UBSAN: array-index-out-of-bounds in find_lock

Date	Name	Commit	Repro	Result
2023/10/03	linux-6.1.y (ToT)	d23900f974e0	C	[report] UBSAN: array-index-out-of-bounds in truncate_inode_pages_final
2023/05/19	upstream (ToT)	2d1bcbc6cd70	C	[report] UBSAN: array-index-out-of-bounds in find_lock_entries
2023/10/03	upstream (ToT)	ce36c8b14987	C	Didn't crash

Date

Name

Commit

Repro

Result

2023/10/03

linux-6.1.y (ToT)

d23900f974e0

[report] UBSAN: array-index-out-of-bounds in truncate_inode_pages_final

2023/05/19

upstream (ToT)

2d1bcbc6cd70

[report] UBSAN: array-index-out-of-bounds in find_lock_entries

2023/10/03

upstream (ToT)

ce36c8b14987

Didn't crash

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	KASAN: vmalloc-out-of-bounds Write in find_lock_entries ntfs3	C	done	unreliable	61	321d	670d	0/27	auto-obsoleted due to no activity on 2024/01/23 23:53

upstream

KASAN: vmalloc-out-of-bounds Write in find_lock_entries ntfs3

done

unreliable

321d

670d

0/27

auto-obsoleted due to no activity on 2024/01/23 23:53


Created	Duration	User	Repo	Result
2023/10/29 03:02	2h22m	fix candidate	upstream	job log (0)
2023/10/15 13:45	2h35m	bisect fix	linux-6.1.y	job log (0) log
2023/09/07 11:21	2h31m	bisect fix	linux-6.1.y	job log (0) log
2023/06/26 17:16	1h26m	bisect fix	linux-6.1.y	job log (0) log
2023/05/25 12:15	1h08m	bisect fix	linux-6.1.y	job log (0) log
2023/04/08 01:13	1h14m	bisect fix	linux-6.1.y	job log (0) log

================================================================================ UBSAN: array-index-out-of-bounds in ./include/linux/pagevec.h:129:2 index 255 is out of range for type 'struct folio *[15]' CPU: 1 PID: 4603 Comm: syz-executor317 Not tainted 6.1.15-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 Call trace: dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106 dump_stack+0x1c/0x58 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:151 [inline] __ubsan_handle_out_of_bounds+0xfc/0x148 lib/ubsan.c:282 folio_batch_add include/linux/pagevec.h:129 [inline] find_lock_entries+0x704/0xae8 mm/filemap.c:2110 truncate_inode_pages_range+0x198/0x13b0 mm/truncate.c:364 truncate_inode_pages mm/truncate.c:452 [inline] truncate_inode_pages_final+0x90/0xc0 mm/truncate.c:487 ntfs_evict_inode+0x24/0xc8 fs/ntfs3/inode.c:1754 evict+0x260/0x68c fs/inode.c:664 iput_final fs/inode.c:1747 [inline] iput+0x968/0xa4c fs/inode.c:1773 ntfs_fill_super+0x32d8/0x3a04 fs/ntfs3/super.c:1190 get_tree_bdev+0x360/0x54c fs/super.c:1324 ntfs_fs_get_tree+0x28/0x38 fs/ntfs3/super.c:1359 vfs_get_tree+0x90/0x274 fs/super.c:1531 do_new_mount+0x25c/0x8c8 fs/namespace.c:3040 path_mount+0x590/0xe58 fs/namespace.c:3370 do_mount fs/namespace.c:3383 [inline] __do_sys_mount fs/namespace.c:3591 [inline] __se_sys_mount fs/namespace.c:3568 [inline] __arm64_sys_mount+0x45c/0x594 fs/namespace.c:3568 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581 ================================================================================

Crashes (2):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2023/03/09 01:13	linux-6.1.y	42616e0f09fb	4fc6d98d	.config	console log	report	syz	C		[disk image] [vmlinux] [kernel image] [mounted in repro]	ci2-linux-6-1-kasan-arm64	UBSAN: array-index-out-of-bounds in find_lock_entries
2023/04/22 20:40	linux-6.1.y	f17b0ab65d17	2b32bd34	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-1-kasan-arm64	UBSAN: array-index-out-of-bounds in find_lock_entries

Crashes (2):

Assets (help?)