syzbot

 sign-in | mailing list | source | docs
🐞 Open [1659]
Subsystems
🐞 Fixed [5984]
🐞 Invalid [14727]
Missing Backports [131]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

UBSAN: shift-out-of-bounds in __rht_bucket_nested (2)

Status: closed as invalid on 2024/12/17 17:57
Subsystems: net
[Documentation on labels]
First crash: 65d, last: 65d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream UBSAN: shift-out-of-bounds in __rht_bucket_nested net 1 258d 258d 0/28 closed as invalid on 2024/06/04 18:05

Sample crash report:
------------[ cut here ]------------
UBSAN: shift-out-of-bounds in lib/rhashtable.c:1189:32
shift exponent 4294936704 is too large for 32-bit type 'unsigned int'
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120
 ubsan_epilogue lib/ubsan.c:231 [inline]
 __ubsan_handle_shift_out_of_bounds+0x2a5/0x480 lib/ubsan.c:468
 __rht_bucket_nested.cold+0xa6/0x14a lib/rhashtable.c:1189
 rht_bucket_nested+0x1a/0x40 lib/rhashtable.c:1220
 rht_bucket include/linux/rhashtable.h:289 [inline]
 __rhashtable_lookup.constprop.0+0x419/0x550 include/linux/rhashtable.h:605
 rhashtable_lookup include/linux/rhashtable.h:646 [inline]
 rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]
 ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]
 ila_xlat_addr net/ipv6/ila/ila_xlat.c:657 [inline]
 ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:190
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626
 nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269
 NF_HOOK include/linux/netfilter.h:312 [inline]
 ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309
 __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5670
 __netif_receive_skb+0x1d/0x160 net/core/dev.c:5783
 process_backlog+0x443/0x15f0 net/core/dev.c:6115
 __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6779
 napi_poll net/core/dev.c:6848 [inline]
 net_rx_action+0xa92/0x1010 net/core/dev.c:6970
 handle_softirqs+0x213/0x8f0 kernel/softirq.c:554
 run_ksoftirqd kernel/softirq.c:927 [inline]
 run_ksoftirqd+0x3a/0x60 kernel/softirq.c:919
 smpboot_thread_fn+0x661/0xa30 kernel/smpboot.c:164
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
---[ end trace ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/11/16 05:01 upstream f868cd251776 cfe3a04a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream UBSAN: shift-out-of-bounds in __rht_bucket_nested
* Struck through repros no longer work on HEAD.