported C repro on 2026/01/08 13:00
Subsystems: jfs
[Documentation on labels]
Reported-by: syzbot+1afe7ef2d0062e19eeb3@syzkaller.appspotmail.com
First crash: 58d, last: 43d
✨ AI Jobs (21)
ID Workflow Result Correct Bug Created Started Finished Revision Error
d257e2ea-480e-4e6e-b02e-9f43f9295a3b patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/31 21:11 2026/01/31 21:34 2026/01/31 21:41 2186dcabcd743737b50c1a9f99a8bf0d3a5a7914
2bee216b-f90f-4957-853d-bc117b4ad458 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/30 13:36 2026/01/30 14:16 2026/01/30 14:35 22003bbfe9ef57dd80e3be819bf8a74d76dce00c
b58a2295-96f3-4940-b1e8-e3d4554e0aba patching-summary UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/30 08:58 2026/01/30 09:33 2026/01/30 09:47 dbc14c8a222367ef2c38ba59b4154affd01da7ca
28e004ed-405e-4f21-b916-632667051a9f patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 17:34 2026/01/29 17:34 2026/01/29 18:23 9f91b6e4a37d1ff41db8959be87cce846b2b5b47
5ab69b65-5268-439b-a045-7da85c96f7f1 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 16:42 2026/01/29 16:42 2026/01/29 16:43 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
d2f57db3-a09a-4560-986a-e0362e1c9871 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 16:18 2026/01/29 16:18 2026/01/29 16:19 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
0b527a43-da6d-4bd2-82a3-dac9113ca8de patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 14:13 2026/01/29 14:13 2026/01/29 14:14 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
d012ca7d-ec57-40a6-bbcf-1219dfac042f patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 13:54 2026/01/29 14:01 2026/01/29 14:02 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
ba9b4a31-39d4-4863-b946-ff900cb2e4ae patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 13:20 2026/01/29 13:20 2026/01/29 13:21 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
ffc11688-1af5-4600-b975-9a95c94ed292 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 13:07 2026/01/29 13:07 2026/01/29 13:08 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
f1ce24ee-0c24-422c-8aa9-4550517887b6 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 13:04 2026/01/29 13:04 2026/01/29 13:05 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
3889a052-6853-48a7-afbc-e56c4b2ce9f5 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 12:57 2026/01/29 12:57 2026/01/29 12:58 b83e8d3ff1f5aa55010b79bf8131a2d751c4d99f
9b49daa0-5417-4e39-a73a-a56304202eae patching 🏃 UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 12:53 2026/01/29 12:53 43da03a7d1feb2dae5ad081533d0da6e2f243e02
475aa07e-bbc0-4b23-bb23-837102be9010 patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 12:40 2026/01/29 12:40 2026/01/29 12:51 c7b6e6f2a4e17ec7dd02f3880dbe7e796478fe79
5f5cb3a3-f600-4ab4-a5c3-15ced4a2f00b patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/29 12:20 2026/01/29 12:20 2026/01/29 12:31 b3e94eff9eafb6031d5437e13a8b847007ed06ea
9494d58f-04af-44f3-88b6-e6c252beee5d patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/28 17:25 2026/01/28 17:37 2026/01/28 17:48 8b9a9d26e29b1ad3f31314a827f60be8df01c223
fe0b13cb-a03d-4561-829c-e2d8ab803edb patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/28 17:25 2026/01/28 17:25 2026/01/28 17:37 8b9a9d26e29b1ad3f31314a827f60be8df01c223
bdfc643c-0d71-4fc0-8121-4abd21e6d6e4 patching 💥 UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/28 16:41 2026/01/28 16:49 2026/01/28 17:19 a08653648cb20d53243a48003b4a855e5b28656a failed to start /usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af [/usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af scripts/get_maintainer.pl --git-min-percent=15]: fork/exec /usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af: permission denied
7a3b0fc9-7063-48d7-8dad-5cb0446a54a6 patching 🏃 UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/28 16:29 2026/01/28 16:29 ae74ca810e6b2a98cf1292107ced07aab6307ada
3da3a4fb-32f9-4ea8-ba9d-1d8c5f5aef9c patching UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/27 17:16 2026/01/27 18:44 2026/01/27 19:11 da890efba9d15e3c574115a52395cfc49efc6088
5f1165a4-0633-4b4f-a04b-59b372ec9a71 patching 💥 UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 2026/01/27 17:07 2026/01/27 17:07 2026/01/27 17:07 713ecf465174e78b04fda76792222f611e1acbc0 make failed: failed to run ["make" "KERNELVERSION=syzkaller" "KERNELRELEASE=syzkaller" "LOCALVERSION=-syzkaller" "-j" "128" "ARCH=x86_64" "CC=ccache clang" "LD=ld.lld" "O=/usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/build/53ac19c90e186abedbf71cada4c0776d55521b7f" "-s" "bzImage" "compile_commands.json"]: exit status 2 *** *** The source tree is not clean, please run 'make ARCH=x86_64 mrproper' *** in /usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af *** make[3]: *** [/usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af/Makefile:685: outputmakefile] Error 1 /usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af/Makefile:839: include/config/auto.conf.cmd: No such file or directory make[2]: *** [/usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af/Makefile:862: include/config/auto.conf] Error 2 make[1]: *** [/usr/local/google/home/dvyukov/syzkaller/agent/workdir/cache/src/5452af61ab2e1f5601403fe379188fc9d8a831af/Makefile:248: __sub-make] Error 2 make: *** [Makefile:248: __sub-make] Error 2
Cause bisection: failed (error log, bisect log)
  
