syzbot

 sign-in | mailing list | source | docs
🐞 Open [969] Subsystems 🐞 Fixed [4558] 🐞 Invalid [10510] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

UBSAN: shift-out-of-bounds in dbJoin

Status: upstream: reported C repro on 2022/10/10 07:16
Labels: jfs (incorrect?)
Reported-by: syzbot+411debe54d318eaed386@syzkaller.appspotmail.com
First crash: 236d, last: 7d11h

Cause bisection: failed (error log, bisect log)
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] UBSAN: shift-out-of-bounds in dbJoin 0 (1) 2022/10/10 07:16
Fix bisection attempts (5)
Created Duration User Patch Repo Result
2023/05/26 04:45 20m bisect fix upstream job log (0) log
2023/04/25 21:57 32m bisect fix upstream job log (0) log
2023/03/26 19:30 2h01m bisect fix upstream job log (0) log
2023/02/24 08:31 21m bisect fix upstream job log (0) log
2023/01/25 07:54 37m bisect fix upstream job log (0) log

Sample crash report:
================================================================================
UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:2760:11
shift exponent 78 is too large for 32-bit type 'int'
CPU: 1 PID: 119 Comm: jfsCommit Not tainted 6.0.0-syzkaller-09589-g55be6084c8e0 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 ubsan_epilogue+0xb/0x50 lib/ubsan.c:151
 __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x187 lib/ubsan.c:322
 dbJoin.cold+0x19/0x1e fs/jfs/jfs_dmap.c:2760
 dbAdjCtl+0x703/0x900 fs/jfs/jfs_dmap.c:2500
 dbFreeDmap+0xd3/0x1a0 fs/jfs/jfs_dmap.c:2064
 dbFree+0x250/0x540 fs/jfs/jfs_dmap.c:379
 txFreeMap+0x70a/0xd70 fs/jfs/jfs_txnmgr.c:2510
 xtTruncate+0x1d2a/0x2720 fs/jfs/jfs_xtree.c:2467
 jfs_free_zero_link+0x33b/0x4a0 fs/jfs/namei.c:758
 jfs_evict_inode+0x40f/0x4a0 fs/jfs/inode.c:153
 evict+0x2ed/0x6b0 fs/inode.c:664
 iput_final fs/inode.c:1747 [inline]
 iput.part.0+0x55d/0x810 fs/inode.c:1773
 iput+0x58/0x70 fs/inode.c:1763
 txUpdateMap+0x97c/0xc50 fs/jfs/jfs_txnmgr.c:2362
 txLazyCommit fs/jfs/jfs_txnmgr.c:2659 [inline]
 jfs_lazycommit+0x5bb/0xaa0 fs/jfs/jfs_txnmgr.c:2727
 kthread+0x2e4/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
 </TASK>
================================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2022/10/15 13:34 upstream 55be6084c8e0 67cb024c .config strace log report syz C [disk image] [vmlinux] [mounted in repro] ci-upstream-kasan-gce-root UBSAN: shift-out-of-bounds in dbJoin
2022/10/08 19:46 upstream 62e6e5940c0c aea5da89 .config strace log report syz C [disk image] [vmlinux] [mounted in repro] ci2-upstream-fs UBSAN: shift-out-of-bounds in dbJoin
2022/11/12 21:27 linux-next f8f60f322f06 3ead01ad .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root UBSAN: shift-out-of-bounds in dbJoin
* Struck through repros no longer work on HEAD.