syzbot


UBSAN: array-index-out-of-bounds in dbAllocBits

Status: auto-obsoleted due to no activity on 2024/03/07 21:48
Subsystems: jfs
[Documentation on labels]
Reported-by: syzbot+ae2f5a27a07ae44b0f17@syzkaller.appspotmail.com
First crash: 533d, last: 81d
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: general protection fault in dbAllocBits (log)
Repro: C syz .config
  
Fix bisection: failed (error log, bisect log)
  
Discussions (10)
Title Replies (including bot) Last reply
[syzbot] Monthly jfs report (Jan 2024) 0 (1) 2024/01/04 12:38
[syzbot] Monthly jfs report (Dec 2023) 0 (1) 2023/12/04 12:38
[syzbot] Monthly jfs report (Nov 2023) 0 (1) 2023/11/03 10:22
[PATCH AUTOSEL 5.15 20/23] fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev 1 (1) 2023/07/24 01:23
[PATCH AUTOSEL 6.1 38/41] fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev 1 (1) 2023/07/24 01:21
[PATCH AUTOSEL 6.4 55/58] fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev 1 (1) 2023/07/24 01:13
[PATCH] fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev 2 (2) 2023/06/22 15:59
[syzbot] Monthly jfs report (May 2023) 0 (1) 2023/05/30 08:18
[syzbot] Monthly jfs report (Apr 2023) 0 (1) 2023/04/27 10:36
[syzbot] UBSAN: array-index-out-of-bounds in dbAllocBits 0 (1) 2022/10/04 09:00
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 UBSAN: array-index-out-of-bounds in dbAllocBits origin:upstream C error 2 276d 304d 0/3 upstream: reported C repro on 2023/05/19 07:30
linux-6.1 UBSAN: array-index-out-of-bounds in dbAllocBits origin:upstream C 2 2d18h 304d 0/3 upstream: reported C repro on 2023/05/19 04:28
linux-4.19 KASAN: use-after-free Read in dbAllocBits C error 2 513d 534d 0/1 upstream: reported C repro on 2022/10/01 12:57
Last patch testing requests (10)
Created Duration User Patch Repo Result
2024/02/18 09:09 21m retest repro upstream OK log
2024/02/04 02:56 23m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci OK log
2024/01/12 09:10 20m retest repro upstream OK log
2024/01/12 09:10 22m retest repro upstream OK log
2023/12/09 14:45 13m retest repro upstream report log
2023/11/25 14:17 19m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2023/11/25 12:18 20m retest repro linux-next OK log
2023/11/25 12:18 25m retest repro linux-next OK log
2023/10/29 14:18 19m retest repro upstream report log
2023/09/25 00:18 13m retest repro upstream report log
Cause bisection attempts (2)
Created Duration User Patch Repo Result
2023/08/31 00:33 4h02m bisect upstream job log (0) log
2022/10/03 16:19 8h09m bisect upstream error job log (0)
marked invalid by nogikh@google.com

Sample crash report:
loop0: detected capacity change from 0 to 32768
================================================================================
UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2248:2
index 2000 is out of range for type 's64[128]' (aka 'long long[128]')
CPU: 0 PID: 5032 Comm: syz-executor378 Not tainted 6.6.0-rc4-syzkaller-00037-g3006adf3be79 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106
 ubsan_epilogue lib/ubsan.c:217 [inline]
 __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348
 dbAllocBits+0x961/0x990 fs/jfs/jfs_dmap.c:2248
 dbAllocDmap fs/jfs/jfs_dmap.c:2025 [inline]
 dbAllocNear+0x262/0x390 fs/jfs/jfs_dmap.c:1251
 dbAlloc+0xa23/0xca0 fs/jfs/jfs_dmap.c:836
 ea_get+0x9b9/0x1280 fs/jfs/xattr.c:514
 __jfs_setxattr+0x4ba/0x1190 fs/jfs/xattr.c:718
 __jfs_set_acl+0x12a/0x1b0 fs/jfs/acl.c:87
 jfs_set_acl+0x2bc/0x4c0 fs/jfs/acl.c:115
 set_posix_acl fs/posix_acl.c:956 [inline]
 vfs_set_acl+0x7f6/0xa20 fs/posix_acl.c:1135
 do_set_acl+0xf3/0x180 fs/posix_acl.c:1280
 do_setxattr fs/xattr.c:627 [inline]
 setxattr+0x286/0x2f0 fs/xattr.c:653
 path_setxattr+0x1c0/0x2a0 fs/xattr.c:672
 __do_sys_lsetxattr fs/xattr.c:695 [inline]
 __se_sys_lsetxattr fs/xattr.c:691 [inline]
 __x64_sys_lsetxattr+0xb8/0xd0 fs/xattr.c:691
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f1f36d80679
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff38f894d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f1f36d80679
RDX: 0000000020000180 RSI: 0000000020000040 RDI: 0000000020000000
RBP: 00007f1f36df9610 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
R13: 00007fff38f896a8 R14: 0000000000000001 R15: 0000000000000001
 </TASK>
================================================================================

