syzbot

 sign-in | mailing list | source | docs
🐞 Open [1428]
Subsystems
🐞 Fixed [5832]
🐞 Invalid [14241]
Missing Backports [92]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

UBSAN: shift-out-of-bounds in exfat_fill_super (2)

Status: auto-obsoleted due to no activity on 2024/02/22 05:01
Subsystems: exfat
[Documentation on labels]
Reported-by: syzbot+d33808a177641a02213e@syzkaller.appspotmail.com
First crash: 374d, last: 374d
Discussions (3)
Title Replies (including bot) Last reply
[PATCH] Tried making changes 2 (2) 2023/12/02 19:01
[syzbot] Monthly exfat report (Nov 2023) 2 (3) 2023/11/29 15:48
[syzbot] [exfat?] UBSAN: shift-out-of-bounds in exfat_fill_super (2) 0 (1) 2023/11/18 05:11
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream UBSAN: shift-out-of-bounds in exfat_fill_super exfat C error 3 1380d 1397d 20/28 fixed on 2021/04/09 19:46

Sample crash report:
UBSAN: shift-out-of-bounds in fs/exfat/super.c:503:32
shift exponent 97 is too large for 64-bit type 'long long unsigned int'
CPU: 1 PID: 11990 Comm: syz-executor.2 Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x125/0x1b0 lib/dump_stack.c:106
 ubsan_epilogue lib/ubsan.c:217 [inline]
 __ubsan_handle_shift_out_of_bounds+0x2a6/0x480 lib/ubsan.c:387
 exfat_read_boot_sector fs/exfat/super.c:503 [inline]
 __exfat_fill_super fs/exfat/super.c:582 [inline]
 exfat_fill_super.cold+0x119/0x12a fs/exfat/super.c:646
 get_tree_bdev+0x3b5/0x650 fs/super.c:1598
 vfs_get_tree+0x8c/0x370 fs/super.c:1771
 do_new_mount fs/namespace.c:3337 [inline]
 path_mount+0x1492/0x1ed0 fs/namespace.c:3664
 do_mount fs/namespace.c:3677 [inline]
 __do_sys_mount fs/namespace.c:3886 [inline]
 __se_sys_mount fs/namespace.c:3863 [inline]
 __x64_sys_mount+0x293/0x310 fs/namespace.c:3863
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f057367e1ea
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f05743c0ee8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007f05743c0f80 RCX: 00007f057367e1ea
RDX: 00000000200001c0 RSI: 0000000020000a00 RDI: 00007f05743c0f40
RBP: 00000000200001c0 R08: 00007f05743c0f80 R09: 0000000000000004
R10: 0000000000000004 R11: 0000000000000202 R12: 0000000020000a00
R13: 00007f05743c0f40 R14: 00000000000014e6 R15: 0000000020000240
 </TASK>
================================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/14 05:00 upstream 9bacdd8996c7 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root UBSAN: shift-out-of-bounds in exfat_fill_super
* Struck through repros no longer work on HEAD.