syzbot

 sign-in | mailing list | source | docs
🐞 Open [1217]
Subsystems
🐞 Fixed [5619]
🐞 Invalid [13498]
Missing Backports [100]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

UBSAN: array-index-out-of-bounds in dbNextAG (2)

Status: upstream: reported C repro on 2024/07/11 08:55
Subsystems: jfs
[Documentation on labels]
Reported-by: syzbot+808f3f84407f08a93022@syzkaller.appspotmail.com
First crash: 62d, last: 1h58m
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: INFO: trying to register non-static key in diAlloc (log)
Repro: C syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [jfs?] UBSAN: array-index-out-of-bounds in dbNextAG (2) 0 (1) 2024/07/11 08:55
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 UBSAN: array-index-out-of-bounds in dbNextAG origin:upstream C 3 19d 62d 0/3 upstream: reported C repro on 2024/07/07 08:50
linux-5.15 UBSAN: array-index-out-of-bounds in dbNextAG origin:upstream C 4 13d 62d 0/3 upstream: reported C repro on 2024/07/07 08:53
upstream UBSAN: array-index-out-of-bounds in dbNextAG jfs C inconclusive inconclusive 52 284d 712d 25/27 fixed on 2023/12/21 01:43
linux-4.19 KASAN: use-after-free Read in dbNextAG jfs C error 12 608d 713d 0/1 upstream: reported C repro on 2022/09/25 01:19
linux-4.14 KASAN: use-after-free Read in dbNextAG C 2 564d 713d 0/1 upstream: reported C repro on 2022/09/25 01:19
Last patch testing requests (5)
Created Duration User Patch Repo Result
2024/08/13 20:34 1h25m retest repro upstream report log
2024/08/13 20:34 12m retest repro upstream report log
2024/08/13 20:34 12m retest repro upstream report log
2024/08/13 20:34 16m retest repro upstream report log
2024/07/28 21:16 21m retest repro linux-next report log

Sample crash report:
loop0: detected capacity change from 0 to 32768
------------[ cut here ]------------
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:661:7
index 128 is out of range for type 's64[128]' (aka 'long long[128]')
CPU: 1 PID: 5079 Comm: syz-executor426 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
 ubsan_epilogue lib/ubsan.c:231 [inline]
 __ubsan_handle_out_of_bounds+0x121/0x150 lib/ubsan.c:429
 dbNextAG+0x3f3/0x630 fs/jfs/jfs_dmap.c:661
 diAlloc+0x6c6/0x1760 fs/jfs/jfs_imap.c:1369
 ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56
 jfs_create+0x1be/0xb90 fs/jfs/namei.c:92
 lookup_open fs/namei.c:3505 [inline]
 open_last_lookups fs/namei.c:3574 [inline]
 path_openat+0x1a84/0x35f0 fs/namei.c:3810
 do_filp_open+0x235/0x490 fs/namei.c:3840
 do_sys_openat2+0x13e/0x1d0 fs/open.c:1413
 do_sys_open fs/open.c:1428 [inline]
 __do_sys_openat fs/open.c:1444 [inline]
 __se_sys_openat fs/open.c:1439 [inline]
 __x64_sys_openat+0x247/0x2a0 fs/open.c:1439
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fedac5c8a99
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff507eed48 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fedac5c8a99
RDX: 000000000000275a RSI: 00000000200005c0 RDI: 00000000ffffff9c
RBP: 00007fedac6425f0 R08: 0000555572be14c0 R09: 0000555572be14c0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff507eed70
R13: 00007fff507eef98 R14: 431bde82d7b634db R15: 00007fedac61103b
 </TASK>
---[ end trace ]---

Crashes (30):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/14 21:13 upstream 4d145e3f830b eaeb5c15 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/08 11:26 upstream 256abd8e550c 2a40360c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/08 05:14 upstream 256abd8e550c 2a40360c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 09:28 upstream 22f902dfc51e 2a40360c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 09:29 linux-next 0b58e108042b bc4ebbb5 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/07 21:19 upstream d1f2d51b711a 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/07 16:26 upstream b31c44928842 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/07 08:51 upstream b31c44928842 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/06 18:26 upstream b831f83e40a2 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/06 18:26 upstream b831f83e40a2 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/04 07:49 upstream 88fac17500f4 9d47f20a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/03 15:05 upstream 67784a74e258 326f9c5a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/09/01 07:16 upstream e8784b0aef62 1eda0d14 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/31 19:47 upstream 1934261d8974 1eda0d14 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/30 20:31 upstream 20371ba12063 1eda0d14 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/27 12:16 upstream 3e9bff3bbe13 9aee4e0b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/27 10:34 upstream 3e9bff3bbe13 9aee4e0b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/27 10:01 upstream 3e9bff3bbe13 9aee4e0b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/27 03:20 upstream 5be63fc19fca 9aee4e0b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/27 02:19 upstream 5be63fc19fca 9aee4e0b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/26 03:01 upstream 5be63fc19fca d7d32352 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/23 17:34 upstream 3d5f968a177d d7d32352 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/08/23 08:11 upstream aa0743a22936 ce8a9099 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/30 18:35 upstream 94ede2a3e913 6fde257d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 08:53 upstream 22f902dfc51e 2a40360c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 08:52 upstream 22f902dfc51e 2a40360c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 08:46 upstream 22f902dfc51e bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 08:46 upstream 22f902dfc51e bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 08:54 linux-next 0b58e108042b bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root UBSAN: array-index-out-of-bounds in dbNextAG
2024/07/07 08:54 linux-next 0b58e108042b bc4ebbb5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root UBSAN: array-index-out-of-bounds in dbNextAG
* Struck through repros no longer work on HEAD.