Crashes (234):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/10/05 14:38 upstream 3006adf3be79 b7d7ff54 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/08 21:15 upstream e8bc52cb8df8 aea5da89 .config strace log report syz C [disk image] [vmlinux] [mounted in repro] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/04 00:48 upstream 4fe89d07dcc2 feb56351 .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/03 06:40 upstream a962b54e162c feb56351 .config strace log report syz C [disk image] [vmlinux] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/02 17:36 upstream b357fd1c2afc feb56351 .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbAllocBits
2023/05/19 02:56 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci f1fcbaa18b28 3bb7af1d .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-gce-arm64 UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/30 18:20 linux-next 4d48f589d294 2a71366b .config strace log report syz C [disk image] [vmlinux] [mounted in repro] ci-upstream-linux-next-kasan-gce-root UBSAN: array-index-out-of-bounds in dbAllocBits
2023/12/21 06:43 upstream 1a44b0073b92 4f9530a3 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in dbAllocBits
2023/06/24 10:01 upstream 61dabacdad4e 09ffe269 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-root KASAN: slab-out-of-bounds Read in dbAllocBits
2022/10/07 05:39 upstream ffb39098bf87 8a212197 .config console log report syz C [disk image] [vmlinux] [mounted in repro] ci-upstream-kasan-gce-root KASAN: slab-out-of-bounds Read in dbAllocBits
2023/08/03 23:08 linux-next fb4327106e52 74621247 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in dbAllocBits
2022/10/31 21:25 linux-next 4d48f589d294 2a71366b .config strace log report syz C [disk image] [vmlinux] [mounted in repro] ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in dbAllocBits
2023/12/28 21:48 upstream f5837722ffec fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2023/09/10 23:18 upstream 535a265d7f0d 6654cf89 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbAllocBits
2023/10/15 14:13 upstream 9a3dad63edbe f757a323 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream UBSAN: array-index-out-of-bounds in dbAllocBits
2023/07/28 13:03 upstream 57012c57536f 92476829 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2023/04/25 06:25 upstream 1a0beef98b58 65320f8e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2023/01/08 11:58 upstream 9b43a525db12 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/12/04 04:04 upstream c2bf05db6c78 e080de16 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/20 10:42 upstream fe24a97cf254 5bb70014 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/19 17:04 upstream ab290eaddc4c 5bb70014 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/06 00:01 upstream b208b9fbbcba 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/03 12:22 upstream b229b6ca5abb 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/03 08:49 upstream b229b6ca5abb 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/03 07:45 upstream b229b6ca5abb 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/03 02:58 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/03 01:12 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/02 23:00 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/02 21:49 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/02 14:41 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/02 08:40 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/02 02:24 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/02 01:09 upstream b229b6ca5abb 08977f5d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 18:11 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 16:36 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 15:35 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 13:52 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 12:46 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 11:32 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 08:14 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 06:46 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 04:39 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/11/01 03:03 upstream b229b6ca5abb a1d8560a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 23:53 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 22:31 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 21:03 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 19:09 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 16:58 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 15:38 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 14:36 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 13:14 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 11:33 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 08:44 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 06:51 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 05:49 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/31 04:48 upstream b229b6ca5abb 2a71366b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dbAllocBits
2022/10/29 01:37 upstream b229b6ca5abb ea12ae9b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root UBSAN: array-index-out-of-bounds in dbAllocBits
2023/05/19 02:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci f1fcbaa18b28 3bb7af1d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 UBSAN: array-index-out-of-bounds in dbAllocBits
2023/08/14 23:46 upstream 2ccdd1b13c59 39990d51 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: unable to handle kernel paging request in dbAllocBits
2023/06/02 23:23 upstream 9e87b63ed37e a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in dbAllocBits
2023/11/11 10:47 linux-next e27090b1413f 6d6dbf8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in dbAllocBits
2023/02/05 14:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ca72d58361ee be607b78 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in dbAllocBits
* Struck through repros no longer work on HEAD.