syzbot

 sign-in | mailing list | source | docs
🐞 Open [711]
🐞 Fixed [58]
🐞 Invalid [600]
Missing Backports [56]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

UBSAN: shift-out-of-bounds in parse_options

Status: upstream: reported C repro on 2023/11/19 20:08
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+de6af439f087e7e7b142@syzkaller.appspotmail.com
First crash: 370d, last: 2d18h
Bug presence (2)
Date Name Commit Repro Result
2023/11/19 linux-5.15.y (ToT) 80529b4968a8 C [report] UBSAN: shift-out-of-bounds in parse_options
2023/11/19 upstream (ToT) 037266a5f723 C Didn't crash
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-15 UBSAN: shift-out-of-bounds in parse_options ext4 origin:lts C error 102 59m 686d 0/2 upstream: reported C repro on 2023/01/08 05:56
linux-6.1 UBSAN: shift-out-of-bounds in parse_options origin:lts-only C error 18 11d 102d 0/3 upstream: reported C repro on 2024/08/13 23:52
android-6-1 UBSAN: shift-out-of-bounds in parse_options origin:lts C 38 4d10h 99d 0/2 upstream: reported C repro on 2024/08/17 08:59
Fix bisection attempts (3)
Created Duration User Patch Repo Result
2024/02/27 12:08 6h19m fix candidate upstream OK (1) job log
2024/01/22 16:01 12h12m fix candidate upstream error job log
2023/12/14 01:21 12h00m fix candidate upstream error job log

Sample crash report:
loop0: detected capacity change from 0 to 512
EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
Contact linux-ext4@vger.kernel.org if you think we should keep it.
================================================================================
UBSAN: shift-out-of-bounds in fs/ext4/super.c:2494:15
shift exponent 1919383155 is too large for 32-bit type 'int'
CPU: 1 PID: 3698 Comm: syz-executor195 Not tainted 5.15.138-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 ubsan_epilogue lib/ubsan.c:151 [inline]
 __ubsan_handle_shift_out_of_bounds+0x3bf/0x420 lib/ubsan.c:321
 parse_options+0x324d/0x32b0 fs/ext4/super.c:2494
 ext4_fill_super+0x236e/0xa110 fs/ext4/super.c:4168
 mount_bdev+0x2c9/0x3f0 fs/super.c:1387
 legacy_get_tree+0xeb/0x180 fs/fs_context.c:611
 vfs_get_tree+0x88/0x270 fs/super.c:1517
 do_new_mount+0x28b/0xae0 fs/namespace.c:2994
 do_mount fs/namespace.c:3337 [inline]
 __do_sys_mount fs/namespace.c:3545 [inline]
 __se_sys_mount+0x2d5/0x3c0 fs/namespace.c:3522
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f48459ca0aa
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f4845985088 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f48459ca0aa
RDX: 0000000020000040 RSI: 0000000020000500 RDI: 00007f48459850a0
RBP: 00007f48459850a0 R08: 00007f48459850e0 R09: 00007f48459850e0
R10: 0000000000004500 R11: 0000000000000206 R12: 00007f48459850e0
R13: 0000000000004500 R14: 0000000000000003 R15: 0000000000040000
 </TASK>
================================================================================

Crashes (81):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/19 20:07 linux-5.15.y 80529b4968a8 cb976f63 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/21 07:21 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/07/13 03:16 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/13 05:14 linux-5.15.y 3c17fc483905 62026c85 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/11/11 00:52 linux-5.15.y 3c17fc483905 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/21 10:47 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/14 03:24 linux-5.15.y 3a5928702e71 084d8178 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/07 12:07 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/07 03:09 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/07 00:59 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/06 22:55 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/06 21:28 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/10/04 22:55 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/28 02:12 linux-5.15.y 3a5928702e71 440b26ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/27 04:55 linux-5.15.y 3a5928702e71 9314348a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/26 06:16 linux-5.15.y 3a5928702e71 0d19f247 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/22 15:24 linux-5.15.y 3a5928702e71 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/14 06:07 linux-5.15.y 3a5928702e71 b58f933c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/14 06:04 linux-5.15.y 3a5928702e71 b58f933c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/09/14 06:04 linux-5.15.y 3a5928702e71 b58f933c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/08/19 00:54 linux-5.15.y 7e89efd3ae1c dbc93b08 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/08/18 14:59 linux-5.15.y 7e89efd3ae1c dbc93b08 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/07/08 11:51 linux-5.15.y f45bea23c39c 2a40360c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan UBSAN: shift-out-of-bounds in parse_options
2024/11/21 19:14 linux-5.15.y 0a51d2d4527b 4b25d554 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/19 12:50 linux-5.15.y 0a51d2d4527b 571351cb .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/12 18:15 linux-5.15.y 3c17fc483905 75bb1b32 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/11 02:33 linux-5.15.y 3c17fc483905 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/10 23:21 linux-5.15.y 3c17fc483905 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/09 14:03 linux-5.15.y 3c17fc483905 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/11/09 10:16 linux-5.15.y 3c17fc483905 6b856513 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/28 04:49 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/27 12:53 linux-5.15.y 74cdd62cb470 65e8686b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/21 07:07 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/19 17:38 linux-5.15.y 584a40a22cb9 cd6fc0a3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/07 09:53 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/07 05:50 linux-5.15.y 3a5928702e71 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/10/02 06:23 linux-5.15.y 3a5928702e71 ea2b66a6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/29 14:15 linux-5.15.y 3a5928702e71 ba29ff75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/27 01:21 linux-5.15.y 3a5928702e71 9314348a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/24 12:48 linux-5.15.y 3a5928702e71 89298aad .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/23 05:37 linux-5.15.y 3a5928702e71 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/22 23:47 linux-5.15.y 3a5928702e71 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/20 19:09 linux-5.15.y 3a5928702e71 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/19 08:10 linux-5.15.y 3a5928702e71 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/19 02:02 linux-5.15.y 3a5928702e71 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/18 18:57 linux-5.15.y 3a5928702e71 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/15 08:57 linux-5.15.y 3a5928702e71 08d8a733 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/13 23:18 linux-5.15.y 3a5928702e71 b58f933c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/13 23:18 linux-5.15.y 3a5928702e71 b58f933c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/09/01 05:23 linux-5.15.y fa93fa65db6e 1eda0d14 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/08/31 21:25 linux-5.15.y fa93fa65db6e 1eda0d14 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/08/26 00:15 linux-5.15.y fa93fa65db6e d7d32352 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/08/25 06:41 linux-5.15.y fa93fa65db6e d7d32352 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/08/18 03:45 linux-5.15.y 7e89efd3ae1c dbc93b08 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/08/18 03:45 linux-5.15.y 7e89efd3ae1c dbc93b08 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
2024/08/12 23:28 linux-5.15.y 7e89efd3ae1c 842184b3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 UBSAN: shift-out-of-bounds in parse_options
* Struck through repros no longer work on HEAD.