UBSAN: array-index-out-of-bounds in diFree

Title	Replies (including bot)	Last reply
[PATCH] jfs: Fix array-index-out-of-bounds in diFree	15 (15)	2024/04/26 03:41
[syzbot] [jfs?] UBSAN: array-index-out-of-bounds in diFree	5 (11)	2024/04/25 09:39

Title

Replies (including bot)

Last reply

[PATCH] jfs: Fix array-index-out-of-bounds in diFree

15 (15)

2024/04/26 03:41

[syzbot] [jfs?] UBSAN: array-index-out-of-bounds in diFree

5 (11)

2024/04/25 09:39

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	KASAN: use-after-free Read in diFree jfs	C	inconclusive	unreliable	110	125d	773d	0/26	auto-obsoleted due to no activity on 2024/03/22 04:27
linux-4.19	BUG: unable to handle kernel paging request in diFree	C		done	18	1021d	1312d	1/1	fixed on 2021/08/17 00:59
linux-4.14	general protection fault in diFree				1	1191d	1191d	0/1	auto-closed as invalid on 2021/05/28 19:31
linux-4.14	general protection fault in diFree (2)	C			2	431d	836d	0/1	upstream: reported C repro on 2022/01/18 19:31
linux-5.15	KASAN: use-after-free Read in diFree	C		error	5	319d	391d	0/3	auto-obsoleted due to no activity on 2023/10/07 20:25
upstream	BUG: unable to handle kernel paging request in diFree jfs	C	done		13	1042d	1313d	20/26	fixed on 2021/11/10 00:50
linux-4.19	KASAN: use-after-free Read in diFree jfs	C		error	21	460d	1298d	0/1	upstream: reported C repro on 2020/10/13 01:51
linux-4.14	BUG: unable to handle kernel paging request in diFree	C			5	438d	1318d	0/1	upstream: reported C repro on 2020/09/23 16:53
linux-6.1	KASAN: use-after-free Read in diFree origin:lts-only	C		done	7	218d	379d	3/3	fixed on 2023/10/30 11:46
linux-4.14	KASAN: use-after-free Read in diFree jfs	C		error	3	438d	1311d	0/1	upstream: reported C repro on 2020/09/30 00:31

Created	Duration	User	Patch	Repo	Result
2024/04/25 09:04	15m	aha310510@gmail.com	patch	git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master	report log
2024/04/25 08:56	11m	aha310510@gmail.com	patch	git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master	report log
2024/04/25 04:59	45m	aha310510@gmail.com	patch	git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master	report log
2024/04/25 03:16	39m	aha310510@gmail.com	patch	git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master	report log
2024/04/24 04:12	20m	aha310510@gmail.com	patch	git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master	OK log

Created

Duration

User

Patch

Repo

Result

2024/04/25 09:04

15m

aha310510@gmail.com

patch

git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master

report log

2024/04/25 08:56

11m

aha310510@gmail.com

patch

git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master

report log

2024/04/25 04:59

45m

aha310510@gmail.com

patch

git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master

report log

2024/04/25 03:16

39m

aha310510@gmail.com

patch

git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master

report log

2024/04/24 04:12

20m

aha310510@gmail.com

patch

git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master

OK log

------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:886:2 index 524288 is out of range for type 'struct mutex[128]' CPU: 1 PID: 111 Comm: jfsCommit Not tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0x121/0x150 lib/ubsan.c:415 diFree+0x21c3/0x2fb0 fs/jfs/jfs_imap.c:886 jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156 evict+0x2a8/0x630 fs/inode.c:667 txUpdateMap+0x829/0x9f0 fs/jfs/jfs_txnmgr.c:2367 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline] jfs_lazycommit+0x49a/0xb80 fs/jfs/jfs_txnmgr.c:2733 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> ---[ end trace ]--- Kernel panic - not syncing: UBSAN: panic_on_warn set ... CPU: 1 PID: 111 Comm: jfsCommit Not tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 panic+0x349/0x860 kernel/panic.c:348 check_panic_on_warn+0x86/0xb0 kernel/panic.c:241 ubsan_epilogue lib/ubsan.c:222 [inline] __ubsan_handle_out_of_bounds+0x141/0x150 lib/ubsan.c:415 diFree+0x21c3/0x2fb0 fs/jfs/jfs_imap.c:886 jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156 evict+0x2a8/0x630 fs/inode.c:667 txUpdateMap+0x829/0x9f0 fs/jfs/jfs_txnmgr.c:2367 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline] jfs_lazycommit+0x49a/0xb80 fs/jfs/jfs_txnmgr.c:2733 kthread+0x2f0/0x390 kernel/kthread.c:388 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Kernel Offset: disabled Rebooting in 86400 seconds..

Crashes (29):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2024/04/19 23:22	upstream	3cdb45594619	af24b050	.config	strace log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/05/03 06:51	upstream	49a73b1652c5	ddfc15a1	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/05/02 22:08	upstream	49a73b1652c5	ddfc15a1	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/05/02 22:08	upstream	49a73b1652c5	ddfc15a1	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/05/02 22:08	upstream	49a73b1652c5	ddfc15a1	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/05/02 20:24	upstream	49a73b1652c5	3ba885bc	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/05/01 11:47	upstream	18daea77cca6	3ba885bc	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/28 01:08	upstream	5d12ed4bea43	07b455f9	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/28 01:08	upstream	5d12ed4bea43	07b455f9	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/26 05:57	upstream	e33c4963bf53	8bdc0f22	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-selinux-root	UBSAN: array-index-out-of-bounds in diFree
2024/04/25 02:50	upstream	e88c4cfcb7b8	8bdc0f22	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/25 02:17	upstream	e88c4cfcb7b8	8bdc0f22	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/24 20:48	upstream	e88c4cfcb7b8	8bdc0f22	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/24 12:55	upstream	9d1ddab261f3	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/24 04:30	upstream	9d1ddab261f3	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:56	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:56	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:41	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:41	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:40	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:39	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/23 17:38	upstream	71b1543c83d6	21339d7b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/20 21:50	upstream	977b1ef51866	af24b050	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/20 21:50	upstream	977b1ef51866	af24b050	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/20 21:50	upstream	977b1ef51866	af24b050	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/20 21:50	upstream	977b1ef51866	af24b050	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/19 22:19	upstream	3cdb45594619	af24b050	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/19 22:18	upstream	3cdb45594619	af24b050	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-upstream-fs	UBSAN: array-index-out-of-bounds in diFree
2024/04/28 03:08	git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci	6a71d2909427	07b455f9	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-arm64	UBSAN: array-index-out-of-bounds in diFree

Crashes (29):

Assets (help?)

2024/04/19 23:22

upstream