Fix bisection: failed (error log, bisect log)
  
Discussions (3)
Title Replies (including bot) Last reply
[PATCH] jfs: fix array-index-out-of-bounds in dbFindLeaf 3 (3) 2026/03/02 17:50
[PATCH] jfs: fix oob in dbFindLeaf 1 (1) 2026/01/08 14:45
[syzbot] [jfs?] UBSAN: array-index-out-of-bounds in dbFindLeaf (2) 0 (1) 2026/01/08 13:00
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream UBSAN: array-index-out-of-bounds in dbFindLeaf jfs 15 C error 6 905d 1219d 25/29 fixed on 2023/12/21 03:45
linux-6.1 UBSAN: array-index-out-of-bounds in dbFindLeaf 15 1 979d 979d 0/3 auto-obsoleted due to no activity on 2023/10/08 15:35
Last patch testing requests (4)
Created Duration User Patch Repo Result
2026/01/21 10:19 14m retest repro upstream report log
2026/01/21 10:19 16m retest repro upstream report log
2026/01/21 10:19 20m retest repro upstream report log
2026/01/21 10:19 14m retest repro upstream report log

Sample crash report:
------------[ cut here ]------------
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2976:16
index 1365 is out of range for type 's8[1365]' (aka 'signed char[1365]')
CPU: 1 UID: 0 PID: 6059 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
 ubsan_epilogue+0xa/0x40 lib/ubsan.c:233
 __ubsan_handle_out_of_bounds+0xe9/0xf0 lib/ubsan.c:455
 dbFindLeaf+0x308/0x520 fs/jfs/jfs_dmap.c:2976
 dbFindCtl+0x267/0x520 fs/jfs/jfs_dmap.c:1717
 dbAllocAny fs/jfs/jfs_dmap.c:1527 [inline]
 dbAlloc+0x5fa/0xba0 fs/jfs/jfs_dmap.c:878
 diNewIAG fs/jfs/jfs_imap.c:2510 [inline]
 diAllocExt fs/jfs/jfs_imap.c:1905 [inline]
 diAllocAG+0xd45/0x1df0 fs/jfs/jfs_imap.c:1669
 diAlloc+0x1d4/0x1670 fs/jfs/jfs_imap.c:1590
 ialloc+0x8c/0x8f0 fs/jfs/jfs_inode.c:56
 jfs_mkdir+0x193/0xa70 fs/jfs/namei.c:225
 vfs_mkdir+0x52d/0x5d0 fs/namei.c:5130
 do_mkdirat+0x27a/0x4b0 fs/namei.c:5164
 __do_sys_mkdirat fs/namei.c:5186 [inline]
 __se_sys_mkdirat fs/namei.c:5184 [inline]
 __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:5184
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7efe6c5ade97
Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007efe6bbf4e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
RAX: ffffffffffffffda RBX: 00007efe6bbf4ef0 RCX: 00007efe6c5ade97
RDX: 00000000000001ff RSI: 00002000000002c0 RDI: 00000000ffffff9c
RBP: 0000200000000200 R08: 00002000000000c0 R09: 0000000000000000
R10: 0000200000000200 R11: 0000000000000246 R12: 00002000000002c0
R13: 00007efe6bbf4eb0 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
---[ end trace ]---

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/01/07 01:47 upstream f0b9d8eb98df d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbFindLeaf
2026/01/07 00:45 upstream f0b9d8eb98df d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbFindLeaf
2026/01/06 23:43 upstream f0b9d8eb98df d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbFindLeaf
2026/01/06 22:59 upstream f0b9d8eb98df d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbFindLeaf
2026/01/06 22:04 upstream f0b9d8eb98df d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbFindLeaf
* Struck through repros no longer work on HEAD.